Stories
Slash Boxes
Comments

SoylentNews is people

posted by Fnord666 on Friday May 01 2020, @11:04AM   Printer-friendly
from the resistance-is-futile.-/home-will-be-assimilated dept.

Good News:

Linux home directory management is about to undergo major change:

With systemd 245 comes systemd-homed. Along with that, Linux admins will have to change the way they manage users and users' home directories.

[...] Prior to systemd every system and resource was managed by its own tool, which was clumsy and inefficient. Now? Controlling and managing systems on Linux is incredibly easy.

But one of the creators, Leannart Poettering, has always considered systemd to be incomplete. With the upcoming release of systemd 245, Poettering will take his system one step closer to completion. That step is by way of homed.

[...] let's take a look at the /home directory. This is a crucial directory in the Linux filesystem hierarchy, as it contains all user data and configurations. For some admins, this directory is so important, it is often placed on a separate partition or drive than the operating system. By doing this, user data is safe, even if the operating system were to implode.

However, the way /home is handled within the operating system makes migrating the /home directory not nearly as easy as it should be. Why? With the current iteration of systemd, user information (such as ID, full name, home directory, and shell) is stored in /etc/passwd and the password associated with that user is stored in /etc/shadow. The /etc/passwd file can be viewed by anyone, whereas /etc/shadow can only be viewed by those with admin or sudo privileges.

[...] Poettering has decided to make a drastic change. That change is homed. With homed, all information will be placed in a cryptographically signed JSON record for each user. That record will contain all user information such as username, group membership, and password hashes.

Each user home directory will be linked as LUKS-encrypted containers, with the encryption directly coupled to user login. Once systemd-homed detects a user has logged in, the associated home directory is decrypted. Once that user logs out, the home directory is automatically encrypted.

[...] Of course, such a major change doesn't come without its share of caveats. In the case of systemd-homed, that caveat comes by way of SSH. If a systemd-homed home directory is encrypted until a user successfully logs in, how will users be able to log in to a remote machine with SSH?

The big problem with that is the .ssh directory (where SSH stores known_hosts and authorized_keys) would be inaccessible while the user's home directory is encrypted. Of course Poettering knows of this shortcoming. To date, all of the work done with systemd-homed has been with the standard authentication process. You can be sure that Poettering will come up with a solution that takes SSH into consideration.

Older articles:

Will systemd be considered complete once the kernel and boot loader have been absorbed into systemd?


Original Submission

Related Stories

Modern Versions of systemd Can Cause an Unmount Storm During Shutdowns 102 comments

System adminsitrator Chris Siebenmann has found Modern versions of systemd can cause an unmount storm during shutdowns:

One of my discoveries about Ubuntu 20.04 is that my test machine can trigger the kernel's out of memory killing during shutdown. My test virtual machine has 4 GB of RAM and 1 GB of swap, but it also has 347 NFS[*] mounts, and after some investigation, what appears to be happening is that in the 20.04 version of systemd (systemd 245 plus whatever changes Ubuntu has made), systemd now seems to try to run umount for all of those filesystems all at once (which also starts a umount.nfs process for each one). On 20.04, this is apparently enough to OOM[**] my test machine.

[...] Unfortunately, so far I haven't found a way to control this in systemd. There appears to be no way to set limits on how many unmounts systemd will try to do at once (or in general how many units it will try to stop at once, even if that requires running programs). Nor can we readily modify the mount units, because all of our NFS mounts are done through shell scripts by directly calling mount; they don't exist in /etc/fstab or as actual .mount units.

[*] NFS: Network File System
[**] OOM Out of memory.

We've been here before and there is certainly more where that came from.

Previously:
(2020) Linux Home Directory Management is About to Undergo Major Change
(2019) System Down: A systemd-journald Exploit
(2017) Savaged by Systemd
(2017) Linux systemd Gives Root Privileges to Invalid Usernames
(2016) Systemd Crashing Bug
(2015) tmux Coders Asked to Add Special Code for systemd
(2016) SystemD Mounts EFI pseudo-fs RW, Facilitates Permanently Bricking Laptops, Closes Bug Invalid
(2015) A Technical Critique of Systemd
(2014) Devuan Developers Can Be Reached Via vua@debianfork.org
(2014) Systemd-resolved Subject to Cache Poisoning


Original Submission

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1) 2 3
  • (Score: 1) by shrewdsheep on Friday May 01 2020, @11:11AM (89 children)

    by shrewdsheep (5215) on Friday May 01 2020, @11:11AM (#988858)

    ... why not expressing your discontent by boycotting this story? I hate *this* change, so I'll keep shut.

    • (Score: 5, Insightful) by fido_dogstoyevsky on Friday May 01 2020, @11:19AM (30 children)

      I really doubt that boycotting will help because homed will not be his last territorial demand in Linux.

      --
      It's NOT a conspiracy... it's a plot.
      • (Score: 5, Insightful) by Arik on Friday May 01 2020, @12:27PM (10 children)

        by Arik (4543) on Friday May 01 2020, @12:27PM (#988894) Journal
        Boycotting the story was a dumb idea, or I suspect a poor troll.

