←back to thread

InitWare, a portable systemd fork running on BSDs and Linux

(github.com)
167 points sunshine-o | 2 comments | 03 Apr 25 12:11 UTC | HN request time: 0s | source
Show context
exceptione ◴[03 Apr 25 17:18 UTC] No.43572744[source]
The list of dropped components is quite large. The cryptsetup, cryptenroll, unified kernel images, kernel signing and systemd-boot work nicely together.

I think Systemd has a view that those things should reliably work together. I do not fancy a revival of the past where the user has to cobble a mesh of hopefully compatible libraries to achieve the same, taking weeks to study the Arch manual and resolving tons of gotcha's, all to be broken by next week's update.

The integration of all this stuff is now actively under test and maintenance with systemd.

And yes, the mentioned services also have an impact on the scope of service managing. Because if you have a unit that depends on a disk that needs to be unencrypted, this has to be resolved somehow in the right time.

I personally have had no need for systemd-resolved, but I think for *desktop* the list of droppable components is not large.

So maybe we should first have a conversation about the *desktop* vs *container-os* purpose?

replies(5): >>43573274 #>>43573308 #>>43573459 #>>43575409 #>>43576185 #
DrillShopper ◴[03 Apr 25 18:21 UTC] No.43573459[source]
> The cryptsetup, cryptenroll, unified kernel images, kernel signing and systemd-boot work nicely together.

This has not been my experience across Debian and Arch

replies(3): >>43573589 #>>43574196 #>>43578459 #
donnachangstein ◴[03 Apr 25 19:23 UTC] No.43574196[source]
That's because Debian 'stable' has a half-assed implementation of systemd, frozen in time on some ancient version. So you are stuck waiting years between upgrades. Bookworm finally supports the crypto functions.

Arch OTOH was where these functions first worked out of the box.

replies(1): >>43574966 #
bogantech ◴[03 Apr 25 20:28 UTC] No.43574966{3}[source]
> frozen in time on some ancient version.

Yeah that's a feature of Debian stable

replies(2): >>43575746 #>>43581058 #
1. donnachangstein ◴[03 Apr 25 21:35 UTC] No.43575746{4}[source]
It stops being a feature and becomes a bug bordering on retardation when they purposefully ship broken software.

First example coming to mind, TLS is broken in the version of OpenSMTPD that ships with Debian Stable.

Yes you read that correctly.

The version of OpenSMTPD in Debian Stable does not have functioning TLS. It's also not well documented why this is, things just don't work and you are forced to discover why.

It has to do with a broken dependency on their ancient version of OpenSSL. They refuse to patch it because muh stability - it requires a version jump. So you are forced to jump through hoops and install a newer version from backports if you expect TLS to work on your SMTP server.

replies(2): >>43577140 #>>43581638 #
2. ◴[04 Apr 25 00:37 UTC] No.43577140[source]