>github.com
>Sep 22, 2015
>Currently, the "(sd-pam)"-helper runs unprivileged as the user and has a comment that pam_close_session() does not need privileges. However, is that really true? For instance, PAMName=login fails this way, as pam_systemd.so needs privilegeds to run pam_close_session()
>poettering commented on Nov 20, 2017
>I figure bugs.freedesktop.org
2 years to respond. Meanwhile:
>bugs.debian.org
>Date: Sat, 18 Oct 2014 18:33:02 UTC
> ecryptfs-utils: Private directory not automatically unmounted anymore on logout
Fast forward:
>Date: Sun, 30 Jul 2017 20:01:02 +0300
>I write this to commit the sad fact security issue of not unmounted on logout encrypted directory is still present in Debian 9 on two my laptops one i386 and another amd64
>Nobody cares? Shouldn't we raise importance? Package supplies partially _fake security_ when used most common way...
>Date: Sun, 7 Jan 2018 13:58:27 +0100
>What happens with this bug?
>I have now tried on a fresh Debian Stretch install and my home folder never gets unmounted
>Not even with the ecryptfs-umount-private.service hack
All distros with systemd and their home directory encrypted via ecryptfs are left mounted on logout.
3-year old systemd feature prevents ecryptfs unmounting and other hooks
Other urls found in this thread:
github.com
bugs.debian.org
bugs.debian.org
bugs.debian.org
wiki.archlinux.org
lists.archlinux.org
twitter.com
>github.com
>18 days ago - systemd-user doesn't properly close its PAM session
>The systemd --user instance that is started when a user first logs in (if pam_systemd is enabled) starts a subprocess "(sd-pam)" that opens a PAM session for the user
>systemd doesn't wait for the sd-pam subprocess to close the PAM session and exit but rather sends it SIGKILL. It can be killed while in the middle of pam_close_session(), so not all of the PAM hooks are guaranteed to be run
>I observed these bugs on systemd 238 and on Arch Linux, though from what I gather these bugs are already years old at this point, and affect all Linux distributions that use systemd
So in addition to the previous issues, systemd justs sends SIGKILL. Pottering's response?
>So, we got away with all this so far because [blah blah blah excuses]
>I'd strongly recommend to change the design of your package so that you do not rely on PAM session end hooks anyway
Once again, shifting the blame and issue aside.
Install gentoo. Use openrc. Never use pottering's cancerous bullshit.
God I wish I wasn't too lazy to install gentoo
topkek
Hasn't it been marked as WON'T FIX, NOT OUR BUG, NOT A BUG by Poettering?
Use Void then
>Never use pottering's cancerous bullshit.
Red Hat and systemd are at the forefront of desktop Linux. It's not hard to imagine that systemd and its spinoffs soon being synonymous with Linux. And already everyone who works in the industry as a sysadmin or similar is using systemd whether they like it or not. And Arch, which is commonly viewed as the binary alternative to Gentoo, relies on systemd.
Not going to use a tiny meme distro run by teenagers.
good thing i'm a mac
Aren't they like ponyfags to boot?
This is not a problem with CloverOS, as it is 100% Poettering free.
This bug has been closed.
-poettering
A lot of enterprise is still running on Debian Wheezy and RHEL 6
I tried installing this beautiful OS but Gentoo wouldn't render the GUI so I was stuck in booting forever. Pretty shit desu.
>the state of loonix
UMMMMM
>good thing I have no options whatsoever and don't even have coreutils installed
Why is there a thirsty cat on your background.
daily reminder that cloveros is just gentoo with a kernel module to inject spyware into your bios image
what do you expect when nsa had a huge hand in it
What choice do you have? Maybe 2 distros purely systemd free from the fbi botnet
>PID 1 was iterating through all processes in the user's cgroup, including sd-pam, and killing them.
poetteringware at its finest
Threadly reminder that systemd is free software™.
free as in slavery
I followed the guide from Without Systemd, everything works fine but the shutting down times are sometimes abysmal, full minutes, not sure why.
