systemd-free Devuan Linux hits version 1.0.0 Devuan, the effort to build a systemd-free version of Debian, has released Devuan Jessie 1.0.0, a release candidate felt to be just about the finished article. In a mail sent to the project's followers the self-proclaimed “Veteran Unix Admins” behind Devuan say “This Devuan Jessie release candidate is as close as we can get to …
It's loosing the respect of large projects. The whole point of unixoid operating systems is that they avoid large projects. The largest single project in the GNU/Linux environment, for example is the Linux kernel, and that's heavily guarded. It has to be, because even innocent mistakes can easily corrupt the system. Other projects are usually small and compact with well defined scopes. (Though many GNU projects have broadened those scopes a lot in recent years.)
The idea is that the effort you need to put into software goes up exponentially when you add more lines of code. A 10k project is _much_more_ than 10 times as hard to write and maintain than a 1k project.
The problem we have now is that there is a surplus of people who want to work in "Open Source". Those people want to write code for projects to have something for their resume. Helping on an existing project is easier than starting your own, and huge projects, like systemd, need lots of work. That's why they attract lots of learners and integrate their code. Code written by people in their early years usually sucks. In the past, that code would have gotten into shareware software and would have been erased by the bit rot of the Internet. Now those bad lines of code and those bad design decisions end up in actual Open Source projects which are stored for all eternity on Github.
The result are bugs like this:
https://github.com/systemd/systemd/issues/5644
> The result are bugs like this:
> https://github.com/systemd/systemd/issues/5644
OMG. And Pottering's response is particularly priceless, too, demonstrating both his ignorance and hubris in one succinct piece of prose: erasing the entire filesystem is "not much of a problem", and "this is a unix problem" (it isn't, as pointed out by multiple other commenters).
I won't go near systemd on the simple basis that I know exactly how good Pottering's previous effort - pulseaudio - isn't. On the basis of having experienced that godawful dreck I'm not letting him anywhere near anything as critical as PID 1.
You very poorly characterise what actually happened.
Immediately after the issue was fixed by someone else, he declares the issue wasn't a problem and demonstrates a profound ignorance of the basic utilities systemd is replacing. Several people then corrected his woefully poor understanding of how rm functions.
If these are "haters" then I'm the fucking pope.
OMG. And Pottering's response is particularly priceless, too, demonstrating both his ignorance and hubris in one succinct piece of prose: erasing the entire filesystem is "not much of a problem", and "this is a unix problem" (it isn't, as pointed out by multiple other commenters).
That is just pure Poettering. As is his reaction to comments pointing out his ignorance:
@poettering poettering locked and limited conversation to collaborators Apr 17, 2017
PulseAudio. systemd.
Each to their own, but I've seen enough that I won't touch any software that has anything to do with Poettering. Kind of like "Once is a chance, twice is coincidence, third time..."
None of my Linux boxen have systemd (yes, I tried it, it can burn in hell). Luckily Centos 6 and Jessie are (or can easily be) systemd free. Looks like its time to give Devuan a try.
Christian Berger wrote
"The result are bugs like this:
https://github.com/systemd/systemd/issues/5644"
Thank you.
Until now I've been just a mildly interested observer of this debate.
However having seen the contributions from the man in question in the bug report in question, I
(a) recommend anyone who hasn't seen them yet has a look at them (it won't take long)
(b) draws their own conclusions (it won't take long)
If any sensible person still thinks that the current incarnation of systemd is a bright idea after reading that, then I'll eat my hat.
"https://github.com/systemd/systemd/issues/5644"
(I encourage everyone to read this thread, really, it's not very long)
OMG.
Based on his response, I can't believe that anyone takes this guy (and systemd) as something that has made it beyond some dead-end fork, let alone in main stream OS's used in servers.
Unbelievable.. The linux distro-world (using systemd) has gone to complete shit.
"Apache is laughing at you right about now."
Since when did Apache turn into a Unix(-like) operating system?
Some larger projects covered by the Apache foundation may target Unix(-like) environments, but that doesn't mean that those Unix(-like) environments are also involved with those Apache projects as well.
O'Really? Here's the current market share *detail* for MS and Apache from https://news.netcraft.com/archives/2017/04/21/april-2017-web-server-survey.html
Share of all sites: Apache 22% MS 44%
Share of active sites: Apache 46% MS 8%
Share of top million busiest sites: Apache 40% MS 10%
Still think "MIcrosoft IIS now has double Apache's market share" is a plausible summary of Netcrafts numbers and charts or even the article text? It is the kind of misleading Twit-sized claim many politicians would happily make, though.
Use the source, readers, always use the source:
https://news.netcraft.com/archives/2017/04/21/april-2017-web-server-survey.html
"Share of all sites: Apache 22% MS 44%
Still think "MIcrosoft IIS now has double Apache's market share" is a plausible summary of Netcrafts numbers and charts or even the article text? "
Uhm, yes. I'm pretty sure 44 is exactly double 22...
This was always the exact statistic the Apache fans used to quote.
And why Microsoft IIS now has double Apache's market share:
Maybe according to a quick glance at the linked Netcraft page (though I've edited this post to reflect another poster pointed out a better look at the Netcraft site shows otherwise). There's not many places out there that do this sort of work (with a quick check on Google anyway, others can look further if it's important enough to them)
https://w3techs.com/technologies/details/ws-apache/all/all suggests otherwise.
