-
Systemd-init has a larger attack surface compared to runit, openrc, or sysVinit.
-
Systemd-logind relies on systemd, so we need to adapt it for non-systemD distributions to ensure compatibility with certain applications like GNOME.
-
Udev also depends on systemd.
-
SystemD is specific to Linux, which makes porting software to *BSD even more challenging. It’s uncertain what the future holds, and there may be circumstances where Linux becomes unusable for you (e.g., compatibility issues with your laptop). Having a good alternative that doesn’t require relearning everything is generally beneficial.
-
SystemD-based distributions often come with more than just “systemd-init.” They include additional components like logind, resolved, networkd, systemd-timers, etc. However, many people still prefer using the alternatives they were accustomed to before systemd became popular, such as dhcpcd and cron. Consequently, having both sets of tools installed can increase the attack surface.
There is no such thing as a perfect OS where there is no attack surface or dependencies.
OP, you’re absolutely right about systemd, but similar critiques can be given to nearly any underlying OS service. (Also, I’m sure this is in response to other posts praising systemd)
I’m just starting to feel like it’s a little silly to even have a conversation one way or another about these things instead of just accepting that people could and should use the tools that fit their use case scenario the best.
For most people, the stuff they gain from things (for example, systemd) outweighs the downsides.
We don’t make such choices in a vacuum. It’s important to know limitations, attack surfaces, and dependencies, but it’s important mostly for being able to choose the right GNU tools for yourself.
Nobody can tell you what the best OS/Kernel/GNU tool is to use, because that’s always deeply dependent on your specific needs for the task at hand. While PCs are “general purpose computing,” they all can have wildly different hardware and software hiccups, and only you can use your own knowledge to choose the best tools for your use-case.
What an average Mint user gains from systemd? A bit slower boot time? A bit more ram used? 50mb heavier system updates? What problems systemd solves? I use systemd, runit and openrc on different machines and I don’t face any significant problems.
You have posted basically the same post one day ago. https://lemmy.ml/post/9994522 This might be classified as spam by now …
Really? Didn’t known. Lemmy.today seems to not work properly on mobile apps.
It magically disappeared …
I deleted it. No need for two almost identical posts to exist.
Some seem to argue not even one of them is needed…
Some seem to use Debian.
I absolutely dislike the hate for systemd. Especially if there’s bullshit claims like
having both sets of tools installed can increase the attack surface.
in there.
larger attack surface compared to runit, openrc, or sysVinit.
Because they don’t execute million lines super thoroughly checked shell code or why exactly? Without any explanation total FUD.
Some independent binaries from the systemd project, e.g. systemd nspawn, can even used on OpenRC and the systemd project explicitly didn’t change the way to launch udev in debug mode because the Gentoo non-systemd udev pkg maintainer asked to not do so (nicely).
You should instead tell people why OpenRC/runit is (more) awesome in your opinion and maintain initscripts for them. Maybe you can volunteer at the Debian project and get them to adopt OpenRC aside systemd instead of only removing the remnants of sysVinit support. This would also be beneficial for pragmatic pro-systemd users that have to deal with docker or chroot environments.
in there.
Whonix Dev quote:
Use a distribution with an init system other than systemd. systemd contains a lot of unnecessary attack surface… ©Linux Hardening Guide
It’s a matter of probability. Probability of discovering vulnerabilities in multiple tools doing same thing is higher than in just one.
Because they don’t execute million lines super thoroughly checked shell code or why exactly? Without any explanation total FUD.
Because they are not merged with journaling system, job scheduler and watchdog. More features→more attack surface.
Imagine if all the people who prefer systemd would write posts like this as often as the opposition. Just use what you like, there are plenty of distros to choose from.
Not really. Void, alpine, gentoo are the only usable ones(besides non-systemd forks of arch and Debian). These are the only ones maintaining enough packages, providing enough documentation, not being just poorly maintained forks of X distro.
Void, Alpine, Gentoo, (and Guix) are enough for me
Linux Libre makes Guix unusable on most hardware. It also requires much effort to configure. Learn scheme, how to use shepherD, etc.
no one cares.