        Boycotting each and every distro that is infected with LP's malware is a good idea though.

        http://www.slackware.com/
        --
        If laughter is the best medicine, who are the best doctors?
        • (Score: 1) by fustakrakich on Friday May 01 2020, @02:48PM (9 children)

          by fustakrakich (6150) on Friday May 01 2020, @02:48PM (#988985) Journal

          Little bits of systemd are creeping into slackware to accommodate Plasma 5. Once they and Gentoo get swallowed up, I will have to decide which BSD is best.

          By the way, which BSD is best?

          --
          La politica e i criminali sono la stessa cosa..
          • (Score: 2) by Arik on Friday May 01 2020, @03:06PM

            by Arik (4543) on Friday May 01 2020, @03:06PM (#988997) Journal
            I'm not sure, I haven't used any of them for several years now.

            OBSD used to be pretty good, but I'm afraid the licensing killed it.
            --
            If laughter is the best medicine, who are the best doctors?
          • (Score: 5, Insightful) by Arik on Friday May 01 2020, @03:12PM (3 children)

            by Arik (4543) on Friday May 01 2020, @03:12PM (#989000) Journal
            Also, are you /sure/ about your first sentence?

            I've heard that "little bits" of systemd are creeping into slackware line for years but as far as I know this is a misunderstanding. There are a few shims that stand in for systemd in the sense of returning an expected answer when a stupid program attempts to invoke it, but that's not really the same thing. I'd rather see the crap programs fixed properly of course; but PVs time is limited, and when he sees a way to simulate systemd without actually importing any of its code or vulnerabilities and save a lot of time it makes sense to use it.
            --
            If laughter is the best medicine, who are the best doctors?
            • (Score: 1, Informative) by Anonymous Coward on Friday May 01 2020, @04:38PM (2 children)

              by Anonymous Coward on Friday May 01 2020, @04:38PM (#989032)

              Maybe he's speaking of things like https://wiki.gentoo.org/wiki/Elogind [gentoo.org] where distribution developers re-implement a systemd service as a standalone daemon. Its a requirement for things like Plasma 5 and Gnome which depend on those systemd services now.

              • (Score: 2) by Arik on Friday May 01 2020, @05:02PM (1 child)

                by Arik (4543) on Friday May 01 2020, @05:02PM (#989042) Journal
                Ahh thank you, I did indeed reply too quickly, without making sure I understood the reference to Plasma.

                But that's not Slackware. Slackware hasn't shipped with GNOME in years.

                Of course users are free to port what they want, how they want. And if I needed GNOME I'd certainly rather have it like this, with the necessary bits in a standalone package, than the alternative.
                --
                If laughter is the best medicine, who are the best doctors?
                • (Score: 0) by Anonymous Coward on Saturday May 02 2020, @10:23AM

                  by Anonymous Coward on Saturday May 02 2020, @10:23AM (#989398)
                  Gnome and Plasma, aka KDE 5.
          • (Score: 2) by cockroach on Friday May 01 2020, @06:48PM (1 child)

            by cockroach (2266) on Friday May 01 2020, @06:48PM (#989104)

            Once they and Gentoo get swallowed up, I will have to decide which BSD is best.

            There is also Parabola [parabola.nu] with OpenRC [parabola.nu] if you're more into Arch (it's a fully-libre Arch fork). I have been using it on machines where I'm too lazy to keep yet another Gentoo installation updated all the time...

            • (Score: 0) by Anonymous Coward on Saturday May 02 2020, @05:43AM

              by Anonymous Coward on Saturday May 02 2020, @05:43AM (#989347)

              There's another Arch based Systemd-free libre GNU/Linux distro you can use which also uses OpenRC and is a long term distro (not a rolling release) Hyperbola [hyperbola.info].

          • (Score: 2) by fido_dogstoyevsky on Friday May 01 2020, @11:10PM (1 child)

            ...By the way, which BSD is best?

            OpenBSD, because of their BDFL's attitude.

            --
            It's NOT a conspiracy... it's a plot.
            • (Score: 1) by fustakrakich on Friday May 01 2020, @11:27PM

              by fustakrakich (6150) on Friday May 01 2020, @11:27PM (#989257) Journal

              Ah, the same as Slackware.

              I remember the wristwatch with a lifetime guarantee, guaranteed for the life of the watch

              --
              La politica e i criminali sono la stessa cosa..
      • (Score: 3, Insightful) by JoeMerchant on Friday May 01 2020, @12:44PM (18 children)

        by JoeMerchant (3937) on Friday May 01 2020, @12:44PM (#988899)

        Any encryption of home folders, or any other folders, has been just one more thing to screw up - in my experience.

        If you engrave the password on the case, then it won't get lost, but also then what's the point? And, beyond user error, these things tend to "fail safe" which means dysfunctionally. I prefer it when my computer failures continue to function 99.99999999% properly.