Something is probably hanging somewhere, it should be 30 seconds at most.
I have a fresh install now, and I'm a bit afraid to fuck things up. I guess I'll try it anyway lol
maybe something was configured wrong before
but i installed coreutils ua homebrew
Unaudtied "free" software
are you saying it's shit because it's free™?
Good thing I keep lurking these threads.
>O(n)
>not keeping track of the bad process
>not O(1)
systemDicklets will defend this and say it's faster
>Arch, which is commonly viewed as the binary alternative to Gentoo,
HHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHA
>systemd is shit
what a surprise
>not-a-bug
would have made more sense if you used "open" instead
Are you fucking retarded? Wait no, of course you are.
Sending SIGKILL to every process is going to be O(n) no matter what. Keeping a hash table or whatever retarded idea you're hinting at doesn't magically allow you signal everything in O(1). Also, there aren't even enough pids to somehow make this take more than a few milliseconds.
What happens if you send a signal to process -1 as root? Try "sudo kill -9 -1 "and see.
FreeBSD is systemd free.
I'm switching to a system-free version of Debian ASAP. This is fucking unacceptable
I've become linux addicted over the years.
But honestly, if systemd takes over, i'll just go back to windows.
At least they do some patching sometimes.
Is this a Tv screen?
It kills everything on the system. Are you saying a single user logging out should bring down the system?
But FreeBSD has the SJW CoC
Install Void. Use runit. Don't compile unless you want to.
>feature
If you're running sysvinit with encryption, one possibility is the sysvinit-sendsigs-udev-cryptsetup hang (was 90s till timeout kills it IIRC, now down to 30 or 45), which is a 3+ year bug in the combination of the 4 entities listed.
A good starting point to bang your head against the wall is
bugs.debian.org
Kludges that supposedly work:
bugs.debian.org
bugs.debian.org
If your shutdown seems to take longer than needed (30 seconds instead of 5-6), have a look at
Nope. I'm saying that despite the obvious technical issues, which are undeniable, the "botnet" claims are downright ridiculous.
Did you audit it yourself?
>Arch is the binary alternative to Gentoo
Do Arch kiddies really think this?
> Not going to use a tiny meme distro
> run by a former Netbsd maintainer
fixed for you friendo :^)
It pretty much is.
That april fools day joke they pulled was brilliant. They knew that they would get free unpaid advertizing over outrage from that pony ISO they made
>It pretty much is.
No. Even it's Firefox requires pulseaudio.
If you want something a bit like gentoo it's Void with its minimal dependencies and pretty good `xbps-src` for compiling your own and modifying everything system packages.
Ah yes, My little void. I too, enjoy having sex with horses.
Like I said, the most brilliant april fools day joke I've ever seen. You're being used as a tool to spread the word aboid void linux and don't even know it, that's also why it's funny.
Why? What makes it even remotely like Gentoo? Because the default install drops you in a terminal? That's no different from any other netinstall of any other distro. The only thing separating arch from a rolling release of any other distro is:
- Broken package manager
- Shattered rolling release, no partial upgrades allowed
- Split package managers for the AUR instead of using a sane, separate community repo
- Every compile time option is turned on for maximum bloat
- No split packages (for example vlc and libvlc are just one vlc package. Also no separate -devel or -docs or anything) again for maximum bloat.
Arch isn't even a good distro, let alone any sort of "alternative" to Gentoo. It's a script kiddie distro. All the wrong things are split, all the wrong things are merged. The end result is a massive body horror amalgamation of autism. You're better off with anything else.
>Broken package manager
Elaborate, please.
>I too, enjoy having sex with horses.
Good for you.
What does that have to do with your Linux distros?
they are both "advanced" distros
wiki.archlinux.org
There you go. If compatibility and features are bloat, then Arch gives you the ability to exercise your autism so you can split all the packages you want. There is a community repo already btw, AUR is just something extra.
Girlish Number is God tier.
GNU/Linux is free as in freedom. This means it's literally illegal to complain about it. You have only two legal options: either submit a patch or fork it.
I'm saying that the kernel supports sending the same signal to a large set of processes in a single operation; I just chose a rather dramatic example of how to do that.
SystemD doesn't have to reinvent the wheel and slowly send the same signal to a bunch of processes one at a time. Because process -1 is everything in the current process group, if they are managing them properly, they can quickly signal everything that they need to shut down in a single syscall.
Arch is no more advanced than a netinstall of any distro. And it's extreme bloat makes it less of a binary gentoo alternative than, again, literally any other netinstall on the face of the planet. Arch is not cool, elite, advanced, minimal, or any of the other memes you've fallen for.
Pacmans incapable of partial upgrades for some ABI reasons. Tbqh I haven't done a whole lot of looking into that but there are plenty of other rolling releases that don't require full system upgrades every time any package is upgraded. Because of that, there's no pinning, can't easily roll back packages if something goes wrong, all sorts of fun stuff.
At that point, you might as well just install Gentoo. Why would you even go with arch as any sort of demented "binary gentoo" if you're going to rebuild the whole thing yourself anyway?
>And it's extreme bloat
>At that point, you might as well just install Gentoo
You could. The point is Arch is not bloated
>The point is Arch is not bloated
It has more dependencies than void for pretty much every package.
Once again, in arch Firefox requires pulseaudio, in void it does not.
Did you even read my first post?
All compile time options turned on, so programs use more memory and more disk space. They don't have split packages like vlc vs libvlc, and no split packages even for stuff like -devel or -docs. And more switches flipped on means more dependencies, so you drag in even more of these bloated packages.
Arch, vs a netinstall of any other distro, is a horrible bloated mess.
Just because the possibility exists for it to not be a bloated mess does not make it not a bloated mess. If I weigh 300lbs I can't say I'm 140lbs just because "I could lose that much weight if I wanted"
Nope sorry, Arch is minimalist and not bloated at all. And it can be configured the way you want just like Gentoo.
Can't argue with autism
Btw if you're autistic about pulse, you can install it without libpulse as a dependency. All the arguments for Arch being bloated are memes at best.
Oh the irony is rich
Stupid frogposter
NetBSD is a meme operating system
How would you do that?
Arch Build System
>- Every compile time option is turned on for maximum bloat
> - No split packages (for example vlc and libvlc are just one vlc package. Also no separate -devel or -docs or anything)
>And it's extreme bloat
Arch is more bloated than Ubuntu, even the devs say so:
>lists.archlinux.org
>Arch has always been a simple distribution in terms of the developer perspective, not the user one. Using systemd made it simpler than ever in that regard because much more work is taken care of by both the systemd developers and all of the projects shipping unit files
>It has never been a minimalist distribution. Splitting packages is rare compared to other distributions, and dependencies aren't made optional whenever possible
>It has also never been a distribution offering much user freedom / choice compared to Gentoo and even Debian
>Arch is the *opposite* of a user-centric freedom. The opinion of users has no weight here. Only the developers have an opinion, and there aren't voting systems as there are in Debian
>Arch has *never* been minimalist... a Linux kernel with every module available and every feature enabled at least when there's no non-bloat related cost, feature-packed/complex GNU tools, nearly all optional features enabled across all the packages, etc
>Arch is the opposite of a distribution with lots of user freedom
>It's clearly not based on what you say it is, and *never* has been. It has always used significantly more disk space and a measurable amount of additional memory than Debian and especially Gentoo as a consequence of keeping things simple (again, from a development perspective)
Archfags will defend being at the whim of developers, they will defend being burdened with systemd as a feature. Delusional Archfags will claim a merit of Arch is "minimalism", when in fact the sole merit is it being rolling-release. You have less bloat and more freedom with a minimal install of Ubuntu.
That Micay nigger is not an Arch dev.
>Arch Build System
So, in other words, I have to recompile it to remove pulseaudio? I'd rather use the system with leaner defaults.
