No systemd - Resources against systemd and alternatives (original) (raw)
What is systemd?
systemd claims to be a good and modern replacement for SysVinit — a so called init daemon. Usually the init daemon is the first process spawned by the kernel and thus has the PID #1 and is responsible for spawning other daemons which are necessary for the OS to operate, e.g. networking, cron, syslog etc.
List of init daemons*:
- systemd
- SysVinit (home)
- OpenRC (home)
- runit (home)
- s6 (home)
- Shepherd (home)
- finit (home)
- Hummingbird (repo)
- superd (repo)
- 31init (repo)
- Dinit (repo)
- procd (repo)
- uselessd (repo; inactive)
- Upstart (home; inactive)
- InitNG (repo; inactive)
- cinit (home; inactive)
- minit (home; inactive)
- Epoch (home; inactive)
- dmaster (repo)
*inactive: No development activity has occurred for several years.
What is so bad about systemd?
Notable bugs and security issues:
- Datadog outage costing 5 million dollars caused by systemd upgrade
- Widespread outage was caused on Azure, when systemd 237-3ubuntu10.54 was published to the bionic-security pocket (instances could no longer resolve DNS queries, breaking networking)
- #437: timeX.google.com provide non standard time
- #1143: PID1 getting stuck printing "systemd[1]: Time has been changed" continuously
- #1312: restarting systemd service on dependency failure
- #1596: journalctl -r -n flags incorrectly processed
- #2402: Mount efivarfs read-only
- #2460: Showing status of service via systemctl is slow (>10s) if disk journal is used
- #4863: systemd-journald drops all bytes after '\0'
- #5644: tmpfiles: R! /dir/.* destroys root
- #6237: systemd can't handle the process privilege that belongs to user name starts with number, such as 0day
- #6369: hostnamed does not like fqdns with trailing dots
- #6381: systemd-cryptsetup: Booting with encrypted root partition fails instantly
- #6478: `systemctl` should not consider active->failed as a successful operation
- #6620: services writing to stdout become silent after journal restart
- #7184: resolved: fix loop on packets with pseudo dns types (CVE-2017-15908)
- #8579: systemd breaks my mouse
- Out-of-Bounds write in systemd-networkd dhcpv6 option handling (CVE-2018-15688)
- #6078: Applying systemd-networkd configuration disconnects all other interfaces
- System Down: A systemd-journald exploit (CVE-2018-16864, CVE-2018-16865, and CVE-2018-16866)
- #11810: Can't suspend again after suspending one time (explanation why this is bad)
- Systemd user manager interferes with ecryptfs - private directory not being unmounted (also umount of ecryptfs does not automatically clear the keyring and ecryptfs-utils: Private directory not automatically unmounted anymore on logout)
- #2913: journald is unable to attribute messages incoming from processes that exited to their cgroup, due to /proc vs SCM_CREDS race
Other issues arising around systemd:
- systemd will be able to kill a process if he needs/wants more RAM
- We need to enforce the use of systemd to everyone, by the creator of systemd itself.
- systemd kills background processes after user logs out (see also: [RFE] add a way to run in a new systemd scope automatically)
- Don't panic, but Linux's Systemd can be pwned via an evil DNS query
- Systemd Could Fallback to Google DNS?
- DNS search domain not removed from resolv.conf on disconnect
- systemd does not respect system wide resource limits
How do I get rid of systemd?
Replace systemd with an alternative init system:
Linux distributions without systemd:
Alternatively you can use Linux distributions which do not use systemd by default:
A good summary about most of the beforementioned distributions can be found here.
BSD alternatives:
You can also consider changing to BSD derivatives:
