From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=-1.1 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,MAILING_LIST_MULTI autolearn=ham autolearn_force=no version=3.4.4 Received: (qmail 23664 invoked from network); 3 Aug 2022 17:19:35 -0000 Received: from alyss.skarnet.org (95.142.172.232) by inbox.vuxu.org with ESMTPUTF8; 3 Aug 2022 17:19:35 -0000 Received: (qmail 12930 invoked by uid 89); 3 Aug 2022 17:19:59 -0000 Mailing-List: contact supervision-help@list.skarnet.org; run by ezmlm Sender: Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Received: (qmail 12923 invoked from network); 3 Aug 2022 17:19:59 -0000 Date: Wed, 03 Aug 2022 17:19:23 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=so.dang.cool; s=protonmail2; t=1659547170; x=1659806370; bh=ZmTtHS40TqRBMEhgAp5F8vutHxNeuWYqeIqBGyK+WoQ=; h=Date:To:From:Cc:Reply-To:Subject:Message-ID:In-Reply-To: References:Feedback-ID:From:To:Cc:Date:Subject:Reply-To: Feedback-ID:Message-ID; b=FkeACvf/2tproHv+jsUlBsmrl5MlQAYFP7Eg+7LPZVf9rRicaA+2DBhqWls5z6Kfd C4FvJF96q/yXgg+ngaIOpedlyPtp9JawMRWj8UgvYOsfqdpK+ft1Wl5YpFFGJdpdw4 e/ZYNtvkKycNh8n6qSbssrio+JquMI9w/opT7UfcK8RNrZP7a7KDoRTsGMi/ixhGU8 1TJESN7GxBy7H3M9omVjqPNhCUek6jl5OR6x3RqjiXfxhYz2DqrJVhgynctFASpX0j Lla2rnzeLlYe94XMGWdEWwB8AGzvEFEJrYVvU2fNc1QWhHUknkeC0xPFaf3Bsvv3+/ Op4BZG4KFBivQ== To: Steve Litt From: "J.R. Hill" Cc: dng@lists.dyne.org, supervision@list.skarnet.org Reply-To: "J.R. Hill" Subject: Re: Be prepared for the fall of systemd Message-ID: <75OjPiNdg7k-TrGOB10JwBnln7qJjJRtcsOdg1Dm_gk72TwWJ2Te1njPOEgXz-khoRDvkvqjOfB2kUNj5_iAXtoHivgeGVZwoUzvQod4vIo=@so.dang.cool> In-Reply-To: <4234078aeca178d4b1b5136a9463617d97cef66b.camel@troubleshooters.com> References: <4234078aeca178d4b1b5136a9463617d97cef66b.camel@troubleshooters.com> Feedback-ID: 39210498:user:proton MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable There are a few things that need to be in place for a smooth transition. For general trust in the project... 1. the init system itself should be maintained by more than a single human. 2. the maintainers should be willing to respond to a large audience. (If a = project is used widely across distributions and is critical to operation an= d security, it'll attract attention from armies of newbies and large cloud = corporations alike.) This means there needs to be an ability to move slow (= maintain backwards compatibility) and also to move fast (in security situat= ions) 3. the project should be available from some trusted platform with versioni= ng and source history. For ease of transition... 4. many init scripts need to exist, or they need to be trivial to write. I'll give some thoughts on runit: I'll start by saying that I've used Void linux for a few years now, and I l= ove using runit. It's simple, it works, and it's understandable. That's the= opposite of my experience with systemd. I'm not passionately against syste= md (or the developers, or RedHat, or even IBM), and I think systemd is tech= nically impressive and ambitious. But also I don't really want to use it or= anything like it. > It's maintained by the Void Linux project... Unfortunately I don't think this is true. It's used by Void, but we're pack= aging it by building from the source tarball like anyone else. https://github.com/void-linux/void-packages/blob/master/srcpkgs/runit/templ= ate#L12 They do, in effect, drive the maintenance or creation of runit scripts. In = the event that we wanted to move many distros to runit, there are many exam= ples of runit scripts to either copy or use (#4). Also it might go without = saying, but the scripts themselves are trivial to write anyway. If I consider runit for my other points above, it doesn't look so hot. I don't see evidence that runit is maintained by more than a single person = (#1), and given that the mailing list archive seems to be down... (And usin= g the "wayback machine" archives it looks like it's been down for more than= a year) it doesn't give me a lot of confidence that the maintainer is read= y to respond to large audiences (#2). Also, the source is distributed as a = single snapshot tarball on a personal website. There's no shasum, no GPG si= gnature, no revision history, etc, which also doesn't give me a ton of conf= idence (#3). I don't care about seeing a lot of development activity or eve= n recent activity, runit is simple. But especially for security reasons it'= s important to know the history of a project, like exactly which version ha= s vulnerable code introduced and which version has a fix. Now, I really really like runit, but I don't think it's ready right now. Fo= r runit to be a broadly-attractive alternative, it needs a few small things= : to move to some source control system (git/mercurial/etc) where more than= one person has access, and the maintainers have to be reasonably responsiv= e. Without that, I think FUD around runit is probably justified. (Of course= , we can always take the tarball and shove it in github/gitlab/etc, that wo= uldn't be the end of the world) I don't know enough about S6 (using it, or the project) to comment on it. -- J.R. Hill ------- Original Message ------- On Monday, August 1st, 2022 at 07:21, Steve Litt wrote: > Hi all, > > As I said in a previous message, I see sentiment very slowly turning agai= nst > systemd. If systemd keeps losing popularity, I have no doubt the corporat= e > carpetbaggers will try to force an even worse atrocity on us, so we need = to be ready > this time and not have the argument centered on a false choice. > > I see two init systems ready to take the baton and run with it: > > * Runit > * S6 > > Runit is the simplest init system other than /bin/bash or an rc script. I= t's > maintained by the Void Linux project, so hit hard at the FUDdists who cla= im runit is > unmaintained. > > S6 is advancing full speed to a complete solution, implementing all the b= est > features of systemd, but these features are voluntary and separable. If y= ou want top > quality, choice and performance, and are willing to accept a little more = complexity > (but sane complexity), S6 plus its service manager is the way to go. In m= y opinion, > S6 plus its service manager offers more than OpenRC, and IMHO it's easier= to > configure/manage. > > If and when systemd falls, we need to be ready, so we can get the right i= nit system, > instead yet another corporate sponsored Rube Goldberg Machine. > > SteveT