Re: [gentoo-user] Re: Is gnome becoming obligatory?

[Neil Bothwick <neil@digimed.co.uk>]

[-- Attachment #1: Type: text/plain, Size: 1829 bytes --]

On Mon, 11 Dec 2017 21:03:21 +0000, Alan Mackenzie wrote:

> OK.  But it's still there taking up RAM, and (more importantly) makes a
> systemd system a broader target for attacks.  Whether a system has an
> http server (or, for that matter, an SSH server), for whatever purpose,
> should be for the system administrator to decide.  I suspect this isn't
> the case for systemd's http server.

You're guessing again. The HTTP server doesn't run by default (very
little on systemd does). On Gentoo, it's not even built by default, but
don't let a brief look at the USE flags in eix get in the way of a good
argument!

> In any case, I don't want an http server on my system: I have no http to
> serve.

Then don't install one, I didn't.

> I installed sshd as one of the first things on my new system, to
> facilitate the transfer of files to it (and, probably, reading logs from
> it remotely).

The thing with using SSH to read logs is that it presents a much larger
attack vector when you only want to allow a user to read remote logs.

> I don't want a binary logging daemon either: that means having to learn
> a special purpose utility to be able to read its logs, and, in general,
> not being able to read that log from a remote machine.

"journalctl" is just the same as "less /var/log/messages" so here's not
much to learn unless you want to use the search features. Reading the log
from a remote machine is easy, using either SSH or HTTP, whichever you
prefer. My one complaint about the systemd journal is that there is not,
AFAIK, a standalone reader. If I want to boot from a live CD, I can only
read the logs if it is a systemd live CD, or I chroot into the original
system. Unless someone knows different...


-- 
Neil Bothwick

OPERATOR ERROR: Nyah, Nyah, Nyah, Nyah, Nyah!

[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 833 bytes --]