back to article Create a user called '0day', get bonus root privs – thanks, Systemd!

To obtain root privileges on a Linux distribution that utilizes systemd for initialization, start with an invalid user name in the systemd.unit file. Linux usernames are not supposed to begin with numbers, to avoid ambiguity between numeric UIDs and alphanumeric user names. Nevertheless, some modern Linux distributions, like …

  1. cbars Silver badge

    Arghhhhhhhhhhhhhhhhhhhhhhhhhhhhhhh

    Fucking Poettering.

    That is all.

    1. Graham Dawson Silver badge
    2. thames

      This is classic Poettering. "I never make mistakes, if it doesn't work you must be doing something wrong". Too many of the Systemd "team" think the same way.

      Does anyone remember this previous el Reg story? https://www.theregister.co.uk/2014/04/05/torvalds_sievers_dust_up/

      Here's Linux Torvalds firing a torpedo at Systemd developer Kay Sievers after a Systemd bug made Linux systems unbootable and the Systemd "team" refused to fix it, saying that everyone else had to rewrite their code to work around it because Systemd was perfect:

      "Key, [sic] I'm f*cking tired of the fact that you don't fix problems in the code *you* write, so that the kernel then has to work around the problems you cause," Torvalds fumed, adding that he wouldn't merge any more of Sievers' code into the kernel until he cleans up his act.

      As we can see, nothing has really changed since that was written in 2014.

    3. Dan 55 Silver badge
      Facepalm

      Nevertheless, some modern Linux distributions, like RHEL7 and CentOS, allow this.

      Red Hat you say? That place where Poettering works?

      As you say, fucking Poettering.

      1. John Smith 19 Gold badge
        Unhappy

        "Nevertheless, some modern Linux distributions, like RHEL7 and CentOS, allow this."

        OK this guy sounds like the classic "My code is soooo precious" programmer but why do these (and only these) distros do this?

        Does systemd do it to be compatible with them?

        Under what circumstances is this behavior actually useful?

        I can't think of a reason, other than some one cocked up development and others are playing follow-the-leader but is that the case?

        1. Dan 55 Silver badge

          Re: "Nevertheless, some modern Linux distributions, like RHEL7 and CentOS, allow this."

          It doesn't matter if it's useful or not, it's used in some distributions and systemd should be able to cope with it.

          And someone at Red Hat should remind him who he works for and force him to open that bug again and fix it as otherwise it's a potential security problem on their own OS.

          1. Eddy Ito
            Trollface

            Re: "Nevertheless, some modern Linux distributions, like RHEL7 and CentOS, allow this."

            There's an easy explanation for why it behaves this way. It's for the special super users 5eyes and 4NSAonly.

            Just one icon? Ok, I'll go with this one.

      2. td0s

        I remember trying to get support on the pulse audio mailing list - another of his fine creations, and being told (by Lennart) it was buggy alsa drivers that were at fault, not pulse audio so I should take up my problems with the alsa developement team.

        The alsa drivers were obviously fine, the problem was in pulse (admittedly in an early incarnation) but the attitude was already there.

        1. John Brown (no body) Silver badge
          Joke

          "but the attitude was already there."

          <tinfoil hat>

          Could Poettering be an MS deep cover agent?

          </tinfoil hat>

          1. Kiwi

            Could Poettering be an MS deep cover agent?

            Lemme see... Buggy code with potentially significant security flaws? Check

            Horrible attitude towards other? Check

            Utter refusal to fix bugs? Check

            Arrogant fuckwit who thinks he is God's gift rather than satan's diarrhea? Check

            Nah, couldn't possibly be...

            1. Swarthy
              WTF?

              @Kiwi

              You left off the bit where Systemd looks and acts an awful (and I do mean Awful!) lot like the Windows registry; what with binary configuration files and logs that need the program itself to read them.

              So if Systemd* crashes, it writes to a binary log, which requires Systemd* to load up to read the logs - What could go wrong?

              *or the bits o' windows that read/handle the Registry

              1. Anonymous Coward
                Joke

                @Swarthy

                "So if Systemd* crashes, it writes to a binary log, which requires Systemd* to load up to read the logs - What could go wrong?"

                Now, now... you just need to adapt to the new way of Linux'ing. No need to be critical ;)

                It will only be a few months before the Samba stack gets imported into systemd and after that you can easily access those logs right after booting with your trusty Windows 10 environment.

    4. Anonymous Coward
      Black Helicopters

      @cbars

      Well, the company he works for is said to be a major vendor of commercial Linux support. You don't really expect him to remove a potential for revenue income, do you?

  2. Gene Cash Silver badge

    "the project's refusal to address it has frustrated users and developers"

    And THAT right there, more than anything, even more than the creeping featurism of systemd itself, is the reason people hate it.

    1. Graham Dawson Silver badge

      Poettering's arrogance is the reason the "project" refuses to address it. He will insist that clear, replicable bugs aren't actually bugs and that people are just using it wrong.

      We're past microsoft and into Apple territory now. "It just works", as long as you hold it right.

      1. Uffish

        Temporary Apple Fanboy Here

        Much to my surprise I find myself defending Apple against the slur on it's name. Apple is NOT as loathsome as Lennart Poettering.

        1. Graham Dawson Silver badge
          Pint

          Re: Temporary Apple Fanboy Here

          I'll drink to that.

  3. Anonymous Coward
    Anonymous Coward

    the problem with clueless amateurs...

    This is a more generic problem in the open source community. People creating things as a hobby who just don't quite 'get' all those older principles us grey hairs used to live by and enterprises, anybody with a connection to the wild internet really, have to live by - like the principle of least privilege, like fail-safe over fail-soft (which may mean not being so forgiving about bad input!), like learning from the mistakes of others rather than continually choosing to repeat them yourself (to be fair this one is much more widespread than the FOSS community) and the list goes on.

    1. bombastic bob Silver badge
      Devil

      Re: the problem with clueless amateurs...

      implies Poettering is a clueless amateur, I take it. no argument from me!

