back to article The D in Systemd stands for 'Dammmmit!' A nasty DHCPv6 packet can pwn a vulnerable Linux box

A security bug in Systemd can be exploited over the network to, at best, potentially crash a vulnerable Linux machine, or, at worst, execute malicious code on the box. The flaw therefore puts Systemd-powered Linux computers – specifically those using systemd-networkd – at risk of remote hijacking: maliciously crafted DHCPv6 …

  1. Oh Homer
    Linux

    Meh

    As anyone who bothers to read my comments (BTW "hi" to both of you) already knows, I despise systemd with a passion, but this one is more an IPv6 problem in general.

    Yes this is an actual bug in networkd, but IPv6 seems to be far more bug prone than v4, and problems are rife in all implementations. Whether that's because the spec itself is flawed, or because nobody understands v6 well enough to implement it correctly, or possibly because there's just zero interest in making any real effort, I don't know, but it's a fact nonetheless, and my primary reason for disabling it wherever I find it. Which of course contributes to the "zero interest" problem that perpetuates v6's bug prone condition, ad nauseam.

    IPv6 is just one of those tech pariahs that everyone loves to hate, much like systemd, albeit fully deserved IMO.

    Oh yeah, and here's the obligatory "systemd sucks". Personally I always assumed the "d" stood for "destroyer". I believe the "IP" in "IPv6" stands for "Idiot Protocol".

    1. Anonymous Coward
      Anonymous Coward

      Re: Meh

      "nonetheless, and my primary reason for disabling it wherever I find it. "

      The very first guide I read to hardening a system recommended disabling services you didn't need and emphasized IPV6 for the reasons you just stated.

      Wasn't there a bux in Xorg reported recently as well?

      https://www.theregister.co.uk/2018/10/25/x_org_server_vulnerability/

      "FreeDesktop.org Might Formally Join Forces With The X.Org Foundation"

      https://www.phoronix.com/scan.php?page=news_item&px=FreeDesktop-org-Xorg-Forces

      Also, does this mean that Facebook was vulnerable to attack, again?

      "Simply put, you could say Facebook loves systemd."

      https://www.phoronix.com/scan.php?page=news_item&px=Facebook-systemd-2018

      1. Anonymous Coward
        Anonymous Coward

        Re: Meh

        Was going to say the same thing, and I disable IPv6 for the exact same reason. IPv6 code isn't as well tested, as well audited, or as well targeted looking for exploits as IPv4. Stuff like this only proves that it was smart to wait, and I should wait some more.

      2. bombastic bob Silver badge
        Devil

        The gift that keeps on giving (systemd) !!!

        This makes me glad I'm using FreeBSD. The Xorg version in FreeBSD's ports is currently *slightly* older than the Xorg version that had that vulnerability in it. AND, FreeBSD will *NEVER* have systemd in it!

        (and, for Linux, when I need it, I've been using Devuan)

        That being said, the whole idea of "let's do a re-write and do a 'systemd' instead of 'system V init' because WE CAN and it's OUR TURN NOW, 'modern' 'change for the sake of change' etc." kinda reminds me of recent "update" problems with Win-10-nic...

        Oh, and an obligatory Schadenfreude laugh: HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA!!!!!!!!!!!!!!!!!!!

        1. Long John Brass

          Re: The gift that keeps on giving (systemd) !!!

          Finally got all my machines cut over from Debian to Devuan.

          Might spin a FreeBSD system up in a VM and have a play.

          I suspect that the infestation of stupid into the Linux space won't stop with or be limited to SystemD. I will wait and watch to see what damage the re-education gulag has done to Sweary McSwearFace (Mr Torvalds)

        2. Anonymous Coward
          Anonymous Coward

          Re: The gift that keeps on giving (systemd) !!!

          Newer does not automatically mean better, but lennyP didn't seem to get that memo

    2. Jay Lenovo

      Re: Meh

      IPv6 and SystemD: Forced industry standard diseases that requires most of us to bite our lips and bear it.

      Fortunately, IPv6 by lack of adopted use, limits the scope of this bug.

      1. vtcodger Silver badge

        Re: Meh

        Fortunately, IPv6 by lack of adopted use, limits the scope of this bug.

        Yeah, fortunately IPv6 is only used by a few fringe organizations like Google and Microsoft.

        Seriously, I personally want nothing to do with either systemd or IPv6. Both seem to me to fall into the bin labeled "If it ain't broke, let's break it" But still it's troubling that things that some folks regard as major system components continue to ship with significant security flaws. How can one trust anything connected to the Internet that is more sophisticated and complex than a TV streaming box?

        1. Anonymous Coward
          Anonymous Coward

          Re: Meh

          How can one trust anything connected to the Internet that is more sophisticated and complex than a TV streaming box?

          Short answer? I don't. Everything I have any sort of trust around never gets to see anything from the Internet, even indirectly. Yes, I understand pretty much the rest of the planet doesn't have that option. I'm also one of those people that happily lives without a smart phone. Really any phone. I can, most can't.

        2. A.P. Veening Silver badge

          Re: Meh

          "How can one trust anything connected to the Internet that is more sophisticated and complex than a TV streaming box?"

          Frankly, I don't trust that TV streaming box either, who knows what it is reporting back and to whom?

    3. Nate Amsden

      Re: Meh

      Count me in the camp of who hates systemd(hates it being "forced" on just about every distro, otherwise wouldn't care about it - and yes I am moving my personal servers to Devuan, thought I could go Debian 7->Devuan but turns out that may not work, so I upgraded to Debian 8 a few weeks ago, and will go to Devuan from there in a few weeks, upgraded one Debian 8 to Devuan already 3 more to go -- Debian user since 1998), when reading this article it reminded me of

      https://www.theregister.co.uk/2017/06/29/systemd_pwned_by_dns_query/

      1. Sven Coenye

        Re: Meh

        FYI, there may be pain on the Debian Jessie -> Devuan Jessie -> Devuan ASCII path.

        There are no issues with a clean install but an upgrade may result in mixing parts of consolekit and elogind. It was reported during testing but things are not entirely resolved. My Xfce lost the reboot/shutdown controls and from the CLI, a shutdown hangs at "Will now halt". Been digging into it since the upgrade, but no success yet.

        1. Doctor Syntax Silver badge

          Re: Meh

          "FYI, there may be pain on the Debian Jessie -> Devuan Jessie -> Devuan ASCII path."

          Providing you've got /home and as many of /opt, /usr/local and /srv that you use on their own partitions why not go for a clean reinstall?

          1. bombastic bob Silver badge
            Devil

            Re: Meh

            clean reinstall, or at least home dirs from a tarball backup.

