Yep, say goodbye to Linux sudo. It'll be handled by System D now just like user directories are now, and (some?) DNS, and time synchronization...
SYSTEMD TAKES OVER SUDO
Yep, say goodbye to Linux sudo. It'll be handled by System D now just like user directories are now, and (some?) DNS, and time synchronization...
They still let this paid microsoft employee contribute to systemd?
Microsoft and IBM are partner companies. Partnering to kill Linux.
Lurk more, homosexual.
sudo is maintained outside of Linux though, and incredibly few professional Linux sysadmins will use the systemd "replacement".
Their scope creep tried to replace ntp, and failed, because work servers aren't Pottering's laptop. See also name resolution, home directories, syslog, and cron. At least the systemd timers act as a decent additional tool to cron, but it doesn't replace it at all.
>openbsd replaces sudo with duas, a utility that has 1% the LoC and uses exec for extra lifetime security guarantees
>good
>systemd replaces sudo with run0, a utility that has 1% the LoC and uses exec for extra lifetime security guarantees
>bad
OpenBSD is good and trustworthy.
Poetteringware breaks my sound and stops anything else from opening /dev/snd/control0. And he fricked up my init scripts. And he sodomized my log files. And timesyncd doesn't have nearly the feature set of ntpd so it's kind of dumb distros started replacing ntpd with it.
I want to get more into openBSD but it feels like there's a giant lack of practical documentation. Man pages are one thing, useful examples are utterly lacking.
I'm a novice to intermediate user and I got as far as installing apache on an openBSD server in an attempt to move my mail server to it. After that, I just kind of failed at other components so I gave up on that and tried just to put up a php-based website. I failed too many times along the way so I gave up until I learn a lot more.
I had the same experience. Reading the FAQ on www.openbsd.org helped somewhat but I still had WTF moments trying to figure out how to install it. That being said, you can always count on its reference documentation, even if examples are lacking.
Your first mistake is installing Apache, you should try to use the OpenBSD components that ship with the OS. The FAQs are good and OpenBSD has a rather small community so to do more arcane things you should look at peoples personal blogs.
openBSD is irrelevant in 2024, its claim of 'no security holes in the default install' was undone ages ago. Some good things have come out of the openbsd project, but not openbsd itself. Use Linux.
Much like Plan 9, it will stay relevant as long as homosexuals like you keep yapping about it.
>a utility that has 1% the LoC
40x the LoC.
doas: 32kib, 12s compile
sudo: 5183kib, 58s compile
sudo is bloated at 284k lines of code
https://lwn.net/Articles/971812/
systemd is a monstrosity at 1.98m
doas is something like 600 LOC. And there are some portable forks for linux/mac
https://wiki.archlinux.org/title/Doas
https://wiki.gentoo.org/wiki/Doas
>sudo is a bloated POS
>systemd is an even more bloated POS replacing another bloated POS and making morons feel good about cleaning up
Just Linux thing. Linux is the Windows of UNIX.
yes exactly
I don't use openbsd but from what I've heard on IQfyeddit it's "le good"
I don't use openbsd so I don't care but I do use Linux and pottering keeps developing new types of malware for it.
OpenBSD developers are actually competent and not corporate infiltrators
But this is what I don't understand. doas already exists if sudo makes you mad. Why the frick does poettering need to reinvent the wheel yet again?
>Why the frick does poettering need to reinvent the wheel yet again?
So that he can say on his Agile Daily Sprint Refinemtn Scrum of Scrums that he "did something" so his employment remains unchallenged
I doubt he's getting paid for maintaining his shitty open-source project. It would have been such a hilarious waste of money for IBM to pay him when he's more than willing to frick everything up in the Unix land on his own
That's exactly what happened though. RedHat paid him to write PulseAudio (good), then paid him to write systemd. It's only in recent years that he moved to Microsoft.
doas is too minimal and not maintained by Red Hat.
Doesn't it still use suid?
I guess. Why is SUID the devil again?
https://mastodon.social/@pid_eins/112353324518585654
opinion discarded
He doesn't say anything of substance. This is just "SUID bad".
Yes, and?
>openbsd
retvrning to su rn
Post the thing you hate most about systemd.
For me, it's the dbus requirement.
I don't really mind dbus, but I hate that half of daemons aren't in /etc/init.d anymore
# /etc/init.d/lightdm restart
works but
# /etc/init.d/NetworkManager restart
doesn't, because that isn't an init script anymore.
