Steve BellovinA rant in two parts. This is part one…
The discussion earlier today about systemd replacing /var/log with some dedicated facility and a special command, journalctl, to query it impelled me to write up just what I think is wrong with a lot of Linux. Basically, they've given up on the Unix philosophy of small, composable, generally usable but simple tools in favor of a mass of large, specialized tools. "They've paved Paradise and put up a parking lot.”
Why specify a pager instead of just piping the output to a pager? Being able to search on a specific field is nice, but grep can do that. Maybe grep should be enhanced to say “apply the RE to fields m..n” (which is easy enough with awk anyway), and arguably it could take a file giving mappings of a fieldname to a field number. That's a generally useful tool; why limit it to systemd log files? Searching by time is nice, but it's nice in other contexts, e.g., the output of 'ls -l' on a large directory. The same goes for json-style output: why limit it to this context? (I won't even rant about why there has to be a single-line vs. multiline json option—that could also be a pair of simple, general commands.)
Too many Linux subsystems (or rather, their authors) have decided that they are the world and have to provide lots of functionality specific to that subsystem, rather than building general tools. Steve Jobs once said of Windows, “The only problem with Microsoft is that they just have no taste. They have absolutely no taste.” That's what's going on here.
The discussion earlier today about systemd replacing /var/log with some dedicated facility and a special command, journalctl, to query it impelled me to write up just what I think is wrong with a lot of Linux. Basically, they've given up on the Unix philosophy of small, composable, generally usable but simple tools in favor of a mass of large, specialized tools. "They've paved Paradise and put up a parking lot.”
Why specify a pager instead of just piping the output to a pager? Being able to search on a specific field is nice, but grep can do that. Maybe grep should be enhanced to say “apply the RE to fields m..n” (which is easy enough with awk anyway), and arguably it could take a file giving mappings of a fieldname to a field number. That's a generally useful tool; why limit it to systemd log files? Searching by time is nice, but it's nice in other contexts, e.g., the output of 'ls -l' on a large directory. The same goes for json-style output: why limit it to this context? (I won't even rant about why there has to be a single-line vs. multiline json option—that could also be a pair of simple, general commands.)
Too many Linux subsystems (or rather, their authors) have decided that they are the world and have to provide lots of functionality specific to that subsystem, rather than building general tools. Steve Jobs once said of Windows, “The only problem with Microsoft is that they just have no taste. They have absolutely no taste.” That's what's going on here.
Hal Pomeranz
Adam Shostack 
Aaron
Raven667