I have seen so many times that systemd is insecure, bloated, etc. So i wonder ¿does it worth to switch to another init system?
I mean, is systemd giving YOU problems? If not, don’t switch just because other people complain about it
deleted by creator
I didn’t use Linux two decades ago (I started on a systemd distro a few years ago), and the init system I use (runit on Void) is both simple to use and boots faster than any systemd-based distro I used; which is what I personally care about. I never used any “advanced” features of systemd other than timers and user services, and these have many alternatives.
I think systemd is fine, and has generally proven itself as reliable, but that doesn’t mean the current alternatives have no merit.
I would be interested in understanding how it boots faster considering that systemd init is fairly small and the features of runit is parallel process starting, which is also something that systemd provides.
Are you sure it’s not just that void itself has less crap to load?
This feels like I’m going to have to set up a couple of Arch installs to compare for myself.
I also had a Debian setup for a while with SysV init which also had a faster startup than systemd (on the same exact setup otherwise).
That Debian install would actually startup faster than my current Void setup, though I wouldn’t recommend it.
I would be interested in understanding how the hell it’s such a big issue, honestly. Even if we generously assume that runit boots 5 times as fast as systemd, on modern systems it makes like a few seconds difference, which… who cares? Who goes around constantly rebooting their shit so many times a day that those 5 seconds they save per boot add up to any significant amount of time?
Calm down, I only said I was curious!
I’m on Fedora so I’m unlikely to be switching from systemd for my main system, I have very little interest in switching init’s and I’ll use the one that comes with my distro but people talking it up makes me wonder.
As for rebooting, my couch gaming system gets started and shut down for each session because it could be days/weeks between use so shaving 10 seconds off the start up time is an interesting concept. Although I could probably do better just replacing the grub delay that HoloISO added for some unknown reason.
Why are you so invested in systemd that you have to project your values on other people?
Besides, different approaches can be educational and solutions to improve performance can always be reincorporated into systemd to improve life for everyone.
If you don’t care, good for you; I do care though.
And you can generously assume whatever you want but with systemd I sometimes (across multiple OS’s and machines) had random boots which took way over 5x my current boot time (not to mention extremely long shutdowns, more than 2-3 minutes sometimes compared to less than 2-3 seconds now).
I know this stuff can be analyzed and fixed with tools provided by the systemd project, but I never had to fix anything with runit.
Even you asking this question means you should not. Systemd is perfectly fine for most people and the people that dislike it have their very specific reasons. Just use what your distro gives you, you shouldn’t have to care about these things.
Just use what your distro gives you, you shouldn’t have to care about these things.
To expand on this: OP, if you want to try a different init, you’re most likely better off switching the whole distro to one using that init. Unless of course your current distro explicitly supports many different init systems (like Gentoo). Don’t try to replace it by hand in a distro that expects to run on systemd, it’s a recipe for disaster.
Gentoo is great because they give you step by step directions for systemd and openrc so you can see the differences in action. (If you choose to read both sets of directions)
Switch to sysvinit and you’ll understand the benefit of systemd
This is a bit of a strawman. SysVinit is hardly the only alternative:
antiX: sysvinit and runit
Artix: openrc, runit, s6, and dinit
Chimera: dinit
Devuan: sysvinit (default), openrc, runit, sinit
Dragora: sysvinit + perp
Gentoo: openrc, systemd
Guix: shepherd
Hyperbola: openrc and runit
KNOPPIX: knoppix-autoconfig
MX Linux: sysvinit (default), systemd
Obarun: s6 supervision suite
Parabola: openrc, sysvinit, s6, systemd (default)
PCLinuxOS: sysvinit
Slackware: sysvinit
Stali: sinit
Void Linux: runit, openrc
Openrc at least is sysvinit based. Pre systemd the options were really sysvinit and upstart. Upstart was even worse than sysvinit such that afaik no one has bothered to try to revive.
