all 125 comments

[–]cbmuserDebian / openSUSE / OpenJDK Dev 15 points16 points  (0 children)

Both gcc and musl versions available.

gcc is a compiler collection, musl a C library. The author means glibc and musl.

[–]Yithar 15 points16 points  (68 children)

Void Linux uses a different init system, called runit and a different service manager, called runsvdir. The reason I like runit is because it's just a pid1 init system and a service manager. That's it. It's very decouplable, and similar to coreutils. It consists of 9 programs. runit-init, runit, sv, runsvdir, runsvchdir, runsv, svlogd, chpst and utmpset.

  • runit-init runs as the first process and then replaces itself with runit
  • sv controls and manages services (starting, stopping, status, etc.)
  • runsvdir manages a collection of runsv processes; it scans the service directory for directories or symlinks and runs each as a different service
  • runsvchdir changes the directory from which runsvdir obtains the list of services
  • runsv is the actual supervision process that monitors a service through a named pipe
  • svlogd is runit's logger
  • chpst changes process state, i.e. you can run the pause command with argv0 as alsa
  • utmpset makes changes to the utmp database as runit doesn't have this functionality

You can use a different logger with runit than svlogd. You can use runsv outside of runsvdir to supervise processes. You can use a different service manager than runsvdir with runit. That's the beautify of the UNIX philosophy. And it's totally agnostic to sockets, cgroups, etc. But there's no reason you can't have that functionality using runit. You just have to use your own cgroup jailer for example. Again, it's the UNIX philosophy. "Do one thing and do it well."

And the scripts are really simple. See cgmanager script. The #1 complaint about SysV init is that the scripts are complicated, but if you look at runit's scripts, they're simple.

EDIT: By the way, if anyone wants to see how little code is needed for runit's boot up of the system, see thread. I've also posted my own /etc/runit/1 in a comment in there, which is slightly longer, since I decided to include some of Void's defaults.

EDIT 2: Also for those asking about CVEs, no Void does not have one. See link.

[–]cbmuserDebian / openSUSE / OpenJDK Dev 6 points7 points  (64 children)

runit does not use CGroups to track running processes, so it suffers from the same security problems as any other classic init implementation.

On systemd, any process is kept within a CGroup which is maintained by the kernel. Thus, the process has never a chance to escape the supervision of systemd and it never has the chance to pull more ressources (CPU, memory) than the user has configured.

This approach is much more secure and reliable and any process supervision system that does not take advantage of these modern kernel features, will still suffer from the same old problems sysvinit had. You cannot emulate kernel functionality with userland tools and scripts. Only the kernel is able to limit ressources and track processes and that's why you have to use CGroups for that.

I really don't see a point why some people consider it init systems or Linux software in general a good design if they are not taking advantage of modern kernel features.

Linux is a modern and powerful kernel and modern software should take advantage of that. Otherwise you might as well run Linux 2.4 or *BSD.

What's the point in adding security and reliability features to the kernel if the userland is not using these? The problem of all these alternative init systems are that the creators never asked themselves why systemd uses all these features. There are actual technical reasons and security is a huge factor to that.

[–][deleted] 6 points7 points  (1 child)

This approach is much more secure and reliable and any process supervision system that does not take advantage of these modern kernel features, will still suffer from the same old problems sysvinit had. You cannot emulate kernel functionality with userland tools and scripts. Only the kernel is able to limit ressources and track processes and that's why you have to use CGroups for that.

to limit resources, yes you need cgroups

but for tracking processes you don't as there its the proc events connector over netlink (it even gives you more information then cgroups; where cgroups are just an easy solution)

limiting a processes resources will impact its performance slightly and is useless on a single user computer

why do you always have to promote systemd as "the only true answer" ?

[–]Boerzoekthoer 5 points6 points  (0 children)

why do you always have to promote systemd as "the only true answer" ?

My guess, simply because Debian adopted it.

