Announcement

Collapse
No announcement yet.

Systemd 246 Released With Many Changes

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #71
    Originally posted by ssokolow View Post
    whoever wrote apt search created an inferior successor from the perspective of anyone not on an SSD.)
    Considering that hard drives are on their way out, I'm not worried.

    Comment


    • #72
      Originally posted by starshipeleven View Post
      Considering that hard drives are on their way out, I'm not worried.
      Aside from me just generally not being a fan of needlessly inefficient programs, I specifically work to optimize my system to account for those most-annoying worst-case situations. (eg. I hand-optimized the shit out of my .zshrc and I even used some tricks I haven't seen anyone use before... to the point where parts of it will be skipped if the runtime exceeds 1 second.)

      Comment


      • #73
        Originally posted by ssokolow View Post
        Aside from me just generally not being a fan of needlessly inefficient programs, I specifically work to optimize my system to account for those most-annoying worst-case situations. (eg. I hand-optimized the shit out of my .zshrc and I even used some tricks I haven't seen anyone use before... to the point where parts of it will be skipped if the runtime exceeds 1 second.)
        I understand, but my fetish is GUI interfaces and I can accept lower performance if the GUI saves me the effort of remembering stuff, so we are in opposite camps I guess.
        That's the general phylosophy of OpenSUSE (and Mageia, not a derivative). Their Yast system configurator GUI is available even in ncurses (aka in true console/terminal, looks like an old BIOS setup screen) and I'm so happy about it.
        Last edited by starshipeleven; 08-04-2020, 09:20 AM.

        Comment


        • #74
          Originally posted by starshipeleven View Post
          I understand, but my fetish is GUI interfaces and I can accept lower performance if the GUI saves me the effort of remembering stuff, so we are in opposite camps I guess.
          That's the general phylosophy of OpenSUSE (and Mageia, not a derivative). Their Yast system configurator GUI is available even in ncurses (aka in true console/terminal, looks like an old BIOS setup screen) and I'm so happy about it.
          Hey, I've been editing my vimrc so the gVim menus act as a quick reference card for the various commands I don't use frequently, so I know the feeling of not wanting to remember things... but I also want the things I do remember to be lightning fast.

          That said, I definitely appreciate the "looks like an old BIOS setup screen" ncurses option. More things should have that "multiple frontends like the Linux kernel configurator" design.

          Comment


          • #75
            Originally posted by ssokolow View Post
            Fair enough. Both of these are things I've grown used to with APT anyway... they're just ways that I think Gentoo would be superior if they offered some paradigm where people in a hurry could have the option of precompiled packages. (Was there a derivative distro that did that? I thought I heard about something like that years after I'd switched to Lubuntu but before I'd switched to Kubuntu for better multi-monitor support.)
            I think that was Sabayon Linux.

            I used it for a while myself on a spare laptop because it "just worked" on some weirdly temperamental hardware. Ubuntu (and derivatives) would just kernel panic early during boot and Arch was going through a period of breaking almost every time I updated.

            Comment


            • #76
              Originally posted by starshipeleven View Post
              1. it's not exposing user information nor violating their privacy
              2. it's stuff that was more or less available already but required the container to run scripts to poke around which is much more fragile (also see the link below)
              3. it's currently always on, mimicking the behaviour of the older ways (that also was always available) but the contributor said that he will send a new patch to add controls to disable or override it https://github.com/systemd/systemd/p...ment-660631387
              How is the OS that I'm using user Information or not violating my privacy ???

              Why would I want a server that runs in a container to send infomations to clients or somewhere else over the internet with the OS and its version that I'm using.

              An attacker will already have the servers IP address of my server in the container that's most likely the same IP as the host.

              So now all that it needs to know it the host OS and it's version to find a list of security vulnerabilities.

              If I visit you house ans see that you have a very expensive TV, would you consider not violating your user privacy when I will put this information on the internet making you a potential target for thieves ?

              Every published detail about your configuration it weakens your privacy and at the same time your security.

              With systemd being so bullshit on privacy accepting Microsoft's "exposing stuff" patches, I guess I will never use containers and rely as before of Virtual machines which do not do this exposing crap of the underlying OS.

              Comment


              • #77
                Originally posted by Danny3 View Post
                How is the OS that I'm using user Information or not violating my privacy ???
                You know what user information and privacy is? It's information about USERS, about PEOPLE and what is "user information" is defined in privacy laws. OS information is not.

                So you can dislike it all you want but don't use big words you don't understand.

                An attacker will already have the servers IP address of my server in the container that's most likely the same IP as the host.

                So now all that it needs to know it the host OS and it's version to find a list of security vulnerabilities.
                I even if that was the case (and it may not be, I can set containers to use whatever IP on whatever interface, or you may have just a couple port forwards on a router so whatever comes on different ports is just dropped), it is completely pointless since the host does not expose any service on public interfaces (maybe ssh I guess, but it's not like it's a new thing or hard to detect).

                Do you know how hacking works? It works by compromising PUBLIC services, because if you send a network packet to a port and there is no application listening for it, then it's simply dropped. You don't even need a firewall if you have no application running and listening for packets on some port.

                Host (if it is made by a sane person) has no public services, all its public-facing stuff is in containers. A container has its own userspace and it is by all intents and purposes its own OS, knowing the host OS is pointless for a hacker.

                If I visit you house ans see that you have a very expensive TV, would you consider not violating your user privacy when I will put this information on the internet making you a potential target for thieves ?
                To make this example more in line with how container hosts work, Iet's say that my house has no doors or windows to get inside it or carry stuff out of it. Or that I live on the dark side of the moon, with Decepticons and scifi-Nazi.

                Why would I want a server that runs in a container to send infomations to clients or somewhere else over the internet with the OS and its version that I'm using.
                Why would it have to send information anywhere. This isn't a network-aware API so if anything is sending information out is the service you installed in the container. Why is your server application sending this info around. If you install malware in your containers it's your own problem.

                Every published detail about your configuration it weakens your privacy and at the same time your security.
                No it weakens only security, and in this case not by much (since none has yet given 2 shits about hiding the info disclosed by the script-based system).

                With systemd being so bullshit on privacy accepting Microsoft's "exposing stuff" patches
                Patches that are just standardizing how stuff is "exposed". This information has always been available from inside containers through shell scripting and parsing some ascii.

                I will never use containers and rely as before of Virtual machines which do not do this exposing crap of the underlying OS.
                Virtual machines are more secure (more layers to punch through) and easier to manage for a normal person anyway. Containers are primarily aimed at businnesses that need to maximize their hardware utilization.

                Comment


                • #78
                  Originally posted by RavFX View Post

                  You should take a look at Artix ( https://artixlinux.org/ )
                  It's arch, without le systemd (You can choose installation ISO with OpenRC or Runit or R6). That distribution is well supported.
                  That way you canb continue to use "Arch" but have choice of proper init.

                  tuxd3v
                  guildem
                  I am studying Obarun, I am planning to move on this Arch + S6 distro.

                  Comment


                  • #79
                    Typo spotted

                    Code:
                    - Tmpfs mounts automatically created by systemd such as for /tmp and /run whill now have a limit of 50% of RAM for /tmp and /dev/sdm while 10% of RAM for other mounts.
                    shoudl be /dev/shm

                    ^^
                    this is intentional

                    Comment

                    Working...
                    X