Oh yeah ahaha
The kind of suggestion that does fuck all. Don’t force your myopic ignorance on others.
just another one of the holy wars within Linux – for the average user, it’s not going to make any difference – most of the mainstream distros switched over a LONG time ago so if you want to avoid systemd, you have to do a little hunting (ex. Devuan, Void, Gentoo, etc.)
so, it’s all just a “Playstation VS Xbox” kind of thing
It used to be that everything in Linux was a file, ideally a text file, so if you could find the right file you could access or change what you wanted. Systemd is a big program that manages a bunch of stuff and creates unique commands within its programs for doing so, which moves away from that principle and turns system management into what feels a bit more microsofty (like the registry editor program vs editing config files, etc) and a lot of people don’t like that. But to its credit, it does solve a few problems with cobbling together a modern system that doesn’t suck.
Actually it doesn’t really move away that much from the “everything is a file” principle. For example a “service” is a file describing how to properly start a particular service and if you enable a service, then a symlink is created to your service file, …
As a Windows app developer, I wish Windows service management, boot control, and logging were more like that of systemd. What we have is so much more janky and Sisyphean to work with.
It used to be that everything in Linux was a file, ideally a text file
Yes? The entire Systemd configuration is done with files. With a very well defined structure called units that you can use to configure, boot, service startup, networking, containers, mount stuff, open sockets… that’s exactly the point Systemd provides a cohesive configuration file format for a system.
Yeah but I’ve interacted with it a lot and most of my interaction is commands sent through one of their programs. Versus scripts like init.d whose contents I can easily inspect and modify. Init scripts aren’t config files, they’re directly executable code.
Init scripts aren’t config files, they’re directly executable code.
Yes and that’s exactly the problem.
Yes and no. Let me start by saying I use systemd and have never seen any of this as a problem big enough for me to switch.
The Unix philosophy is that a program should do one thing and do it well, the old init.d system did exactly that, but systemd does more than just start programs, for example there’s the systemd-logind service which is used to authenticate users. Why is this a problem? Because some people don’t want to use systemd, therefore they don’t have logind, so if something were to depend on that, like GNOME’s GDM did for a while, it would be impossible to use it without systemd. So in a way people complain about programs becoming dependant on systemd, and systemd grabbing more and more responsibilities to the point where it would become an integral part of Linux, it’s not that systemd is a problem now, is that it has the potential to become so ingrained to everything that it becomes impossible to remove. But in the meantime systemd does provide some advantages, including parallelism which makes the computer boot faster.
Should you switch? Not really, this is more a philosophical debate on what Linux is and should be, I agree with all of the philosophical points and don’t think programs should depend on systemd, but I don’t think that’s directly systemd’s fault.
Keep systemd. People can cry all they like but it’s the best init system we have right now. Unless you want to start building a better one, i guess.
Systemd is a large piece of software. There are ways to make it smaller and disable various modules for it, but usually by default it’s very heavy.
With a traditional init system, it’s just an init system, and you’ll use other other programs to do the other things. This basically means a chain of interconnected bash scripts. Perhaps you’ll run into some integration issues. Probably not though. It’ll be mostly the same.
There is no real advantage to this from a user perspective beyond a philosophical one. Systemd works quite well at doing the things it tries to do, but it’s the Unix philosophy to “do one thing and do it well,” and some people care very deeply that systemd does not follow their interpretation of that philosophy, and that’s certainly a fair reason to not use it.
However, if you’re not having problems with using systemd, I’d say don’t bother switching.
Systems is not the Unix philosophy, at least, not to me. It tries to handle so many different things and use cases. “One thing” normally means a small thing, and initialising everything you could ever think of is not a small thing.
the only reason to stick to one of those init systems is that you already know everything about them and you dont want to relearn a bunch of stuff.
other than that i see 0 benefits to skip systemd
Is the experience of trying new distros very cool? yes
Should you abandon systemd? no
systemd is not bloated and it’s not insecure. If you don’t have any problems, don’t switch (unless you wanna have some fun trying new things, if you do, run a vm).