I don't like that systemd wants to take over sudo but the fact is, I won't notice or care as long as
>/etc/sudoers format and parsing doesn't change
>the command is still sudo
>visudo is still installed
>any graphic bullshit is suppressed by default when distros adopt it
>the text output reads the same as sudo
The whole reason I switched to Linux was because Windows XP to Windows Vista was too much change, and I'm very happy to keep my operating system working the same way as it did in 2008 TYVM. I'll even take HAL back instead of udev, it was mostly fine.
>I hate that half of daemons aren't in /etc/init.d anymore
nothing should be using init.d on systemd machines
>/etc/sudoers format and parsing doesn't change
no chance
>the command is still sudo
let me introduce you to aliases
>visudo is still installed
visudo only exists as a sanity check around just editing /etc/sudoers and wouldn't be needed
>any graphic bullshit is suppressed by default when distros adopt it
most distros don't even ship a graphical sudo. I don't even know what still works
journald is an affront to god
querying binary logs should not be literally hundreds of times slower than grepping text logs
security risks
Trying to replace everything while being worse at it.
It tries to replace the network manager, boot loader, NTP, cron, syslog...
It surely looks like the NSA's favorite piece of software and RedHat is happy since it makes other distros so much more dependable on what they do.
it is almost as if redhat was funded by the nsa
What timeline are you living in? SystemD is sponsored and maintained by Microsoft now, not redhat.
The amount of churn in the SystemD source code is horrifying. Just try to comprehend how many remote code vulnerabilities have been mixed in and then out and then back in again.
Slow
Journald.
Logs shouldn't be binary, ever, because the basic interface is text, and basic interfaces are important when debugging. You shouldn't be required to get one specific thing to work to be able to read your own fricking logs when your system shits itself. Whoever had that moronic idea needs to destroy his computer and go live in a cave, because that's the level of civilization his brain is capable of.
That's aside from the "brilliant" concept of replacing a vast number of distinct tools that all do one thing very well with one giant pile of unauditable spaghetti code to begin with.
This is based, isn't it?
Yes, it's giga based, little NPC that needs to validate his opinions on the internet. You can trust Poettering, IBM and Red Hat to continue improving the Linux ecosystem, go tell your little friends on the Japanese cartoon imageboards.
Embrace, extend, extinguish.
Remember IQfy, every time you buy a Microsoft product, theese pajeets get their +15 rupees for shilling.
SystemD is llitteraly microsoftware and you cannot argue with that - if you support systemd, you hate Linux. This is not a joke, i repeat - this is a campaign against opensource. Wake up, anon.
systemd is FOSS
It's so complex and inescrutable it might as well be a binary blob at this point.
Nobody knows what's in there. It hasn't been audited since 2013 when it was 1/4th of its current size.
the source code is available, the frick are you talking about? you guys are absolute morons lmao.
>source code
>literally unreadable jeetware
no thanks
learn to code
The source code is 1.98 million lines of code you moronic shitstain. Last time there was a comprehensive security audit of systemd was for its inclusion in RHEL7, this was in 2013, back then systemd was "only" 600k lines of code long, and the official Red Hat audit still found over a dozen serious security flaws and bugs.
You can read about it here:
https://lists.debian.org/debian-ctte/2013/12/msg00000.html
If you don't understand how complexity is a threat to open source, then maybe you should stick to Windows and don't larp as a FOSS supporter. The fact is nobody knows what's hiding in those 1.98 million lines of code because nobody has the time or resources to do a proper security audit on it.
>The source code is 1.98 million lines of code
and? linux? gnome? kde? you guys are ridiculous
The Linux kernel is a mess too.
I'm considering switching to HURD.
Linux isn't really that big for what it does. It's mostly just drivers.
>linux?
Linux has to support a diverse set of CPU architectures and drivers tho
Much easier and safer to just not use systemd. Auditing it would be a full time job for 50 people for a couple years, easy.
It's trash and doubtless has backdoors.
>Much easier
false. systemd greatly improved both develepoer and end user experiences.
sorry, but no one asked for an opinion of an IBM shill
I just run everything as root anyway
>I just run everything as root anyway
Extremely based and supremely moronic at the same time.