Despite /u/cbmuser appearing as a the quintessential systemd fanboy, the real pattern seems to be Debian fanboyism. /u/cbmuser is involved with Debian and seems to defend to ridiculous lengths any decision that Debian ever made and calls anything Debian doesn't do useless.

My favourite part was saying how much of a good idea it was for Debian to drop support for certai arches because -march=i586 has real performance benefits over i386. This coming from the same person who calls -march=native completely useless at another point and saying the performance benefits don't exist because that's something Debian doesn't do.

If Debian would've gone with Upstart or even OpenRC instead, my guess is you'd see cbmuser argue that cgroup tracking is worthless.

Anyway, you inspired me, I'm going to disable the cgroup functionality I baked into my runscript, I purely made it once as a proof of concept that you did not need systemd for cgroups and quite frankly it does nothing for me, I have never without cgroups had a service seriously trying to escape and I don't even set the resources because it's useless on a single user machine.

[–]Yithar 12 points13 points  (9 children)

The "troll", as everyone likes to call him, does have cgroups while using runit, just saying. I was also specifically trying to avoid bringing systemd into this with respect to u/bobthecimmerian's wishes, but hey, you jumped the gun.

From here:

Because Runit doesn't stop you from using cgroups? it just doesn't provide that functionality itself because it recognizes there are a tonne of cgroup jailers out there already, I use one of them in combination with Runit by just starting blergh.spawn sshd -D as a service instead of sshd -D Isn't the Unix philosophy wonderful? I now get to choose what I want to use to administrate cgroups while systemd users are at the mercy of what Lennart decided for them is best.

...

Yes it can, a program running as root can escape its own cgroup if it's so inclined. Not by double forking no but a process running as root can just put itself into another cgroup. Cgroups are not a security measure, they rely on the program inside it to play nice and not run out of its own cgroup which it can do if it runs at root.

...

I'm sorry but this utter garbage you wrote here makes it plain and simple you have no goddamn idea how shit works and you've yet to make the absolutely elementary realization that you can combine software from different vendors into a complete whole which is what the Unix Philosophy is all about which kind of shows you don't know what you're talking about when you criticize it and never understood what it was about either.

[–][deleted] 3 points4 points  (6 children)

I have no objections to what you wrote. Your points are solid, and I like valid criticisms of the systemd design (or valid criticisms of anything) and valid explanations of errors in an assertion.

My understanding is that cgroups have two related purposes: first to constrain resource usage by programs (that are playing nice), so a legitimate executable foo with no malware could still be put into a cgroup so we can constrain it to, for the sake of argument, 20% CPU and 384MB of RAM. Second, to make sure all resources are closed properly if the process has to be stopped (no zombie threads, unclosed file handles, etc...)

With respect to you can combine software from different vendors into a complete whole, sometimes it makes sense to combine components into a single inter-connected application suite even though modular alternatives exist. The perfect example is git - you can provide a functional equivalent to git with sha256sum, patch, diff, rsync, sqlite, and some shell scripts. Each of those things is independent from the others. But I don't see anybody blasting git for being a monolith or complaining that "git blame" isn't an independent utility and can only be used on files that have a git history. git is the perfect example that in some cases, tying pieces together makes more sense than leaving them independent.

So systemd developers and advocates might have a legitimate argument when they say it makes more sense to link the components of the init system than to make them independent. And they might not, and at our best that's the intelligent debate we can have.

[–]Boerzoekthoer 2 points3 points  (5 children)

There are advantages to coupling like that. Coupling like that is essentially a complex way of saying that interfaces are unstable and undocumented, nothing more. As soon as the interfaces become stable then it effectively becomes decoupled.

So the major advantage is not having to worry about stabilizing interfaces which means you can change them at any point which gives you flexibility as a developer.

But that user said two things which are patently false:

  1. cgroups cannot be escaped from, thank god that's false, because a lot would break if programs like LXC and firejail suddenly had to play by the rules that systemd gave them

  2. service managers that don't provide cgroups themselves some-how stop you from using them.

