I have seen so many times that systemd is insecure, bloated, etc. So i wonder ¿does it worth to switch to another init system?
I have seen so many times that systemd is insecure, bloated, etc. So i wonder ¿does it worth to switch to another init system?
I don’t see any fundamental reason why systemd would be insecure. If anything, I would expect it to be less prone to security bugs than the conglomerations of shell scripts that used to be used for init systems.
The bloated argument seems to mostly come from people who don’t understand systemd init is a separate thing from all the other systemd components. You can use just the init part and not the rest if you want. Also, systemd performs way better than the old init systems anyway. I suspect many of the those complaining online didn’t really have first hand experience with the old init systems.
If a different init suits your needs better, then sure go with it. But for the vast majority of typical desktop/server stuff, systemd is probably the best option. That’s why most distributions use it.
You mean aside how the author answer to CVEs, right ?
Not sure. In the end the shell script were just an easy and consistent way to start/stop programs. If the programs were secure (read: checked the input and sanitize it, did the check for permissions and so on) there is not a big difference.
In what regards ? Boot faster ? Fine, but on a server it does not mean anything, a server does not reboot that often; for a desktop it not that the 5 seconds you gain are a fundamental gain.
One problem I see is with the logs: it is true that the format is documented, but a text format is always readable while a binary format… (been here, done that 🤬 )
I agree those CVE responses are not great. Those are from quite a few years ago though. Has their handling of CVEs improved since?
Boot times are not that big of a deal to me either, but some people seem to care about it a lot.
I’ve never personally had any problems with binary logs. You could always forward to a different logging daemon if that’s a concern.
I had it and I am sure that I could have solved the problem faster if I could have solved it faster if I did not needed to first understand how to access the logs on a damaged system.
This does not solve the problem, it only move it to somewhere else.
Are you sure it doesn’t mean anything? It means to a LOT of people.
Anyways are you aware of
systemd-analyze
and that you can profile your boot and services even with graphical representations? Have a look at https://www.apertis.org/guides/boot_optimisation/ and https://opensource.com/article/20/9/systemd-startup-configurationFine, still not understanding why something that I should run once in a while (on a server) or it is not that critical seems to be so important. Look, I had way bigger gain moving from a HDD to a SDD than switching to Systemd from the old init.
I refuse to belive that for a desktop user a 5 seconds longer boot time is that important. I could understand on a server where, if you work with it, you can have fines for downtime but even in this case it is a thing that could be handled in different ways.
Good, but I am not interested in booting my laptop 5 second faster and for my server I have not fines if it start in 20 seconds instead of 10 😁
systemd-analyze
isn’t only about reducing your boot time by 5 seconds, it’s about when you’ve problems knowing exactly what is happening and when and also about having a clear view of dependencies between services.At this point I am not that interested in these aspects, for what I need I am ok if the system boot and I can work 😀
But thanks anyway, it is a good thing to know if I ever need it.