You can switch to a systemd alternative, but you’ll probably be writing a LOT of bash scripts to start basic operating system services. Everything is based on systemd now because it just does a lot of things better. You’ll also need to pick a lot of software to install.
You can disable individual systemd components if you want; you can disable timesyncd and set up chrony, disable resolved and install dnsmasq or powerdns or bind or stubby, and you’re probably not even using services like systemd mounts, networking configuration, or containers.
I personally don’t get why people still prefer SystemV or other systemd alternatives on desktops and servers. If you need to ask, you’re probably not much better off.
For desktops it doesn’t make much sense, but now everything’s so oriented to systemd its actually starting to affect embedded Linux applications… so lets try our best to keep the alternatives alive.
deleted by creator
So what do you do under Linux? Browse the web?
Okeeeeeey, so who’s is stuck in their ways?
I’m on Guix which doesn’t use SystemD. Running on an MSI GS66 Stealth laptop with an Nvidia RTX¹ 3080. I browse the web, develop, run Stable Diffusion on the GPU, game using Steam and Lutris (Chivalry 2 and Diablo 4), Zoom calls for work.
Mainly this just like any other machine.
¹ or whatever the letters are these days.
I’m not recommending non-systemd inits, but in a desktop usage, I never wrote a single script with MX Linux and Alpine. Their init system just works.
Basically, if you do not see any reason to switch from systemd then you should not. The thing with systemd is that it is really big and complicated. If you just use defaults of your distro systemd works just fine, but if you want to (or have to) change something fundamental, then dealing with this monstrosity becomes a bit of pain. You basically end with the situation where you are in a war with your own PC. After some time of this, dealing with an init system that does exactly what you tell it to do feels refreshing. There is also the part, where some init systems (sysVinit and runit) boot faster then others (openRC and systemd), but it is not that significant. I use runit BTW. With my setup I spend much less time dealing with runit then I used to with systemd. That being said I still miss some of systemd features.
What distro do you use with runnit?
Void Linux
I, personally, use Void Linux, which is a ‘flagship’ runit distro. But if you want a bigger package repository, then devuan is also a good choice.
Too shit to fail.
The biggest benefit would be to learn more about how unix systems work from the ground up. I’d say if you’ve had no problems ever with systemd then just stick to it. My linux usage predates systemd (by a lot) and I just want options kept open so I’m never forced onto it against my will.
If you have to ask, no.
I say this as someone who doesn’t use systemd. There’s not much benefit to it. It’s cool to do if you’re an enthusiast or experimentalist, but from a practical stand point, systemd is most practical.
I use gentoo with openRC btw.
I don’t see any fundamental reason why systemd would be insecure. If anything, I would expect it to be less prone to security bugs than the conglomerations of shell scripts that used to be used for init systems.
The bloated argument seems to mostly come from people who don’t understand systemd init is a separate thing from all the other systemd components. You can use just the init part and not the rest if you want. Also, systemd performs way better than the old init systems anyway. I suspect many of the those complaining online didn’t really have first hand experience with the old init systems.
If a different init suits your needs better, then sure go with it. But for the vast majority of typical desktop/server stuff, systemd is probably the best option. That’s why most distributions use it.
I don’t see any fundamental reason why systemd would be insecure.
<sarcasm>You mean aside how the author answer to CVEs, right ?</sarcasm>
If anything, I would expect it to be less prone to security bugs than the conglomerations of shell scripts that used to be used for init systems.
Not sure. In the end the shell script were just an easy and consistent way to start/stop programs. If the programs were secure (read: checked the input and sanitize it, did the check for permissions and so on) there is not a big difference.
Also, systemd performs way better than the old init systems anyway.
In what regards ? Boot faster ? Fine, but on a server it does not mean anything, a server does not reboot that often; for a desktop it not that the 5 seconds you gain are a fundamental gain.
One problem I see is with the logs: it is true that the format is documented, but a text format is always readable while a binary format… (been here, done that 🤬 )
I agree those CVE responses are not great. Those are from quite a few years ago though. Has their handling of CVEs improved since?
