[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: systemd effectively mandatory now due to GNOME

> * it is buggy.  I did install a straightforward install of experimental
> GNOME to test if it improved even a bit, running systemd as init, and, with
> 2G RAM assigned to the machine, I got an OOM from one of systemd's
> components.  Excuse me for not looking more closely but purging the machine
> and running away screaming: even in early stages of integration, an init
> system which even *can* possibly OOM is not fit for any non-toy use.
> * it breaks other users of cgroups.  I have not tested this personally
> (mostly because of the above point), but if I understand it right, it takes
> over the whole cgroups system, requiring anything that runs on the same
> kernel instance to beg it via dbus to perform required actions.  This might
> be possible to organize on a single system, but not really between multiple
> systems on the same kernel.  Even if you run massive Rube Goldberg tricks
> (akin to those once needed for dbus inside a chroot), this is still doable
> only if you run the same version both in host and guests.  And I for one
> heavily use vservers, which are supposed to be replaced with lxc.  Not being
> able to run an arbitrary, possibly old[2], distribution in a guest -- or even
> being able to move a live system into a container, without replacing its
> init system, means it's a no-no for me.

* CVE 2013-4327 - Towards a world where even simple systems and
firewalls are vulnerable!

p.s. CVE-2013-4392, CVE-2013-4391 and I think I've missed out the really
bad one to do with remote connection.


'Write programs that do one thing and do it well. Write programs to work
together. Write programs to handle text streams, because that is a
universal interface'

(Doug McIlroy)

In Other Words - Don't design like polkit or systemd

Reply to: