Search
Items tagged with: systemd
Ich nutze das neue (gebrauchte) #T570 aktuell für Tests von $Dingen, die ich mir auf meinen sonstigen Systemen (noch) nicht traue. Schön ist, das es halbwegs aktuelle #Hardware ist.
Aktuell teste ich die Absicherung der Boot-Chain und die Verschlüsselung der Systempartition mit #LUKS + #clevis + #systemd + #TPM2 + #SecureBoot.
Ich habe lange über die Sinnhaftigkeit gezweifelt, aber mittlerweile verstehe ich das Konzept etwas besser. Praxiserfahrung hilft mir da enorm.
Aktuell habe ich die Kombination einer 6-stelligen PIN mit dem TPM2 des #Notebooks, um die Partition zu entschlüsseln. Da erscheint mir momentan ein ausreichender Kompromis zwischen Sicherheit und Nutzbarkeit.
Jetzt schaue ich mal, wie sich das mittelfristig im Betrieb schlägt. Vor allem, ob es zu Fehlern bei Upgrades kommt, die mir potentiell den Zugriff auf das System kaputt machen könnten.
Since I moved server, I left behind my #Devuan install to restart from a #Debian 11 offered by my hosting provider which I immediately upgraded to Debian 12. This means I am back to #systemd land, and I'm already annoyed with it.
See, service mariadb [action] calls mariadb-admin that requires password-less root access (??) to localhost to do anything, which I don't allow for obvious security reasons.
On the other hand, systemctl [action] mariadb.service doesn't rely on mariadb-admin, but there's no graceful reload available either. 🤷♂️
I already miss /etc/init.d/mysqld [action].
Your #network.target is not started if it is still waiting for #IPv6 DAD.
Please do not attempt to start any service wanting network.target before all configured addresses are actually available.
I admit, I didn't imagine the depth of the obviously fractal nonsense that is systemd and "the way to go booting Linux".
#rant #ipv6-dad
The usual disclaimer:
We Devuan users don't "hate" #systemd. We just don't want to use it, for various reasons. Free Software is about choice.
https://lists.dyne.org/lurker/message/20211014.150033.e93e6ce5.en.html
How systemd promised to be great and failed all the promises
This is one damn fine article about how things have degraded to the point of #systemd being created, what the promises were and how were they broken, one by one.
What great ideas went by, how were distros forced into the palace which turned out to be a "fun-house warped-mirror room" instead. And where are we now.
And it is a shame that many programming languages are not so well backwards-compatible like #Java was. Yes, was. Until #Oracle stepped in and messed it up. I cannot launch #Payara application server under latest Java 13 version while the specification says it should. Java saves the binary version number inside the compiled
.class file so the JVM will automatically switch to the older standard. It is a shame, what Oracle did here. So I still with Payara 4.1 and #OpenJDK 8 for a little longer.Yes, off-topic. But still relevant due to incompatible upgrades.