Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230

 

 

 

su limitations and systemd

Here you can discuss every aspect of Debian. Note: not for support requests!
Message
Author
go4linux
Posts: 19
Joined: 2011-12-02 04:56
Has thanked: 1 time

su limitations and systemd

#1 Post by go4linux »

https://tlhp.cf/lennart-poettering-su/

Now looking at the bug report it seems that su does have problems. What I don't understand is why move it to systemd.
Is there some merit to it or it's time to move to FreeBSD?

User avatar
Head_on_a_Stick
Posts: 14114
Joined: 2014-06-01 17:46
Location: London, England
Has thanked: 81 times
Been thanked: 132 times

Re: su limitations and systemd

#2 Post by Head_on_a_Stick »

I love the idea of this -- I'm tempted to change my Arch system to track [testing] so I can play with it :)

(Posted from FreeBSD 10.2)
deadbang

User avatar
golinux
Posts: 1579
Joined: 2010-12-09 00:56
Location: not a 'buntard!
Been thanked: 1 time

Re: su limitations and systemd

#3 Post by golinux »

Let's bring some balance to this thread:

https://lists.dyne.org/lurker/message/2 ... 9a.en.html
May the FORK be with you!

User avatar
Head_on_a_Stick
Posts: 14114
Joined: 2014-06-01 17:46
Location: London, England
Has thanked: 81 times
Been thanked: 132 times

Re: su limitations and systemd

#4 Post by Head_on_a_Stick »

^ :lol:

Good one golinux...
deadbang

User avatar
golinux
Posts: 1579
Joined: 2010-12-09 00:56
Location: not a 'buntard!
Been thanked: 1 time

Re: su limitations and systemd

#5 Post by golinux »

I love this quote from a recent post in that thread. Sums up the crux of the systemd problem nicely:
I completely understand that Poettering prefers to write something like
"su is a broken concept" when he really means "What this program does is
not what I'd like it to do and I'd like it to do things it doesn't do
and since it wasn't written by me, it's not working in the way it had
worked had I written the code."
May the FORK be with you!

go4linux
Posts: 19
Joined: 2011-12-02 04:56
Has thanked: 1 time

Re: su limitations and systemd

#6 Post by go4linux »

Well, as I said, you can say the solution is bad, but if you look at the report:

https://github.com/systemd/systemd/issues/825

su is not perfect, is it? I don't think you can say "I'd like it to do things it doesn't do". Personally I never had problems with it, but it's not that I do fancy things.
To me the question is more why put it into systemd. What's wrong with fixing the current su?

millpond
Posts: 698
Joined: 2014-06-25 04:56

Re: su limitations and systemd

#7 Post by millpond »

golinux wrote:Let's bring some balance to this thread:

https://lists.dyne.org/lurker/message/2 ... 9a.en.html
The brat has gone *too* far this time.

The basic command and control function of Linux to be subverted by a wunkerkind best known for kludgy audio programs?

The kiddie has been given the keys to the RH\Debian candy shop.

go4linux
Posts: 19
Joined: 2011-12-02 04:56
Has thanked: 1 time

Re: su limitations and systemd

#8 Post by go4linux »

millpond wrote:The brat has gone *too* far this time.
Please let's not start another "Lennart is an idiot" thread.
millpond wrote:The basic command and control function of Linux to be subverted by a wunkerkind best known for kludgy audio programs?
I don't mind, if he has a point. But so far I have only seen 1/2 of it
millpond wrote:The kiddie has been given the keys to the RH\Debian candy shop.
Well, it's actually a much bigger shop than that. Important reason for me to switch to FreeBSD.

User avatar
dasein
Posts: 7680
Joined: 2011-03-04 01:06
Location: Terra Incantationum

Re: su limitations and systemd

#9 Post by dasein »

golinux wrote:I love this quote from a recent post in that thread. Sums up the crux of the systemd problem nicely:
Personally, I liked this one even better:
Having a privilege escalation subsystem [inside] PID 1 is nonetheless still stupid.
Even if one imagines that su is fundamentally "broken" (a point I do not actually concede), it's unclear to me how that even remotely translates into "the {only|optimal|appropriate} fix is to subsume it into PID 1."

I'm still on my first coffee, so maybe I'm missing something, but I can't see any upside. At all.

Maybe someone can explain it.
Last edited by dasein on 2015-08-30 16:19, edited 1 time in total.

User avatar
buntunub
Posts: 591
Joined: 2011-02-11 05:23

Re: su limitations and systemd

#10 Post by buntunub »

dasein wrote:
I'm still on my first coffee, so maybe I'm missing something, but I can't see any upside. At all.

Maybe someone can explain it.
The upside to this is that many people who were on the fence before will now starting to wake up and get in the fight. Even if you (for some absolutely perverse reason) do not care about escalation privlidges moving into PID1, I think most people can see that this kid has far too much say into what Linux is and how it will work going into the future.

User avatar
keithpeter
Posts: 502
Joined: 2009-06-14 08:06
Location: 5230n 0155w

Re: su limitations and systemd

#11 Post by keithpeter »

If you want a root session that has no inheritance from your user session, can't you just log in to a tty as root?

