Forgot your password?

Comment: Re:Signs clear enough even for a layman (Score 1) 575

by kolbe (#48418375) Attached to: Debian Votes Against Mandating Non-systemd Compatibility

It's my understanding that the app maintainers do not want to maintain both initd and systemd compatibility at the same time... Extra work for little reward.

I, like many other sysadmins out there who do some level of coding to maintain large swaths of servers dislike the change to systemd on the premise that this wasn't a "phased" implementation. The rebuttal on the systemd camp is that it cannot be phased in and too bad, so you have to rewrite a few scripts and make a "few" changes to your administration processes. They do not realize it is more than just a few changes for many though and I think that's where much of the anger lay boiling... lack of empathy on either side.

Comment: Re:Boycotting RHEL7's uselessd (Score 1) 469

by kolbe (#47966597) Attached to: Fork of Systemd Leads To Lightweight Uselessd

I am not a security adviser, so I cannot say for sure which ones they were referring to and the only info they gave me was a list of about 13 x US-CERN, NVD and Canonical advisories regarding the exploitation of systemd through various methods. These were not noted as "fixed" either and 4 are listed as "Medium".

Comment: Re:Boycotting RHEL7's uselessd (Score 1) 469

by kolbe (#47960537) Attached to: Fork of Systemd Leads To Lightweight Uselessd

We dropped $2.2M on 2 half populated IBM Power 7 780's (redundant VIOS with IBM's tailored 42U cabinets) in 2012 and are running approximately 239 AIX 6+ & 7.1 LPARs for many of our Financial and Business Continuity Applications. LPAR isn't quite as advanced as VMWare, but it is getting there (no more stupid 4 lines of lpar commands for simple resource management/adjustment). Compared to what we spent on the p5 series years ago, we paid 40% less for our Power 7's. Power system prices have come down A LOT over the last 3 years though and I would professionally recommend checking them out if you need some SystemV style stability.

Anyway, we WERE hoping to move away from AIX to RHEL so we did not need to have two separate UNIX SysAdmin groups, but RHEL7 kinda threw that out the window for us sadly. Personally, I am less bemoaning of systemd than I am over the plethora of other MANDATORY changes they decided to dump on the customer all at once. It affects me and my team directly whereas the systemd thing effects my vendors and their applications.

Comment: Re:Boycotting RHEL7's uselessd (Score 1) 469

by kolbe (#47959949) Attached to: Fork of Systemd Leads To Lightweight Uselessd

A lot of what I listed was directly from the RHEL Customer Portal article and it was intended to illustrate the number of changes, but none with any particular order of importance or grief.

For my team, the grievances begin with the slurry of ctl command changes like (but not limited to the following off the top of my head):

rhn_register > subscription-manager
system-config-* > gnome-control-center (Who installs gnome on a server?!?!)
chkconfig/service/runlevel/init/shutdown/halt/inittab > systemctl
system-config-date > timedatectl
vi /var/log/ journalctl
parted > gdisk
ifconfig/network/hosts/dns/eth > nmcli
netstat > ss

Comment: Re:Boycotting RHEL7's uselessd (Score 2) 469

by kolbe (#47959723) Attached to: Fork of Systemd Leads To Lightweight Uselessd

>>So, what alternative are you looking at?

Our vendors who have explicitly stated they will not support systemd in any way (due to +Priv, DoS and bypass issues/concerns) have stated that they recommend either staying with RHEL6 & Oracle Linux 6 until it is no longer supported or switching to AIX or FreeBSD. Two of these vendors are financial software suites, one is a Point of Sale system and the other is a CRM Suite that "may support it in the future". What the other vendors plan on recommending is still TBD for them. Simply put though, many companies are more invested in their applications than any flavor of *NIX.

>>I don't know about how you write scripts, but I find it amazing that a majority of them has to be rewritten.

Have you not seen the number of changes in management, monitoring & configuration commands made within RHEL7? Seriously, it borders on being a completely new distro the way everything has been retooled. Many of our SysAdmin scripts are written in Perl & Bash with remote get for everything from deployment to monitoring and analysis (netstat? gone. ifconfig? redirected. iptables? gone. lsof? switches changed. chkconfig? redirected. So many more...).