        --
        Україна досі не є частиною Росії. https://www.newsweek.com/russian-state-tv-ukraine-war-dirty-bomb-putin-1754428
        • (Score: 5, Interesting) by Arik on Friday May 01 2020, @01:33PM (17 children)

          by Arik (4543) on Friday May 01 2020, @01:33PM (#988935) Journal
          If some of the data in ~/ needs to be encrypted, the solution is an encrypted directory underneath ~/ rather than encrypting the entire directory and potentially breaking your login.
          --
          If laughter is the best medicine, who are the best doctors?
          • (Score: 4, Interesting) by JoeMerchant on Friday May 01 2020, @02:38PM (14 children)

            by JoeMerchant (3937) on Friday May 01 2020, @02:38PM (#988978)

            Yep, but for marketing purposes encrypting the whole thing is the equivalent of nuking it from orbit - now you're "sure" that no sensitive data will leak.

            They swear they've improved, but my 2006 MacBook Pro bricked itself because of a combo of an encrypted home folder and a bad driver that prevented graceful shutdown. After about 10 bad shutdowns (and all the shutdowns were bad because of the shitty driver on their bespoke hardware), the home folder ended up permanently encrypted preventing login - only solution was a complete re-install of the OS from DVD, and turning off file locker so that shit NEVER happened again.

            Now, 2006 was a long time ago, but the time I screwed around with encrypted drives before that was about 1992, and at that time I walked away for similar concerns about losing stuff and never getting it back - you'd think they would have it figured out after 14 years, wouldn't you? I think some of the problems are inherent to the design, and as you said: borking your ability to login and therefore your ability to unlock is failure by design.

            I like the theory: encrypt it all, then they won't know where the secrets are... but, there's the flipside that any data that's encrypted is under the sword of Damocles - any data I have invested time/money in I prefer to keep open and multiply backed up.

            --
            Україна досі не є частиною Росії. https://www.newsweek.com/russian-state-tv-ukraine-war-dirty-bomb-putin-1754428
            • (Score: 4, Interesting) by Arik on Friday May 01 2020, @03:05PM (8 children)

              by Arik (4543) on Friday May 01 2020, @03:05PM (#988996) Journal
              Since you mentioned the 90s, you reminded me of Stacker.

              Some things have changed but the underlying principle is still about the same.

              Stacker effectively encrypted your partition, sure it was compression aimed at reducing the bytecount rather than preventing unauthorized reads, but it amounts to the same thing as it's relevant here.

              Stacker was actually a useful product, used correctly. And by used correctly, I mean to compress a data drive. If you're working all day on documents that are highly compressible, on a system that typically has the cpu idle while waiting for the HDD, you could not only fit more documents on the same drive this way, you could significantly speed up read and write access as well. 10x compression was effectively 10x more buffer memory on the disk, at the cost of a bit of cpu time.

              The WRONG way to use it was the way it was usually used, however. Compressing the boot drive or anything needed to start the system often ended in catastrophe.

              --
              If laughter is the best medicine, who are the best doctors?
              • (Score: 0, Informative) by Anonymous Coward on Friday May 01 2020, @10:58PM (7 children)

                by Anonymous Coward on Friday May 01 2020, @10:58PM (#989248)

                Encryption and Compression are the same thing, period.

                They both replace N-bits with a symbol of M-bits, using some key. Sometimes N and M are equal, other times they are not. Actuall all modems work the same way. Compression the algorithm and starting key is known. Encryption they are generally at least 1 is not known.

                That's it. Nothing more fancy than. So yes Stacker and homed's poor thought pattern are same. My guess the best way to setup a new user spaces is a linking directory. So nothing in that rat hole can affect you.

                • (Score: 2) by martyb on Saturday May 02 2020, @01:03AM

                  by martyb (76) Subscriber Badge on Saturday May 02 2020, @01:03AM (#989277) Journal

                  RWAFpuEJLQCHGLvABGAF nsAFqv PUBGzECHEJrwFKFKvABGAF nsEJrw GLuzrw FKnszErw GLuzvAAFty, CHrwEJvABGqv.

                  I would argue that is not plain text. Go ahead and try to decrypt it.

                  Hint:

                  Rapelcgvba naq Pbzcerffvba ner gur fnzr guvat, crevbq.

                  Here's another hint:

                  WFuJQHLAGF sFv UGEHJwKKAGF sJw Lzw KsEw LzAFy, HwJAGv.

                  Get it yet?

                  The cyphertext of the first hint was rot13(plaintext).

                  The cyphertext of the second hint was rot18(plaintext)

                  The original cypher was: For each letter c in the source text, replace it with rot13(c) rot18(c).

                  So, I *might* agree that all compression is a form of encryption, but not all encryption needs to have compression.

                  Source text:

                  Encryption and Compression are the same thing, period.

                  Was that a period or a full-stop?

                  --
                  Wit is intellect, dancing.
                • (Score: 1) by khallow on Saturday May 02 2020, @12:18PM (5 children)

                  by khallow (3766) Subscriber Badge on Saturday May 02 2020, @12:18PM (#989431) Journal

                  Encryption and Compression are the same thing, period.