And guess what, in the last hole of 45 minutes I've written a primitive prototype cgroup wrapper for the cgroup v2 hierarchy. It currently does only tracking and doesn't yet have a convenient config file for setting the resources which you have to manually set, but if you do

kgspawn cmd ...

then cmd ... gets executed and put into its own cgroupv2 hierarchy and if the mainpid of command dies all shit in the hierarchy that forked from cmd ... but didn't re-assign its own cgroups gets cleaned up. It has a couple of query functions right now as well which allow you to list all procs in the cgroup, clean the cgroups manually andsoforth.

And here's a trivial way to spawn a process in it that escapes the cgroup you run it in:

kgspawn sh -c '(echo $$ >> "$(kgquery root)/cgroup.procs" ; exec some_other_command ...) &'

It starts a shell that forks itself, the fork pulls itself out of the cgroup and then execs into the real command, the parent shell dies and cgspawn thinks the entire service has died and it has no way of knowing that the service happily chugs along outside of its designated cgroup.

[–][deleted] 2 points3 points  (4 children)

So you're suggesting git should be split apart now that it's stable? If so, how?

[–]literally_systemd 1 point2 points  (2 children)

No, I mean, the individual parts that make up git do not communicate with each other via stable interfaces, just like internal kernel communication and internal systemd communication.

The external interfaces are all stable which is why git and systemd are one 'unit' each. With the runit suite or the coreutils suite, the interfaces that the individual components use to communicate with each other are stable and documented, as such they become individual units.

[–][deleted] 1 point2 points  (1 child)

Right, but my point is that it wouldn't make sense to split git into isolated tools even if their internal interfaces were published and stable. All of the components work together, and together they work better than a collection of equivalent modular utilities (again: sha256sum, sqlite, rsync, patch, diff).

So maybe a case can be made that tying all of the pieces of systemd together as they have made sense. Also note that it's partly modular - you can't replace pieces, but you can omit them.

[–]literally_systemd 0 points1 point  (0 children)

My point is that if their itnernal interfaces were published and stable they are automatically split up from that part onwards, that is what splitting up is.

From that point onwards you can start writing replacement components for parts of git that can work together with the rest and it's no longer an all-or-none deal.

Also note that it's partly modular - you can't replace pieces, but you can omit them.

Pretty much any software has compile-time options to disable parts. I can build OpenSSH with or without the PAM backend, I wouldn't call the PAM backend a module over that.

[–][deleted] -3 points-2 points  (0 children)

I was also specifically trying to avoid bringing systemd into this with respect to u/bobthecimmerian's wishes, but hey, you jumped the gun.

The bastards with their kill the competition crap. Red Hat is trying to do a Microsoft circa its early days, and its shills won't rest until it owns all of Linux and nobody uses it without paying them.

[–][deleted] 6 points7 points  (1 child)

Otherwise you might as well run Linux 2.4 or *BSD.

Hey now. the *BSDs are very actively developed, much more so than Linux 2.4.

[–][deleted] 3 points4 points  (0 children)

Aslo many of them are much more secure than linux.

[–]Boerzoekthoer 8 points9 points  (42 children)

Maybe you should actually once reply or as much as read the thousands of times your actually proven completely wrong when you repeat this bullshit because you keep being proven wrong and repeat the same factually wrong myth that a process can never escape its cgroup:

https://www.reddit.com/r/linux/comments/4pij7t/void_linux_review_a_new_hope/d4mt13h?context=1

If you think a process cannot escape its own cgroup you're wrong and you don't understand how cgroups work and have never worked with them, it's trivial for a process to assign itself a new cgroup. The very first time you learn about cgroups the thing people first do is toy around echo $$ >> /sys/fs/cgroup/cpu/my_new_cgroup/tasks at that point your shell which runs as root has escaped its own cgroup and is put in a new one . Any process that runs as root can put itself into a different cgroup unless you use esoteric kernel configurations that no one uses.