What's wrong with it? All your important data is under your normal, fully accessible user account anyway.
you may not be interested in the Gleichschaltung but the Gleichschaltung is interested in you
I don't have sudo or systemd in my system
sudo is bloat
just use su
im a windows moron
what the frick is a systemd
A program that turns Unix-like operating systems into Windows.
Like the windows service manager. It's a relatively new software that replaced the old way of handling services on most Linux systems.
it's a glistening, glimmering gemerald that makes trannies seethe
Think of it this way... its like the Thanos of Linux
honestly, if they take the time to fix the shit that's broken with sudo, as well as all the other shit you just mentioned. I have no issues.
sudo has been broken, most competent sysadmins I know still only use sudo to sudo su - to run as root. frick sudo. The only homosexuals that like sudo are the ones who will throw you under the bus. I cringe everytime I see a command prefaced with sudo.
sudo frick you b***h
How is sudo broken?
Not enough systemd in it
I have to preface every command I use with it.
Context switching isn't too hard, but it's hard enough to cause mistakes by even the best of us.
Doesn't inherit my environment
Depending on whatever asshat security dipshit is in charge of the rules, it can make looping through commands from a control server via ssh to client systems impossible.
Honestly the shills are the people who were all like "always use sudo never run as root" because their too incompetent to set up audits to trace command execution.
It's literally the biggest meme memed to existence by moronic security nerds. They literally got everyone to buy into the meme.
Oh yeah, also, if you care about this shit and only use linux for personal use you are a gigantic homosexual.
Also this:
https://www.garyshood.com/root/
> compulsive lying damage control
never was. people all over the internet are quite mad about systemd's programmer just lying about everything. and usual shills are going around doing damage control just making up fantasy stories about sudo. it's not working well for them.
There is no fixing Linux. People are fleeing in droves to BSD. Mailing list volumes are way up in the last few years on all BSD variants.
>There is no fixing Linux
don't act like bsd is any better. that shit has had some shocking security practices over the years just like linux has.
>Mailing list volumes are way up in the last few years on all BSD variants.
really meaningless, anon. the volume of a mailing list is not indicative of actual install base (which is nowhere near the size of linux and never will be).
>don't act like bsd is any better.
It's way better. And don't tout ACLs as a feature. You can do it all with users + groups + user private groups.
NSA literally wrote the Linux kernel code for ACLs. Who knows what kinds of stuff they sneaked in.
>NSA literally wrote the Linux kernel code for ACLs. Who knows what kinds of stuff they sneaked in.
why are you so worried about the NSA anon? What kind of shit are you up to bro?
>why are you so worried about the NSA anon?
Clapper lies to Congress at least twice, and to the American people at least twice on TV when he was head of NSA. It's no longer trustworthy. The capabilities they develop and maintain and extend, are designed to violate the American people.
If there was no FVEY and the FISA court had real-time oversight, instead of post-hoc, we could maybe let them have their capabilities. But take The Fappening. Everybody knows it was glowBlack folk making a fap pack and it leaked.
>But take The Fappening. Everybody knows it was glowBlack folk making a fap pack and it leaked.
No body KNOWS, it's just a Wild Ass Guess.
Some time ago I tried `systemd-boot` as a grub replacement and it was actually... good??
like it does its job and the config files were clean and easy.
so I welcome this whole new thing,
perhaps the config files will be easier to understand
and not be the clusterfrick that sudo config is,
Like
>%wheel ALL=(ALL) NOPASSWD: ALL
What the frick is even all that garbage
who the frick wrote this like that, it is not clean or understandable without spending 2 hours reading the docs
>>%wheel ALL=(ALL) NOPASSWD: ALL
No password for all commands for users in the big wheel group.
It's not fricking different anon.
You do have a wheel group already, right?
yes, but why is it so cryptic?
the config file could be simpler with easier to understand verbs and not requiring dumb one liners that do multiple things
>yes, but why is it so cryptic?
It's not cryptic.
This is the contents of man 5 sudoers at my site.
The User specification is the part that actually determines who may run what.
root ALL = (ALL) ALL
%wheel ALL = (ALL) ALL
We let root and any user in group wheel run any command on any host as any user.
FULLTIMERS ALL = NOPASSWD: ALL
Full time sysadmins (millert, mikef, and dowdy) may run any command on any host without authenticating themselves.
PARTTIMERS ALL = ALL
Part time sysadmins bostley, jwfox, and crawl) may run any command on any host but they must authenticate themselves first (since the
entry lacks the NOPASSWD tag).
jack CSNETS = ALL
The user jack may run any command on the machines in the CSNETS alias (the networks 128.138.243.0, 128.138.204.0, and 128.138.242.0).