                  [...] Compression the algorithm and starting key is known. Encryption they are generally at least 1 is not known.

                  So you're contradicting yourself mere a few sentences later. Let us keep in mind the whole point of the exercise. Bits aren't being replaced with bits for the thrill of it. In the case of compression, it's done to store information in a smaller format. In the case of encryption, it's done to prevent other parties from accessing the information. These very different goals also show up in reverse engineering. It's fairly easy to reverse engineer compression algorithms. It ranges from extremely hard to mathematically impossible to reverse engineer encryption algorithms.

                  • (Score: 0) by Anonymous Coward on Saturday May 02 2020, @01:45PM (3 children)

                    by Anonymous Coward on Saturday May 02 2020, @01:45PM (#989451)

                    You are over thinking it. You are trying to say the intent is what defines it, but the base function, remains the same: symbol replacement.

                    One of the best an easiest in encryption method is ZIP files, with a simple password. Why the "compression" function makes the texst unreadable and then add a simple xor over the space makes breaking very hard. But this gets down to simple again simple processes.

                    Take just the simple rotate encryption method and make a minor change. Start with a list of 256 characters filled so that element 00 is filled with x00, 01 is x01 and so on. Now look up each letter in the table and spit out the replacement address. Then move the found letter to the 00 position and shift others down. So EEGEG would be replaced with E,x00,G,x01,x01. You call that encryption. But is also a precursor to improve compression, since it heavily coverts a lot of text to a heavily weighted "left handed character steam, so it improves the compression algorithm. IF it outputs a number stream asc(E),0,asc(G),1,1 then we get down to 11 symbols to compress 0-9 and ",". Even better compression can be preformed. Just using the initial list the decoding will work in reverse. See Dr Jobbs from earily 80's.

                    Now make one more change the original list instead of seeding with x00,x01,x02. But a random string of non-repeating characters, using some "pass key". Then stream is not clear text readable. but the patterns are same, so all the other work just the same. all the other benefits are present highly compressible. Just without the "pass key" seed the list again, the stream is junk. But yes, you could make hundreds of runs crack it so the over all encryption is weak, but still encrypted.

                    I used this method in the 90's to improve storing signatures that had to be sent via cellular modem. Took a 70k "B&W" signature picture and compress to under 768 bytes. was very conversion on 386 table of day and quick send over modem (2400 baud), also fairly secure since 3 symbol replacements methods were used together transform the data giving both reduction in size and human readability.

                    So again the only difference between encryption and compression which are both symbol replacements is what is known and not known. Compression everything is known, starting key/pad/list and methodical. Encryption at least starting key/pad/list is not generally known.

                    • (Score: 1) by khallow on Saturday May 02 2020, @03:58PM (2 children)

                      by khallow (3766) Subscriber Badge on Saturday May 02 2020, @03:58PM (#989513) Journal

                      You are trying to say the intent is what defines it

                      I'd say "succeeding at". You can abstract any human activity (just the phrase alone does it) to a level where you're not distinguishing the differences. But once you abstract enough that you lose track of why the activity happens, then you've gone too far.

                      Here, not only have you lost track of the differences between encryption and compression, you've conflated it with a bunch of other human activity. Such as the very generic activities of communication, translation, and recording/logging.

                      • (Score: 0) by Anonymous Coward on Sunday May 03 2020, @12:07AM (1 child)

                        by Anonymous Coward on Sunday May 03 2020, @12:07AM (#989644)

                        Another Trump ID-10T was just heard from. Scientists are liars. The world is flat. Get me my metal hat to keep the rats out.

                        Remember base learning.
                        A=B, C=B there for A=C Simple math.

                        Encryption is translation, Compression is translation, a translation is a translation, period. The only thing missing in one to but not in the other is the base key.

                        PS: Learned have used these facts, outside of Chicago, working inside a big circle. With real scientists that dealt with number theories and military encryption. That was their specialty. Its wonderful who you can meet and talk with for hours in the intersection between MENSA and LUGs.

                        • (Score: 1) by khallow on Sunday May 03 2020, @12:15AM

                          by khallow (3766) Subscriber Badge on Sunday May 03 2020, @12:15AM (#989645) Journal

                          A=B, C=B there for A=C Simple math.

                          Except, of course, when A!=B or C!=B. Simple math. The problem here is not simple math. It's the use of an equivalence relation that is too general.

                          PS: Learned have used these facts, outside of Chicago, working inside a big circle. With real scientists that dealt with number theories and military encryption. That was their specialty. Its wonderful who you can meet and talk with for hours in the intersection between MENSA and LUGs.

                          Facts which were irrelevant to the thread!

                  • (Score: 3, Interesting) by Arik on Saturday May 02 2020, @02:52PM

                    by Arik (4543) on Saturday May 02 2020, @02:52PM (#989486) Journal
                    So I think my formulation was accurate here.

