[bigbugbag]

Reading the man page it is actually recommending systemd-resolved over other options.

It says:

- option 1 (recommended): use systemd-resolved API.

- option 2: use glibc API with a glibc NSS module to resolve host names via systemd-resolved.

- option 3 (not recommended): local DNS stub listener on loopback to connect direct request to systemd-resolved.

Author included this part to illustrate how the real issue is that systemd is an unprecedented lock-in. Honestly an init process implementing a DNS resolver? Where is my kitchen sink ?

[natermer]

> Honestly an init process implementing a DNS resolver?

Systemd is a project that manages a large number of low-level services and programs that work together to try to help create a cohesive operating system.

Systemd is also the name of a init program.

These have the same name, but are not the same thing.

Systemd init process does not provide any DNS resolver features. Systemd-resolved, however, does.

[bigbugbag]

Systemd is an init system, don't take my word for it[1], I seriously doubt there is any need to add a DNS resolver to an init system, especially one that reintroduced vulnerabilities.

This "project" you are talking about is this very init system + feature creep + mission creep + software bloat + interlocked dependencies to force adoption + time.

[1]: http://0pointer.de/blog/projects/systemd.html

[ac29]

Your reference link is nearly 7 years old. From the current project homepage [0]:

"systemd is a suite of basic building blocks for a Linux system. It provides a system and service manager that runs as PID 1 and starts the rest of the system. systemd provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux control groups, maintains mount and automount points, and implements an elaborate transactional dependency-based service control logic. systemd supports SysV and LSB init scripts and works as a replacement for sysvinit. Other parts include a logging daemon, utilities to control basic system configuration like the hostname, date, locale, maintain a list of logged-in users and running containers and virtual machines, system accounts, runtime directories and settings, and daemons to manage simple network configuration, network time synchronization, log forwarding, and name resolution."

[0] https://freedesktop.org/wiki/Software/systemd/

[tapoxi]

To be fair to systemd, systemd-resolved is not an init process. It is its own service that just happens to integrate with systemd and is part of the wider systemd project (with journald, timesyncd, etc.)

[bigbugbag]

to be fair to systemd, it is an init system with a severe case of feature creep to the point that it now includes a DNS resolver that came with vulnerabilities long fixed in the existing ones.

[tapoxi]

systemd-resolved is a separate package. It is not the init system and not a requirement of the init system.

[JdeBP]

A separate binary. But not, at least as everyone packages it, a separate package.

* https://packages.debian.org/jessie/amd64/systemd/filelist

* http://packages.ubuntu.com/xenial/amd64/systemd/filelist

* https://www.archlinux.org/packages/core/x86_64/systemd/files...

* http://www.portagefilelist.de/site/query/listPackageFiles/?c...

* https://apps.fedoraproject.org/packages/systemd/contents

[bigbugbag]

Official systemd homepage[1] begs to differ, it says systemd is an init system including many features among which is name resolution:

>systemd (...) provides a system and service manager that runs as PID 1 and starts the rest of the system. (...) Other parts include a logging daemon, (...), log forwarding, and name resolution.

[1]: https://freedesktop.org/wiki/Software/systemd/

-edit- Not sure where it is a separate package, just checked debian and arch, the systemd package contains systemd-resolved. https://packages.debian.org/jessie/amd64/systemd/filelist https://www.archlinux.org/packages/core/x86_64/systemd/

[Etzos]

You cut out some important parts of what you are quoting from. Although I can understand the confusion as the naming is less that stellar in this case. Let me quote part of this[1] in full and give a quick explanation of what's actually meant by it.

> systemd is a suite of basic building blocks for a Linux system. It provides a system and service manager that runs as PID 1 and starts the rest of the system.

What is being said there is that "systemd" is the name of a suite of tools (not all of which require or depend on each other, a number of them are entirely stand alone which have been adopted by the project) for Linux. Said suite provides a system and service manager that runs as PID 1, which also happens to be called "systemd". The "systemd-resolved" package is a completely separate service to the "systemd" init service, but both belong to the "systemd" project.

This is, for instance, similar to projects like KDE's Plasma which is the umbrella project for a number of related projects but also happens to be the name of the specific desktop shell.

Edit: If you really want systemd without resolved you simply pass in the --disable-resolved flag and it will build without it. It turns out that it's useful to have most of the default things systemd provides so Debian and Arch provide pretty standard builds which include resolved though.

Edit 2: If you really want to get dirty and you have the know how you can even look at the source[2]. Resolved is in its own directory and a (really) quick glance seems to indicate that it's largely independent apart from being in the systemd src/ directory.

[1] https://freedesktop.org/wiki/Software/systemd/

[2] https://github.com/systemd/systemd/tree/master/src/resolve

[tomjakubowski]

No, the homepage says systemd is a "suite of software" which "provides a system and service manager that runs as PID 1". The "system and service manager that runs as PID 1" is the init system. The systemd suite provides this init system.