Technology – Page 3 – The Cat Fox Life

systemd through the eyes of a musl distribution maintainer

Welcome back to FOSS Fridays! This week, I’m covering a real pickle.

I’m acutely aware of the flames this blog post will inspire, but I feel it is important to write nevertheless. I volunteer my time towards helping to maintain a Linux distribution based on the musl libc, and I am writing an article about systemd. This is my take and my take alone. It is not the opinion of the project – or, as far as I am aware, any of the other volunteers working on it.

systemd, as a service manager, is not actually a bad piece of software by itself. The fact it can act as both a service manager and an inetd(8) replacement is really cool. The unit file format is very nice and expressive. Defining mechanism and leaving policy to the administrator is a good design.

Of course, nothing exists in a vacuum. I don’t like the encouragement to link daemons to libsystemd for better integration – all of the useful integrations can be done with more portable measures. And I really don’t like the fact they consider glibc to be “the Linux API” when musl, Bionic, and other libcs exist.

I’d like to dive into detail on the good and the bad of systemd, as seen through my eyes as all of: end user, administrator, and developer.

Service management: Good

Unit files are easy to write by hand, and also easy to generate in an automated fashion. You can write a basic service in a few lines, and grow into using the other features as needs arise – or you can write a very detailed file, dozens of lines long, making it exact and precise.

Parallel service starting and socket activation are first-class citizens as well, which is something very important to making boot-up faster and more reliable.

The best part about it is the concept that this configuration exactly describes the way the system should appear and exist while it is running. This is similar to how network device standards work – see NETCONF and its stepchild RESTCONF. You define how you want the device to look when it is running, apply the configuration, and eventually the device becomes consistent to that configuration.

This is a far cry from OpenRC or SysV init scripts, which focus almost exclusively on spawning processes. It’s a powerful paradigm shift, and one I wholeheartedly welcome and endorse.

Additionally, the use of cgroups per managed unit means that process tracking is always available, without messy pid files or requiring daemons to never fork. This is another very useful feature that not only helps with overall system control, but also helps debugging and even security auditing. When cgroups are used in this way, you always know which unit spawned any process on a fully-managed system.

Lack of competition: Not good

There is no reason that another service manager couldn’t exist with all of these features. In fact, I hope that there will be competition to systemd that is taken seriously by the community. Having a single package being all things for all use cases leads to significant problems. Changes in systemd will necessarily affect every single user – this may seem obvious, but that means it is more difficult for it to evolve. Evolution of the system may, and in some cases already has, break a wide number of use cases and machines.

Additionally, without competition there is no external pressure nudging it towards ideas and concepts that perhaps the maintainers aren’t sure about. GCC and Clang learn from each other’s successes and failures and use that knowledge to make each other better. There is no package doing that with systemd right now. Innovation is stifled where choice is removed.

Misnaming glibc as “the Linux API”: Bad

I am also unhappy about systemd’s lack of musl libc support. That is probably a blessing for me, because it’s an easy reason to avoid trying to ship it in Adélie. While I have just spent five paragraphs noting how great systemd is at service management, it is really bad at a lot of other things. This is where most articles go off the deep end, but I want to provide some constructive criticism on some of the issues I’ve personally faced and felt while using systemd-based machines.

The Journal: Very bad

journald is my least-favourite feature of systemd, bar none. While I understand the reasons why it was designed the way it was, I do not appreciate that it is the only way to log on a systemd system. Sure, you can ForwardToSyslog and set the journal to be in-memory-only with a small size, and pretend journald doesn’t exist. However, that is not only excess processor power and memory usage for negative gain, it’s also an additional attack surface. It would be great if there were a “stub” journald that was strictly a forwarder with no other code.

I am also unhappy with how the journal tries to “eat” core files. While the Linux default setting of “putting a file named ‘core’ in $CWD” is absolutely unusable for development and production, the weird mixture of FS and binary journal makes things needlessly complex. The documentation even explicitly calls out that core files may exist without corresponding journal entries, and journal entries may point to core files that no longer exist. Yet they use xattrs to put “some metadata” in the core files. Why not just have a sidecar file (maybe [core file name].info or .json or .whatever) that contains all the information from the journal, and have a single journal entry that points to that file if the administrator is interested in more information about the crash?

resolved: A solution looking for a problem

resolved might a decent idea on its own, but there are already other packages that can provide a local caching resolver without the many problems of resolved. Moreover, the very idea of a DNS resolver being part of “the system layer” seems ill-advised to me.

DNSSEC support is experimental and not handled correctly, and they readily admit that. It’s fine to know your limitations, but DNSSEC is something that is incredibly valuable to have on endpoints. I don’t really think resolved can be taken seriously without it. It’s beyond me how no one has contributed this feature to such a widely-used package.

