osinstallation:debian11runit
Differences
This shows you the differences between two versions of the page.
Next revision | Previous revision | ||
osinstallation:debian11runit [2021/08/21 21:04] – created senioradmin | osinstallation:debian11runit [2021/08/22 12:30] (current) – [Conclusion] senioradmin | ||
---|---|---|---|
Line 9: | Line 9: | ||
'' | '' | ||
- | A few years ago a change of the init system took place in most Linux distributions. The previously used init system " | + | A few years ago a change of the init system took place in most Linux distributions. The previously used init system " |
Canonical tried it with Ubuntu with the " | Canonical tried it with Ubuntu with the " | ||
- | n 2010, Lennart Poettering - an employee at Red Hat - programmed the software " | + | n 2010, Lennart Poettering - an employee at Red Hat - programmed the software " |
- | intended to replac | + | intended to replace |
- | In the last decade, systemd has become the standard | + | In the last decade, systemd has become the default |
===== Why not use the default init system " | ===== Why not use the default init system " | ||
- | Systemd is not only an init system, but performs a variety of tasks. If you consider the tasks that a modern desktop operating system has to perform, then it certainly makes sense to combine these tasks in an integrated system. In general, users are not interested in the single internal services that run on the computer. They want the computer to work and be fast. This is perfectly legitimate and systemd is fine for this purpose. | + | Systemd is not only an init system. It performs a variety of tasks. If you consider the tasks that a modern desktop operating system has to perform, then it certainly makes sense to combine these tasks in an integrated system. In general, users are not interested in the single internal services that run on the computer. They want the computer to work and be fast. This is perfectly legitimate and systemd is fine for this purpose. |
In IT, we often talk about "use cases" and the " | In IT, we often talk about "use cases" and the " | ||
Line 32: | Line 31: | ||
- | This also has the purpose of avoiding too much complexity, because complexity is the enemy of security. One must acknowledge that systemd only pays little attention to these principles. | + | This also has the purpose of avoiding too much complexity, because complexity is the enemy of security. One must acknowledge that systemd only pays little attention to these principles. |
- | Software has such a fundamental significance in an operation | + | Software |
===== What is runit? ===== | ===== What is runit? ===== | ||
Line 42: | Line 41: | ||
Based on the above mentioned daemontools from djb further systems developed, like s6 or runit. These daemontools-inspired init systems are similar in structure and use, but have different levels of complexity. | Based on the above mentioned daemontools from djb further systems developed, like s6 or runit. These daemontools-inspired init systems are similar in structure and use, but have different levels of complexity. | ||
- | Runit is primarily designed for simplicity and a small code base. This in itself is a good prerequisite to build a safe system. It consists of several small programs and knows per default 3 " | + | Runit is primarily designed for simplicity and has a small code base. This in itself is a good prerequisite to build a safe system. It consists of several small programs and knows per default 3 " |
* Stage 1 - System initiation | * Stage 1 - System initiation | ||
Line 58: | Line 57: | ||
* runsvdir - starts a supervision tree | * runsvdir - starts a supervision tree | ||
- | In generalk | + | In general |
* init / PID1 - Initiates everything else | * init / PID1 - Initiates everything else | ||
Line 64: | Line 63: | ||
* a supervisor - monitors running services | * a supervisor - monitors running services | ||
- | Runit is kept very minimal and has no full-blown service manager. For starting and stopping sv is used. | + | Runit is kept very minimal and has no full-blown service manager. For starting and stopping |
Line 79: | Line 78: | ||
I assume here a minimal system installation of Debian 11, done with a " | I assume here a minimal system installation of Debian 11, done with a " | ||
- | After logging in to the system as root, the runit packages are installed | + | After logging in to the system as root, at first the runit packages are installed |
'' | '' | ||
Line 185: | Line 184: | ||
</ | </ | ||
- | To " | + | To " |
Line 213: | Line 212: | ||
I have demonstrated how to replace systemd on Debian 11 with the init service runit. Since runit is a proven, very lightweight and secure system, it is also possible to configure Debian quite a bit more securely and reliably with it. This is true for desktops as well as (ift not even more so) for servers. Supervision makes sure that services are monitored. | I have demonstrated how to replace systemd on Debian 11 with the init service runit. Since runit is a proven, very lightweight and secure system, it is also possible to configure Debian quite a bit more securely and reliably with it. This is true for desktops as well as (ift not even more so) for servers. Supervision makes sure that services are monitored. | ||
- | I will hide the fact that runit reaches its limits in more complex scenarios. For this, the similar system [[https:// | + | I will not hide the fact that runit reaches its limits in more complex scenarios. For this, the similar system [[https:// |
osinstallation/debian11runit.1629579862.txt.gz · Last modified: 2021/08/21 21:04 by senioradmin