            If the only things you're really re-installing are system stuff and configs [that will need re-doing anyway], might as well go for it. I've done this route a few times over the years, even when cloning a system onto other boxen or into VMs. works for me. Also works to clean install "that way" when replacing a hard drive.

            /me notes that when you've replaced a hard drive more than once on the same box, it reflects the age of your hardware. Some Most of mine dates back to mid-to-late noughties.

          2. onefang
            Boffin

            Re: Meh

            "Providing you've got /home and as many of /opt, /usr/local and /srv that you use on their own partitions why not go for a clean reinstall?"

            Not so much on their own partition, but backed up elsewhere is what I did, on my desktop and remote server. I wrote a script that started with -

            debootstrap --arch amd64 --variant=minbase ascii /devuan http://deb.devuan.org/merged

            Note the minbase, which when combined with 'APT::Install-Recommends "0"; ' makes for a very clean install.

            1. Doctor Syntax Silver badge

              Re: Meh

              "debootstrap --arch amd64 --variant=minbase ascii /devuan http://deb.devuan.org/merged"

              My idea of a clean reinstall is boot from optical drive/USB stick, reformat and install.

    4. Dan 55 Silver badge

      Re: Meh

      I despise systemd with a passion, but this one is more an IPv6 problem in general.

      Not really, systemd has its tentacles everywhere and runs as root. Exploits which affect systemd therefore give you the keys to the kingdom.

      1. Orv Silver badge

        Re: Meh

        Not really, systemd has its tentacles everywhere and runs as root.

        Yes, but not really the problem in this case. Any DHCP client is going to have to run at least part of the time as root. There's not enough nuance in the Linux privilege model to allow it to manipulate network interfaces, otherwise.

        1. Long John Brass
          Linux

          Re: Meh

          Yes, but not really the problem in this case. Any DHCP client is going to have to run at least part of the time as root. There's not enough nuance in the Linux privilege model to allow it to manipulate network interfaces, otherwise.

          Sorry but utter bullshit. You can if you are so inclined you can use the Linux Capabilities framework for this kind of thing. See https://wiki.archlinux.org/index.php/capabilities

        2. Anonymous Coward
          Anonymous Coward

          Re: Meh

          "Yes, but not really the problem in this case. "

          It is _the_ problem.

          "Any DHCP client is going to have to run at least part of the time as root. "

          Techically true but still a lie. Systemd runs as root _all the time_ and manages whole system, not just network configuration.

          DHCP client runs as a root the milliseconds it needs for adjusting network configuration. Nothing more and claiming it's the same thing is a blatant lie.

    5. Brewster's Angle Grinder Silver badge

      Re: Meh

      But how long has IPv4 been around? I'm not sold on IPv6, but any new technology is going to face a bedding in period as we get to grips with it. Nobody will "understand [IPv6] well enough to implement it correctly" until people have been out there and implemented it incorrectly. And that's true of any IPv4 replacement - good, bad, or IPv6.

    6. Anonymous Coward
      Anonymous Coward

      Re: Meh

      This has nothing to do nor with IPv6 nor even SystemD - it's another developer copying arbitrary data into arbitrary buffers without a clue about what he's doing (and I'm sure he's male) and thereby without any proper check - because someone told him Unix and C are acts of some kind god and can't be broken nor they will ever have bugs. As this event underlines.

      I had problem with other Linux DHCP library - IPv4 included , especially on embedded systems, as soon as the DHCP server returned more options than what the developer thought was "common" - and thereby allocated too small buffers and blindly copied data within. Bad developers don't work for Microsoft only.

      As an old friend of mine often said - "never trust input" - and often means your own brain input...

      1. JohnFen

        Re: Meh

        "someone told him Unix and C are acts of some kind god and can't be broken nor they will ever have bugs."

        Said no one, ever.

    7. MacroRodent

      Re: Meh

      > but IPv6 seems to be far more bug prone than v4, and problems are rife in all implementations.

      That is simply because it is currently less used. Bugs of this nature plagued IPv4 previously, before extensive usage sanded its edges. I remember reporting a somewhat similar IPv4 dhcpd problem to Red Hat about 15 years ago. Not as serious, it was a case of the server failing to recognize a packet that was correct according to the specs. In that time-frame, you could blow up just about any IPv4 service with malformed packets.

    8. Ima Ballsy
      Unhappy

      Re: Meh

      Systemd - The demon spawn of hell from Red Hack .....

      1. I ain't Spartacus Gold badge
        Devil

        Re: Meh

        Systemd stories always have an unfortunate mental association for me. Perhaps for anyone else who's read 'A Scanner Darkly' by Philip K Dick as well? Substance D being the nasty drug they're trying to investigate in that magnificently paranoid book - Dick's best in my opinion. Subsance D, as in D for Death.

        So perhaps all the anti Systemd people should send undercover detectives to infiltrate the heart of the supply network - and then execute all those responsible? Or is that going a touch far?

        1. streaky

          Re: Meh

          People who don't like systemd are autists. There's absolutely nothing wrong with it, you just can't deal with change - even when it's for the better - probably all run 32bit boxes and cried like babies about itanium; despite the fact it's a better arch.

          1. Anonymous Coward
            Anonymous Coward

            Re: Meh

            "People who don't like systemd are autists"

            Lennart, what have we told you about making sock-puppet accounts?

          2. Anonymous Coward
            Anonymous Coward

            Re: Meh

            "People who don't like systemd are autists. There's absolutely nothing wrong with it, you just can't deal with change"

            Sorry buddy, but that's retarded and the supporters are too. There's nothing but faults in it, starting from the "Lennart-boy wants to manage every-fucking-thing" -attitude. While he obviously isn't able to do that. but that's personal, not really important.

            His attitude to users with 30 years more experience in maintenance he'll ever get?

            *They don't know anything*

            That's a paddlin': Egomaniac fucking everything just because he likes it, not for any actual reason.

            What is important is that a change from manageable to binary blob no-one understands, not even Lennart himself, running as root all the time and having its tentacles everyfuckingwhere_is not what we want_.

            No-one except Lennart himself wanted that and even he just because of gigantic ego, not for any real reason.

            First rule of good programming is always KISS.

            There hasn't been anyone for a long time who has been wiping their collectives asses with that rule as systemd-idiots, Lennart specifially, and they will fail eventually as it is already totally unmanageable piece of shitty spaghetti code, which no-one has ever really understood. Not even Lennart, no matter how much he boasts about it.

            KISS is the rule you can't beat. No-one has and I'm quite sure no-one will. No matter how much you feel like a wizard or believe other people being.