      I particularly dislike the use of 'exceptions' rather than checking return values. It's seems to be worse coming from the Python crowd...

      It would be nice to run these clueless amateurs through a 'programming boot camp' where you ONLY get to code in 'C', and you MUST check buffer sizes and return values for things like "the file wasn't opened" and "attempting to overflow the buffer".

      (and of course, check that the username is a VALID user name, and don't assume root privs when it's *NOT*)

      yeah, I'd have a clue-bat, a clue-by-four, and a cat-5-o-nine-tails ready at all times

      1. Destroy All Monsters Silver badge

        Re: the problem with clueless amateurs...

        must return values for things like "the file wasn't opened" and "attempting to overflow the buffer

        Any other good ideas from the medieval era?

        1. Anonymous Coward
          Anonymous Coward

          Re: the problem with clueless amateurs...

          WOW, basic input validation seen as medieval era....

          Amazing!

          1. Natalie Gritpants

            Re: the problem with clueless amateurs...

            A lot of good things started in the medieval period. The rule of law, human rights, better farming, universities and distillation. OK, not some many comp-sci inventions.

            1. John Smith 19 Gold badge
              Pint

              A lot of good things started in the medieval period. ..not some many comp-sci inventions.

              but you missed the most important

              Brewing.

              1. jake Silver badge

                Re: A lot of good things started in the medieval period. ..not some many comp-sci inventions.

                Brewing started long before the Medieval period.

                1. Anonymous Coward
                  Anonymous Coward

                  "Brewing started long before the Medieval period."

                  It's fermentation, like wine. Not distillation.

                2. John Smith 19 Gold badge

                  Brewing started long before the Medieval period.

                  I stand corrected.

                  Well actually I'll be slumping down but it's much the same.

                  1. jake Silver badge
                    Pint

                    Re: Brewing started long before the Medieval period.

                    No worries. After imbibing a few, one century looks pretty much like another.

                    This round's on me :-)

              2. nijam Silver badge

                Re: A lot of good things started in the medieval period. ..not some many comp-sci inventions.

                Brewing predates the medieval era by many centuries.

              3. Doctor Syntax Silver badge

                Re: A lot of good things started in the medieval period. ..not some many comp-sci inventions.

                "Brewing."

                That started much earlier.

            2. Anonymous Coward
              Anonymous Coward

              Re: the problem with clueless amateurs...

              "A lot of good things started in the medieval period"

              That's nothing compared to the Roman times.

              1. 's water music
                Coat

                Re: the problem with clueless amateurs...

                >>"A lot of good things started in the medieval period"

                That's nothing compared to the Roman times.

                Why, what did the Romans ever do for us?

                1. chuckufarley Silver badge

                  Re: Why, what did the Romans ever do for us?

                  You mean besides crappy fonts? You might want to watch "The Life of Brian" as this topic is well covered in the movie.

              2. This post has been deleted by its author

            3. Anonymous Coward
              Anonymous Coward

              "A lot of good things started in the medieval period."

              Ehm, the rule of law started a little before. Hammurabi could tell something, and the Roman law formed the basis for the rule of law in Europe.

              Universal human rights are a product of Enlightenment, medieval people and religions were fully satisfied with slavery, castes, sentencing free thinkers, etc. etc.

              1. Doctor Syntax Silver badge

                Re: "A lot of good things started in the medieval period."

                "Universal human rights are a product of Enlightenment"

                Magna carta (1215) made such a good start at this that it took about 800 years before May managed to remove the concept of due process. The presumption of innocence didn't actually come from there but was introduced, I think from France, also in medieval times (maybe this is a further reason why May is in favour of Brexit - all these foreigners with inconvenient principles of law).

                1. Anonymous Coward
                  Anonymous Coward

                  Re: "A lot of good things started in the medieval period."

                  The presumption of innocence didn't actually come from there but was introduced, I think from France

                  I had a vague memory France had the opposite under Napolean Code, but a quick DuckDuckGo suggests I had this wrong.

                  Cool. Learned something new (or rather "corrected erroneous data in my head") :)

            4. Anonymous Coward
              Anonymous Coward

              Re: the problem with clueless amateurs...

              A lot of good things started in the medieval period.

              Killing the unbelievers, invading overseas contries in order to get their resources... erm, bringing democracy, rule of law for the commoners.

              1. jake Silver badge

                Re: the problem with clueless amateurs...

                Killing unbelievers and invading overseas countries in order to get their resources started long before the medieval period. In fact, both started roughly when brewing started (thus bringing us full circle).

          2. Anonymous Coward
            Anonymous Coward

            Re: the problem with clueless amateurs...

            All the validation goes in the web page. Like, duh!

          3. Anonymous Coward
            Anonymous Coward

            "WOW, basic input validation seen as medieval era...."

            No, it's clueless return values which are from a medieval era. The "file was not open". Nice. But why it wasn't opened? Was it an RTL error? Was it an OS error? If it was an OS error, what was the original OS error? Do I have a chance to retry it, or not?

            The issue with simple return values is they are "monodimensional" and may lose information along the way.

            My best practice is "if you can add information to an error, but never remove from". So if a deeply nested routine encounters an OS I/O error, for example, it needs to pass this error to its callers, which may add more information, to allow the higher level one understand what it could do with the error.

          4. Fatman
            WTF?

            Re: the problem with clueless amateurs...

            <quote>WOW, basic input validation seen as medieval era....

            Amazing!</quote>

            What do you expect from those dumb fucking millennials? Experience??

        2. hplasm
          Devil

          Re: the problem with clueless amateurs...

          "Any other good ideas from the medieval era?"

          The Iron Maiden - with Poettering inside it?

          p.s. SystemD now has an emoji :- U-1F4A9

          What do you mean it's taken?

          1. Pirate Dave Silver badge
            Pirate

            Re: the problem with clueless amateurs...

            "The Iron Maiden - with Poettering inside it?"

            So are you saying Poettering's theme song should be Iron Maiden's "Powerslave"? It seemingly fits...

