On 26/12/11 18:15, Anders Johansson wrote:
Besides which, the whole notion of tamper proof logs is silly from the start - there is just no such thing. If I achieve root on a system, I have access to every single key used to cryptographically sign anything (no, there can't be passwords for autonomous daemons, at best the password has to be typed in on boot, but after that the key will be available in RAM for root to read).
And with the keys, I can generate any log you care to examine, and you won't be able to tell the difference.
There is no PK in journald, the tamper resistant part is inspired in something very similar to git.
Sure, you can get around it, by limiting what root can do, or logging to another system, or to hardware unchangeable output such as a printer, but then you can do that with any logging system.
Besides besides which, a new kind of logging system is hardly a valid argument in favour of ripping out the entire core infrastructure of the system.
And what would be ripped exaclty ? you can still use syslog...
I still propose that we drop systemd completely
That's sums up all arguments I have heard agaisnt systemd "I do not like it", "it much work", etc..googling sadly reveals zero reasonable technical arguments against it, all you see falls into the following categories (and I googled a lot. before jumping into this ship) - Appeals to tradition --> we do things this way and works. - ad hominems --> Lennart is an ass, blabla.. - ad portability --> it is not portable therefore sucks, that the most utter bullshit frecuently heard from the BSD crowd. Portability in reality means "A whole bunch of code and ugly hacks to make it work in your obscure system" (just take a look at openssl in example) - People that claim cgroups are ugly/broken, wrong choir !! that's something to complain to kernel developers. - In general lack of understanding what systemd really does. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org