                    While there is a distinction, it's a fine one. When your PC won't boot and you fire up the disk editor to figure out why, you aren't going to be able to process what you're seeing, whether the data was encrypted to prevent it from being read, or compressed to make it smaller may not be apparent or even important. Either way, what you're seeing isn't data you can make sense of and repair. Either way, the data is locked behind a complex substitution cipher AND THEN corrupted in some way, and how are you going to spot the corruption if the whole thing was enciphered first?
                    --
                    If laughter is the best medicine, who are the best doctors?
            • (Score: 2) by epitaxial on Friday May 01 2020, @07:51PM (1 child)

              by epitaxial (3165) on Friday May 01 2020, @07:51PM (#989153)

              No your system was not "bricked" in any way. You had to re-install the operating system. Unless you had to desolder the bios chip or break out the JTAG programmer your system was not bricked.

              • (Score: 2) by JoeMerchant on Friday May 01 2020, @09:21PM

                by JoeMerchant (3937) on Friday May 01 2020, @09:21PM (#989200)

                O.K., not a brick, a useless rotting apple.

                Seriously: the only good thing about that experience was that it happened within 2 weeks of getting the laptop, still trashing all of my setup and development work during the period (because: backups don't really backup installation of tools).

                Until the appropriate DVDs were secured, the laptop was as useful as a doorstop, or a brick. A brick with an expanding battery pack at that.

                Yes, there is one stage worse than a full OS reinstall, and we didn't reach that one, but the loss of data was identical to bricking - worse because a bricked (by your criteria) system often can be resurrected with a hard drive transplant into a new shell.

                Two weeks of work at a startup that's 8 months from buyout/sale is far more valuable than the price of any notebook PC.

                --
                Україна досі не є частиною Росії. https://www.newsweek.com/russian-state-tv-ukraine-war-dirty-bomb-putin-1754428
            • (Score: 0) by Anonymous Coward on Friday May 01 2020, @09:08PM (1 child)

              by Anonymous Coward on Friday May 01 2020, @09:08PM (#989195)

              ZFS does encryption, reliability, and backups very well...

              • (Score: 2) by JoeMerchant on Friday May 01 2020, @09:25PM

                by JoeMerchant (3937) on Friday May 01 2020, @09:25PM (#989204)

                I have long been tempted by the Z... might take an experimental dip with Ubuntu 20.04, but not on my daily driver - been burned too many times before.

                --
                Україна досі не є частиною Росії. https://www.newsweek.com/russian-state-tv-ukraine-war-dirty-bomb-putin-1754428
            • (Score: 0) by Anonymous Coward on Saturday May 02 2020, @02:36PM

              by Anonymous Coward on Saturday May 02 2020, @02:36PM (#989480)

              I decided to store all of my hard won porn in an encrypted folder. Biggest mistake ever. It's gone :(

          • (Score: 2) by Reziac on Saturday May 02 2020, @02:31AM

            by Reziac (2489) on Saturday May 02 2020, @02:31AM (#989303) Homepage

            And while we're moving shit around, can we please give the damned config files their own place, instead of using /home as an all-purpose garbage dump?

          • (Score: 2) by darkfeline on Saturday May 02 2020, @08:32AM

            by darkfeline (1030) on Saturday May 02 2020, @08:32AM (#989384) Homepage

            There's a reason FDE is recommended over partial encryption.

            --
            Join the SDF Public Access UNIX System today!
    • (Score: 0) by Anonymous Coward on Friday May 01 2020, @11:25AM (3 children)

      by Anonymous Coward on Friday May 01 2020, @11:25AM (#988860)

      What, you don't like this change? But they way it is managed now is clumsy and inefficient!

      • (Score: -1, Flamebait) by Anonymous Coward on Friday May 01 2020, @02:14PM

        by Anonymous Coward on Friday May 01 2020, @02:14PM (#988959)

        Chinese Troll Farmer.

      • (Score: 0) by Anonymous Coward on Friday May 01 2020, @02:53PM (1 child)

        by Anonymous Coward on Friday May 01 2020, @02:53PM (#988992)

        With a name like Peter ring, why did ANYONE ever take him serious?

        • (Score: 2) by RS3 on Friday May 01 2020, @04:15PM

          by RS3 (6367) on Friday May 01 2020, @04:15PM (#989020)

          I thought it was "puttering".

    • (Score: 5, Informative) by Anonymous Coward on Friday May 01 2020, @11:46AM

      by Anonymous Coward on Friday May 01 2020, @11:46AM (#988872)

      I think you have it backwards. It does get tiring when people drag in tired systemd references into unrelated computer related stories, but this is exactly the story where the hate and vitriol, and support, should be.

    • (Score: 5, Insightful) by The Mighty Buzzard on Friday May 01 2020, @11:51AM (18 children)

      Why would I do that when I can mock him for reinventing kerberos, poorly? No, that's unfair. He reinvented kerberos and a couple lines worth of login scripting, poorly.

