All your home dir are belong to us

Topic: All your home dir are belong to us (Read 1974 times) previous topic - next topic

0 Members and 2 Guests are viewing this topic.

All your home dir are belong to us

19 June 2024, 19:32:52

https://github.com/systemd/systemd/issues/33349

Re: All your home dir are belong to us

Reply #1 – 19 June 2024, 20:08:17

I skimmed the discussion there, and this statement by Lennart himself caught my eye:

Quote

I don't thinkt he usecase for --purge is really primarily factory reset. Instead it's about package removal: a systematic way how files created by some RPM/DEB xyz via tmpfiles.d/ can be removed when xyz is removed again.

Which sounds to me that systemd is headed towards... package management? And heck, why not! Maybe Arch will then drop pacman support as an unnecessary burden.

Re: All your home dir are belong to us

Reply #2 – 19 June 2024, 20:39:08

Artix is my first Linux operating system. I've read how bloated Systemd was and how it kept getting security vulnerabilities. So I decided to try out a non-Systemd system first and if it was "too hard" I'd just switch.

Open-RC is extremely easy to use. For an end user, starting/adding services is identical barring swapping the commands. I cannot fathom why the major Linux distros other than Gentoo don't offer multiple options for an init system now. The alternatives are probably easier to use at this point.

Regarding the specific issue itself, the highlight has got to be a guy named Bluca closing the issue only for Poettering himself to reopen it. Bluca works at Microsoft according to his Github so double funny.

What's really interesting though is this pull request Poettering made that got merged. It states that one of the fixes was for "--dry-run" not actually being a dry run of the command.
https://github.com/systemd/systemd/pull/33383
They also argue about Bluca (this guy seems fun at parties) pushing the commit too quickly without review from people involved with the issue. I mean deep down I know everyone only pretends to be professional but seeing a bunch of "nerds" for a lack of better word behave similarly is kind of funny.

Re: All your home dir are belong to us

Reply #3 – 19 June 2024, 21:05:53

The functionality of generating volumes/subvolumes and the like is really kind of cloud oriented and obviously only for experts.

I suppose the idea is that an 'instance' can be spun up with minimal user intervention and some genius decides which of the normal root folders get automatically generated. Some 'real' genius decided that since they were created as temp they were temp and not in any way permanent.

I must remember to make my home folder in /tmp and have /home/myhome just a symbolic link to it so I will soon be a systemd master

Re: All your home dir are belong to us

Reply #4 – 19 June 2024, 21:42:09

It's humiliation ritual at this point, they're also really quick to disable reactions on their messages, haha.

Re: All your home dir are belong to us

Reply #5 – 19 June 2024, 21:55:41

Quote from: kirbyball – on 19 June 2024, 20:39:08

Bluca works at Microsoft according to his Github so double funny.

Poettering works for them as well. In case you didn't know.

I've got to admit I'd find the whole issue hilarious other than the fact that some unfortunate people may have lost important data.
I have no idea why any dirs under /home should be considered temporary and be handled by systemd-tmpfiles ?
Is this the standard in Arch these days or is it something you'd have to go out of your way to implement ?

Re: All your home dir are belong to us

Reply #6 – 20 June 2024, 14:55:04

They were arguing about Q versus q or something

Code: [Select]

$ cat /usr/lib/tmpfiles.d/home.conf
#  This file is part of systemd.
#
#  systemd is free software; you can redistribute it and/or modify it
#  under the terms of the GNU Lesser General Public License as published by
#  the Free Software Foundation; either version 2.1 of the License, or
#  (at your option) any later version.

# See tmpfiles.d(5) for details

Q /home 0755 - - -
q /srv 0755 - - -

Re: All your home dir are belong to us

Reply #7 – 20 June 2024, 15:31:34

Quote from: gripped – on 19 June 2024, 21:55:41

I have no idea why any dirs under /home should be considered temporary and be handled by systemd-tmpfiles ?

A while ago I've read about this then-new "feature" of systemd where it would actually handle users' home dirs. Maybe it's connected?

Re: All your home dir are belong to us

Reply #8 – 20 June 2024, 17:45:43

This has opened a bit of a can of worms for me.

I was aware of esysusers and etmpfiles and that they were extracted from systemd in a similar fashion to elogind.

The only time I've looked any closer at etmpfiles was when the entry for lighttpd got changed in its package and I had to put an override in /etc/tmpfiles.d/lighttpd.conf to prevent a directory having it's permissions changed every time I rebooted (or possibly restarted lighttpd?)