        3. Dan 55 Silver badge
          Devil

          Re: the problem with clueless amateurs...

          Isn't not checking and acting properly on return values part of this very bug?

          Yeah, I'm going to consider this a bad user ID so I'm not going to change to it, I'll carry on as root as I can't stop as I'm booting the system, so I'll just stick a warning in the log and hope that somebody reads it.

          Later when somebody files a bug report...

          ITS THERE BAD SOFTWARE!!!!11!11!1

          I mean he works for the same employer that makes Red Hat (which considers it a good user ID), FFS.

          1. Alan Brown Silver badge

            Re: the problem with clueless amateurs...

            "I mean he works for the same employer that makes Red Hat (which considers it a good user ID), FFS."

            If you've ever been a redhat customer, you'll discover that the same attitude pervades the company.

      2. Stoneshop
        Facepalm

        FTFY

        It would be nice to run these clueless amateurs

        out on a rail, with tar and feathers added

      3. John Smith 19 Gold badge
        Coat

        "yeah, I'd have a clue-bat, a clue-by-four, and a cat-5-o-nine-tails ready at all times"

        Bob, one day those liberal values of yours will be the death of you.

      4. maffski

        Re: the problem with clueless amateurs...

        'I particularly dislike the use of 'exceptions' rather than checking return values.'

        I'll take structured exception handling over return values all day thank you. Especially if the return value includes the evil of GetLastError

      5. Anonymous Coward
        Anonymous Coward

        "I particularly dislike the use of 'exceptions' "

        The lack of exceptions if one of the reasons that makes C code so fragile and vulnerable. Even after you checked return codes you may have issue properly handling (i.e. freeing resources) and propagating errors without exceptions, usually needing a lot more fragile code and hacks (like gotos).

        A small error, and code will keep on happily running in an unstable state, often creating exploitable vulnerabilities. There is also the need to propagate error information, with in C requires to use some static data somewhere, and additional "geterror" calls, hoping they were made thread-safe.

        C++ didn't address the issue fully because of its obsession for RAII (which lead to the need of smartpointers - another hack needed to solve a design issue, but not everybody understands and use them properly). That's why we see lots of vulnerabilities around in C/C++ code.

        Then there are many ways to use exceptions the wrong way as well.

        But it's only amateurs that believe C is the perfect language, and it was creates as such.

    2. hogsback

      Re: the problem with clueless amateurs...

      The problem is he is not doing it as a hobby, he is a fulltime and presumably well-payed employee of a $16B company where he does this for a living.

    3. Anonymous Coward
      Anonymous Coward

      Re: the problem with clueless amateurs...

      Maybe he misunderstands the robustness principle

      But I'm being far too generous there

      1. Anonymous Coward
        Anonymous Coward

        Re: the problem with clueless amateurs...

        Misunderstanding would nominally imply some sort of attempt at understanding. (/sarcastic implication this has not occurred)

    4. ibmalone

      Re: the problem with clueless amateurs...

      Pottering isn't doing it as a hobby. He's a full time employee for RedHat. Which of course makes it even more inexplicable.

      Still not sure why people think Linux is a hobby when plenty of companies contribute to its development, but there you go.

      1. Anonymous Coward
        Anonymous Coward

        Re: the problem with clueless amateurs...

        He's a full time employee for RedHat. Which of course makes it even more inexplicable.

        I think the word you're looking for is inexcusable. It's simply not an acceptable failure mode in the modern world.

      2. Doctor Syntax Silver badge

        Re: the problem with clueless amateurs...

        "Still not sure why people think Linux is a hobby when plenty of companies contribute to its development, but there you go."

        For some people their job depends on their ignorance.

        1. Anonymous Coward
          Anonymous Coward

          Re: the problem with clueless amateurs...

          For some people their job depends on their ignorance.

          Yup, and often quite wilfully. Politicians, management ..

    5. Doctor Syntax Silver badge

      Re: the problem with clueless amateurs...

      " People creating things as a hobby who just don't quite 'get' all those older principles us grey hairs used to live by and enterprises"

      Poettering isn't doing this as a hobby. AFAIK he's employed by Red Hat and Red Hat is certainly big enough to be classed as an enterprise.

  4. PNGuinn
    Megaphone

    As the bowl of petunias is reputed to have said ...

    OH NO NOT AGAIN.

    SOMEONE NUKE THIS POS FROM SPAACE.

    It seems to be the only way.

    1. Anonymous Coward
      Anonymous Coward

      Re: As the bowl of petunias is reputed to have said ...

      People have tried to explain why this turd has achieved widespread adoption, but I still don't really get it. It's like a conspiracy to destroy Linux.

      1. stephanh

        Re: As the bowl of petunias is reputed to have said ...

        Gnome won't run without it. Some people apparently like Gnome.

      2. Anonymous Coward
        Anonymous Coward

        Re: As the bowl of petunias is reputed to have said ...

        People have tried to explain why this turd has achieved widespread adoption, but I still don't really get it. It's like a conspiracy to destroy Linux.

        Maybe worth checking if it had Microsoft funding at some stage...

        1. Anonymous Coward
          Anonymous Coward

          Re: As the bowl of petunias is reputed to have said ...

          "Maybe worth checking if it had Microsoft funding at some stage..."

          or check to see if Darl McBribe was one of Poettering's references when he applied for the job at RH...

  5. Pomgolian
    Flame

    FFS.

    What sort of crippled mind thinks it's OK to carry on and run if the user you're supposed to be running as is invalid? Granted, an admin would have to screw up in the first place, but the brattitude being shown by poettering here is staggering.

    1. Chairman of the Bored
      Pint

      "Brattitude"

      A marvelous word. Truly captures the issue succinctly. Have an upvote and pint.

      1. Anonymous Coward
        Anonymous Coward

        Re: "Brattitude"

        A marvelous word. Truly captures the issue succinctly. Have an upvote and pint.