  2. JohnFen

    Yay for me

    "If you run a Systemd-based Linux system"

    I remain very happy that I don't use systemd on any of my machines anymore. :)

    "others within the Linux world seem to still be less than impressed with Systemd"

    Yep, I'm in that camp. I gave it a good, honest go, but it increased the amount of hassle and pain of system management without providing any noticeable benefit, so I ditched it.

    1. asdf

      Time to troll

      Bah any system that comes with bash in the base install isn't a proper UNIX system. SystemD is just the cherry on the crap sundae that is Linux in general. You think you are rebelling but Red Hat killed POSIX all the same.

      1. jake Silver badge

        Re: Time to troll

        Bad troll. No cookie.

      2. onefang

        Re: Time to troll

        "Bah any system that comes with bash in the base install isn't a proper UNIX system."

        It's entirely possible to have a Linux system without bash. Just like it's entirely possible to have a Linux system without any GNU in it. You can even do both at once. It might even be fairly common.

        1. ElReg!comments!Pierre

          Re: Time to troll

          > Just like it's entirely possible to have a Linux system without any GNU in it

          Just like it's possible to have a GNU system without Linux on it - ho well as soon as GNU MACH is finally up to the task ;-)

          On the systemd angle, I, too, am in the process of switching all my machines from Debian to Devuan but on my personnal(*) network a few systemd-infected machines remain, thanks to a combination of laziness from my part and stubborn "systemd is quite OK" attitude from the raspy foundation. That vuln may be the last straw : one on the aforementionned machines sits on my DMZ, chatting freely with the outside world. Nothing really crucial on it, but i'd hate it if it became a foothold for nasties on my network.

          (*) policy at work is RHEL, and that's negociated far above my influence level, but I don't really care as all my important stuff runs on Z/OS anyway ;-) . Ok we have to reboot a few VMs occasionnally when systemd throws a hissy fit -which is surprisingly often for an "enterprise" OS -, but meh.

          1. onefang

            Re: Time to troll

            "On the systemd angle, I, too, am in the process of switching all my machines from Debian to Devuan but on my personnal(*) network a few systemd-infected machines remain, thanks to a combination of laziness from my part and stubborn "systemd is quite OK" attitude from the raspy foundation."

            Devuan has bootable SD card images for Raspberry Pi, if that helps.

            1. ElReg!comments!Pierre

              Re: Time to troll

              I know about the Devuan images and even have downloaded the appropriate ones. That's when the aforementionned laziness of mine comes into play (the darn machine I singled out hosts a web server, a ftp server, a mainframe emulator and a few other toys that I'd rather not reinstall and reconfigure from scratch ... )

        2. asdf

          Re: Time to troll

          >It's entirely possible to have a Linux system without bash.

          Yep I do run OpenWRT on my router at home (dual boot with LMDE on desktop at home to be fair as well). I know people love GNU and they have done many great things but after supporting HP-UX production systems at work very sad to see real UNIX disappearing outside the BSDs and even they are under threat. The GNU tool set is also often more bloated and buggier than the original UNIX utilities. Plus Red Hat took advantage of GNU/Linux to basically kill off POSIX. Sad to see how more and more FOSS is becoming dependent on the Linux kernel. Linux is the future but more due to bean counters than being technologically superior. My HP-UX systems have never crashed in 5+ years I have been responsible for them. Some that is down to the high build quality of the hardware but rock solid software than is specifically made for that hardware is a big part of the equation also.

  3. Throatwarbler Mangrove Silver badge
    Coat

    "A security bug in Systemd can be exploited over the network to [...] execute malicious code on the box."

    Too late, systemd is already installed. I'm going, I'm going . . .

    1. herman

      Too bad that the systemd lovers won't get your joke.

  4. ckm5

    Not possible

    Leonard's code is perfect, he said so.

    1. Destroy All Monsters Silver badge

      Re: Not possible

      This code is actually pretty bad and should raise all kinds of red flags in a code review.

      1. Christian Berger

        Re: Not possible

        "This code is actually pretty bad and should raise all kinds of red flags in a code review."

        Yeah, but for that you need people who can do code reviews, and also people who can accept criticism. That also means saying "no" to people who are bad at coding, and saying that repeatedly if they don't learn.

        SystemD seems to be the area where people gather who want to get code in for their resumes, not for people who actually want to make the world a better place.

        1. Anonymous Coward
          Anonymous Coward

          Re: Not possible

          "Yeah, but for that you need people who can do code reviews, and also people who can accept criticism."

          The former isn't too hard, but we already know how Lennart handles criticism, so it will be a wasted effort.

          That leads dirctly to totally unmaintable code and eventually even Lennart realizes that. He's not stupid, he just thinks he's a programming god who's never wrong.

          But, in an ironic way, he's already permanently wrong because of that attitude.

          Coding stuff isn't hard, maintaining it forever is hard.

    2. Anonymous Coward
      Anonymous Coward

      Re: Not possible

      ITYM Lennart

  5. jake Silver badge

    There is a reason ...

    ... that an init, traditionally, is a small bit of code that does one thing very well. Like most of the rest of the *nix core utilities. All an init should do is start PID1, set run level, spawn a tty (or several), handle a graceful shutdown, and log all the above in plaintext to make troubleshooting as simplistic as possible. Anything else is a vanity project that is best placed elsewhere, in it's own stand-alone code base.

    Inventing a clusterfuck init variation that's so big and bulky that it needs to be called a "suite" is just asking for trouble.

    IMO, systemd is a cancer that is growing out of control, and needs to be cut out of Linux before it infects enough of the system to kill it permanently.

    1. AdamWill

      Re: There is a reason ...

      That's why systemd-networkd is a separate, optional component, and not actually part of the init daemon at all. Most systemd distros do not use it by default and thus are not vulnerable to this unless the user actively disables the default network manager and chooses to use networkd instead.

      1. nematoad

        Re: There is a reason ...

        "...actively disables the default network manager and chooses to use networkd instead."

        Pardon my ignorance (I don't use a distro with systemd) why bother with networkd in the first place if you don't have to use it.

        Or was it that it seemed a "fun" thing to do and got shoved in anyway?

        1. onefang

          Re: There is a reason ...

          "why bother with networkd in the first place if you don't have to use it."

          Likely coz its optional status might be temporary.

          1. Anonymous Coward
            Anonymous Coward

            Re: There is a reason ...

            "Likely coz its optional status might be temporary."

            Careful with that "embrace and extend" sort of mentality ....

            1. Anonymous Coward
              Anonymous Coward

              Re: There is a reason ...

              "Careful with that "embrace and extend" sort of mentality ...."

