Systemd Notes

A few months ago I gave a lecture about systemd for the Linux Users of Victoria. Here are some of my notes reformatted as a blog post:

Scripts in /etc/init.d can still be used, they work the same way as they do under sysvinit for the user. You type the same commands to start and stop daemons.

To get a result similar to changing runlevel use the “systemctl isolate” command. Runlevels were never really supported in Debian (unlike Red Hat where they were used for starting and stopping the X server) so for Debian users there’s no change here.

The command systemctl with no params shows a list of loaded services and highlights failed units.

The command “journalctl -u UNIT-PATTERN” shows journal entries for the unit(s) in question. The pattern uses wildcards not regexs.

The systemd journal includes the stdout and stderr of all daemons. This solves the problem of daemons that don’t log all errors to syslog and leave the sysadmin wondering why they don’t work.

The command “systemctl status UNIT” gives the status and last log entries for the unit in question.

A program can use ioctl(fd, TIOCSTI, …) to push characters into a tty buffer. If the sysadmin runs an untrusted program with the same controlling tty then it can cause the sysadmin shell to run hostile commands. The system call setsid() to create a new terminal session is one solution but managing which daemons can be started with it is difficult. The way that systemd manages start/stop of all daemons solves this. I am glad to be rid of the run_init program we used to use on SE Linux systems to deal with this.

Systemd has a mechanism to ask for passwords for SSL keys and encrypted filesystems etc. There have been problems with that in the past but I think they are all fixed now. While there is some difficulty during development the end result of having one consistent way of managing this will be better than having multiple daemons doing it in different ways.

The commands “systemctl enable” and “systemctl disable” enable/disable daemon start at boot which is easier than the SysVinit alternative of update-rc.d in Debian.

Systemd has built in seat management, which is not more complex than consolekit which it replaces. Consolekit was installed automatically without controversy so I don’t think there should be controversy about systemd replacing consolekit.

Systemd improves performance by parallel start and autofs style fsck.

The command systemd-cgtop shows resource use for cgroups it creates.

The command “systemd-analyze blame” shows what delayed the boot process and
systemd-analyze critical-chain” shows the critical path in boot delays.

Sysremd also has security features such as service private /tmp and restricting service access to directory trees.

Conclusion

For basic use things just work, you don’t need to learn anything new to use systemd.

It provides significant benefits for boot speed and potentially security.

It doesn’t seem more complex than other alternative solutions to the same problems.

https://wiki.debian.org/systemd

http://freedesktop.org/wiki/Software/systemd/Optimizations/

http://0pointer.de/blog/projects/security.html

Cooling Phones

According to the bureau of meteorology today is 39C. But mad dogs and Ingressmen go out in the midday sun, so I took advantage of some spare time to capture a couple of portals.

After that my phone battery was apparently at 46C and my phone refused to charge.

It seems that in addition to the range of hardened phone cases we need some cooling cases for phones. A case that contained a substance with a melting point of 39C wouldn’t melt from body heat but would set an upper limit on the phone temperature. A peltier device probably wouldn’t work as it would take too much power (and the batteries supplying the power would produce more heat).

I think that the phones with an aluminium back are the best design. Aluminium is light, reflective (unlike the black plastic which is so common), and conducts heat better than most things. A phone shell made of copper probably isn’t viable due to copper being dense and soft.

Another problem is the need for third party cases to protect against damage. If the phone companies designed phones to be solid, rubbery at the edges (to bounce not break) and so that the screen didn’t touch the surface when the phone is face down then we could avoid phone cases which also act as thermal insulation.

I am a bit disappointed in Samsung. I could understand Nokia making phones that don’t survive the heat well, but I don’t think that Korea is that much cooler than Australia. A phone that works well on the hottest day of summer in Seoul should do better than my Galaxy S3.