----- Original Message -----
From: "Justin Brown" <justin.brown(a)fandingo.org>
To: "Development discussions related to Fedora"
<devel(a)lists.fedoraproject.org>
Sent: Thursday, June 2, 2016 1:17:22 PM
Subject: Re: systemd 230 change - KillUserProcesses defaults to yes
On Thu, Jun 2, 2016 at 1:26 PM, Ivan Chavero < ichavero(a)redhat.com > wrote:
> Well, if i'm writing a malware i'll make sure it uses systemd-run so it
keeps on running.
The point of the feature is not to prevent users from running anything in the
background. It's that *anything* the user runs has proper systemd
confinement, so it's obvious and manageable by the administrator. Without
this feature, the only reliable way to achieve the same thing is to reboot
every system.
Why does user activity need to have systemd confinment?
A well crafted script can kill user processes if desired. This is
pretty basic Unix system administration stuff.
> This default is nonsense the only thing that it really does is break stuff
> that relies on processes being executed after the user closes his session.
> Yes, there's an obscure systemd-run command that only the systemd devs
> know and can make your programs run forever but what's wrong with
"&" or
> just running "screen" to create a persistent session??
Maybe it's obscure to you, but it's foolish to suggest that it will forever
be so.
Actually it's not obscure to me i can read manuals (BTW typical ad-hominem argument),
and i follow systemd development because it's an important part of Linux systems.
If the change of every Unix manual and textbook is required to remove this from
obscurity, i'm pretty sure it will remain like that for a while...
What's wrong with your shell understanding that "&"
needs more
sophisticated handling than fork/exec* these days? There's no reason why
shells can't handle this for you, or you can setup your shell to handle it
for you. There's already been discussion about creating wrapper scripts in
Fedora for screen and tmux that autmatically handle execution via
system-run, so I'm unsure what the issue is.
Really??
I'm a little speachless here, you're suggesting that shell developers should
change the
behaviour of their software because of this default!!
¿What's the issue? There are a lot of users that expect their processes to behave
in a certain way and this introduces a big change in this behaviour, this will break
a lot of stuff.
BTW i'm not a systemd hater, i think it does pretty cool stuff but sometimes
developers take decisions that have bigger repercussions than the use case they
are trying to solve.