              What is what LP has been doing all the time, with one util at the time falling into black hole of systemd.

              And all of them running as root all the time, of course.

              Systemd _was meant to replace init_ and nothing else. See what it is now, basically replacing everything except kernel itself, from dhcp to syslog.

        2. AdamWill

          Re: There is a reason ...

          Well, it depends what you mean by "why bother with". Who's doing the "bother"ing?

          If you mean "why bother writing it?", well, the systemd authors think it's a good idea and would *like* people to use it. So far, distros have generally decided not to adopt it. I'm just relaying facts here, I'm not sure why I'm getting flooded with downvotes. Everything I said is easily verifiable. Just go install a default Fedora or Ubuntu system and check for yourself: you'll have systemd, but you *won't* have systemd-networkd running.

          1. Anonymous Coward
            Anonymous Coward

            Re: There is a reason ...

            "Just go install a default Fedora or Ubuntu system and check for yourself: you'll have systemd, but you *won't* have systemd-networkd running."

            Funny that I installed ubuntu 18.04 a few weeks ago and the fucking thing installed itself then! ( and was a fucking pain to remove).

            LP is a fucking arsehole.

            1. AdamWill

              Re: There is a reason ...

              "Funny that I installed ubuntu 18.04 a few weeks ago and the fucking thing installed itself then! ( and was a fucking pain to remove)."

              So I looked into it a bit more, and from a few references at least, it seems like Ubuntu has a sort of network configuration abstraction thingy that can use both NM and systemd-networkd as backends; on Ubuntu desktop flavors NM is usually the default, but apparently for recent Ubuntu Server, networkd might indeed be the default. I didn't notice that as, whenever I want to check what's going on in Ubuntu land, I tend to install the default desktop spin...

              "LP is a fucking arsehole."

              systemd's a lot bigger than Lennart, you know. If my grep fu is correct, out of 1543 commits to networkd, only 298 are from Lennart...

              1. Anonymous Coward
                Anonymous Coward

                Re: There is a reason ...

                "If my grep fu is correct, out of 1543 commits to networkd, only 298 are from Lennart..."

                Irrelevant when nothing not approved and/or designed by Lennart is not going to survive.

                CV-padding for the rest.

        3. Orv Silver badge

          Re: There is a reason ...

          Pardon my ignorance (I don't use a distro with systemd) why bother with networkd in the first place if you don't have to use it.

          Mostly because the old-style init system doesn't cope all that well with systems that move from network to network. It works for systems with a static IP, or that do a DHCP request at boot, but it falls down on anything more dynamic.

          In order to avoid restarting the whole network system every time they switch WiFi access points, people have kludged on solutions like NetworkManager. But it's hard to argue it's more stable or secure than networkd. And this is always going to be a point of vulnerability because anything that manipulates network interfaces will have to be running as root.

          These days networking is essential to the basic functionality of most computers; I think there's a good argument that it doesn't make much sense to treat it as a second-class citizen.

          1. Anonymous Coward
            Anonymous Coward

            Re: There is a reason ...

            Mostly because the old-style init system doesn't cope all that well with systems that move from network to network. It works for systems with a static IP, or that do a DHCP request at boot, but it falls down on anything more dynamic.

            Funny. I used to cart laptops between home and worksites, often only 'sleeping' between sites. Never had a problem with the wired or wireless network changes. Only times there was an issue was when the network itself had issues. This was back when I had to put nearly a week's wages on a PCMCIA card to even get wireless into the laptop. Still got the matching PCMCIA card that provided the wired network BTW.

            Don't recall init having much to do with it. The system certainly seemed quite capable of figuring out it was on a new network and checking out what was there.

            Of course back then there were few wireless spots and most computers stayed where they were put. A glorius age before the demon spawns of google and potty-thing were known. Though I think we may've had "Poor users loose sound every time" in there somewhere.

            1. Orv Silver badge

              Re: There is a reason ...

              Funny. I used to cart laptops between home and worksites, often only 'sleeping' between sites. Never had a problem with the wired or wireless network changes. Only times there was an issue was when the network itself had issues. This was back when I had to put nearly a week's wages on a PCMCIA card to even get wireless into the laptop. Still got the matching PCMCIA card that provided the wired network BTW.

              I remember that era too. I also remember having to fiddle around on the command line every time I switched networks. At the time it seemed acceptable because WiFi was so new and shiny. Now I'd be kind of annoyed, I think.

              Also, if you got 1990s Linux to actually wake up from sleep consistently you were doing pretty well. ;)

              1. Anonymous Coward
                Anonymous Coward

                Re: There is a reason ...

                I remember that era too. I also remember having to fiddle around on the command line every time I switched networks.

                I wonder if it's because I'd used OpenDNS (and hard-wired into the config) - I honestly had little or no trouble changing things.

                But with your mention of CLI I did some digging and on backups from an old machine[1] I have a few configuration files for different networks but no reference to the files in the bash history file (which was getting pretty big), aside for one that was created for ad-hoc wireless networks. I can't quite remember why, perhaps when I travelled I did some network gaming with someone who didn't have a hub/switch at their place or something.

                Also, if you got 1990s Linux to actually wake up from sleep consistently you were doing pretty well. ;)

                Until Devuan, I've not had much luck with sleep or hibernate on Linux for some years, especially on Mint. The hardware ranges from 2007-era machines to 2017-era machines (one with an 8 core AMD CPU that still sells for $hundreds, though I cannot remember the model or spec off the top of my head).

                With Mint, the machine would often hang with sleep and while it'd seem to hibernate OK, it'd not come back up to the same place. I generally configure swap as more than double RAM, often a fair bit more in hopes of adding RAM later (eg with 8G ram I'd do a 32G swap, assuming I have the HDD space). With Devuan, on that same desktop and with the D630 laptop I'm using right now sleep/hibernate work as expected.

                [1] Yes, I have backups of home folders and desktops covering nearly 2 decades. I definitely have to post anonymously otherwise men in pretty white coats will be knocking on my door!

          2. ds6 Silver badge
            Facepalm

            Re: There is a reason ...

            "Mostly because the old-style init system doesn't cope all that well with systems that move from network to network."

            It is absolutely attitudes like this that resulted in the black hole that is systemd.

            What relation does the DHCP client have to the init system? Hint: absolutely nothing. The init system or "suite" as they're calling it, should NOT be responsible for DHCP.