        I'm inclined to upvote as well, apart from the reservation that it is not a strong enough word for this sort of f*ckwittery. It's the f*cking 21st century, failing safe should be now a programming reflex so that sort of attitude is not just wrong, it's actively disqualifying.

        1. Mike Pellatt

          Re: "Brattitude"

          Cockwomble is definitely a moniker made for Poettering

          1. handleoclast

            Re: "Brattitude"

            I think Poettering is more of a twunt.

            1. hplasm
              Thumb Up

              Re: "Brattitude"

              "I think Poettering is more of a twunt."

              he's certainly a hamtoucher!

        2. hplasm
          Happy

          Re: "Brattitude"

          "...it is not a strong enough word for this sort of f*ckwittery."

          Twattitude, in this case, then.

          1. Swarthy
            Headmaster

            Re: "Brattitude"

            Have an upvote for "Twattitude", but may I also suggest such fine terms as "Ass-hattery" or "Douchebaggery"?

            The venerable Reg term cockwomble has been used to describe the alleged developer, but I feel that an even more classic Reg-ism could apply: Twatdangle

    2. Jason Bloomberg Silver badge

      Re: FFS.

      What sort of crippled mind thinks it's OK to carry on and run if the user you're supposed to be running as is invalid?

      Has the guy never heard of "failsafe"?

      There are a whole range of options he had for how do deal with the situation - regardless of how it came about, whose fault that is - and he seem to have chosen the worst possible choice on the basis of 'not my problem'. Maybe it's not, but most decent people have a natural inclination to minimise the impact of mistakes made by others.

      He's not exhibiting 'community spirit'. That's not compulsory but by choosing not to be 'with us' he sets himself 'against us' so it's not surprising he's often treated like a piece of shit.

      1. Anonymous Coward
        Anonymous Coward

        Re: FFS.

        "Has the guy never heard of "failsafe"?"

        No. That's the worst thing you can think when the user fails to type his password correctly as the "failsafe" method is to let him log in anyway, thus rendering whole idea of 'security' meaningless.

        All of it.

        "Failsafe" has places and times but logins _are not either_.

  6. Anonymous Coward
    Anonymous Coward

    "To exploit the issue, an attacker would have to convince an administrator – someone who already has root access – to install a unit file with an invalid user name. There may also be some risk in configurations where unit files are generated automatically."

    I've already patched this one: I've asked all staff to refuse to engage with anyone on the blower asking them to create a systemd unit file line by line, character by character. I've also asked them not to click on anything thats looks like a systemd unit file in an email in Outlook or Evolution (for balance).

    1. Rob D.
      Stop

      > I've already patched this one

      The sad irony is that the use of humour trying to demonstrate superiority only highlights the failure to understand the problem.

  7. Sitaram Chamarty
    FAIL

    invalid user? then ABORT, you moron!

    Subject line says it all.

    I can imagine disagreement between the OS and systemd about what a valid user is -- can happen, though it should not.

    But I can't imagine *continuing to run* when you find an invalid user!

    1. Anonymous Coward
      Anonymous Coward

      Re: invalid user? then ABORT, you moron!

      Witrhout getting into "poettering vs the world"...

      Is "defensive programming" (together with "defense in depth") too ancient a concept for modern software 'design'?

      E.g. don't trust input till you've safety-checked it yourself, or have very very good reason to trust what you're given.

      Invalid input then ignore (or, perhaps equivalently, invalid user then abort) would seem more reasonable than the current behaviour (either of the code or of its author).

    2. nijam Silver badge

      Re: invalid user? then ABORT, you moron!

      > ... disagreement between the OS and systemd...

      There is only one possible interpretation of that state of affairs: namely, systemd is wrong and the OS is right.

      But we all know that already...

  8. sweh

    POSIX

    FWIW, POSIX doesn't say that a leading digit is disallowed.

    http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap03.html#tag_03_437

    "

    To be portable across systems conforming to POSIX.1-2008, the value is composed of characters from the portable filename character set. The <hyphen-minus> character should not be used as the first character of a portable user name.

    "

    http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap03.html#tag_03_282

    "

    3.282 Portable Filename Character Set

    The set of characters from which portable filenames are constructed.

    A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

    a b c d e f g h i j k l m n o p q r s t u v w x y z

    0 1 2 3 4 5 6 7 8 9 . _ -

    "

    So we can see that "0day" is a perfectly valid username.

    It may be a bad choice for a username because it can expose bugs but it's _valid_.

    (Fun: "1234" is a valid username... just imagine the chaos that'd cause!)

    1. Daniel B.

      Re: POSIX

      I actually know some companies where your login is your employee id. Yes, including in UNIX systems.

      1. Jamie Jones Silver badge

        Re: POSIX

        I once worked somewhere where all the unix users logins were pure numeric. That was a damn headache. It threw up some interesting assumptions in many pieces of software!

    2. I ain't Spartacus Gold badge
      Happy

      Re: POSIX

      I can't have 1234 as my username. That's my password.

      1. Korev Silver badge
        Joke

        Re: POSIX

        You copied me!

      2. bazza Silver badge

        Re: POSIX

        I can't have 1234 as my username. That's my password.

        Hang on a mo, I'll just log in and change it for you.

        There, how's that?

      3. Daniel B.
        FAIL

        Re: POSIX

        Y'all be joking about 1234 as a password, but I once worked at a place where the "secure" default password was 1223, because "everyone might try 1234, but they won't think about 1223! See, secure!

    3. Mike Pellatt

      Re: POSIX

      FWIW, Poettering doesn't count lack of POSIX compliance as of any consequence.

      See: Cockwomble

      https://lwn.net/Articles/430598/

      1. Jamie Jones Silver badge

        Re: POSIX

        FWIW, Poettering doesn't count lack of POSIX compliance as of any consequence.

        See: Cockwomble

        https://lwn.net/Articles/430598/

        His comments there reminded me of the browser wars fiasco.

        Already, other systems are having to modify perfectly working standard code to be "linux compatible".