Also, how would you compare ABS to xbps-src? I have no experience with the former.
who gives a fuck, grow up and stop caring about shit you dislike
ABS is pretty easy. You use the asp tool to download the PKGBUILD, edit it then use makepkg to create your package. Arch's defaults are sane and meant to work with whatever hardware you want to put it on out of the box. If having packages that are .02Mb bigger than what they could be is a problem, you can just use ABS to change the packages and get exactly what you want.
CloverOS still has libatasmart which was written by Poettering.
Posted the wrong pic
How do you know? He speaks with some authority, and other emails show he is a programmer and familiar with Linux. Regardless, he was policing the mailing lists against criticism. And notice all the gmail addresses - discoursing with Archfags will lead your emails straight to google servers. Arch wiki has a page dedicated to Steam, to Netflix, and to many other proprietary non-freedom software. Arch ships blobs. Arch and its users are an enemy of freedom.
>who gives a fuck
Topic of this thread. In the age of locked-down proprietary operating systems (including Android), desktop Linux remains the last bastion of freedom. Arch doesn't want you to have freedom, it wants its devs to have an easy job.
>How do you know?
They have a list of devs on the website. That Micay guy is behind the termite emulator and some other small projects, not an Arch dev.
>Arch doesn't want you to have freedom, it wants its devs to have an easy job.
False dichotomy
>it's a freetard thinks giving people the option to install whatever software they wan't isn't freedom episode
>False dichotomy
It's not when the alternatives reduce the merits of Arch to none. You're using Arch because you fell for a meme (and the meme is real, because many an Arch user will tout building your system from scratch as exclusive to Arch, when in fact most distros offer some form of minimal install where you can be dropped into a shell and do the same) and/or agree with the release modal. Once you start breaking that apart from what the devs dictate, you might as well use another distro.
Proprietary software is mutually exclusive with freedom. It fosters dependency. It creates monopolies. When the end user requires something like, say, Steam, it becomes synonymous with their version of a desktop OS. There's no freedom in that, just like there's no freedom in Android and the Google ecosystem despite it being open-source at its core.
You're saying I fell for a meme while arguing against the freedom to choose the software you want because that's not real freedom.
>wah systemd doesnt support encrypted homes properly
fuck off pedo
>home directory encrypted via ecryptfs
You're doing it wrong.
>Don't like the defaults? Literally just compile the whole system yourself!
Or, you could do a non-autistic thing like:
Actually use a system with sane defaults in the first place
Use Gentoo where you can pick what you want in the first place.
No? Are you proposing that the kernel gets a new syscall just to support systemd?
The only things kill(2) allow is signalling everything or signalling everything in a process group. It makes no sense to assume or enforce that every single process of a user is in a single process group, when any arbitrary process is capable of creating its own process group. Furthermore, if you knew what process groups are used for, you would know that that completely defeats the purpose of process groups in the first place. It's a convenience mechanism for shell job management, not an optimization for sending signals to multiple processes. Do you know how pkill works? It iterates over every single process. There is nothing inefficient about it.
> using eCryptfs
Seriously, just use LUKS with FDE.
eCryptfs is crap; it doesn't even key properly (shit unlocks even with proper key); which means you can accidentally encrypt with different passwords.
Honestly, it's garbage. If your'e going to complain about a superior init system breaking you're too stupid to complain.
Enjoy your "home" directory encryption. Meanwhile logs, kernel, etc aren't encrypted.
> muh security
Trying to make Arch not bloated is like trying to run DOOM on your printer. Sure it might be a fun exercise if you're really that bored but if you don't like bloat then you're wasting your time trying to cut against the grain by trying to force a fundamentally bloated system into something resembling sane.
GParted even handles LUKS on new versions now. It should make it to Debian 10 no problem.
I must admit, I did start once upon a time with eCryptfs... But quickly abandoned that shit.
Have been using luks FDE with Mint/Ubuntu past 4 years.
>PAM close hooks
>eCryptfs /home directories
what the fuck century is this?
Interesting.
With xbps-src I'm basically having a local copy of all the packages (in something like PKGBUILD forms).
I think I'll check it out.