Thanks for sharing your thoughts - I appreciate, and learn from, your input.
Again I didn't mean to belittle or devalue your work, quite the opposite. I'm disappointed and underwhelmed by the interface and its usage, not by the implementation. Also referring to the s6 as an "ecosystem" was silly, sorry. The s6 infrastructure would be more appropriate. On Mon, Apr 12, 2021 at 1:14 PM Laurent Bercot <ska-skaw...@skarnet.org> wrote: > > I have exactly zero doubt that any attempt at designing a "modern" > framework for user accounting would manage to do worse than utmp. > systemd has done exactly that. Other attempts would be similar. > People who would actually take time and energy to do this right are > not interested in doing it, because user accounting is 1. ultimately > user snooping, and 2. becoming useless by the day with the way Unix > is used now. > > As you said, it's best to let it die - not because utmp is bad, but > because *the concept of user accounting* is bad. > It's true that the old days of time-sharing and university servers with dozens of users are long gone and in that light full user accounting is pretty useless and privacy-invading. But the basic feature of reliably and trustingly keeping track of which users are connected to the system at any given time remains essential. And it would be nice if it were done across services (e.g. mail, smb, web, etc.), not just terminal logins, without having to run a dozen different tools or consult a dozen different logs. Some kind of self-hosted Kerberos, if you will, although it's not the correct analogy since Kerberos is only concerned about authentication, but hopefully you get the idea, with the accompanying reporting tools. Which could be extended and upscaled to a centralized client/server model if needed with a choice of back-ends. I'm lamenting the sorry state of basic user administration and security software on Linux. We have antiquated tools such as shadow-utils, util-linux, which code is laden with legacy stuff and burdened with hooks to linux-pam, SElinux, libaudit, utmp, and whatnot. Then there are the services, which are more or less equally afflicted. It looks like a big ol' mess to me. On one side we have bare-bones embedded Linux systems powering IoT devices which are woefully insecure, constantly hacked and participating in botnets. On another side we have Red Hat (aka IBM) bloated monsters. There is no "modern" middle-ground that I'm aware of.