A couple of years ago, I was assigned to set up a new SecureFTP server,
and I went with Ubuntu for the task (by the way, I was new to the
Ubuntu/Debian realm, as I was a CentOS refugee). That system so far has
been working fine, totally rock solid (it's used for EDI data exchange
in a B2B setting).

What I did was I started from the Ubuntu 22.04 live-server ISO image,
and during install I chose the "Ubuntu Server (minimized)" option. That
produced a non-GUI system, which I then proceeded to duly debloat further,
so I removed snapd, netplan.io, and cloud-init packages.

Now, some days ago I've been tasked with deploying a Redmine instance,
and I went with a turn-key solution done by Bitnami, which is based on
Debian 12 and distributed as an OVA file for VirtualBox/VMware. And this
was very fast, easy and painless.

OK, so I was poking around this Debian 12 install, and comparing the
running processes with my debloated Ubuntu Server from a couple of
years ago, and I saw this Debian 12 is not running systemd-logind nor
dbus-daemon, while my Ubuntu Server 22.04 certainly is.

The only practical difference I can see is that the command "loginctl
session-status" works in that Ubuntu Server 22.04 install, but does not
work ("Failed to connect to bus: No such file or directory") in that
Debian 12 install. Other than that, both systems run the same to my
eyes.

Therefore, my question for more experienced Linux gurus, is this: Does
systemd-logind provide any value in a Linux server setup?

It's good security practice to minimize vectors of attack, and I guess
that avoiding to run dbus-daemon and systemd-logind may be a nice thing
to do in my next Ubuntu-based server. How off-base I am in that
thinking?

Thank you for your input!

-Juancho.

On Fri, 1 Nov 2024 16:21:15 +0100, Juancho wrote:

> The only practical difference I can see is that the command "loginctl
> session-status" works in that Ubuntu Server 22.04 install, but does not
> work ("Failed to connect to bus: No such file or directory") in that
> Debian 12 install. Other than that, both systems run the same to my
> eyes.

Debian certainly has the option to run systemd-logind. For example,
loginctl does work and print useful results on my Debian Unstable
setup.

> Therefore, my question for more experienced Linux gurus, is this: Does
> systemd-logind provide any value in a Linux server setup?

As is usual with systemd, it tends to provide functionality in places
where other alternatives don’t even have places.

<https://www.freedesktop.org/software/systemd/man/latest/systemd-logind.html>
<https://www.freedesktop.org/software/systemd/man/latest/logind.conf.html>

On 2024-11-01, Lawrence D'Oliveiro <ldo@nz.invalid> wrote:
> On Fri, 1 Nov 2024 16:21:15 +0100, Juancho wrote:
>
>> The only practical difference I can see is that the command "loginctl
>> session-status" works in that Ubuntu Server 22.04 install, but does not
>> work ("Failed to connect to bus: No such file or directory") in that
>> Debian 12 install. Other than that, both systems run the same to my
>> eyes.
>
> Debian certainly has the option to run systemd-logind. For example,
> loginctl does work and print useful results on my Debian Unstable
> setup.

Yes, I know that a default Debian install brings in systemd-logind.

But I've found that the "bitnami stack" turn-key OVAs/VMs [1], which
currently are Debian 12 based, come without systemd-logind. And I am
therefore wondering: Does systemd-logind provide any value in a Linux
server setup? What is the best practice regarding systemd-logind in
servers?

[1] https://bitnami.com/stacks