----- Original Message ----- > From: "Justin Brown" <justin.br...@fandingo.org> > To: "Development discussions related to Fedora" > <devel@lists.fedoraproject.org> > Sent: Thursday, June 2, 2016 1:17:22 PM > Subject: Re: systemd 230 change - KillUserProcesses defaults to yes > > On Thu, Jun 2, 2016 at 1:26 PM, Ivan Chavero < ichav...@redhat.com > wrote: > > Well, if i'm writing a malware i'll make sure it uses systemd-run so it > keeps on running. > > The point of the feature is not to prevent users from running anything in the > background. It's that *anything* the user runs has proper systemd > confinement, so it's obvious and manageable by the administrator. Without > this feature, the only reliable way to achieve the same thing is to reboot > every system.
Why does user activity need to have systemd confinment? A well crafted script can kill user processes if desired. This is pretty basic Unix system administration stuff. > > > This default is nonsense the only thing that it really does is break stuff > > that relies on processes being executed after the user closes his session. > > Yes, there's an obscure systemd-run command that only the systemd devs > > know and can make your programs run forever but what's wrong with "&" or > > just running "screen" to create a persistent session?? > > Maybe it's obscure to you, but it's foolish to suggest that it will forever > be so. Actually it's not obscure to me i can read manuals (BTW typical ad-hominem argument), and i follow systemd development because it's an important part of Linux systems. If the change of every Unix manual and textbook is required to remove this from obscurity, i'm pretty sure it will remain like that for a while... > What's wrong with your shell understanding that "&" needs more > sophisticated handling than fork/exec* these days? There's no reason why > shells can't handle this for you, or you can setup your shell to handle it > for you. There's already been discussion about creating wrapper scripts in > Fedora for screen and tmux that autmatically handle execution via > system-run, so I'm unsure what the issue is. Really?? I'm a little speachless here, you're suggesting that shell developers should change the behaviour of their software because of this default!! ¿What's the issue? There are a lot of users that expect their processes to behave in a certain way and this introduces a big change in this behaviour, this will break a lot of stuff. BTW i'm not a systemd hater, i think it does pretty cool stuff but sometimes developers take decisions that have bigger repercussions than the use case they are trying to solve. -- devel mailing list devel@lists.fedoraproject.org https://lists.fedoraproject.org/admin/lists/devel@lists.fedoraproject.org