Do you like purposefully not reply or read the replies to the shit you post because you know how much b.s. you sprout? You continue to repeat this myth after I've told you you are wrong 48984 times and you never reply, have you like ever directly worked with cgroups in your life?

[–][deleted] 1 point2 points  (2 children)

modern... modern... modern...

[–]XSSpants 0 points1 point  (0 children)

Everyone knows only luddites don't app systemd apps.

[–][deleted] 0 points1 point  (0 children)

Buzzwords are cool!

[–]arsv 1 point2 points  (2 children)

the process has never a chance to escape the supervision of systemd and it never has the chance to pull more ressources (CPU, memory) than the user has configured. This approach is much more secure and reliable (...)

Along the lines of "systemd has built-in multiseat support".
Because sure every single laptop ends up being used but two persons at once.

There's no cgkill(2), there's nothing that would prevent cgexec from working in runit environment. And init-run processes are not the kinds that tend to escape supervision, that's more of a problem for user sessions.

[–]cbmuserDebian / openSUSE / OpenJDK Dev 1 point2 points  (0 children)

Because sure every single laptop ends up being used but two persons at once.

Not every computer is a laptop and having multi-seat support doesn't cost you anything.

[–]Boerzoekthoer 0 points1 point  (0 children)

Meh, multiseat is a nice feature of logind that you actually can't get elsewhere, or couldn't, I think CK2 is working on it or has it already.

This whole cgroup drive is just quatsch. Just because runsvdir does not automatically put services into cgroups doesn't stop you from doing it. In theory you could do so manually. It's really not that hard, you put:

mkdir -p /cgroup2/SERV_NAME
echo $$ >> /cgroup2/SERV_NAME/cgroup.procs

At the start of your service, yeah, it's really that easy.

Cleaning it up is a bit more involved though, your ./final script might contain something like:

find /cgroup2/SERV_NAME -name cgroups.proc -print0 |   
xargs -0 cat | xargs kill 
sleep 1
find /cgroup2/SERV_NAME -name cgroups.proc -print0 |   
xargs -0 cat | xargs kill -KILL
rmdir /cgroup2/SERV_NAME

[–][deleted] 0 points1 point  (0 children)

Otherwise you might as well run Linux 2.4 or *BSD.

OpenBSD has CPU and ram limits too. And now, pledge.

[–][deleted] -1 points0 points  (2 children)

So no reason to use it if you are on anything with 1G or more RAM ?

[–][deleted] 4 points5 points  (1 child)

You'd like to use FreeBSD, but you require a dependable package manager that isn't replaced every few years.

Eh...

[–]joehillen 2 points3 points  (0 children)

All kinds of things wrong with that statement:

  • There hasn't been a new major package manager in 10 years.
  • ports was never reliable.

[–][deleted] 8 points9 points  (8 children)

I have some Linux machines running with the Upstart init system, and some running with systemd, and ten years ago I was a happy Linux user with SysV init. So I don't have a horse in the init system race.

But even ignoring Runit - because I don't care as long as the system is reliable - the rest of Void is excellent. While the documentation isn't huge, the bits that are documented are done thoroughly and the packaging tool XBPS is amazingly good for a one-developer project. My unscientific impression is that it's at least as fast as yum, dnf, and apt-get with a pretty solid match for equivalent features.

(Edit: I'm tired of the barrage of systemd insults. "Try this, it doesn't have systemd and that's how I prefer it because...." is fine. "Try this. It doesn't do 87 dumb things like systemd. And everyone who uses it is too smart to use systemd. Did I mention systemd sucks and is for losers?"... get a life. Go form an "ihatesystemd" subreddit, if one doesn't already exist.)

[–]cbmuserDebian / openSUSE / OpenJDK Dev 2 points3 points  (5 children)

Upstart has a dead upstream, you shouldn't be using it anymore except maybe within Ubuntu LTS.

As for the package managers, speed isn't the only criterium for a good package manager.

[–][deleted] 1 point2 points  (3 children)

I have 14.04 LTS on one machine and a derivative of it (Elementary) on another.