There are odd issues with local domain search. This is made more complicated on home networks where a lot of what it does is overkill. On enterprise networks, it’s likely a bad fit anyway, which makes me question why it supports everything it does.

Lastly, and relatedly, in my opinion resolved tries to shoehorn too many odd features and protocols without having the basics done first. mDNS is better taken care of by a dedicated package like Avahi. LLMNR support has been deprecated by its creator Microsoft in favour of mDNS for over a year. As LLMNR has always been a security risk, I’m not sure why the support was added in the first place.

nspawn: Niche tool for niche uses

Any discussion including resolved would be remiss without mentioning the main reason it exists, and that is nspawn. It’s an interesting take on being “in between” chroot and a full container like Docker. It has niche uses, and I don’t have any real qualms with it, but I’ve never found it useful in any of my work so I don’t have a lot of experience with it. Usually when I am grabbing for chroot I want shared state between host and container, so nspawn wouldn’t make sense there. And when I grab for Podman, I want full isolation, which I feel more comfortable handing to a package that has more tooling around it.

Ancillary tools: Why in the system layer?

networkd is immature, doesn’t have a lot of support for advanced use cases, and has no GUI for end users. I don’t know why they want to stuff networking into the “system layer” when NetworkManager exists and keeps all the networking goop out of the system layer.

timedated seems like a cute way to allow users to change timezones via a PolicyKit action but otherwise seems like something that would be better taken care of by a “real” NTP client like Chrony or NTP. And again, I don’t know why it should live in the system layer.

systemd-boot only supports EFI, which makes it non-portable and inflexible. You won’t find EFI on Power or Z, and I have plenty of ARM boards that don’t support mainline U-Boot as well. This really isn’t a problem with systemd-boot, as it’s totally understandable to only want to deal with a single platform’s idiosyncrasies. What is concerning is the fact that distros like Fedora are pivoting away from GRUB in favour of it, which means they are losing even more portability.

In conclusion: A summary

What I really want to make clear with this article is:

I don’t blindly hate systemd, and in fact I really admire many of its qualities as an actual service manager. What I dislike is its attempt to take over what they term the “system layer”, when there are no alternatives available.
The problems I have with systemd are tangible and not just hand-wavy “Unix good, sysd bad”.
If there was an effort to have systemd separate from all of the other tentacles it has grown, I would genuinely push to have it be available as a service manager in Adélie. I feel that as a service manager – and only as a service manager – it would provide a fantastic user experience that cannot be rivaled by other existing solutions.

Thank you for reading. Have a great day, and please remember that behind every keyboard is a real person with real feelings.

The Sinking of the Itanic

Linux has officially had the Intel Itanium CPU architecture removed as of version 6.7 (currently unreleased). The Linux maintainers waited until the 6.6 Long Term series was released, so that users of Itanium systems would have one final LTS kernel with support for users who still desired it.

Most people don’t care a whole lot about this. A very few were happy about it, as now there is “one less old dead platform” in the Linux kernel. Some, however, were both concerned about those with remaining Itanium hardware and whether this signals an impending doom for those of us who care about other architectures.

I’d like to explore a bit about the Itanium processor, my personal feelings on this news, and my belief that this removal is not a harbinger of doom for any other architectures.

The Itanium wasn’t a typical CPU

First, let’s start with a primer on the Itanium itself. Most CPUs fall in to one of two categories: RISC, or CISC. These are “Reduced” instruction set computers, and “Complex” instruction set computers. They are named after the number of instructions that the computer understands at the lowest level.

A RISC CPU has basic operations like add, subtract, jump, and conditional. A CISC CPU has more rich operations that the CPU can do in a single operation, such as square root, binary-coded decimal, and others. This comes at the cost of extra power consumption and a much more complicated design of the chip.

Typical RISC systems that you may recognise include the PowerPC, SPARC, and MIPS. CISC systems include the Intel x86, Arm, and mainframes like System/z.

Itanium is neither CISC nor RISC. It is what is termed a “VLIW” or Very Long Instruction Word CPU. VLIW systems allow the programmer to specify things like parallelisation, instruction scheduling and retiring, and others. If these terms aren’t familiar to you, then you may already see the reason why VLIW systems aren’t popular. The expectation is that the compiler – or, at lower levels like boot loaders and compiler designs themselves, the human programmers – will perform the work of what most modern processors do in-hardware.

It was also termed an “EPIC” or Explicitly Parallel Instruction Computer, because each “slot” of the processor could actually be programmed at the same time in an assembly language stanza.

The only other “popular” VLIW systems are some graphics cards (which is why, for a time, they were the best at mining cryptocurrency) and Russia’s home-grown Elbrus architecture.