        I'm sure it won't be long before we start seeing "This site best viewed in sysux"

        Or error messages such as: "We see you are running xxx on a 96 core hypercluster. This server only supports systemd on an i486 or higher. Please upgrade to continue to use this site.

        Baaah, I'm sure I'm not the only one who has at times been using top of the range hardware and software only for some site to obnoxiously tell me to "upgrade" to Internet Explorer 7. etc.

      2. Oh Homer

        Re: POSIX

        Quoting Poettering from that LWN article:

        what we gain [by pissing all over POSIX] is a smaller chance to create bugs
        And how's that working out for you, Lenny?

        On the other hand, the utterly delusional Poettering refuses to even accept bug reports, so I bet he genuinely believes it's working out great.

  9. chuckufarley Silver badge
    Coat

    Maybe they are not fixing it because...

    ...it would increase the boot time of the servers? Having a fast booting server is the most important thing of all. It's more important than transparency. It's more important than security. It's more important than stability. This I know because Mr. Pottiecoder told me so.

    1. thames

      Re: Maybe they are not fixing it because...

      It might be a remotely plausible argument (although not a good one) if there were in fact any evidence that Systemd booted faster than the alternatives. If there is any such evidence, I've not seen it yet.

      If anything, Systemd seems to boot slower than any of the alternatives. Fedora was the first major distro to use Systemd, at which time they were by far the slowest booting major distro. When Ubuntu switched to Systemd, boot times increased very noticeably.

      Whatever the advantages of Systemd may be, speed doesn't seem to be one of them.

      1. stephanh

        Re: Maybe they are not fixing it because...

        My experience too. Devuan boots considerably faster than Xubuntu.

        Not sure if it is the init or just generally less cr*p started, but in any case systemd certainly doesn't seem to speed things up.

        1. Anonymous Coward
          Anonymous Coward

          Re: Maybe they are not fixing it because...

          Not sure if it is the init or just generally less cr*p started, but in any case systemd certainly doesn't seem to speed things up.

          I haven't followed this much, but I'd like to know how systemd then became accepted as the core services mechanism? As far as I can tell, there seems to be an at best perceived advantage, and most sysadmins I know are conservative for a reason.

          1. Graham Dawson Silver badge

            Re: Maybe they are not fixing it because...

            The perceived advantage is that a bunch if formerly separate components no longer function unless systemd is present, due to poettering et al rolling those components or similar functionality into systemd or infiltrating unnecessary dependencies within them. See udev, dns resolving and dbus for examples.

          2. thames

            Re: Maybe they are not fixing it because...

            @Anonymous Coward - "I haven't followed this much, but I'd like to know how systemd then became accepted as the core services mechanism?"

            Like Gnome 3, it was rammed down everyone's throats by Red Hat. Red Hat controls enough of the commercial enterprise Linux market that nearly everyone's applications have to be compatible with them. Once someone goes through the effort of creating a Systemd unit file, they may not bother creating or maintaining init scripts as well. Hence, any distro that wants to stick with another init system has to either do all the integration work themselves, or switch to Systemd. That's the reason that Debian switched, and once Debian did that, then Debian derivatives (such as Ubuntu) followed.

            Another reason is that hard dependencies on Systemd were then written into other projects that Red Hat controls (e.g. Gnome 3, some of the new containerisation stuff, etc.). Getting rid of Systemd at this point is non-trivial, which is why many people thought the Devuan developers were biting off more than they could chew. BSD has been left out in the cold, since the Systemd developers refuse to accept patches which provide BSD support, and software which has traditionally been shared between Linux and BSD now won't work with BSD without a lot of patching due to these Systemd dependencies.

            The basic concept behind Systemd isn't inherently bad. It's basically a copy of Sun's SMF init system (which was also copied by Apple). The actual implementation however seems dire. Everything is intertwined with everything else. NIH syndrome reigns supreme, with everything from logging to DNS being made an integral part of Systemd. The end result is that it's nearly impossible to replace a component of Systemd with something else, and the parts that are there are written by people who have only a superficial understanding of many of the problem domains covered and couldn't care less about anything their implementation doesn't fit.

            When Systemd is eventually tossed on the trash heap, it will require a complete rip and replace of a lot of stuff since it's monolithic and can't be gradually replaced module by module. I suspect this was part of the design intent, to provide a high degree of project "lock-in"..

            1. Doctor Syntax Silver badge

              Re: Maybe they are not fixing it because...

              "Red Hat. Red Hat controls enough of the commercial enterprise Linux market that nearly everyone's applications have to be compatible with them."

              They also still support just about the only enterprise Linux without systemd, RHEL6. So if you want to escape the stranglehold of one of Red Hat's least favoured contributions to Linux you can do so by becoming a Red Hat customer. That's irony or something.

            2. Kiwi
              Trollface

              Re: Maybe they are not fixing it because...

              NIH syndrome reigns supreme

              I don't think I've come across that before. Given the subject, I wonder if it means "Nothing In Head"?

              1. jake Silver badge

                Re: Maybe they are not fixing it because...

                NIH == Not Invented Here

      2. Jamie Jones Silver badge

        Re: Maybe they are not fixing it because...

        If anything, Systemd seems to boot slower than any of the alternatives.

        Ahh.. But had you installed the "go-faster stripes" ?

        Whilst at it, add the anti-static strips to reduce headaches.

        HTH

      3. Oh Homer

        Re: "the advantages of Systemd"

        I believe the "faster boot" bullshit was officially dropped by the Poettering cabal's propaganda division, once they discovered that this claim wasn't supportable with any actual evidence.

        From the many conversations I've read on the subject, as far as I can tell, the sole reason for Systemd is that Poettering absolutely detests the fact that other distros are not Red Hat, refuse to adopt Red Hat's initscripts and various other distro glue, and therefore are a problem ... to Red Hat. But not to anyone else. Anywhere. Ever.

        Obviously the solution to this non-problem is to mutate every distro into the bastard son of Red Hat, by "unifying" the init, and subsequently in the long term all distros, into a single Master Race distro, which for the sake of argument we'll just call "Red Hat".

