this post was submitted on 20 Feb 2026
108 points (75.7% liked)
Technology
81653 readers
4143 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I honestly don't get what people were so up in arms about, besides just not wanting to change what already worked for them.
Systemd inserted a lot of flaws, many of them highly unsecure, for basically no reason other than "easier",
The main developer being a microslop emoyee and getting windfall from other corporate entities didn't sync up that great for integrity or security conscious people.
https://www.jfr.im/blog/2024/03/systemd-discourse-sucks/
I'm so tired of reading this stupid argument. "People only dislike systemd because they're afraid of change." No, there are plenty of other concerning issues about it. I could probably write about a lot of problems with systemd (like the fact that my work laptop never fucking shuts down properly), but here's the real issue:
Do you really think it's a good idea for Red Hat to have total control over the most important component of every mainstream distro in existence?
Let's consider an analogy: in 2008, Chrome was the shit. Everyone loved it, thought it was great and started using it, and adoption reached ~20-30% overnight. Alternatives started falling by the wayside. Then adoption accelerated thanks to shady tactics like bundling, silently changing users' default browser, marketing it everywhere and downranking websites that didn't conform to its "standards" in Google search. And next, Chrome adopted all kinds of absurdly complex standards forcing all other browser engines to shut down and adopt Chrome's engine instead because nobody could keep up with the development effort. And once they achieved world domination, then we started facing things like adblockers being banned, browser-exclusive DRM, and hardware attestation.
That's exactly what Red Hat is trying to pull in systemd. Same adoption story - started out as a nice product, definitely better than the original default (SysVInit). Then started pushing adoption aggressively by campaigning major distros to adopt it (Debian in particular). Then started absorbing other standard utilities like logind and udev. Leveraging Gnome to push systemd as a hard dependency.
Now systemd is at the world domination stage. Nobody knew what Chrome was going to do when it was at this point a decade ago, but now that we have the benefit of hindsight, we can clearly see that monoculture was clearly not a good idea. Are people so fucking stupid that they think that systemd/Red Hat will buck that trend and be benevolent curators of the open source Linux ecosystem in perpetuity? Who knows what nefarious things they could possibly do....
But there are hints, I suppose. By the way, check out Poettering's new startup: https://news.ycombinator.com/item?id=46784572
Amutable - verifiable system integrity
Btw, i'm stealing your summary of browser monoculture, alright?
Of course! The EEE pattern is crystal clear at this point. The loss of the WWW to the current browser monoculture we're experiencing is the biggest technological tragedy of our times. I would hate to see it happen with our open source revolution as well.
There are now multiple alternatives that do a better job at what Systemd does.
What is it always with Systemd-is-the-only-alternative (vs. SysV scripts)? That's 15 years out of date.
Also, you don't need sockets.
It uses a completely different paradigm of process chaining and management than POSIX and the underlying Unix architecture.
That’s not to say it’s bad, just a different design. It’s actually very similar to what Apple did with OS X.
On the plus side, it’s much easier to understand from a security model perspective, but it breaks some of the underlying assumptions about how scheduling and running processes works on Linux.
So: more elegant in itself, but an ugly wart on the overall systems architecture design.
Lol, no. Way more code in Systemd. Also more CVE per year than in some bad (now dead) init/svc' lifetime.
I think that's exactly it for most people. The socket, mount, timer unit files; the path/socket activations; the
After=,Wants=,Requires=dependency graph, and the overall architecture as a more unified 'event' manager are what feels really different than most everything else in the Linux world.That coupled with the ini-style VerboseConfigurationNamesForThatOneThing and the binary journals made me choose a non-systemd distro for personal use - where I can tinker around and it all feels nice and unix-y. On the other hand I am really thankful to have systemd in the server space and for professional work.
I'm not great at any init things, but systemd has made my home server stuff relatively seamless. I have two NASs that I mount, and my server starts up WAY faster than both of them, and I (stupidly) have one mount within the other. So I set requirements that nasB doesn't mount until nasA has, then docker doesn't start until after nasB is mounted. Works way better than going in after 5 minutes and remounting and restarting.
Of course, I did just double my previous storage on A, so I could migrate all of Bs stuff back. But that would require a small amount of effort.
what do you use as a prerequisite for the nas A mount? or does it iust keep trying in a loop?
I have a wait-for-ping service that pings nas A, once it gets a successful response it tries to mount.
I lifted it from a time when I needed to ping my router because Debian had a network-online service bug. I adapted it to my nas because the network-online issue eventually got fixed and mounting my shares became the next biggest issue.
It seems like this person might have grabbed that same fix for what I eventually did because our files are...oddly almost exactly the same.
https://cweiske.de/tagebuch/systemd-wait-nfs.htm
thanks!
do you perhaps also have a solution for hanging accesses to network mounts when the server is inaccessible?
I've started doing podman quadlets recently, and the ini config style is ugly as hell compared to yaml (even lol) in docker compose. The benefits outweigh that though imho.
I agree that quadlets are pretty ugly but I'm not sure that's the ini style's fault. In general I find yaml incredibly frustrating to understand, but toml/ini style is pretty fluent to me. Maybe just a preference, IDK.
Technically, sysv everything was just a file full of instructions for the shell to parse and initialize. Human readable "technically". It was simple and light weight. SystemD is a bit heavier and more complex as a system service binary. But that load and complexity is generally offset by added features that are extremely nice to have. Providing much more standardized targets and configuration iirc.
I had to search and dig trying to figure out how to set up services properly for my distro, back in the 90s. And when/how to start/restart them. There wasn't one way to do it all. SysD made it all much more standard, simple, and clear. It's biggest sin, is that it's one more binary attack surface that might be exploited.
Openrc, Runit, s6, dinit...
Why are binaries uniquely attackable in a way that init scripts aren't?
Init scripts are just scripts. Technically, they don't introduce any unique vulnerabilities of their own. Just the flaws in the shell itself or server binaries. A poorly written script absolutely can and will still fuck your day up.
SystemD is a program. Which could introduce its own unique buffer overflows or use after free opportunities. I've not heard of any. But its possible. However, its standard set of interfaces and systems make the risks of writing your own bad scripts or just using other people's random bad scripts like we used to much less an issue.
Nobody is packaging a standard init script across all distros, basically. A script is expected to be unique per machine or at least per admin setting up a set of machines. A binary could have a secret exploit installed in it that nobody can see/audit before it's too late.
At least that's the theory. Personally I love systemd
Yeah, sysv init is all just scripts under the hood, and it's a bit fragile/arcane. You have to write a bunch of files by hand, reference them correctly, and place and link them in the right directories. Systemd is a bit better, I have to admit that.
I haven't been an opponent but I must admit, when you have headless machine of different arch (so no chroot) you try to make connect to LAN and start sshd, managing those links in those directories feels more like shooting in the dark. In that case simple scripts in a dir were easier
When the drama started, the argument of my anti-systemd friend was that it goes against unix philosophy of one program do one thing only. But eventually even him turned on and become a fan.