What's the big deal with systemd?

Hello,

I’ve been reading about systemd lately and was wondering what exactly is the main issue that some people seem to have with it.
My understanding so far is that it violates the Unix principle of doing one thing and doing it right and the amount of features potentially causing issues in the future/already causing issues. Some claim systemd is major security/privacy issues. Is that correct?

I’d like to know the stance and of some reasons for and against using it compared to, e.g., OpenRC.

Thanks.

Its a thing.

Some people like it some people don’t.

Some people use it some people don’t.

That’s about it really.

7 Likes

For the most part you are correct that a lot of Linux users don’t like that systemd does a lot of things. The other thing that I’ve seen is there’s a lot of complaints because systemd stores its log files in binary format.

This is a complete non issue funny enough, as the logs can be stored as text as well. The way journald works ive found is just far far better that what we used to have.

People hate systemd because it’s a pain in the ass to maintain, it’s complex, and defies the UNIX Philosophy. Which triggers UNIX purists, and it’s very heavy compared to other init systems such as OpenRC, and Runit.

On the grander scheme of things it’s simple for the user, but difficult for the developers. Despite it being implemented on the top popular distros (Debian, Ubuntu, Arch, OpenSUSE, Fedora, etc etc… On a relevant side-note, it’s not so secure like other init systems. As previously seen with Systemd’s vulnerability issues people have reported on.

This isn’t just a Unix principle, this is a basic principle of all software engineering. To see such a large system deployed that goes against such a basic rule is infuriating to say the least.

1 Like

I think this video does a decent job of explaining it,

Although systemd isn’t just an init system but has a bunch of other stuff packed together, which is considered bloat by some that’s why people joke about systemd making its own kernel.

Also try to learn and mess around with systemd, openrc etc, which will help you better understand the debate and help make your own informed opinion rather than just reading up about it.

1 Like

will it eventually include a web browser and an office suite?
JKS

1 Like

I’m personally more concerned with whether they’ll make a competitor to vi/vim and Emacs.

Been distro hopping for months to get away from systemd. To many bugs with ACPI that never get fixed and it seems asinine to have to setup my computer around the init system bugs.

2 Likes

How does ACPI influence systemd for you?

Mostly not a problem except were I get a 90 second wait on C1-4 on reboot or shutdown. Could be it reboots without a problem or I get one were it hangs on C2 for 90 seconds or another when I’m halting the system and it waits for C2 then C4 then C6. Only work around I could find was set the wait time to 3-10 seconds or turn those features off in bios because it was a known bug that hadn’t been fixed.

1 Like

Systemd borrowed a lot of concepts from osx launchd (socket activation that used to be there in inetd but is now in init, purely declarative init script equivalents called “units”, and so on) and reimplemented them for Linux in a single C binary allowing for very efficient boot process.

It also happens to have made it easier for developers to get their software on more distros than before, because all they have to think about now is systemd and distro maintainers can just reuse the “unit” files.

The problem is that in its quest for efficiency it did some stuff that people think it didn’t have to, for example,

  • instead of keeping plaintext logs and grepping through them, there’s now a binary log format and a different command to manage the entries. It’s technically superior for a number of reasons and there’s reasons why it makes boot faster, but more complicated for anyone who hasn’t previously dealt with e.g. syslog in depth.
  • it implements a cron; it launches stuff on boot, might as well do it on a schedule
  • it can launch things in containers
  • it can setup network interfaces
  • it has an ntp client
  • it has a mechanism for updating itself at runtime

The problem is that it does a lot of things well enough, but not really as well as things that it replaces.

On the other hand, it’s really nice now that distros have adopted it, instead of each having their own ball of hacks for some of the things above - you can pick distros based on their “release engineering and software distribution” practices instead of how easy it is to configure.

Security wise, it’s a hit and miss, does more things, but it’s less of a surface area than if you did all those things separately.

Does boot time matter on servers that are still a large chunk of ? Most often no.

2 Likes

What about the tin foil hat suggestion that systemd (although being free) is actually being purposefully complicated to the point that no one can audit it fast enough and thus provides an additional attack surface for certain organizations.Some believe that this was developed by RHEL because they couldn’t figure out a way to make the kernel vulnerable etc. Considering that govs are some of RHEL’s largest clients maybe it is not so far-fetched?

On the other hand, there’s less attack surface when compared to myriad of other things it replaces, and simultaneously there’s more eyes on it due to it being more widely.

Containers, that systemd makes easier to use, also increase security even though that’s not their primary purpose, just by virtue or processes running in their own namespaces that make it easier to upgrade them more frequently.

Main downside for security auditors is that it’s new and actively developed :slight_smile:

They shouldn’t use Linux then. Its GNU not UNIX

2 Likes

The kernel is already vulnerable. Regardless, im not sure how that would make sense as then all government systems would be vulnerable. Why would they want them to put vulnerabilities into their own systems?

1 Like

https://systemd-free.org/why.php

The 5 links that page has are the “long” answers why some people take issue with systemd.

That website has information useful for people who would want to use distros without systemd that do utilize it.

Edit:

This is a good post outlining some things people also take issue with regarding systemd.

My biggest gripe among those things would be this:

systemd creates dependencies and is a dependency of things for political reasons in order to encourage people to pick these things. This is not conjecture, Lennart has admitted multiple times that he creates dependencies to ‘gently push’ everyone to the same configuration.

That’s evil in so many ways. Even if it’s not intended maliciously. You should never intentionally create a situation that can be exploited like that without a good reason to do so.

I wouldn’t really use that site as an argument for anything, considering at minimum the fact that the author couldn’t even come up or be bothered to write his own reasons.

Wheres the source for this? Is this your only reason for not liking it?