        This will then be followed by an intensive propaganda campaign in which choice is stigmatised as somehow being a bad thing, along with the perverted notions that war is peace, freedom is slavery, and ignorance is strength.

        Then the book-burning ceremony begins, followed by tea and biscuits.

    2. Anonymous Coward
      Anonymous Coward

      Re: Maybe they are not fixing it because...

      It's also a complete fucking waste of time on a server (well, a physical one anyways)

      Look at how many minutes a Dell server takes to run its diagnostics and initialisation.

      And then there's how long Cisco IOS takes to boot (and hell, that's got some Linux somewhere in there)

  10. Notas Badoff

    Codiocracy

    If someone ever wants to do movie along the lines of Idiocracy about code, development, projects, benevolent dicks for life, etc., there's a big part in it for this guy. Just doesn't *know* when he's being stupid kinda describes the casting, right?

    1. chuckufarley Silver badge
      Happy

      Re: Codiocracy

      Good idea. I wonder if the guys from Spinal Tap would be willing to do it. Then we include a scene about "But, this one boots to run level 11!"

    2. nijam Silver badge

      Re: Codiocracy

      The living exemplar of https://en.wikipedia.org/wiki/Dunning%E2%80%93Kruger_effect

  11. Frumious Bandersnatch

    What's the opposite of "fail safe"?

    Because you, Mr. Poettering, have just done the opposite. But of course, it's OK because you did it.

    1. Anonymous Coward Silver badge
      Boffin

      Re: What's the opposite of "fail safe"?

      Bad example, because in the world of door access control there are two failure modes: "fail safe" and "fail secure" (ie when power goes, should the door be openable or not)

      Pottering certainly hasn't failed secure!

      1. Anonymous Coward
        Anonymous Coward

        Re: What's the opposite of "fail safe"?

        Pottering certainly hasn't failed secure!

        But it's now clear he has failed. Full stop.

  12. Daniel B.

    Burn it

    Please just kill the ducking thing. Get rid of systemd and bring back upstart. This is getting stupid.

    1. Doctor Syntax Silver badge

      Re: Burn it

      "bring back upstart."

      Not upstart.

  13. Anonymous Coward
    Anonymous Coward

    Agreed but...

    At the risk of getting a shed load of downvotes...

    Don't you have to have root level access to put this file (with the dodgy name) in the right place to begin with?

    If that is the case... oh wait. This is 'systemd' we are talking about.

    That means...

    The world will end tomorrow if this isn't patched and all systems updated with the next 10 minutes.

    Phew, can I have some brekkie now that I have saved the world? :) :) :)

    1. Joe Werner Silver badge

      Re: Agreed but...

      You would be right, but the issue is that it will not be fixed as "it should work that way".

      Have a coffee and read again ;) (or tea or whatever)

    2. Anonymous Coward
      Anonymous Coward

      Re: Agreed but...

      Random file corruption can and will happen. Flip a bit in the right place and now your unit file has an invalid username and will run as root rather than add the user it expects to run as. It is a remote liklihood, but would you want a process to suddenly, randomly gain root privs for no obvious reason?

    3. phuzz Silver badge

      Re: Agreed but...

      Just because a user has permissions to create a file in a certain directory, doesn't mean that they should have rights to run a service as root on every boot. This is basically an escalation of privilege attack.

      Although, I'll admit that an attacker would require quite a lot of privilege already to create the file, that's still no excuse for letting them run a service as root though.

      1. Kiwi
        Boffin

        Re: Agreed but...

        Although, I'll admit that an attacker would require quite a lot of privilege already to create the file, that's still no excuse for letting them run a service as root though.

        Aside from the random file corruption mentioned by the AC above, I can think of another way this could be exploited.

        Sysadmin creates a file with this flaw while ghey are a sysadmin, you can even make it look like a typo' eg "9Proper_user" - as in "Oops, must have accidentally typed in that number when I was setting up this new system account for some-valid_reason using a very limited and inocent and non-exoploitable account.

        When sysadmin gets fired some time later, there is an exploit on the system waiting to be exploited, and if found before firing can be made out to be a typo (like I'm doing a ton of since my latop died and I'm stuck with a tablet! :-( )

  14. Gordon Pryra

    it's a not a critical security issue

    "To exploit the issue, an attacker would have to convince an administrator – someone who already has root access – to install a unit file with an invalid user name"

    Would this not make it MORE of an issue?

    Surly this allows me to chuck a sysadmin £20 and lets him do something that doesn't have his account details all over it to trace back to him

    Actual hacking rather than the "kid in the hoodie in front of a green screen" image the daily mail has

    1. Phil W

      Re: it's a not a critical security issue

      No it doesn't make it MORE of an issue.

      A good sysadmin will either have the system locked down and audit-able enough that making such a change would be traceable to him anyway, or they are sufficiently skilled to do whatever you're bunging them £20 for without being traced anyway.

      While this clearly is a problem and there needs to be some way to mitigate it, there is a good argument for not doing so or at least not doing so by default.

      What if there are environments where numeric users are being used intentionally (regardless of the fact they're invalid/unsupported) such as the idea of using employee numbers as another poster mentioned. Changing a fundamental behaviour of username handling that's been in place for years has a potentially huge impact, and when it's only exploitable by taking action as root in the first place we're really only a step or two away from saying "a root user being to give another user root access is a security flaw".

      What this needs is an option flag that can be set in a config file to say "numeric usernames default access=" and the option to set root or user, and perhaps for now have it set to root by default, and in a few versions time switch to user by default.

      Those that consider this a threat could then fix it now, those that don't have some time before they need to change any configuration.

      More importantly I think you need to reassess the level of bribe you're offering, £20 is nowhere near enough to do anything that stands even the remotest chance of coming back on me.