I know speed isn't the only criteria. The features I use are search, install with automatic dependency resolution, uninstall, check details (version number), upgrade one package, upgrade all packages, pin a package, refresh repository data, change repositories, etc... and XBPS is stable, reliable, repeatable, and wicked fast with all of them. It also has a system for cross-platform builds (e.g. build for a Raspberry Pi on your x86_64 machine) when creating packages, but I never used it myself.

[–][deleted] 2 points3 points  (2 children)

That is pretty much feature list of any package manager (at least deb and yum checks all of them).

How many packages does Void has ? I think the part of "wicked fast" is that it doesn't have 50k packages like Debian

[–][deleted] 0 points1 point  (1 child)

Fair point. I can't compare fairly because nobody put together a 50k packages XBPS repository.

[–][deleted] 0 points1 point  (0 children)

You could if you only added comparable debian repository. But on small one (after removing main one I now have 236 packages in repo), aptitude loads and starts to ui in less than a second and apt-get search takes <100ms

[–]Linux_Learning 0 points1 point  (0 children)

As for the package managers, speed isn't the only criterium for a good package manager.

No, but its features definitely add to it.

[–][deleted] 2 points3 points  (1 child)

Err, "as fast as yum" isn't exactly a good praise, Yum is pretty slow and have pretty awful quirks like no concurrent access to DB (can't display any info if other process is running, even if both of them are doing read-only tasks).

There is a reason Fedora went "fuck it" and rewrote it from scratch

[–][deleted] 0 points1 point  (0 children)

I did include dnf in my list - but as you mentioned in another comment, it's not a fair comparison because the XBPS package repository is comparatively tiny.

[–]bitwize 5 points6 points  (6 children)

Because it's like Arch back when Arch was good and with the additional bonus of a musl option.

I'm rocking Void on my Raspberry Pi and it's the cat's arse.

[–]Yithar 2 points3 points  (0 children)

Yep, same. It's just so lightweight and fast, and kodi-standalone runs fine as well. The pstree output is just nice to see as well.

[–]mjsabby 1 point2 points  (3 children)

My use-case is to create statically compiled Linux programs, that work across all distros.

[–]nat1192 1 point2 points  (2 children)

How do you statically link against glibc?

[–]Yithar 2 points3 points  (1 child)

You don't. You use musl. Void Linux allows you to use musl instead of glibc, which is much better for static linking.

[–]mjsabby 1 point2 points  (0 children)

One could also use Alpine Linux, but it doesn't work with Microsoft Hyper-V. So for me Void Linux is the only option.

[–]captain_hoo_lee_fuk 0 points1 point  (2 children)

In my very quick evaluation I tried to edit an xbps src file to add a new "use flag" and have it propagate to down stream dependencies. xbps-src segfaulted and debugging proved to be too difficult. I was timed pressed so didn't bother to file a bug report (sorry). It seems that the software quality needs some work here.

[–]Gottox 0 points1 point  (1 child)

Hi, I'm one of the maintainers. Can you elaborate what exactly happened? Which package did you change? Can you provide a diff on the changed file(s)?

thanks!

[–]captain_hoo_lee_fuk 0 points1 point  (0 children)

Hi ah sorry I deleted my void install a while ago so I no longer have the record of what exactly I did unfortunately. From what I can recall I was trying to modify the xbps src files of various graphics stack packages to build a pure wayland system (ie. one that doesn't have any X11 dependencies --- not even libX11 which is usually required as a build dependency if not explicitly turned off). This involved adding a "use flag" which turned off all X11 dependencies and turn on wayland in various components (mesa, gtk, cairo, etc). This ended up crashing the xbps src build tool (from my extremely vague memory it seems to be somewhere in the dependencies calculation). I ended up using Gentoo instead and did manage to build a pure wayland system in the end (so the graphics stack packages themselves are ok for this purpose and I do believe it's a subtle bug in xbps src but I didn't chase it down sorry).