Of those networks, only 128.138.204.0 has an explicit netmask (in CIDR notation) indicating it is a class C network. For the other net‐
works in CSNETS, the local machine's netmask will be used during matching.
lisa CUNETS = ALL
The user lisa may run any command on any host in the CUNETS alias (the class B network 128.138.0.0).
Just RTFM or ask your system administrator to do it for you.
You must really like doing trivial shit to justify existence.
>what OS do you use?
I use Systemd.
systemd has already fixed most of Linux's problems. I trust those devs based on a solid track record.
remember init scripts, jfc that was god awful
Slackware uses init scripts and they work great. What's the issue?
Hobbyists.
kys shill
Calling me a hobbyist is not an argument, you piece of shit shill.
No, it wasn't.
It was just shell scripts, the same thing you do everything else of value in. Frick DSLs, my entire system could be brought up from my .bashrc in a pinch.
>system
Singular.
Running from box to box to boot is a bit of a drag, but it's not like all the runlevels on all your machines would get fricked up at the same time.
I've fricked up init scripts before and that's what my CD binder full of Live CDs are for.
>my entire system could be brought up from my .bashrc in a pinch
Knoppix did exactly the same.
Very organic post, thanks Lennart.
This. I remember being an Arch user on the front lines of the great systemd migration. It was largely seemless and left me with a better system overall. That was eons ago.
>systemd has already fixed most of Linux's problems. I trust those devs based on a solid track record.
The argument is 1.98 million lines of code that haven't had a security audit since 2013.
But that's fine let's keep adding shit to it so that nobody notices the NSA backdoor.
This but unironically
>This but unironically
*gets hacked through SSH since moronic Black person systemd pulled in ONE BILLION dependencies including fricking lib XZ for no fricking reason into sshd*
no, thanks, homosexual
Why isn't it possible to import one function without pulling in unrelated transient dependencies?
I use systemd-maxxed Arch btw, and I wasn't even affected by the backdoor. Not my problem shitty distros got affected by it.
>the backdoor is configured to attack only debian/fedora
>if (OS == debian) hack(); else return
>WOW LOOK MY NON-DEBIAN/FEDORA OS SOMEHOW RESISTED THIS ATTACK, I RULE!!!!
lamao
see you at the next exploit in libwhogivesafrick3.0.so which will not be so nice
idiot.
>Arch does not directly link openssh to liblzma, and thus this attack vector is not possible
0/10 reading comprehension
>>Arch does not directly link openssh to liblzma,
I stopped reading at the opening text whey they literally say exploit is configured to attack only debian/fedora, you mongolian dog
and it does nothing at all to invalidate the point that pulling in BILLION FRICKING DEPS will get you killed.
>Why isn't it possible to import one function without pulling in unrelated transient dependencies?
afaik it's a lib, and exploit was not in some unused function of that lib, but in the startup code of the lib that always is run obviously
at what point does installing libshit.so call in an airstrike on my ass?
>at what point does installing libshit.so call in an airstrike on my ass?
I think when your program links to it.
Check with
$ ldd /usr/bin/htop
linux-vdso.so.1 (0x00007ffeaaaeb000)
libncursesw.so.6 => /lib/x86_64-linux-gnu/libncursesw.so.6 (0x00007f8c9d940000)
libtinfo.so.6 => /lib/x86_64-linux-gnu/libtinfo.so.6 (0x00007f8c9d910000)
libm.so.6 => /lib/x86_64-linux-gnu/libm.so.6 (0x00007f8c9d788000)
libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f8c9d5c8000)
libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f8c9d5c0000)
/lib64/ld-linux-x86-64.so.2 (0x00007f8c9dbf8000)
ldd /usr/bin/kate | wc -l
=96
Boat.
>>at what point does installing libshit.so call in an airstrike on my ass?
>I think when your program links to it.
and, obviously, when you run the said program.
or when given installed package also makes the program or some of it's sub programs auto run at start and alike
Yeah but it's not like I can do anything about it. There's this notion of implicit trust towards package maintainers that they will not try to screw you over on purpose. Of course, increasing the amount of shit I install on my PC makes it more probable that I'm going to eat shit but sometimes you just have to use certain software and there are no alternatives.