    2. eldakka

      Re: it's a not a critical security issue

      Surly this allows me to chuck a sysadmin £20 and lets him do something that doesn't have his account details all over it to trace back to him

      Actual hacking rather than the "kid in the hoodie in front of a green screen" image the daily mail has

      That'd actually be bribery, or social engineering, rather than hacking ;)

  15. Anonymous Coward
    Anonymous Coward

    Security - he hasn't heard of it

    "I don't think there's anything to fix in systemd here," he wrote. "I understand this is annoying, but still: The username is clearly not valid."

    1. Ken Hagan Gold badge

      Re: Security - he hasn't heard of it

      "I understand this is annoying, ..."

      ... because there is a detectable error in the unit file and yet the system does not tell me about it.

      "but still: The username is clearly not valid."

      ...so systemd feels free to make shit up and do that instead.

      Sorry Lennart. This is not a security bug but it is definitely a bug, and a pretty embarrassing one at that.

  16. PenGun

    You poor fools. You run this crap on purpose?

    "We had to, the Ubuntu/whatever installer is so easy"

    Salvation is at hand. Slackware64 14.2 is all you really ned. ;)

    1. wolfetone Silver badge

      Or for those who don't like getting their hands dirty, Devuan.

      1. eldakka

        or Gentoo.

        1. Anonymous Coward
          Anonymous Coward

          Or Funtoo

          1. Anonymous Coward
            Anonymous Coward

            Or Windows

  17. HieronymusBloggs

    Where are they?

    There seems to be a distinct lack of posts from angry systemd defenders in this thread. I wonder why.

    1. jake Silver badge

      Re: Where are they?

      The poor deluded idiots will be here to defend what they perceive as "their turf" by and by. One wonders how supposedly computer literate people can be so fucking illogical ...

      1. Anonymous Coward
        Anonymous Coward

        Re: Where are they?

        The systemd hacks can't hear any of this while inside the Poettering echo chamber.

    2. nijam Silver badge

      Re: Where are they?

      > ...distinct lack of posts from angry systemd defenders

      Why would they even bother to read an article about a systemd feature that's already been decreed - by the arch-potterer himself - to be "not a bug".

    3. Donkey Molestor X

      Re: Where are they?

      > There seems to be a distinct lack of posts from angry systemd defenders in this thread. I wonder why.

      We're waiting for one of you drooling systemd haters to hold Linus's spaghetti code to the same standards. I think we'll be waiting a long time.

      https://www.forbes.com/2005/06/16/linux-bsd-unix-cz_dl_0616theo.html

      Lok Technologies , a San Jose, Calif.-based maker of networking gear, started out using Linux in its equipment but switched to OpenBSD four years ago after company founder Simon Lok, who holds a doctorate in computer science, took a close look at the Linux source code.

      “You know what I found? Right in the kernel, in the heart of the operating system, I found a developer’s comment that said, ‘Does this belong here?’ “Lok says. “What kind of confidence does that inspire? Right then I knew it was time to switch.”

      1. jake Silver badge

        Re: Where are they?

        "found a developer’s comment"

        That is quite simply the stupidest reason I've ever heard for choosing not to use an OS. Comments like that are scattered throughout the source code of every OS I've ever worked on. All they are is memory joggers for the coder who wrote it. Suggesting otherwise says more about the ability of the commenter than it does the coder or the code base.

      2. Jamie Jones Silver badge

        Re: Where are they?

        We're waiting for one of you drooling systemd haters to hold Linus's spaghetti code to the same standards. I think we'll be waiting a long time

        Ahhh, the Poetterers are now comparing systemd to the kernel itself!

        How long before we get a complete fork? sysdux? Poetterux?

        Although the way the code is going, Poerrerdows would be more appropriate!

      3. HieronymusBloggs

        Re: Where are they?

        "We're waiting for one of you drooling systemd haters"

        Sorry, but I'm not a systemd hater. I just choose not to use it.

        Your post is quite interesting. You imply that you are a fan of systemd, but obviously despise the operating system it runs on. Cognitive dissonance?

  18. Bronek Kozicki
    Megaphone

    Say what you will

    ... but you have to admire the chap for his strongheaded consistency. As my colleague says "if you are consistently wrong, you are not wrong anymore!".

    Well of course, this means that the distributions which use systemd are in the wrong. Which is why it is so important to support the few which do not!

  19. wolfetone Silver badge

    I wonder will we get to a point in the future where Systemd becomes it's own operating system and splits from the Linux community?

    I would shed a tear, but the sooner that bollocks Poettering stops being such a clown and takes his abomination systemd with him the better.

    He really is the Yoko Ono of Linux.

    1. Doctor Syntax Silver badge

      "I would shed a tear, but the sooner that bollocks Poettering stops being such a clown and takes his abomination systemd with him the better."

      I wouldn't and if he actually did split from the Linux community I wouldn't care whether he continued to be a clown or not. But an upvote for the general sentiment.

  20. Dominion

    Alan Cox

    Alan Cox explained the problem in an interview once. He said (paraphrasing) that the great thing about LINUX is that developers aren't beholden to commercial constraints, someone can look at a piece of code and just think it's crap and re-write it from scratch for the sake of it. Unfortunately the opposite is also true and someone can also rewrite perfectly good code for no reason and wreck it.

  21. John Smith 19 Gold badge
    Unhappy

    Hmmm. Lennart Poettering comes across as one of the more neurodiverse devs.

    Yes, it's an invalid user name.

    No we don't allow user names with leading numbers specifically to stop them being confused with UID's

    Yes it does have root privileges.

    No we're not going to fix it. No stopping boot, no console warning. No limiting privileges.

    IOW

    No acceptance that systemd is at fault. No acceptance of responsibility (it's not systemd's problem). No willingness to see any other PoVs.

    He's got the fast track to management written all over him, unless he p**ses off a senior enough PHB and gets shown the door.

    I cannot imaging what he would be like to work with, other than a nightmare.

    1. hplasm
      Joke

      Re: Hmmm. Lennart Poettering comes across as one of the more neurodiverse devs.

      Perhaps someone could arrange a deal where Poettering meets Hans Reiser, who could be let out of jail 'just for one last job...'