Compilers are still evolving in 2023 to handle the sorts of problems the Itanium brings to the forefront, with the goal of making code faster. The theory is that if compilers can output a more ideal ordering of instructions, code will execute faster on any architecture. However, the Itanium launched in 2001, before most compiler designers had even considered doing this sort of work.

Hardware dearth leads to port death

There are many CPU architectures in the world. I don’t personally believe Itanium is a signal that various other CPU architectures might be next for Linux’s chopping block. There are many reasons for this belief, but the most important one is that Itanium hardware has always been scarce.

At the start of the Itanium’s life, circa 2001, there were a few different vendors who shipped hardware with it. These were HP, SGI (which spun MIPS into its own company to focus on Itanium systems), and Dell. IBM did create a single Itanium-based system, but it was short-lived. Across its life, there were various other manufacturers that created a few systems. The main driver of Itanium was HP, who had a hand in creating the architecture and had to pay Intel a significant amount of money to keep producing it towards the end of its life.

Various statistics are available to show the truly surprising level of low uptake of the Itanium. Perhaps the most shocking is Gartner’s assessment in 2007 where there were 8.4 million x86s purchased, 417,000 RISCs (virtually all of them PowerPC and SPARC), and just 55,000 Itanium systems. 90% of those were from HP. HP’s offerings were very expensive, required long-term contracts, and were aimed firmly at large enterprises.

Now let us compare this with the architectures that I’ve seen the most worry for: SPARC and Alpha.

Sun sold over 500,000 SPARC systems in 1999-2000 alone, which may be more than all Itaniums that exist in the entire world right now.

It’s really hard to extrapolate sales figures for Alpha, but Compaq’s Q4’99 sales for only Western Europe were 245mm$ for Alpha. The highest priced AlphaServer I could find in Compaq’s 1999 catalogue was the ES40 6/667, at 48k$, but we’ll go ahead and double it to include potential support contracts and hardware upgrades. This leaves us with somewhere near 3,000 units shipped in a single quarter, only to Western Europe. We can assume that many businesses bought the lower end models, so these numbers are far smaller than reality. Realistically, I would assume Alpha probably sold about 100,000 units in 1999. Recall that HP’s best year of Itanium sales was 55,000 units.

Beyond that, let’s take a look at the used market. Linux contributors rarely work on these architecture ports using hardware they bought new 20+ years ago – they have used hardware that they enjoy using, and contribute with it.

Itanium systems are currently running somewhere between 600 USD and 2000 USD on eBay, with a few below 600. Most of the ones below 600 are either not working, or individual blades that must be installed to an HP BladeCenter rack system. This BladeCenter is a separate purchase, very large, and probably only usable in a real datacentre. There are also a few newer models above 2000 USD. There are 277 systems listed in the “Servers” (not “Parts”) category. The “largest” system I could find was with 4 GB RAM.

There are “more than 1,300” SPARC systems on offer on eBay, with the typical range being 100 to 300 USD. There are more costly examples, and Blade 2000/2500s (desktops with GPUs) are around 1000 USD.

There are 436 AlphaServers, and the average seems to run 400 to 1200 USD. Some of these systems have 8 GB RAM or more, and more of them seem to include seller-offered warranties than Itanium. And let us remember that Alpha was discontinued around the same time Itanium was newly introduced.

Genuine maintenance concerns

There are more than a few concerns about Itanium from a Linux kernel maintenance point-of-view. One of the most prominent is the EFI firmware. It is based on the older EFI 1.10 standard, which pre-dates UEFI 2.0 by some years and does not include a lot of the interfaces that UEFI does. By itself this isn’t a large concern, but to ensure the code is functional, it needs to be built and tested. There were simply not enough users to do this at a large enough scale. Developers wanted to work on EFI code, and did not have the ability to test on Itanium.

The architecture is different enough from any of the others that it requires special consideration for drivers, the memory manager, I/O handling, and other components. Typically, for architectures such as the Itanium, you really want one or more people who know a lot about the internals present and ready to test patches, answer questions, and participate in kernel discussions. This simply wasn’t happening any more. Intel washed their hands of the Itanium long ago, and HPE has focused on HP-UX and even explicitly marked Linux as deprecated on this hardware back in 2020.

The 68k has Amiga, Atari, and Mac communities behind it. The PowerPC is still maintained largely by IBM, even the older chips and systems. Fujitsu occasionally chimes in directly on SPARC, and there is an active community of users and developers keeping that port alive. There are a number of passionate people whether hobbyist or community-supported doing this necessary work for a number of other architectures.

Unfortunately, the Itanium just doesn’t have that organisation – and I still largely suspect that is due to a lack of hardware. There does seem to already be a small number of enthusiasts trying to save it, and I wish them the very best of luck. The Itanium is very interesting as a research architecture and can answer a lot of questions that I feel ISA and chip designers will have in the coming decades about different ways of thinking, and what works and what doesn’t work.