What if it dlopens it? systemd is making a change that dlopens compression libs, so nobody can use ldd to blame systemd for linking to backdoored crap.
>I stopped reading at the opening text whey they literally say exploit is configured to attack only debian/fedora
Not my problem you have a fried attention span on top of poor reading comprehension.
Fair, but this attack and the way it didn't work on Arch (i.e. the maintainers don't just link everything for no reason), shows me that this attack vector (i.e. take over a poorly maintained open source software repo that happens to be an optional dependency on something security related) is more difficult to pull off on Arch.
>(i.e. take over a poorly maintained open source software repo that happens to be an optional dependency on something security related) is more difficult to pull off on Arch.
how you arrive at this hopelessly misguided conclusion?
That anon was moronic but your argument is almost as much. If Arch was used in production for something actually serious that can be used to actually do harm then the attack would have worked on Arch to begin with. If not why the frick make a backdoor that is not going to work? It's just coincidental that the backdoor didn't work in Arch because nobody cares about hijacking Arch.
The devs of systemd are so moronic Linus told them they need to be retroactively aborted.
Calm down Linus.
To be fair, he's probably said that to half of the kernel devs out there. This is just his way of communicating he's alpha on the kernel.
This is unironically what we need, for systemd to become such a monstrosity that it conflicts with the rest of the GNU/Linux ecosystem and someone finally forks it to remove the 70% of it that's literally useless.
in the future you will write
>lennart apt update
>lennart apt upgrade
:^)
>or as i like to call it, systemd + linux
who fricking cares, I just spam and coom on this homosexual board.
Death to redhat, death to freedesktop, hail openbsd, white power
Hello glowies.
Your presence is very obvious on this thread.
It's fricking glowing. What can I say? You folks need to be more subtle.
>Your presence is very obvious on this thread.
>It's fricking glowing. What can I say? You folks need to be more subtle.
yeah, I'm a federal agent tasked with posting on IQfy, specifically to encourage the populace to not use sudo and say stupid shit like white power.
Schizo post of the year
that was like... an obviously israeli image to be posting. KYS
has already fixed most of Linux's problems. I trust those devs based on a solid track record.
good good. only a fool would say that systemd hasn't been a huge improvement for gnu linux.
>sudo ... install neofetch
>Error! sudo not found. Try RedHat ... install (package)
>RedHat ... install neofetch
>Error. Insufficient credits. Add more credits at RedHat webpage @ redhat.com OR use ad based administration access. Try IBM does it best! RedHat ... install (package)
SystemD + Linux
good, sudo is insecure anyway. You need a different password between your user account and your superuser activities.
What's the use case for sudo?
there is not one
>when asked for a comment about how white supremacists and japanese far right wing groups have taken to openbsd, Theo said "good."
I've been using doas for a year already (and runit), not my business.
Devuan.
Gentoo.
Come home, white man.
>something works fine
>freetards: NOT ON MY WATCH!!!
>@pid_eins
>v256
Boy, he sure takes his job seriously!
When do we stop referring to it as GNU/Linux and instead call it Systemd/Linux? Is there much actual GNU code left?
I wonder if it’d be feasible to rewrite an alternative systemd, uses the same config files and communication mechanisms, but is less of a mess code wise, and doesn’t implement all the extra bullshit like systemd-home. I’m not sure it’d be doable because it’d be a constantly moving target, and systemd breaks shit often enough internally anyway, let alone if you were trying to remain compatible with it.
I will never run a distro that uses systemd
>troonydon
YOU WILL NEVER BE A WOMAN
I'm root by default, I don't need to say any magic word to do whatever I like.
bump
>su
>apt install sudo
Linux on desktop would be nowhere close to be usable without Red Hat.
[codes]
sudo pacman -S doas
sudo pacman -R sudo
echo "alias sudo='doas'" >> ~/.bashrc
. ~/.bashrc
[/code]
Problem solved
[nick.garr@IQfy] ~ # which sudo doas;pgrep systemd
[nick.garr@IQfy] ~ #
comfy
it's already garbage by design anyways
https://twitter.com/hackerfantastic/status/1785495587514638559
frick lennartware, this dude can only ever produce dogshit, why do companies keep hiring/promoting morons...
can someone explains this to me?
what have you ever produced, dude?
>A user can access their own terminal
ok.
what is a reverse shell
it it like reverse rape they keep talking about over on /h/?
Not my problem.