            "Old-style init system[s]" are not at fault for network issues when a proper roaming DHCP client is not installed, wpa_supplicant isn't configured, etc. I have been using Alpine Linux on my laptop for a while now—no GNU, no FreeDesktop, no Poettering. udhcpc comes with busybox and works absolutely fine, in conjunction with wpa_supplicant and a trigger script to automatically re-run udhcpc when a network change is detected.

            init should get the system going and nothing else. Maybe a function of the solution will work as a service manager, and maybe it will start your networking for you. At that point, if your network client is not smart enough to figure out how to reconnect to a network then it is that application's fault and not the init.

            "These days networking is essential to the basic functionality of most computers; I think there's a good argument that it doesn't make much sense to treat it as a second-class citizen."

            What does that even mean? Are you implying systemd-networkd is a superior solution? When it just had a potentially dangerous exploit patched??? It's rather presumptuous to consider alternative, non-systemd DHCP softwares to be the equivalent of "second-class citizen[s]".

      2. Anonymous Coward
        Anonymous Coward

        Re: There is a reason ...

        "That's why systemd-networkd is a separate, optional component, and not actually part of the init daemon at all. "

        Semi-false: systemd is not optional and none of the components of it are either, in practise.

        Either you have systemd and everything Lennart has invented or none of them. Or miss major pieces of functionality in your OS.

  6. alain williams Silver badge

    Old is good

    in many respects when it comes to software because, over time, the bugs will have been found and squashed. Systemd brings in a lot of new code which will, naturally, have lots of bugs that will take time to find & remove. This is why we get problems like this DHCP one.

    Much as I like the venerable init: it did need replacing. Systemd is one way to go, more flexible, etc, etc. Something event driven is a good approach.

    One of the main problems with systemd is that it has become too big, slurped up lots of functionality which has removed choice, increased fragility. They should have concentrated on adding ways of talking to existing daemons, eg dhcpd, through an API/something. This would have reused old code (good) and allowed other implementations to use the API - this letting people choose what they wanted to run.

    But no: Poettering seems to want to build a Cathedral rather than a Bazzar.

    He appears to want to make it his way or no way. This is bad, one reason that *nix is good is because different solutions to a problem have been able to be chosen, one removed and another slotted in. This encourages competition and the 'best of breed' comes out on top. Poettering is endangering that process.

    Also: he refusal to accept patches to let it work on non-Linux Unix is just plain nasty.

    1. bombastic bob Silver badge
      Devil

      Re: Old is good

      "Poettering seems to want to build a Cathedral rather than a Bazzar."

      a road side fruit/veggie stand would be adequate in this case. or a convenience store.

      1. jake Silver badge

        Re: Old is good

        Even those are too complex for an init. I think a garden gate with an attached rain gauge would just about cover it.

        1. Martin Gregorie

          Re: Old is good

          A garden gate's purpose is to be opened let somebody through and closed to keep them out - full stop.

          Fitting a rain gauge is a backward step: it not only adds unwanted complexity, but degrades rain measurement due to spillage when the gate bangs in the wind.

          1. jake Silver badge

            Re: Old is good

            The garden gate allows authorized users access to the garden.The rain gauge is a primitive logging facility. The frame of the gate is part of the gate and doesn't swing.

            1. Tom 7

              Re: Old is good

              "The frame of the gate is part of the gate and doesn't swing." No, but it certainly bounces around when the gate slams shut in a strong breeze.

              1. jake Silver badge

                Re: Old is good

                "No, but it certainly bounces around when the gate slams shut in a strong breeze."

                Mine doesn't. Perhaps you need a new coderhandyman?

    2. onefang

      Re: Old is good

      "Also: he refusal to accept patches to let it work on non-Linux Unix is just plain nasty."

      Though likely a big sigh of relief for users of those other Unix variants.

      1. bombastic bob Silver badge
        Thumb Up

        Re: Old is good

        "refusal to accept patches to let it work on non-Linux Unix"

        "likely a big sigh of relief for users of those other Unix variants."

        YESSSSS!!!!!!!!

    3. Doctor Syntax Silver badge

      Re: Old is good

      "refusal to accept patches to let it work on non-Linux Unix is just plain nasty."

      Who would want to run it on non-Linux Unix systems? I can't imagine any of the BSDs wanting such a thing.

      1. Dan 55 Silver badge

        Re: Old is good

        I can't imagine any of the BSDs wanting such a thing.

        I think Poettering knows he wouldn't survive Theo de Raadt bollocking him every other week, that's why he won't allow it to be ported to BSD.

        1. Doctor Syntax Silver badge

          Re: Old is good

          "Theo de Raadt bollocking him every other week"

          As infrequently as that?

      2. Anonymous Coward
        Anonymous Coward

        Re: Old is good

        I cant imagine any of the linux's wanting such a thing - but it has happened.

    4. oiseau
      Stop

      Re: Old is good

      Hello:

      One of the main problems with systemd is that it has become too big, slurped up lots of functionality which has removed choice, increased fragility.

      IMO, there is a striking paralell between systemd and the registry in Windows OSs.

      After many years of dealing with the registry (W98 to XPSP3) I ended up seeing the registry as a sort of developer sanctioned virus running inside the OS, constantly changing and going deeper and deeper into the OS with every iteration and as a result, progressively putting an end to the possibility of knowing/controlling what was going on inside your box/the OS.

      Years later, when I learned about the existence of systemd (I was already running Ubuntu) and read up on what it did and how it did it, it dawned on me that systemd was nothing more than a registry class virus and it was infecting Linux_land at the behest of the developers involved.

      So I moved from Ubuntu to PCLinuxOS and then on to Devuan.

      Call me paranoid but I am convinced that there are people both inside and outside IT that actually want this and are quite willing to pay shitloads of money for it to happen.

      I don't see this MS cozying up to Linux in various ways lately as a coincidence: these things do not happen just because or on a senior manager's whim.

      What I do see (YMMV) is systemd being a sort of convergence of Linux with Windows, which will not be good for Linux and may well be its undoing.

      Cheers,

      O.

      1. Anonymous Coward
        Anonymous Coward

        Re: Old is good

        "IMO, there is a striking paralell between systemd and the registry in Windows OSs."

        No wonder, MS-coding practises and quality reeks on both and I'm suspecting that Lennart-boy is a huge Microsoft fan boy, but they didn't hire him because of his ego, so he decided to to something similar to Linux.

        Explains nicely the feature creep and responses to criticism: He's a good boy from Redmont.

    5. Rich 2 Silver badge
      Pint

      Re: Old is good

      "Also: he refusal to accept patches to let it work on non-Linux Unix is just plain nasty"

      Thank goodness this crap is unlikely to escape from Linux!

      By the way, for a systemd-free Linux, try void - it's rather good.

    6. Michael Wojcik Silver badge

      Re: Old is good

      Much as I like the venerable init: it did need replacing.

