At the All Systems Go conference in Berlin 20-22 September, Lennart Poettering proposed a new extension to systemd, systemd-homed.service. A video of his session can be downloaded from media.ccc.de with accompanying slides [PDF].
In his presentation, Poettering outlines a number of problems he sees with the current system, like /etc needs to be writeable, UIDs need to be consistent across systems, and lack of encryption and resource management.
His goals with the proposed solution are migrateable and self-contained, UID-independent home directories with extensible user records that unify the user's password and encryption key; LUKS locking on system suspend; and Yubikey support.
He identifies a number of problems this new idea could cause with SSH logins, disk space assignments, UID assignments, and LUKS locking.
He plans to introduce JSON user records that can be queried via a Varlink interface and to a certain extent are convertible to and from existing formats. The home directories will be stored as LUKS-encrypted files that will be managed by the proposed new service, systemd-homed.service. The system integration will be supported by pam_systemd and systemd-logind.service.
It will be interesting to see how the world responds to this new take on systemd's ever-increasing encroachment of Linux.
... and lastly, this story is brought to you from a systemd-free laptop.
(Score: 2) by fido_dogstoyevsky on Sunday September 22 2019, @11:06PM (1 child)
So it's almost* working as designed?
A BSD may ulimately be the only escape.
*You were SUPPOSED to move to redhat.
It's NOT a conspiracy... it's a plot.
(Score: 2) by rleigh on Monday September 23 2019, @09:53AM
I'd happily use FreeBSD on the desktop if I had the time to deal with any breakage, but I don't. It's almost usable, but there's still a lot of freedesktop.org stupidity compiled into the pkg ports builds by default. TrueOS gets pretty close; there were a few issues with it, but overall they deserve a lot of credit for their work.
Of all the Linux distributions I've used over the years, RedHat has always been my least favourite. They might have been successful at entrenching themselves in businesses, but that has little bearing on their technical choices. I don't see them any differently to the IBM or Microsoft of old. We were forced to support it in work products because it was "the standard", but actual usage statistics never bore this out. More a case of technical decisions being dictated by management based upon little factual evidence. It will probably be superseded sooner rather than later; look at all the contortions they are going through to justify their "Stratis" product rather than use ZFS. It's inferior in every way! And I don't see that as a sound long-term technology or business strategy. But there will be plenty of know-nothing RHCEs who will suck it right up and tell the rest of us how wrong we are about its many defects!
The systemd world will eventually implode due to the unmaintainable and unsecurable overcomplexity of the whole edifice. I won't take much pleasure in seeing it, but that's the inevitable fate of spaghetti messes written by cowboys with giant egos.