[systemd-devel] is a unix shell (zsh, bash, sh) still required by systemd?
Mantas Mikulėnas
grawity at gmail.com
Wed Dec 31 01:22:06 PST 2014
On Wed, Dec 31, 2014 at 10:16 AM, ivo welch <ivo.welch at gmail.com> wrote:
> [1] this is an esoteric question from a new user: does systemd still
> need a unix shell, like sh, bash, zsh, etc.? I know the first-stage
> usually does (i.e., the initrd), but if the second stage systemd does
> not, then I could remove all shells from my linux [e.g., by removing
> the USB drive that hosts stage1] and just run my custom server (e.g.,
> think ftp) on my dedicated machine. this would obviously make it just
> a little harder to break into the system---if a remote
> zero-day-exploit hacker cannot get a unix shell prompt, presumably it
> becomes just a little more difficult to wreak havoc. (background: I
> actually run my main linux system from a custom CD-ROM already, and
> the data device is noexec.)
systemd as service manager doesn't need a shell, neither for the
initramfs nor for the main system.
(Rescue/emergency modes launch an interactive shell; so does
debug-shell.service; and *ctl tools launch $PAGER through /bin/sh.
That's about it.)
However, some distros might have quite a few custom .service units
that run shell scripts. Programs that call system() depend on /bin/sh.
And even if you get rid of shells, you'll still have other script
interpreters...
--
Mantas Mikulėnas <grawity at gmail.com>
More information about the systemd-devel
mailing list