      --
      My rights don't end where your fear begins.
      • (Score: 2) by janrinok on Friday May 01 2020, @12:44PM (17 children)

        by janrinok (52) Subscriber Badge on Friday May 01 2020, @12:44PM (#988900) Journal
        How do you take your own portable disk and plug it into a different computer and your owner ship of the files still works on that second computer using kerberos and a couple of lines of login scripting? It knows nothing about who you are until you plugin that drive. Your user ID does not exist on the new computer yet.
        • (Score: 4, Touché) by The Mighty Buzzard on Friday May 01 2020, @01:22PM (13 children)

          A) My login/uid does exist on that computer if it's networked and using kerberos. Just like yours does on dev now that I got rid of the second entry for you that was confusing kerberos.
          B) I've never had to deal with a situation where I needed my home directory wagged to an air-gapped computer but booting from the drive I'm already wagging along isn't an option.

          --
          My rights don't end where your fear begins.
          • (Score: 2) by janrinok on Friday May 01 2020, @01:36PM (7 children)

            by janrinok (52) Subscriber Badge on Friday May 01 2020, @01:36PM (#988939) Journal

            Only on that network.

            How do you take a portable drive to a computer NOT on that network and have it install itself so that you still have ownership and access control over all of your files? What if your UID is already in use on that computer? Who would have ownership then? You, or the owner of that UID on the new computer?

            • (Score: 4, Insightful) by The Mighty Buzzard on Friday May 01 2020, @01:55PM (1 child)

              How many admins do you know that want people without a login (either networked or local) having access to a box? It's certainly not an end user feature.

              --
              My rights don't end where your fear begins.
              • (Score: 3, Insightful) by sjames on Sunday May 03 2020, @10:37AM

                by sjames (2882) on Sunday May 03 2020, @10:37AM (#989740) Journal

                And conversely, how often do you want documents important enough to encrypt to become accessible to a strange computer? If you're not willing to make your home directory world r/w and share it on a public network, you won't be too thrilled to plug it in on a strange computer.

            • (Score: 1, Informative) by Anonymous Coward on Friday May 01 2020, @09:12PM (3 children)

              by Anonymous Coward on Friday May 01 2020, @09:12PM (#989197)

              If you're root, it's not a problem. If you're not root, you can't mount the drive anyway.

              • (Score: 3, Informative) by janrinok on Saturday May 02 2020, @07:11AM (2 children)

                by janrinok (52) Subscriber Badge on Saturday May 02 2020, @07:11AM (#989366) Journal
                Incorrect. I can connect a LUKS encrypted drive into any of my Ubuntu/Debian/ computers and it will allow me to decrypt my drive and will automatically mount it in /run/[username]/[drive ID]. I don't have to be root to do that. There is no special configuration necessary.
                • (Score: 1, Insightful) by Anonymous Coward on Saturday May 02 2020, @12:54PM (1 child)

                  by Anonymous Coward on Saturday May 02 2020, @12:54PM (#989442)

                  That's Ubuntu defaulting to unsecure, not surprising. None of my systems automount anything.

                  • (Score: 3, Informative) by janrinok on Sunday May 03 2020, @07:11AM

                    by janrinok (52) Subscriber Badge on Sunday May 03 2020, @07:11AM (#989712) Journal

                    So if a computer user wants to back up his user area to a thumbdrive or portable disk on your system does he need to go and find an administrator? That doesn't seem very sensible to me.

                    On ubuntu the drive is mounted with the same permissions as the user, so the system is still protected posing no more risk than that user has rights to do anyway..

            • (Score: 2, Interesting) by Anonymous Coward on Friday May 01 2020, @09:56PM

              by Anonymous Coward on Friday May 01 2020, @09:56PM (#989226)

              Let me introduce you to encrypted containers on NTFS or ExFAT. Portable. Secure. If you can mount it you can access it. Look into Veracrypt and it will solve your problem without fucking up everything for the rest of us.

          • (Score: 2) by janrinok on Friday May 01 2020, @01:39PM (4 children)

            by janrinok (52) Subscriber Badge on Friday May 01 2020, @01:39PM (#988942) Journal

            Saying that you don't have the need is not solving the problem for those that do. Just because you don't need it doesn't mean nobody else should need it either.

            So I ask again - what is your kerberos and scripting solution, or any solution at all, to that problem?

            • (Score: 3, Insightful) by The Mighty Buzzard on Friday May 01 2020, @01:56PM (3 children)

              That's kind of the point. It's a problem that does not exist.

              --
              My rights don't end where your fear begins.
              • (Score: 2, Informative) by janrinok on Friday May 01 2020, @02:51PM (2 children)

                by janrinok (52) Subscriber Badge on Friday May 01 2020, @02:51PM (#988990) Journal

                Not for you - but there are many who do have this problem.

                • (Score: 5, Touché) by The Mighty Buzzard on Friday May 01 2020, @03:25PM

                  Are there? In what situation would any admin want someone who specifically does not have a login (either networked or local) to a system not only able to log in but to bring arbitrary files along for the ride?

