At the All Systems Go conference in Berlin 20-22 September, Lennart Poettering proposed a new extension to systemd, systemd-homed.service. A video of his session can be downloaded from media.ccc.de with accompanying slides [PDF].
In his presentation, Poettering outlines a number of problems he sees with the current system, like /etc needs to be writeable, UIDs need to be consistent across systems, and lack of encryption and resource management.
His goals with the proposed solution are migrateable and self-contained, UID-independent home directories with extensible user records that unify the user's password and encryption key; LUKS locking on system suspend; and Yubikey support.
He identifies a number of problems this new idea could cause with SSH logins, disk space assignments, UID assignments, and LUKS locking.
He plans to introduce JSON user records that can be queried via a Varlink interface and to a certain extent are convertible to and from existing formats. The home directories will be stored as LUKS-encrypted files that will be managed by the proposed new service, systemd-homed.service. The system integration will be supported by pam_systemd and systemd-logind.service.
It will be interesting to see how the world responds to this new take on systemd's ever-increasing encroachment of Linux.
... and lastly, this story is brought to you from a systemd-free laptop.
(Score: 5, Informative) by digitalaudiorock on Sunday September 22 2019, @03:42PM
A while back someone posted a link to this analysis of the systemd concepts and design. It's not political in any way...just a pure design analysis:
https://blog.darknedgy.net/technology/2015/10/11/0/ [darknedgy.net]
I've yet to read it all but from what I've read, the clear answer to your question about fixing it is to flush it down the toilet and start over, with designers/developers who have a clue. The section titled "Imbalance between promoting laziness or eagerness" regarding service dependencies is a great example, and coincidentally also compares what they've done to launchd by the way...and it's not pretty. I personally think the whole parallel service startup thing is an unnecessary pile of BS.
Since when? I use nothing but Gentoo for myself, and my company moved from CentOS 6 to Devuan.