• notabot@lemm.ee
    link
    fedilink
    arrow-up
    5
    ·
    8 months ago

    SysV init does one job, it runs a set of scripts in an admin defined order, the init portion of SystemD attempts to solve a dependency graph at boot time and execute the startup scripts (units) in the order it devines from that. The big problems I’ve had around that have been services silently failing to start because it failed to resolve the ordering, and the difficulty of inserting a new unit into the ordering in a specific place. It’s doable if there happens to be a target at the point you want, but if not you can’t really do it as the existing, and any new, services all sequenced on the existing target. With SysV, of course, setting the service start order is trivial.

    The thing is, if SystemD was just an init system it wouldn’t be as bad, and has some useful ideas, but it tries to replace huge swathes of the system. As you say, some, and I’d say most, of the default housekeeping services suck, and you need to replace them. Unfortunately this then breaks the much vaunted integration of those services. Leaving them on the system isn’t a great plan as it just leaves the extra attack surface. So now you need to contemplate repackaging it to exclude the stuff you don’t need, which is a huge pain, and makes keeping up-to-date a big job. You’ve also got to worry about breaking dependencies from other packages.

    Probably the biggest issue though is the huge attack surface SystemD exposes on your system. We’ve just seen an example of how that can be taken advantage of, with malware in a library way down the dependency chain from the system library that gets jammed into all sorts of things. I understand there is an effort underway to reduce those dependencies, but it’ll always be worse than simply not doing that in the first place.

    The architectural and design issues are to do with the way the different parts are so tightly linked when they have no rational reason for being, the level of complexity introduced to core services and the incoherence of some of the choices around behavior. A recent bugbear was the automounter. It works most of the time, but if a mount unit fails it just gives access to the mountpoint, when by definition you obviously and explicitly didn’t want that. It also has a nasty habit of marking the unit failed, so future attempts also get bypassed until you reset it or have a recovery unit to do that.

    Anyway this turned into a wall of text, and its late, so I’m going to stop there, I hope it’s reasonable coherent.