      For some use cases, perhaps. Not for any of mine. SysV init, or even BSD init, does everything I need a Linux or UNIX init system to do. And I don't need any of the other crap that's been built into or hung off systemd, either.

      1. Orv Silver badge

        Re: Old is good

        BSD init and SysV init work pretty darn well for their original purpose -- servers with static IP addresses that are rebooted no more than once in a fortnight. Anything more dynamic starts to give it trouble.

    7. Anonymous Coward
      Anonymous Coward

      Re: Old is good

      "Systemd brings in a lot of new code which will, naturally, have lots of bugs that will take time to find & remove. "

      Yes. But the problem is that most of the new code is totally unnecessary and the sole function of it is to do things Lennart wants to do things: It's not any better than old code and it doesn't do even the same things as old code did (but less), it just does things differently for the sake of doing them in the different way.

      Just because the head honcho is an arrogant prick. No other reason exists.

      Lennart invents square wheel and claims it's better because it's new and _he made it_.

  7. Chairman of the Bored

    Too bad Linus swore off swearing

    Situations like this go beyond a little "golly gee, I screwed up some C"...

    1. jake Silver badge

      Re: Too bad Linus swore off swearing

      Linus doesn't care. systemd has nothing to do with the kernel ... other than the fact that the lead devs for systemd have been banned from working on the kernel because they don't play nice with others.

  8. JLV
    Thumb Down

    how did it get to this?

    I've been using runit, because I am too lazy and clueless to write init scripts reliably. It's very lightweight, runs on a bunch of systems and really does one thing - keep daemons up.

    I am not saying it's the best - but it looks like it has a very small codebase, it doesn't do much and generally has not bugged me after I configured each service correctly. I believe other systems also exist to avoid using init scripts directly. Not Monit, as it relies on you configuring the daemon start/stop commands elsewhere.

    On the other hand, systemd is a massive sprawl, does a lot of things - some of them useful, like dependencies and generally has needed more looking after. Twice I've had errors on a Django server that, after a lot of looking around ended up because something had changed in the, Chef-related, code that's exposed to systemd and esoteric (not emitted by systemd) errors resulted when systemd could not make sense of the incorrect configuration.

    I don't hate it - init scripts look a bit antiquated to me and they seem unforgiving to beginners - but I don't much like it. What I certainly do hate is how, in an OS that is supposed to be all about choice, sometime excessively so as in the window manager menagerie, we somehow ended up with one mandatory daemon scheduler on almost all distributions. Via, of all types of dependencies, the GUI layer. For a window manager that you may not even have installed.

    Talk about the antithesis of the Unix philosophy of do one thing, do it well.

    Oh, then there are also the security bugs and the project owner is an arrogant twat. That too.

    1. Doctor Syntax Silver badge

      Re: how did it get to this?

      "init scripts look a bit antiquated to me and they seem unforgiving to beginners"

      Init scripts are shell scripts. Shell scripts are as old as Unix. If you think that makes them antiquated then maybe Unix-like systems are not for you. In practice any sub-system generally gets its own scripts installed with the rest of the S/W so if being unforgiving puts beginners off tinkering with them so much the better. If an experienced Unix user really needs to modify one of the system-provided scripts their existing shell knowledge will let them do exactly what's needed. In the extreme, if you need to develop a new init script then you can do so in the same way as you'd develop any other script - edit and test from the command line.

      1. onefang

        Re: how did it get to this?

        "Init scripts are shell scripts."

        While generally true, some sysv init style inits can handle init "scripts" written in any language.

      2. This post has been deleted by its author

    2. Anonymous Coward
      Anonymous Coward

      Re: how did it get to this?

      I personally like openrc as an init system, but systemd is a symptom of the tooling problem.

      It's for me a retrograde step but again, it's linux, one can, as you and I do, just remove systemd.

      There are a lot of people in the industry now who don't seem able to cope with shell scripts nor are minded to research the arguments for or against shell as part of a unix style of system design.

      In conclusion, we are outnumbered, but it will eventually collapse under its own weight and a worthy successor shall rise, perhaps called SystemV, might have to shorten that name a bit.

      1. onefang

        Re: how did it get to this?

        "a worthy successor shall rise, perhaps called SystemV"

        Or some French coder might write SystèmE, could take a while to get to SystemV.

        1. Phil O'Sophical Silver badge
          Coat

          Re: how did it get to this?

          Never seems worth going beyond le Système D to me.

    3. Anonymous Coward
      Anonymous Coward

      Re: how did it get to this?

      " init scripts look a bit antiquated to me and they seem unforgiving to beginners "

      ... have you ever looked the sheer amount of scripts systemd is deploying?

      There are literally thousands of them, totally human un-readable shit.

      And yes, you need to change them manually in order to make changes in the system.

  9. AdamWill

    Just about nothing actually uses networkd

    "In addition to Ubuntu and Red Hat Enterprise Linux, Systemd has been adopted as a service manager for Debian, Fedora, CoreOS, Mint, and SUSE Linux Enterprise Server. We're told RHEL 7, at least, does not use the vulnerable component by default."

    I can tell you for sure that no version of Fedora does, either, and I'm fairly sure that neither does Debian, SLES or Mint. I don't know anything much about CoreOS, but https://coreos.com/os/docs/latest/network-config-with-networkd.html suggests it actually *might* use systemd-networkd.

    systemd-networkd is not part of the core systemd init daemon. It's an optional component, and most distros use some other network manager (like NetworkManager or wicd) by default.

    1. Christian Berger

      The important word here is "still"

      I mean commercial distributions seem to be particularly interested in trying out new things that can increase their number of support calls. It's probably just that networkd is either to new and therefore not yet in the release, or still works so badly even the most rudimentary tests fail.

      There is no reason to use that NTP daemon of systemd, yet more and more distros ship with it enabled, instead of some sane NTP-server.

    2. Anonymous Coward
      Anonymous Coward

      Re: Just about nothing actually uses networkd

      Mint definitely uses systemd. Pretty sure more recent Debians do (hence my move to Devuan), which means Ubuntu will.

      Know this from using them, and the sole reason I no longer use Mint and deeply sadly gave up using Debian.

  10. cantankerous swineherd

    now try getting a dual boot devuan / win 10 laptop set up...

    us grey beards don't have long enough lives to become vetern admins.

    1. onefang

      "us grey beards don't have long enough lives to become vetern admins."

      For some of us, that's how we got grey beards in the first place.

    2. BinkyTheMagicPaperclip Silver badge

      Dual boot Windows/Linux? Piece of piss.

