On 3/14/25 4:22 PM, Stéphane CARPENTIER wrote:
Le 11-03-2025, Carlos E.R. <robin_listas@es.invalid> a écrit :
On 2025-03-11 12:42, Pancho wrote:
>
It is not clear to me if this is a flaw or an advantage. Where the OS is
used for important/critical processing, it is clearly an advantage to
have a reliable audit trail. No updates or deletions, if you want to
alter the way it looks you make additional entries, corrections. This
pattern works fine for accounting systems.
>
Exactly.
And even for normal people. If you have been pawned and your computer is
used to attack a bank, the day the police come in your home, you are
happy the hacker couldn't hide his doing. For example.
OR you're Hunter Biden who doesn't have the remaining
brain cells to think ahead .... :-)
If you are NOT a bank, if you are NOT doing accounting
for a bunch of clients, then it's best to arrange for
the least amount of logging and thumbnails and such
that's possible for you. Every install I always mark
the local thumbnail subdir as read-only, even to root.
Browsers should be set to delete all or most history.
My bank sites, I always have to re-enable JS every
time I log in.
Systemd ... scatters stuff into a number of places.
Frankly, you'll have to write something like a
Python script and run as root every so often.
Rude and crude - get log file size, open log RW,
copy HALF that many bytes, write that to the log
and close. Some logs put the latest stuff at the
bottom so you kinda have to reverse that logic
by SEEKing halfway thru and then duplicating
from there until EOF. One mangled entry, who
cares eh ?
There are some distros - 'Tails', 'ParrotOS', 'Alpine' -
that are kinda set up by default to cover yer ass.
Also some non-systemd versions like Devuian. They
are all pretty straight-up to use. If you're really
paranoid, install/run in a VM for on-need use.
ON THE WHOLE I'm not terribly against systemd - it
makes some previously super-annoying tricks a lot
easier to realize. It's not intended to be Winders
by another name. In my uses, I run a number of
hand-writ daemons at, or near, startup and systemd
will both do that easily and smartly AND keep and eye
on them and re-start if they fail.
I use 'MX' quite a lot and the current ones install
with systemd disabled ... all SysV Init. You have to
choose a line from the Grub menu to get the systemd
variant running. Some of my boxes default to one,
others to the other, depending on mission.
Check BeeLink and BMax for very affordable Linux-
capable mini-boxes. The N100 based are quite
snappy with any Linux distro and have enough
of everything. Think they have N150s now for the
same price as the N95/N100s. Not every use needs
an i9 with 64gb RAM. If you can find/hit the 'to
BIOS' key on boot you need NEVER have Winders
run on them for a single nanosecond. Still have
one in-reserve, unused, maybe FreeBSD ?
(current new China trade sanctions MAY increase
the price of these boxes for awhile)
Anyway, you're not trapped. Party on dude.
More systemdCrap
Re: More systemdCrap