cross-posted from: https://programming.dev/post/36342010
Nitro is a tiny process supervisor that also can be used as pid 1 on Linux.
There are four main applications it is designed for:
- As init for a Linux machine for embedded, desktop or server purposes
- As init for a Linux initramfs
- As init for a Linux container (Docker/Podman/LXC/Kubernetes)
- As unprivileged supervision daemon on POSIX systems
Nitro is configured by a directory of scripts, defaulting to /etc/nitro (or the first command line argument).
Systemd is a very good chunk of code. It does the thing and it does it well. Nobody is arguing that systemd does a bad job at this point.
The problem is systemd does a LOT of things that used to be individual jobs handled by separate things. This is a potential security problem as it makes systemd a fantastic target. It’s in charge of so many things that if you pwn systemd, you can get that system to do anything you want.
Another concern are the ties to red hat. Red hat is not your friend. They are not to be trusted. Especially not right now. Remember who owns them, IBM, were quite friendly with the Nazis before and are looking like they are totally fine with being friendly with them again.
That last one is more of a tinfoil hat concern than a technical one, but at this point the tinfoil crowd have been proven right more often than wrong so it’s something to consider.
So I should hate systemd because IBM’s German subsidiary provided tabulation machines to the Nazis during WW2?
Seems completely reasonable /s