      Install Windows first. Partition disk so that it has a minimum of two spare partitions for Linux and Linux Swap, or a number more if you want to separate out /var /opt /tmp /usr and /home.

      Boot Linux, change the partition ids, install GRUB or GRUB-efi at the end, then add in the Windows partition to the installer. LILO is pretty easy to get working too, but if you're running Salix be warned it always installs it on the first hard drive which may not be what you want..

      Alternatively, you can do this the other way by setting up a boot menu in Windows - EasyBCD is the simplest method, but the Windows 10 boot menu is rather shite, and basically consists of booting most of Windows before choosing the OS to boot.

  11. NLCSGRV

    The Curse of Poettering strikes again.

  12. _LC_
    Thumb Up

    Now hang on, please!

    Ser iss no neet to worry, systemd will becum stable soon after PulseAudio does.

    1. Ken Hagan Gold badge

      Re: Now hang on, please!

      I won't hold my breath, then. I have a laptop at the moment that refuses to boot because (as I've discovered from looking at the journal offline) pulseaudio is in an infinite loop waiting for the successful detection of some hardware that, presumably, I don't have.

      I imagine I can fix it by hacking the file-system (offline) so that fuckingpulse is no longer part of the boot configuration, but I shouldn't have to. A decent init system would be able to kick of everything else in parallel and if one particular service doesn't come up properly then it just logs the error. I *thought* that was one of the claimed advantages of systemd, but apparently that's just a load of horseshit.

      1. Teiwaz

        Re: Now hang on, please!

        if one particular service doesn't come up properly then it just logs the error. I *thought* that was one of the claimed advantages of systemd,

        Well, I'm on Archlinux, and that's what mine is doing (currently several services are misconfigured due to a location move and I've not gotten around to fixing them).

        If pulseaudio fails on my system, it falls back to ALSA.

      2. sitta_europea Silver badge

        Re: Now hang on, please!

        "I have a laptop at the moment that refuses to boot ... in an infinite loop ..."

        Systemd sucks. It really, really, sucks. I mean I've never even seen anything that sucks so bad.

        Jeez it sucks.

        Systemd put my backup server into an infinite boot loop too, right after an 'apt-get upgrade'.

        God systemd sucks. I hate it with a passion.

        Please, somebody, please kill it.

        1. onefang

          Re: Now hang on, please!

          Devuan killed it, dismembered it, but left some small and bloody body parts scattered around the distro. Now we need a clean up crew.

    2. Teiwaz

      Re: Now hang on, please!

      Ser iss no neet to worry, systemd will becum stable soon after PulseAudio does.

      Pulseaudio due to be replaced by Pipewire.

      1. ds6 Silver badge
        Stop

        Re: Now hang on, please!

        https://pipewire.org/

        Oh my sweet olfactory system it really exists. WE DON'T NEED ANOTHER AUDIO SUBSYSTEM THERE ARE LIKE 5 ALREADY... sndio, alsa, pulse, oss, jack...

        "It aims to support the usecases currently handled by both PulseAudio and Jack and at the same time provide same level of powerful handling of Video input and output."

        Ah, Gunther, remove me from this mortal coil immediately. And after that, lunch.

  13. This post has been deleted by its author

  14. Smoking Man

    Bug in systemd? Can't be.

    You're holding it wrong.

  15. Brewster's Angle Grinder Silver badge

    You know you're on a tech site when the clickbait is an IPv6-systemd crossover bug.

  16. Anonymous Coward
    Anonymous Coward

    String up Potty, but look deeper too.

    Stringing up the Potty pour encourager les autres seems quite reasonable to me, but we need to realise that there will always be a sufficient supply of fucktards whose egos massively outstrip their abilities, and who are willing to implement the most deranged ideas, like hijacking the init system to execute a massive land grab, under the guise of "modernising it".

    New lamps for old.

    That so many supposedly technical people have gone along with this is very disappointing, but it's entirely in line with our being doomed by our own stupidity, so nothing new.

  17. Obesrver1
    Black Helicopters

    Reason for disabling IVP6

    That it punches thru NAT routers enabling all your little goodies behind them as directly accessible.

    MS even supplies tunneling (Ivp4 to Ivp6) so if using Linux in a VM on a MS system you may still have it anyway.

    NAT was always recommended to be used in hardening your system, I prefer to keep all my idIoT devices behind one.

    As they are just Idiot devices.

    In future I will need a NAT that acts as a DNS and offers some sort of solution to keeping Ivp4.

    1. Anonymous Coward
      Anonymous Coward

      Re: Reason for disabling IVP6

      While I've not played with it much, it shouldn't be too difficult to set up the router/gateway as v6 but everything behind it on v4. Only do V4 DHCP etc, firewall blocks any v6 on the wrong side of the fence.

      At least till some potty thing comes along and breaks security yet again.

    2. JohnFen

      Re: Reason for disabling IVP6

      You can use NAT with IPv6.

      1. dajames

        Re: Reason for disabling IVP6

        You can use NAT with IPv6.

        You can, but why would you want to.

        NAT is schtick for connecting a whole LAN to a WAN using a single IPv4 address (useful with IPv4 because most ISPs don't give you a /24 when you sign up). If you have a native IPv6 address you'll have something like 2^64 addresses, so machines on your LAN can have an actual WAN-visible address of their own without needing a trick like NAT.

        Using NAT with IPv6 is just missing the point.

        1. JohnFen

          Re: Reason for disabling IVP6

          "so machines on your LAN can have an actual WAN-visible address of their own without needing a trick like NAT."

          Avoiding that configuration is exactly the use case for using NAT with IPv6. As others have pointed out, you can accomplish the same thing with IPv6 router configuration, but NAT is easier in terms of configuration and maintenance. Given that, and assuming that you don't want to be able to have arbitrary machines open ports that are visible to the internet, then why not use NAT?

          Also, if your goal is to make people more likely to move to IPv6, pointing out IPv4 methods that will work with IPv6 (even if you don't consider them optimal) seems like a really, really good idea. It eases the transition.

        2. Anonymous Coward
          Anonymous Coward

          Re: Reason for disabling IVP6

          'tis you who misses the point.

          I don't want every machine on my lan having it's own world-visible address. It serves no benefit to me, means I have to spend a lot more time faffing around with firewalls etc (rather than having just one decent gateway), can never be fully sure a machine is fully secured, have no protection against friends/family coming in other than to deny them access to the network.

          With NAT I need to be sure my borders are secure, but I need not worry about anything inside my borders. The holes through my borders are ones I make knowingly. Ones made by bugs are much harder to exploit with NAT than with a leaky firewall, of which I might find winth v6 that I have a dozen to fix in a small amount of time (and of course since the firewall is the machine's only protection, I can't as easily isolate it until I have something better installed as I can with NAT).