(I'm assuming that the

Code: Select all

$ su -
functionality will still be present, and the systemd people have simply added a command to their system, perhaps for automation reasons, so basically no big deal :shrug:)

User avatar
alansmithee
Posts: 41
Joined: 2013-02-02 08:02

Re: su limitations and systemd

#12 Post by alansmithee »

go4linux wrote:Well, as I said, you can say the solution is bad, but if you look at the report:

https://github.com/systemd/systemd/issues/825

su is not perfect, is it? I don't think you can say "I'd like it to do things it doesn't do". Personally I never had problems with it, but it's not that I do fancy things.
I disagree. Mr Poettering seems to think 'su' is supposed to initiate a new login session, but that is not what the command does -- it changes the user within the current session. If 'su' started a new session, killing the original session would not terminate the processes of the new session.

Starting a new session is in some cases a desirable thing -- which is why it is (has always been) available, through switching ttys or through the DMs (xdm/gdm/kdm) -- but that does not mean that all commands that don't start new sessions are flawed.
'alansmithee' is the user formerly known as 'saulgoode'.

go4linux
Posts: 19
Joined: 2011-12-02 04:56
Has thanked: 1 time

Re: su limitations and systemd

#13 Post by go4linux »

alansmithee wrote:I disagree. Mr Poettering seems to think 'su' is supposed to initiate a new login session, but that is not what the command does -- it changes the user within the current session. If 'su' started a new session, killing the original session would not terminate the processes of the new session
Well, there is the option -l for su, which according to the documentation:
Start the shell as a login shell with an environment similar to a real login
alansmithee wrote:Starting a new session is in some cases a desirable thing -- which is why it is (has always been) available, through switching ttys or through the DMs (xdm/gdm/kdm) -- but that does not mean that all commands that don't start new sessions are flawed.
So you are basically excluding the possibility to have a real login session (whatever that means) from a regular xterm.

go4linux
Posts: 19
Joined: 2011-12-02 04:56
Has thanked: 1 time

Re: su limitations and systemd

#14 Post by go4linux »

dasein wrote:Even if one imagines that su is fundamentally "broken" (a point I do not actually concede), it's unclear to me how that even remotely translates into "the {only|optimal|appropriate} fix is to subsume it into PID 1."
To me it's unclear why this has to be done this way. Your system has been started; you have no extra services to start and stop. Why do you need systemd?

User avatar
dasein
Posts: 7680
Joined: 2011-03-04 01:06
Location: Terra Incantationum

Re: su limitations and systemd

#15 Post by dasein »

Okay, that's twice now...

Did I mistype a word? Misspell? Drop? (If so, I'm missing it, even on multiple readings.)

What you're attributing to me is exactly the opposite of what I wrote.

:?

go4linux
Posts: 19
Joined: 2011-12-02 04:56
Has thanked: 1 time

Re: su limitations and systemd

#16 Post by go4linux »

dasein wrote:Okay, that's twice now...

Did I mistype a word? Misspell? Drop? (If so, I'm missing it, even on multiple readings.)

What you're attributing to me is exactly the opposite of what I wrote.

:?
can you be more specific?

User avatar
Head_on_a_Stick
Posts: 14114
Joined: 2014-06-01 17:46
Location: London, England
Has thanked: 81 times
Been thanked: 132 times

Re: su limitations and systemd

#17 Post by Head_on_a_Stick »

dasein wrote:I can't see any upside. At all.

Maybe someone can explain it.
Personally, I like the integration of `machinectl` with systemd-nspawn which will make it much simpler for me to set up and use Debian containers without messing around with debootstrap (or Docker).
deadbang

Wheelerof4te
Posts: 1454
Joined: 2015-08-30 20:14

Re: su limitations and systemd

#18 Post by Wheelerof4te »

go4linux wrote:https://tlhp.cf/lennart-poettering-su/

Now looking at the bug report it seems that su does have problems. What I don't understand is why move it to systemd.
Is there some merit to it or it's time to move to FreeBSD?
No, no problems with ''su'' here. But systemd has broken my rig when i first did an upgrade of Wheezy->Jessie. I couldn't reboot or shutdown the computer, it just hanged there till I did hard poweroff.

So, yeah, when will this upgrade affect us currently on Jessie? So I can revert to Wheezy if it's gona be soon. Primary reason I switched to GNU/Linux was to get away from viruses that plagued my Winblows and to use a working, fast OS on an old Dell.

Off-topic: Nice to meet you all. I've been using Debian GNU/Linux for a while and have been visiting this forum to learn some things. This topic urged me to register and do what I can to support clean, non-bloated OS.

User avatar
Head_on_a_Stick
Posts: 14114
Joined: 2014-06-01 17:46
Location: London, England
Has thanked: 81 times
Been thanked: 132 times

Re: su limitations and systemd

#19 Post by Head_on_a_Stick »

Wheelerof4te wrote:So, yeah, when will this upgrade affect us currently on Jessie?
Never.

It has just been introduced with version 225 of systemd and jessie is "stuck" on version 215.
deadbang

Wheelerof4te
Posts: 1454
Joined: 2015-08-30 20:14

Re: su limitations and systemd

#20 Post by Wheelerof4te »

^Thank you for a quick answer, that reassured me to stick with my Jessie :)

I knew that Debian stable versions don't upgrade packages, except security and major bug fixes, but I had fears that it may surprise us as ''proposed'' upgrade.

Post Reply