    2. Wensleydale Cheese
      Unhappy

      Re: Hmmm. Lennart Poettering comes across as one of the more neurodiverse devs.

      "He's got the fast track to management written all over him, unless he p**ses off a senior enough PHB and gets shown the door."

      Can someone please pull their finger out and promote him before he does more damage?

  22. herman Silver badge

    Come one guys, take it easy. Lennart doesn't need nasty nicknames. He is already Poettering.

  23. handleoclast

    Nobody has yet suggested...

    Or if they did suggest this, I missed it.

    Running the unit as root because the username is invalid is fucking stupid. So what are the alternatives?

    1) Refuse to boot. Also stupid.

    2) Run the unit under a special username that doesn't have privileges or a shell login or just about anything. Some people may recall the special user on most distributions called "nobody".

    3) Worry that this attack might find some way of exploiting user "nobody" so create an even more crippled, brain-dead user than "nobody".

    I think option 3 is the best. I suggest the username for this be "poettering."

    1. Hans 1

      Re: Nobody has yet suggested...

      4) Fail unit, log error, continue, fail anything that requires the failed unit <-------- there, that should be the behavior, makes sense ?

      Note that systemd waits 90 seconds then refuses to boot if you have an entry in fstab pointing at a drive that does not exist! Obviously, this should ONLY be the case if / (root) cannot be found <---- that has been the behavior on UNIX since .... I dunno, some time in the 70's .... and Linux since fstab was introduced....

      1. Oh Homer
        Headmaster

        Re: "fail anything that requires the failed unit"

        You assume that the certified sandwich engineers who brought us this monolithic garbage won't end up eventually making everything a dependency, intentionally or otherwise, which given the way things are going seems increasingly likely.

  24. Hans 1

    >For the same reason, a unit with User=nonexistinguser should fail instead of silently running as root.

    That's exactly what happens, and what I wrote above: if the username is valid but the user doesn't exist we'll let the unit fail on start. If the username is already invalid syntax-wise we'll log about it but proceed.

    Hence, if you write:

    User=000fooo...@!

    Then we'll ignore the assignment altogether (but log about it), since it's syntactically invalid. But if you specify:

    User=waldo

    and the user "waldo" does not exist (though it is syntactically valid), then we'll accept the setting, but as soon as you actually try to start the unit it will fail with "user not found". (Poettering, in the thread lnked-to in the article)

    So,

    user does not exist -> fail,

    invalid username (according to systemd) -> use root

    I think this says it all ....

    The thing is, you can specify a regex for valid usernames ... I am not sure which other Linux software fails with a username starting with an integer, but it is possible to configure a system to accept them and create some ...

    The other thing is, it is inconsistent, a unit will fail if it depends on an invalid service name, afaik.

    Poettering knows he is wrong and he hates being wrong, if you try and explain the flaws in his logic he will pull the "this is not a philosophical debate" as he has so many times ... he ignores all software principles, such as principle of least surprise, because he and Kay are above all that, however, they keep forgetting that arrogance has to be earned ...

    1. Hans 1

      I stand corrected, it ignores invalid Requires= entries ... so, it is not inconsistent ... the rest still stands, though ...

      1. Bronek Kozicki
        Megaphone

        Ignoring bad configuration of systemd.units is wrong. Such units should not be attempted to start. Instead the exact reason why they are considered by systemd to be badly configured should be logged and nothing else done (in particular, no attempt to start).

        Yes that means the packages which supply systemd.units which are not exactly right for any new release of systemd will have to be fixed. Yes, that's extra work for distributions, but they brought systemd upon their users, so they should also handle any breakage it causes.

  25. Cem Ayin
    Facepalm

    "So we've got invalid authorization data here..."

    "...no problem, we'll just fall back on granting maximum privileges."

    Well done, Lenny. We are impatiently looking forward to that shiny new logind thingy, which I am sure you already have in the making...

  26. ibmalone

    Possibly the real irony here is his own domain for a long time has been 0pointer.de.

  27. Jamie Jones Silver badge
    Big Brother

    Is Trump hiring?

    Lennart Poettering, one of the lead maintainers of systemd, insisted the software is working as intended and declined to implement changes.

    "I don't think there's anything to fix in systemd here," he wrote. "I understand this is annoying, but still: The username is clearly not valid."

    Before reading it, I knew this would be his response.

    He reminds me of those White House spokespeople justifying Trump (I think we are on the third right now.. Presumably the first two are dribbling in the corner of a room somewhere). All we need now is for systemd to start sending ridiculous tweets, and then he'll really start to shine.

  28. Ramazan
    Pint

    what to do with buggy packages

    https://security.gentoo.org/glsa/201402-17

  29. E 2

    All you complainers...

    If you do not like systemd, then don't use it! If nobody uses it, then it will probably go away.

    There are distros that did not jump on the systemd bandwagon,

    1. Doctor Syntax Silver badge

      Re: All you complainers...

      "There are distros that did not jump on the systemd bandwagon"

      AFAIK the only established enterprise distros in this category are RHEL6 and its derivatives.

  30. TXITMAN

    Slackware

    I always wondered why the systemd controversy with Slackware. <Smug Slackware user Icon>

  31. Luiz Abdala
    Windows

    I could expect invalid usernames getting root in Windows...

    ...but I've never seen it in Unix / Linux before. (Provided I haven't touched one such system in 10 years, it would check out anyway, but I digress.)

    Yet, people found the douchebag responsible for it under 42 femtoseconds. And then they got SURE he was a douchenozzle AND a douchebag that doesn't check boundaries on inputs whatsoever.

    If it was a Windows Registry thingie we'd get "working as intended" blurted back by MS and then an obscure fix silently enabled on Patch Tuesday.

  32. Chairman of the Bored

    i think the term here is 'sexual intellectual'

    Aka f'ng know it all...

  33. Anonymous Coward
    Mushroom

    We all complain but...

    How many of you who currently run systemd will set it up so you can remove it from your systems again?

    That is the only way to make a statement here in my opinion: by ditching this POS.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like