          I still run OK firewalls on each machine as I do have guests on my network, but I don't need to work nearly as hard at protecting my machines from them as I do at protecting my machines from outsiders. And with IPV6 I have to do that work on every machine.

          NAT makes my life a lot easier, and that's the point of keeping it around. I don't have a use for machines being able to bypass my gateway, and I don't want them to. At some stage I expect to go IPV6 at the gateway, but I will remain on NAT/v4 inside.

    3. Orv Silver badge

      Re: Reason for disabling IVP6

      My NAT router statefully firewalls incoming IPv6 by default, which I consider equivalently secure. NAT adds security mostly by accident, because it de-facto adds a firewall that blocks incoming packets. It's not the address translation itself that makes things more secure, it's the inability to route in from the outside.

  18. Destroy All Monsters Silver badge
    Megaphone

    Please El Reg these stories make ma rage at breakfast, what's this?

    The bug will come as another argument against Systemd as the Linux management tool continues to fight for the hearts and minds of admins and developers alike.

    Less against systemd (which should get attacked on the design & implementation level) or against IPv6 than against the use of buffer-overflowable languages in 2018 in code that processes input from the Internet (it's not the middle ages anymore) or at least very hard linting of the same.

    But in the end, what did it was a violation of the Don't Repeat Yourself principle and lack of sufficently high-level datastructures. Pointer into buffer, and the remaining buffer length are two discrete variables that need to be updated simultaneously to keep the invariant and this happens in several places. This is just a catastrophe waiting to happen. You forget to update it once, you are out! Use structs and functions updating the structs correctly.

    And use assertions in the code, this stuff all seems disturbingly assertion-free.

    Excellent explanation by Felix Wilhelm:

    https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1795921

    The function receives a pointer to the option buffer buf, it's remaining size buflen and the IA to be added to the buffer. While the check at (A) tries to ensure that the buffer has enough space left to store the IA option, it does not take the additional 4 bytes from the DHCP6Option header into account (B). Due to this the memcpy at (C) can go out-of-bound and *buflen can underflow [i.e. you suddenly have a gazillion byte buffer, Ed.] in (D) giving an attacker a very powerful and largely controlled OOB heap write starting at (E).

    1. Anonymous Coward
      Anonymous Coward

      Re: Please El Reg these stories make ma rage at breakfast, what's this?

      That's a very deep technical description in place of :

      The systemd "developers" write shit code.

    2. Anonymous Coward
      Anonymous Coward

      Re: Please El Reg these stories make ma rage at breakfast, what's this?

      "at least very hard linting of the same."

      ... which won't happen as Mr. Pöttering isn't making mistakes.

      That should be already an established fact.

  19. TheSkunkyMonk

    Init is 1026 lines of code in one file and it works great.

  20. Anonymous Coward
    Anonymous Coward

    "...and Poettering's occasionally controversial management of the tool."

    Shouldn't that be "...Potterings controversial management as a tool."?

    1. jake Silver badge

      Shouldn't that be "Pottering's a tool."?

  21. Anonymous Coward
    Linux

    The benefits of open source.

    Many eyes, but all looking at pr0n.

    1. Anonymous Coward
      Anonymous Coward

      Re: The benefits of open source.

      No.

      LP isn't fixing even the obvious errors as he's not making errors. Period.

      Nothing to do with open source as usual: This applies only to systemd.

  22. Random Q Hacker

    "Programmer doesn't check bounds"

    Not as catchy, but has more to do with this than IPv6 or systemd.

    That said, do you really want your init written by these guys?

  23. clocKwize

    Re: Contractor rights

    why don't we stop writing code in languages that make it easy to screw up so easily like this?

    There are plenty about nowadays, I'd rather my DHCP client be a little bit slower at processing packets if I had more confidence it would not process then incorrectly and execute code hidden in said packets...

  24. Anonymous Coward
    Anonymous Coward

    Switch, as easy as that

    The circus that is called "Linux" have forced me to Devuan and the likes however the circus is getting worse and worse by the day, thus I have switched to the BSD world, I will learn that rather than sit back and watch this unfold As many of us have been saying, the sudden switch to SystemD was rather quick, perhaps you guys need to go investigate why it really happened, don't assume you know, go dig and you will find the answers, it's rather scary, thus I bid the Linux world a farewell after 10 years of support, I will watch the grass dry out from the other side of the fence, It was destined to fail by means of infiltration and screw it up motive(s) on those we do not mention here.

    1. oiseau
      Flame

      Re: Switch, as easy as that

      Hello:

      As many of us have been saying, the sudden switch to SystemD was rather quick, perhaps you guys need to go investigate why it really happened, don't assume you know, go dig and you will find the answers, it's rather scary ...

      Indeed, it was rather quick and is very scary.

      But there's really no need to dig much, just reason it out.

      It's like a follow the money situation of sorts.

      I'll try to sum it up in three short questions:

      Q1: Hasn't the Linux philosophy (programs that do one thing and do it well) been a success?

      A1: Indeed, in spite of the many init systems out there, it has been a success in stability and OS management. And it can easily be tested and debugged, which is an essential requirement.

      Q2: So what would Linux need to have the practical equivalent of the registry in Windows for?

      A2: So that whatever the registry does in/to Windows can also be done in/to Linux.

      Q3: I see. And just who would want that to happen? Makes no sense, it is a huge step backwards.

      A3: ....

      Cheers,

      O.

  25. Dave Bell

    Reporting weakness

    OK, so I was able to check through the link you provided, which says "up to and including 239", but I had just installed a systemd update and when you said there was already a fix written, working it's way through the distro update systems, all I had to do was check my log.

    Linux Mint makes it easy.

    But why didn't you say something such as "reported to affect systemd versions up to and including 239" and then give the link to the CVE? That failure looks like rather careless journalism.

  26. W.O.Frobozz

    Hmm.

    /sbin/init never had these problems. But then again /sbin/init didn't pretend to be the entire operating system.

  27. Czrly
    Facepalm

    Why is this a Thing?

    Remind me why the DHCP client should be part of the init-system, please, for I seem, alas, to have forgotten.

  28. randon8154

    I still don't understand on what systemd, gnome3, Networkd or all the stuff shiped with most of the distribution Linux available has in some point, improved efficiency, security, and management of the system... I experienced the exact reverse of this : system unstable, bug, loss of performance and control.

    Finally ended with Gentoo which is finally the easiest distribution to manage and control amd offer something the other don't : Freedom.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like