On Thu, Dec 19, 2013 at 11:26:19PM +0100, Josselin Mouette wrote: > Le jeudi 19 décembre 2013 à 12:35 -0800, Steve Langasek a écrit : > > The reasons for not upgrading to the current version of logind aren't to do > > with any fragility of the existing glue code (the systemd-shim package), but > > because logind 205 has a new dependency on systemd as cgroup manager, which > > is architecturally incompatible with other consumers of cgroups in the > > ecosystem. This needs to be resolved before logind v205 can reasonably be > > adopted, because it's broken by design and needs to be worked around. > The new logind is not “broken by design”. Using the cgroups tree is the > most correct and secure way to identify which processes are permitted to > access specific devices or services. You might disagree with the idea of > a single cgroups manager or prefer a less secure mechanism in order to > handle corner cases (that have yet to be described), but that doesn’t > make the design less correct. The design which claims this role for systemd-as-pid-1, and which does not adequately address use cases of other existing cgroups consumers in the ecosystem (lmctfy, lxc) is broken by design. Having a single cgroup writer in userspace is fine. Coupling it to systemd in this manner is not. -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. Ubuntu Developer http://www.debian.org/ slangasek@ubuntu.com vorlon@debian.org
Attachment:
signature.asc
Description: Digital signature