Boot times are not that big of a deal to me either, but some people seem to care about it a lot.
I’ve never personally had any problems with binary logs. You could always forward to a different logging daemon if that’s a concern.
I’ve never personally had any problems with binary logs.
I had it and I am sure that I could have solved the problem faster if I could have solved it faster if I did not needed to first understand how to access the logs on a damaged system.
You could always forward to a different logging daemon if that’s a concern.
This does not solve the problem, it only move it to somewhere else.
In what regards ? Boot faster ? Fine, but on a server it does not mean anything, a server does not reboot that often; for a desktop it not that the 5 seconds you gain are a fundamental gain.
Are you sure it doesn’t mean anything? It means to a LOT of people.
Anyways are you aware of
systemd-analyze
and that you can profile your boot and services even with graphical representations? Have a look at https://www.apertis.org/guides/boot_optimisation/ and https://opensource.com/article/20/9/systemd-startup-configurationAre you sure it doesn’t mean anything? It means to a LOT of people.
Fine, still not understanding why something that I should run once in a while (on a server) or it is not that critical seems to be so important. Look, I had way bigger gain moving from a HDD to a SDD than switching to Systemd from the old init.
I refuse to belive that for a desktop user a 5 seconds longer boot time is that important. I could understand on a server where, if you work with it, you can have fines for downtime but even in this case it is a thing that could be handled in different ways.
Anyways are you aware of systemd-analyze and that you can profile your boot and services even with graphical representations? Have a look at https://www.apertis.org/guides/boot_optimisation/ and https://opensource.com/article/20/9/systemd-startup-configuration
Good, but I am not interested in booting my laptop 5 second faster and for my server I have not fines if it start in 20 seconds instead of 10 😁
systemd-analyze
isn’t only about reducing your boot time by 5 seconds, it’s about when you’ve problems knowing exactly what is happening and when and also about having a clear view of dependencies between services.At this point I am not that interested in these aspects, for what I need I am ok if the system boot and I can work 😀
But thanks anyway, it is a good thing to know if I ever need it.
If that’s the case you can simply run systemd configured as it comes with most distritos and enjoy.
Looks like there are some security, privacy and stability advantages. But for most people systemd should be fine.
See here for further info:
https://madaidans-insecurities.github.io/guides/linux-hardening.html#choosing-the-right-distro
https://forums.whonix.org/t/fixing-the-desktop-linux-security-model/9172/2
https://www.unixsheikh.com/articles/systemd-isnt-safe-to-run-anywhere.html
https://unixsheikh.com/articles/the-real-motivation-behind-systemd.html
https://suckless.org/sucks/systemd/
https://without-systemd.org/wiki/index_php/Arguments_against_systemd/
https://nosystemd.org/Edit: also getting dnscrypt to work with systemd is pretty tough and unreliable in my experience (debian and opensuse). See here https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Installation-linux
This could be a problem if you are planning to use encrypted dns.Yeap, it is always the same set of poorly researched links that get pasted in threads like this.
Unix philosophy, evil corporate interests, insecure, bloated, entangled mess… it is these individuals thatbhave seen the light, notnthe silent majority that does all the work in distributions and when developing software that kind of opted withbtheir feet.
not sure about the other ones, but “madaidan” (Kicksecure/Linux Hardening Guide) and Daniel Micay (Copperhead/GrapheneOS) are well known security researchers. See Daniel Micays take on Systemd:
https://old.reddit.com/r/GrapheneOS/comments/bddq5u/os_security_ios_vs_grapheneos_vs_stock_android/ekzo6c0/
https://forums.whonix.org/t/fixing-the-desktop-linux-security-model/9172/2Suckless.org’s take on systemd is pretty well researched. All sources inside.
Some other critics are Ted Tso, Torvalds, Volkerding (Slackware), … See https://en.wikipedia.org/wiki/Systemd#Reception
https://www.zdnet.com/article/linus-torvalds-and-others-on-linuxs-systemd/