SoylentNews is people
SoylentNews
from the resistance-is-futile.-/home-will-be-assimilated dept.
Good News:
Linux home directory management is about to undergo major change:
With systemd 245 comes systemd-homed. Along with that, Linux admins will have to change the way they manage users and users' home directories.
[...] Prior to systemd every system and resource was managed by its own tool, which was clumsy and inefficient. Now? Controlling and managing systems on Linux is incredibly easy.
But one of the creators, Leannart Poettering, has always considered systemd to be incomplete. With the upcoming release of systemd 245, Poettering will take his system one step closer to completion. That step is by way of homed.
[...] let's take a look at the /home directory. This is a crucial directory in the Linux filesystem hierarchy, as it contains all user data and configurations. For some admins, this directory is so important, it is often placed on a separate partition or drive than the operating system. By doing this, user data is safe, even if the operating system were to implode.
However, the way /home is handled within the operating system makes migrating the /home directory not nearly as easy as it should be. Why? With the current iteration of systemd, user information (such as ID, full name, home directory, and shell) is stored in /etc/passwd and the password associated with that user is stored in /etc/shadow. The /etc/passwd file can be viewed by anyone, whereas /etc/shadow can only be viewed by those with admin or sudo privileges.
[...] Poettering has decided to make a drastic change. That change is homed. With homed, all information will be placed in a cryptographically signed JSON record for each user. That record will contain all user information such as username, group membership, and password hashes.
Each user home directory will be linked as LUKS-encrypted containers, with the encryption directly coupled to user login. Once systemd-homed detects a user has logged in, the associated home directory is decrypted. Once that user logs out, the home directory is automatically encrypted.
[...] Of course, such a major change doesn't come without its share of caveats. In the case of systemd-homed, that caveat comes by way of SSH. If a systemd-homed home directory is encrypted until a user successfully logs in, how will users be able to log in to a remote machine with SSH?
The big problem with that is the .ssh directory (where SSH stores known_hosts and authorized_keys) would be inaccessible while the user's home directory is encrypted. Of course Poettering knows of this shortcoming. To date, all of the work done with systemd-homed has been with the standard authentication process. You can be sure that Poettering will come up with a solution that takes SSH into consideration.
Older articles:
- Pack Your Bags – Systemd Is Taking You To A New Home
- Systemd-Homed Merged As A Fundamental Change To Linux Home Directories
Will systemd be considered complete once the kernel and boot loader have been absorbed into systemd?
(Score: 4, Insightful) by Bot on Friday May 01 2020, @01:32PM (9 children)
You look at it from your POV, try theirs. Systemd is an instrument of domination, messing with /home is a juicy target to obsolete million mans hours of knowledge and info.
Fact: all those people using linux for multimedia NEED PLAIN HOMES WITH NO ENCRYPTION hogging up the CPU. Ergo, pick antixxx or mx or void or slackware or whatever non systemd distro now. Any time spent with systemd is time lost.
Account abandoned.
(Score: 2) by VanessaE on Friday May 01 2020, @01:37PM (4 children)
All I know for sure is if Debian follows suit, I will be very disappointed...
(considering that Pulse and systemd are already a thing, though THOSE don't seem to be a problem, not like they were in the beginning)
(Score: 2) by Arik on Friday May 01 2020, @01:48PM
http://slackware.com/
If laughter is the best medicine, who are the best doctors?
(Score: 4, Informative) by Anonymous Coward on Friday May 01 2020, @04:49PM
If you see them going for homed, just swap over to the Devuan release targetted at your current Debian version and apt update -> apt dup, then give it a few hours to download and install and reboot :)
(Score: 2, Insightful) by Anonymous Coward on Friday May 01 2020, @09:02PM
Debian and its giant offspring Ubuntu, and their myriad derivatives, have long gone systemd. Millions of users had no choice. Some distro makers had no choice. Upstream changed because a few individuals puttered, and millions sputtered. The problem is getting things done. I choose a distro for its ability to stay out of my way, have all the software I need IN the repos, so I can work. Many of the purist wonderworks have little functionality beyond being a "pure linux". I need the applications and those have dependencies, some of which may tie back to systemd. Also a lot of the "purist" editions look like a worn-out Yugo next to many of the modern Lambos and Porsches in terms of the UI and windows managers. Sad state of Linux in 2020, where one approaching 30's kid dictates the terms for all the usable distros.
(Score: 0) by Anonymous Coward on Saturday May 02 2020, @12:11PM
It would have been so much easier if pots had created his own distro.. I could respect that.
(Score: 2) by meustrus on Friday May 01 2020, @07:38PM (1 child)
Easy solution, assuming homed encryption can be turned off per-user: put the multimedia under a separate user. Give out media access by group.
This is how I manage media in Linux. Mainly I do it so that I could configure Syncthing to maintain redundant copies on multiple machines, running in an isolated account, without giving everyone else access to change the files and break syncing.
If there isn't at least one reference or primary source, it's not +1 Informative. Maybe the underused +1 Interesting?
(Score: 0) by Anonymous Coward on Friday May 01 2020, @08:01PM
>Easy solution, assuming homed encryption can be turned off per-user: put the multimedia under a separate user. Give out media access by group.
It's not simpler than avoiding systemd altogether. Thank you non systemd distro maintainers, beacons of freedom.
(Score: 2) by janrinok on Saturday May 02 2020, @07:34AM
But nobody is making them use it. I fail to see why I should get excited because somebody else uses Gentoo, or another encrypts his hard drives, or they want to do media streaming on an underpowered computer. Why should anyone else get excited about those who are happy to use systemd.
Incidentally, I manage to stream media quite satisfactorily from a server powered by an Athlon 2 X4 605e processor using full drive encryption over my network. No problems. I suppose a P II might struggle though. I do have a problem when 3, 4 or more people are trying to stream simultaneously, but I'm not surprised by that.
(Score: 0) by Anonymous Coward on Sunday May 03 2020, @08:24AM
As of now Firefox disabled checking for the chrome folder in the user profile and for userChrome.css TO SAVE TIME WHEN LOADING FIREFOX.
What utter stupidity. How many people are now looking at the crap that is the new urlbar and other screwups in the UI, following instructions, and not realising their Firefox does not load userChrome.css anymore?
Utter stupidity.