                  --
                  My rights don't end where your fear begins.
                • (Score: 2, Informative) by Anonymous Coward on Friday May 01 2020, @11:17PM

                  by Anonymous Coward on Friday May 01 2020, @11:17PM (#989254)

                  It doesn't exist for anybody. If people need to have their various IDs matching on different systems, there are multiple solutions to that already. If, you're logging into random computers where your UID and GID aren't matching, you're doing something very, very wrong. Modern systems have various ways in which they can keep UIDs and GIDs consitant across different computers. Try using one of them, they don't require the abomination that is systemd.

                  As has already been mentioned, Kerberos is a thing, you can also opt for mounting some or all of /etc over the network with a local backup as failsafe. Ultimately, The developer of this crappy software is either incompetent or an egomaniac. Or, probably both, none of the "problems" he's solving are real problems and they certainly don't require the kind of software kludge he's made.

        • (Score: 5, Interesting) by DECbot on Friday May 01 2020, @01:45PM (2 children)

          by DECbot (832) on Friday May 01 2020, @01:45PM (#988943) Journal

          Here's why some of the systemd haters will hate, take that portable disk and plug it into a system without systemd, will it work? Will systemd-homed work with other init systems? If not, it is a broken design that should not be on a linux box. What if kerberos must be used for technical reasons or if you are using a PAM/LDAP solution for managing password authentication, how would you access that drive? All of my servers are headless, ssh needs to be thought out, and putting those files outside the home directory just trades the shadow & password problem for a known_hosts & authorized_keys problem. Also, how do you manage per-machine group access? On your laptop you may be trusted with sudo, but on the file server, you're just a normal user. Where does that get managed?
           
          There are smart ways of doing this. I am not confident the systemd group is the best one to address these because of the past management, interoperability, and portability of systemd. Yes SysV needed an overhaul that all the distros could rally around to improve the standardization of the linux ecosystem--however, like what happened with pulseaudio, I think they all bet on the wrong horse. Systemd-homed will further complicate what should be simple and easy.

          --
          cats~$ sudo chown -R us /home/base
          • (Score: 2) by janrinok on Friday May 01 2020, @02:50PM (1 child)

            by janrinok (52) Subscriber Badge on Friday May 01 2020, @02:50PM (#988987) Journal

            Also, how do you manage per-machine group access? On your laptop you may be trusted with sudo, but on the file server, you're just a normal user. Where does that get managed?

            How do you manage that now? If you want to have full access to groups then you will need the assistance from an administrator of that computer - just as you would do today. But you could connect your own data and still have the appropriate user control over your own data. You wouldn't have to log on as an existing user of that computer who might not have the appropriate access permissions for your data, nor do they have to create a new user identity just so you can access your drive. It's not for everybody but nothing ever is.

            I understand and accept your other points - you would have to solve them just as you do today. You probably wouldn't want to have random drives plugged into your secure network. But that would apply to any computer/laptop/device you wanted to plug in to that network. Have you tried plugging a LUKS encrypted drive into Windows? Doesn't work there either.

            If someone has a better solution - I have to ask why they haven't produced it yet.

            • (Score: 0) by Anonymous Coward on Friday May 01 2020, @11:21PM

              by Anonymous Coward on Friday May 01 2020, @11:21PM (#989255)

              You load it over the network with group permissions being used for anything that the end user can reasonably expect to do without admin approval. This is the same sort of ignorance that was pushed for years about how great Active Directory was and how essential it was. But, even at the time, there were ways of making it work, it's just that it wasn't a single tool and required that you actually know what you were doing. You could load the relevant files in /etc over the top of the ones of the local install and address a bunch of the issues that people are talking about in this comment section.

              Back then, it worked just fine, provided you knew what you were doing. And, if something wasn't working well, there were multiple ways of achieving the same thing.

    • (Score: 5, Insightful) by gtomorrow on Friday May 01 2020, @11:59AM (27 children)

      by gtomorrow (2230) on Friday May 01 2020, @11:59AM (#988877) Journal

      Prior to systemd every system and resource was managed by its own tool, which was clumsy and inefficient.

      Says who?

      I just recently commented in another article saying how systemd leaves me neither hot nor cold. Not anymore. I guess the new rule is "keep fucking with Linux until even the systemd supporters can't defend it." Keep encroaching on user territory until it's Windows...or Android.

      • (Score: 0) by Anonymous Coward on Friday May 01 2020, @12:02PM (4 children)

        by Anonymous Coward on Friday May 01 2020, @12:02PM (#988880)

        https://en.wikipedia.org/wiki/Google_Fuchsia [wikipedia.org]

        Use a superior kernel.

        • (Score: 2) by gtomorrow on Friday May 01 2020, @05:46PM (3 children)

          by gtomorrow (2230) on Friday May 01 2020, @05:46PM (#989073) Journal

          I'm sorry, anonymous idiot. Maybe you didn't get the gist of my message.