Comment: Re:Boycotting RHEL7's uselessd (Score 2) 469

by kolbe (#47959481) Attached to: Fork of Systemd Leads To Lightweight Uselessd

> What can't I do anymore?

Let me see, the top 3 I cannot do anymore include:
- More than half of my companies preferred vendor applications will not run on systemd (some of which will never support it)
- Majority of in-house scripts need to be rewritten
- Kickstart now REQUIRED since they removed "Full Custom Install"

The growing list of complaints are raising flags in my company so much so that we are looking at outright dumping Redhat and we have been a dedicated Redhat Enterprise customer since 1997. RHEL7 has ZERO TCO for everyone I've spoken with... Retraining, retooling, reconfiguring and reorganizing are absurd.

Comment: Boycotting RHEL7's uselessd (Score 1) 469

by kolbe (#47959199) Attached to: Fork of Systemd Leads To Lightweight Uselessd

I have no idea why Redhat made so many changes in their most recent release, but it is so vast that it may as well be a completely new distro. To name a FEW:

  Anaconda RHEL installer completely redesigned
  Legacy GRUB boot loader replaced by GRUB2
  Procedure for bypassing root password prompt at boot completely different
  SysV init system and all related tools replaced by systemd
  ext4 replaced by xfs as default filesystem type
  Directories /bin, /sbin, /liband /lib64are now all under the /usrdirectory
  Network interfaces have a new naming scheme based on physical device location (e.g., eth0might become enp0s3)
  ntpdreplaced by chronydas the default network time protocol daemon
  GNOME2 replaced by GNOME3 as default desktop environment
  System registration and subscription now handled exclusively with Red Hat Subscription Management (RHSM)
  MySQL replaced by Mariadb
  tgtdreplaced by targetcli
  High Availability Add-On: RGManager removed as resource-management option (in favor of Pacemaker)
  ifconfigand routecommands are further deprecated in favor of ip
  netstatfurther deprecated in favor of ss
  System user UID range extended from 0-499 to 0-999
  locateno longer available by default; (available as mlocatepackage)
  nc(netcat) replaced by nmap-ncat

Systemd is pain to use for me and feels backwards... I find troubleshooting processes with it to be more frustrating than anything else Redhat has done in the past 20 years... Well, almost.

+ - Treasure Map: NSA, GCHQ work on real-time 'Google Earth' internet observation-> 1

Submitted by wabrandsma
wabrandsma (2551008) writes "from Der Spiegel:
According to top-secret documents from the NSA and the British agency GCHQ, the intelligence agencies are seeking to map the entire Internet, including end-user devices. In pursuing that goal, they have broken into networks belonging to Deutsche Telekom.

The document that Der Spiegel has seen shows a map with the name 'Treasure Map'. On the map are the names of Deutsche Telekom and NetCologne and their networks highlighted in red, where the legend says that within the networks 'access points' exist for 'technical observation'.

Treasure Map is anything but harmless entertainment. Rather, it is the mandate for a massive raid on the digital world. It aims to map the Internet, and not just the large traffic channels, such as telecommunications cables. It also seeks to identify the devices across which our data flows, so-called routers.

Furthermore, every single end device that is connected to the Internet somewhere in the world — every smartphone, tablet and computer — is to be made visible. Such a map doesn't just reveal one treasure. There are millions of them.

The breathtaking mission is described in a Treasure Map presentation from the documents of the former intelligence service employee Edward Snowden which SPIEGEL has seen. It instructs analysts to "map the entire Internet — Any device, anywhere, all the time."

Treasure Map allows for the creation of an "interactive map of the global Internet" in "near real-time," the document notes. Employees of the so-called "FiveEyes" intelligence agencies from Great Britain, Canada, Australia and New Zealand, which cooperate closely with the American agency NSA, can install and use the program on their own computers. One can imagine it as a kind of Google Earth for global data traffic, a bird's eye view of the planet's digital arteries.

The New York Times reported on the existence of Treasure Map last November. What it means for Germany can be seen in additional material in the Snowden archive that SPIEGEL has examined."

Link to Original Source

When you make your mark in the world, watch out for guys with erasers. -- The Wall Street Journal