Site hacking must be at an all-time high. When IIS was just a teency little minnow with no defenses to speak of it was vastly more commonly hacked then Apache. Now it's a ugly large monster (still with no defenses to speak of, not like MS know what "security" is or anything) the number of targets out there is so much higher.
(I must wonder who runs Netcraft, and how much of the IIS servers they see are MS spinning up a few million VM's just to fudge the data - but then MS has never been known to falsify data or reports before have they?)
"Site hacking must be at an all-time high. When IIS was just a teency little minnow with no defenses to speak of it was vastly more commonly hacked then Apache"
IIS has always had a far better security record than LAMP stacks, and historically was about 4 time LESS likely to be hacked (allowing for market share at the time). See for instance http://zone-h.org/news/id/4737?zh=1
IIS has always had a far better security record than LAMP stacks,
You'd be a comedian if your deluded trash wasn't on such a serious topic.
Why is it that IIS gets most of the hacks despite being least used? Can't claim something is more secure when it is less widespread but most broken.
How much do they pay you to spread this crap? And how do you go to sleep at night knowing that every time someone takes your advice they're putting their livelihood, and their customer's data at risk? Or are you trying to drum up business for yourself knowing that once people get sick of how broken and insecure MS crap is, you can drop in and sell them a nice secure LAMP system? Or perhaps something based on BSD?
Compared to MS, a house with no windows or doors in the worst neighbourhood is quite secure. (Must be, it has no windows! .. Yeah yeah, I'm outta here... )
See http://zone-h.org/news/id/4737?zh=1 - old - but still true.
We have a consumer protection TV show here in NZ called "Fair Go". It's been around since 1977. Basically they do two things, 1) people can write in with complaints about shoddy businesses or behaviour by people in private deals, and FG chases up the other side and works to either get the victims money back or get a "fair deal" arranged. And they've taken on the big insurance firms, telcos an goverment agencies and won, as well as people trying to rip of their neighbours and so on. And 2) they give people warnings about scams and information on detecting them. One thing they pointed out is a lot of scammers these days are using tricks to hide their true identity. One of them is not having real details in their domain registrations.
whois zone-h.org..
[..]
Registrant Email: ZONE-H.ORG@domainsbyproxy.com
[..]
So that is who you want us to look to for your proof of how good IIS is vs how bad Apache is? Someone organisation who is so trustworthy they use a domain hiding service so you can't find out anything about them?
Your garbage gets worse by the day. That stuff MS is feeding you really is messing up your brain!
"One thing they pointed out is a lot of scammers these days are using tricks to hide their true identity. One of them is not having real details in their domain registrations."
Had it occurred to you that might also be something those associated with website hackers might want to use? A very desperate sounding and failed attempt to cast aspersions...
"Linux gets WAY more hacked when used as an internet facing server."
Zone-h counts website defacements, doesn't it?
Is there a difference between a website defacement and what most people might call a hack?
"More recent stats are actually worse for Linux!"
Then share them please, if you don't mind. Ideally based on something more widely relevant than website defacements. I realise that may be hard work, but you're the one making the claims, you're the one that needs to put up or shut up.
Otherwise people may well just assume it's the same recycled Jeff Jones material you were spouting back in (e.g.) 2013 which itself was based on rather outdated source material.
This Jeff Jones:
https://blogs.microsoft.com/microsoftsecure/author/jeffjones/page/2/
Jeff Jones who was claiming in 2007 that, after a whole six months out in the wild, Vista was more secure than Linux and OS-X?
You'd be well advised to quote any more recent references you feel may clarify matters, but in the meantime here's one from 2007, from
http://www.pcmag.com/article2/0,2817,2149851,00.asp
or there's this:
http://blogs.csoonline.com/windows_vista_6_month_vulnerability_report
Have a lot of fun.
"IIS doesn't tend to be running insecure crap like PHP..."
Case and point. So it's not Linux/Apache versus Windows/IIS security we are talking about per se; what we are really referring to is the plethora of quickly hacked up PHP apps and the like that become low-hanging bot fodder.
Saying that this is a 'Linux' issue is entirely missing the point; it's analogous to the folks that bag 'Java' as insecure without having any clue what they are actually referring to.
Unfortunately I guess this is the price to pay for a platform with such a low entry barrier.
'...now has double Apache's market share...'
If you read the full stats you linked to as opposed to cherry-picking one graph, it shows that Apache comfortably beats IIS in terms of actual use, and nginx is severely eating into the market share of both Apache and IIS. IIS actually shows a long downward trend in most of the graphs that isn't showing any signs of stopping. Take off the rose-tinted glasses and try scrolling down a bit.
"If you read the full stats you linked to as opposed to cherry-picking one graph, it shows that Apache comfortably beats IIS in terms of actual use"
Uhm, no - if you read the article - you will see actual use is 44% IIS to 22% Apache.
This exact statistic is what the Apache fans always used to quote. It's only now that IIS is market leader that you are trying to cherry pick a more limited measure!
This post has been deleted by its author
No, no, no! Use vi as your shell! :-)
From one of my passwd files:
write:x:1007:101:,,,:/home/write:/usr/bin/vi
Yes, that's really a user account that I use ... usually on a dumb terminal. I don't like distractions when I'm writing more than throw-away comments, like this one.
Let me guess: your version of vi does not support noob things like arrow keys?
Bonus points for implementing a device that sits between your VT102 keyboard (VT52 acceptable; VT220 is right out) and NOPs the arrow keys using 7400-series ICs and nothing else. Some people have an iron will, but if not it's okay to reinforce your determination with TTL logic and wire-wrap.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