In conclusion

The Itanium was an odd fellow of a CPU architecture. It wasn’t widely adopted when it was around. It was discontinued by the final manufacturer in 2021. Examples for used equipment to purchase are not common and more expensive than other, better-supported architectures, which would be required to be able to maintain software for it.

While it is always disappointing when Linux drops support for an architecture, I don’t think the Itanium is some sort of siren call that implies more popular architectures will be removed. And I will note that virtually every architecture is more popular than the Itanium.

What’s the deal with Cisco devices in `file` output, anyway?

If you work on PowerPC systems of some kind – or maybe you work on car MCUs that use the NEC V800 CPU – you may have run across some strange output when you run the file command on any binary:

/usr/bin/file: ELF 32-bit MSB pie executable, PowerPC or cisco 4500, version 1 (SYSV), dynamically linked, interpreter /lib/ld-musl-powerpc.so.1, stripped

Of course it’s a PowerPC binary, but why the mention of “cisco 4500” (or Cisco 7500s for 64-bit PowerPC binaries, or Cisco 12000s for NEC V800s)? The reason behind this is a fascinating insight into the world of proprietary computing architectures and the somewhat inventive way Cisco tried to lock down some of their older systems.

A brief primer on ELF

ELF, which stands for Extensible Linking Format or Executable and Linkable Format and is not a Will Ferrell character, is a file format for executable files and shared libraries (among others).

In layman’s terms, ELF specifies things like what processor the executable runs on, the ABI that it uses, the endianness and word size (32-bit or 64-bit, for example) that it uses, and so on.

One of the fields in an ELF file is the e_machine field, which specifies the type of machine the file is designed to run on. 0x02 is SPARC, 0x03 is the Intel x86, 0x14 is 32-bit PowerPC, 0x15 is 64-bit PowerPC, and so on.

This is the identifier that allows your OS to tell you “Exec format error” (or similar) when you run an executable for a CPU other than the one you are currently using. As a side note, it is also this field that allows qemu-user binfmt to work, if you are curious.

Cisco’s use of e_machine

The boot loader for Cisco IOS machines, also known as ROMMON, will refuse to load firmware for a different router model than the system. For example, on a Cisco 2911, you may see:

loadprog: error - Invalid image for platform
e_machine = 30, cpu_type = 194

ROMMON uses e_machine as a sort of “model number”. The Cisco 4500 uses cpu_type 20 or 0x14, which happens to also be the ELF e_machine for PowerPC.

The “magic” library that the file command uses to determine the machine type of ELF binaries only knows a few models of Cisco. I haven’t been able to determine their criteria for inclusion, or why some are present and some aren’t.

References

The ROMMON error was gleaned from an OpenWrt forum post; I don’t have hardware to show this error myself.

More information about how older Cisco devices use ELF can be found on the LinuxMIPS wiki.

This question was originally asked by some curious people on the #talos-workstation IRC channel on Libera.Chat. I knew the basics of Cisco’s ELF-scapades, but they were the ones who inspired me to make this write-up and learn a bit more.

Compiling XIBs with CMake without Xcode

I’ve been enjoying using the JetBrains IDE CLion to do some refactoring and improvements to the Auctions code base. However, when I tried to build the Mac app bundle with it, the app failed to launch:

2022-07-30 19:54:15.117 Auctions[80371:16543044] Unable to load nib file: Auctions, exiting

The XIB files were definitely part of the CMake project. I later learned that CMake does not automatically add XIB compilation targets to a project. It relies on the Xcode generator to do that.

I found a long-archived documentation page from CMake on the Kitware GitLab that described a method to build NIB files from XIBs, and have modified it to make it simpler for Auctions.

You can see the change in the commit diff, but I’ll include the snippet here for posterity.

First, you define an array with the XIB file names with no suffix. For instance, I’ve done set(COCOA_UI_XIBS AXAccountsWindow AXSignInWindow Auctions) for the three XIB files presently in the codebase.

Then we have the loop to build them:

find_program(IBTOOL ibtool REQUIRED)
foreach(XIBFILE ${COCOA_UI_XIBS})
    add_custom_command(TARGET Auctions POST_BUILD
            COMMAND ${IBTOOL} --compile ${CMAKE_CURRENT_BINARY_DIR}/Auctions.app/Contents/Resources/${XIBFILE}.nib ${CMAKE_CURRENT_SOURCE_DIR}/${XIBFILE}.xib
            COMMENT "Compiling NIB file ${XIBFILE}.nib")
endforeach()

Now it starts correctly and works properly when built from within CLion. This was surprisingly difficult to debug and fix, so I hope this post can help others avoid the hours of dead ends that I endured.

Until next time, Happy Hacking!