I was unaware just how pervasive it's become.

Code: [Select]

etmpfiles --cat-config

shows all the files under the 'tmpfiles' umbrella and many of them are not temporary files.

In the interests of very unscientific science I just cloned my rootfs and on the clone

Code: [Select]

sudo rc-update del etmpfiles-setup boot
sudo rc-update del etmpfiles-dev sysinit

Rebooting seemed to have had no ill effect so far ? I expect problems would occur installing some packages, or at least running them, if the hook at /usr/share/libalpm/hooks/30-etmpfiles.hook was removed as well.

So it seems that whereas once programs used to setup there own files and dirs etc, or the package manager would do it, now it gets deferred to systemd-tmpfiles or etmpfiles on Artix ?

None of that was advice in anyway.
I enjoy breaking my system. And I've decided to learn more.

Re: All your home dir are belong to us

Reply #9 – 20 June 2024, 17:52:05

I guess it's related to this image:

Re: All your home dir are belong to us

Reply #10 – 20 June 2024, 23:44:05

Quote from: gripped – on 20 June 2024, 17:45:43

I was unaware just how pervasive it's become.
Code: [Select]
etmpfiles --cat-config
shows all the files under the 'tmpfiles' umbrella and many of them are not temporary files.

This is super worrying to me, among other things is this segment:

Code: [Select]

# /usr/lib/tmpfiles.d/home.conf
#  This file is part of systemd.
#
#  systemd is free software; you can redistribute it and/or modify it
#  under the terms of the GNU Lesser General Public License as published by
#  the Free Software Foundation; either version 2.1 of the License, or
#  (at your option) any later version.

# See tmpfiles.d(5) for details

Q /home 0755 - - -
q /srv 0755 - - -

So /home is indeed referenced, right? I was trying to find anything that gentoo people think about this but couldn't find anything yet.

Who is currently upstream for etmpfiles? Gentoo people or somebody else?

Re: All your home dir are belong to us

Reply #11 – 20 June 2024, 23:52:27

Fixed by removing part of the documentation so we don't easily see that /home remains under systemd temp files control, this is the 'fix': https://github.com/bluca/systemd/commit/c4220bd2d390e9b330e835256182130d3bd5b94a

This is equivalent of 'just' using systemd nntp client but then nntp client declares that /usr and /home belong to nntp service. I am really annoyed by this.

Re: All your home dir are belong to us

Reply #12 – 21 June 2024, 00:09:24

Quote from: dpx – on 20 June 2024, 23:44:05

This is super worrying to me, among other things is this segment:

I don't think you need to worry too much so long as you don't run

Code: [Select]

etmpfiles --purge

for the brief period where this newly added --purge option deletes everything etmpfiles handles if no .conf is supplied as a argument.
But since the update to 256-1 this 'functionality' is present in Artix as well.

Quote

Who is currently upstream for etmpfiles? Gentoo people or somebody else?

The upstream is systemd. Though etmpfiles & esysusers are part of the udev pkgbase.
You can view how they are built and packaged for Artix here
Gentoo does pretty much the same thing I believe but they just call it systemd-tmpfiles.

Re: All your home dir are belong to us

Reply #13 – 21 June 2024, 00:41:33

Quote from: gripped – on 21 June 2024, 00:09:24

I don't think you need to worry too much so long as you don't run
Code: [Select]
etmpfiles --purge
for the brief period where this newly added --purge option deletes everything etmpfiles handles if no .conf is supplied as a argument.

In the short run yes, systemd damage trough temp files is dormant, but can we detect if systemd decides to expand its grip and say change privileges or access rights on /home in five versions from now? Or move home files to some tempfs volume "because that's how it should be"? Most of the systemd crap is detected incidentally, including the one in this topic.

What I want to say is that even the smallest systemd part can do stuff that no sane person would assign to that part's role. I was really hoping that gentoo, considering greater manpower they have, do filter and check code in systemd-tmpfiles before using.

Re: All your home dir are belong to us

Reply #14 – 21 June 2024, 13:45:54

I'd argue that this functionality is not needed at all on Artix as long as distro maintainers do it manually - which I expect them to do since it's non-systemd. Also I read somewhere (but don't quote me on that!) among this chaos that tmpfiles is primarily needed for setting up system with only /usr/ as partition (

) and then everything is handled by this thing by doing filesystem layout virtually. Either way, I think that as long as you don't use that, we'll be fine, but then again who knows what microsoftd mafia implement next...