Systemd in Qubes?

I’ve heard time and time again that systemd is a bad idea for your linux distro,
which is why I always rely on non-systemd distros like Devuan.

https://nosystemd.org/

Seeing that QubesOS runs on systemd, for the sake of security, I wonder if the dev team
plans to switch to a different init system down the road.

I don’t like systemd, and imo its adoption was a mistake.
Now that’s out the way, I’d be interested to see the evidence that
systemd has reduced the security of Linux distros that have adopted it.
I’m not aware of any plans to change to a different init system in
Qubes.

Systemd is probably less secure indeed, due to its monolithic structure, but it should not really influence the security of Qubes OS. Qubes OS provides security through isolation. You remove networking from your security critical VMs, and it gets much harder for an attacker to access them, even if systemd is insecure. Other VMs are reset every reboot. And every VM can rely on a different distribution.

Also, you can in principle use Devuan: Devuan TemplateVM · Issue #6265 · QubesOS/qubes-issues · GitHub, or other non-systemd distributions.

1 Like

This isn’t the place to hash over the systemd arguments, particularly as
I don’t like it.
I will say that systemd isn’t monolithic, and the threatened security
disaster hasn’t yet materialised.
But everything you say about the Qubes contribution to security is well
stated. And, of course, anyone is free to use (or contribute to) non
systemd distributions or OS: Windows templates are very usable, for
example.

1 Like