          After I'm saying that I was systemd "agnostic" and now systemd wants to control my /home directory (which I just can't justify), why would you suggest my looking straight into the Heart of Darkness? Spite? Is it because you're an idiot? Or are you saying, "you think systemd has its nose in your bidness? Look at what the masters have been cooking up! They can see up your neighbor's ass from looking up yours!"

          • (Score: 2) by janrinok on Saturday May 02 2020, @07:15AM (2 children)

            by janrinok (52) Subscriber Badge on Saturday May 02 2020, @07:15AM (#989367) Journal
            The homed is at the user discretion. If you want to keep your home directory as it is now - and retain SSH access - then you can.
            • (Score: 4, Insightful) by gtomorrow on Saturday May 02 2020, @07:55AM

              by gtomorrow (2230) on Saturday May 02 2020, @07:55AM (#989377) Journal

              Dear janrinok, as someone in this record-breaking comment-fest has already said...

              For now.

              History regarding similar moves (in not only computing) has bore this hypothesis out.

            • (Score: 1, Insightful) by Anonymous Coward on Saturday May 02 2020, @02:39PM

              by Anonymous Coward on Saturday May 02 2020, @02:39PM (#989483)

              That sounds like what Firefox and Chrome say about their shitty changes to the browser UI.

              For now..

              Or is this just another variant of 'pray I don't alter it any further'

      • (Score: 5, Insightful) by JoeMerchant on Friday May 01 2020, @12:47PM (3 children)

        by JoeMerchant (3937) on Friday May 01 2020, @12:47PM (#988902)

        Fuck Android. I mean, really. Every time I look at it and think: "gotta get me into this ecosystem, so much potential in the hardware" I just get mired in their special ways of doing everything - and that's O.K., until those special ways get revised every year into other special ways no longer compatible with the last 3 special ways you had to implement just to port a simple app from the desktop into the handheld.

        I thought MS DOS/Windows was a treadmill, but Android is a fucking hamster wheel hooked up to a jet turbine.

        --
        Україна досі не є частиною Росії. https://www.newsweek.com/russian-state-tv-ukraine-war-dirty-bomb-putin-1754428
        • (Score: 2) by takyon on Friday May 01 2020, @12:55PM (1 child)

          by takyon (881) <takyonNO@SPAMsoylentnews.org> on Friday May 01 2020, @12:55PM (#988909) Journal

          It looks like it's slowing down.

          https://en.wikipedia.org/wiki/Android_11 [wikipedia.org]

          --
          [SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]
          • (Score: 4, Informative) by JoeMerchant on Friday May 01 2020, @01:10PM

            by JoeMerchant (3937) on Friday May 01 2020, @01:10PM (#988922)

            Don't let the 11 fool you, it's the 18th version - at least.

            I bought a SIM card holding Android 8 based smartwatch thinking I'd use it to make a tracker app. Got as far as putting pins on maps that tracked me around, but got mired in trying to have it chirp the current location data out to a MQTT server. That was a year ago. Looked back at again last week, and everything has literally changed again for 9 since I last touched it.

            --
            Україна досі не є частиною Росії. https://www.newsweek.com/russian-state-tv-ukraine-war-dirty-bomb-putin-1754428
        • (Score: 4, Insightful) by Anonymous Coward on Friday May 01 2020, @12:58PM

          by Anonymous Coward on Friday May 01 2020, @12:58PM (#988911)

          This.

          Stop moving everything. Firefox is egregious at this too - the entire knowledge base of about config hacks, add-ons and userChrome.css gets erased every 2 years. For what? Nothing. Some new menu is even smaller and harder to launch than previously.

      • (Score: 4, Insightful) by rigrig on Friday May 01 2020, @01:13PM (17 children)

        by rigrig (5129) Subscriber Badge <soylentnews@tubul.net> on Friday May 01 2020, @01:13PM (#988924) Homepage

        I guess the new rule is "keep fucking with Linux until even the systemd supporters can't defend it."

        I always figured it was "keep complicating Linux until everybody needs a Red Hat support contract to use it"

        --
        No one remembers the singer.
        • (Score: 0, Troll) by Anonymous Coward on Friday May 01 2020, @04:14PM (16 children)

          by Anonymous Coward on Friday May 01 2020, @04:14PM (#989018)

          I've posted this elsewhere and I'll repeat it - I work with a team of sysadmins that were running fleets of Linux servers before systemd. The switch to systemd was painless, and we use CentOS. No support contracts, and no headaches related to the init system.

          The systemd learning curve is less than two days, really, and the man pages are really good if you forget something.

          Holy hell, if 3% of the energy put into systemd bashing was put into non-systemd Linux distributions, Gentoo or Void or whatever would have conquered the fucking world by now.

          • (Score: 2) by gtomorrow on Friday May 01 2020, @05:40PM (10 children)

            by gtomorrow (2230) on Friday May 01 2020, @05:40PM (#989066) Journal

            Hey, anonymous coward sysadmin! Defend this encroachment on /home. Where's the (better-be-enormous)benefit?

            • (Score: 0) by Anonymous Coward on Friday May 01 2020, @06:44PM (8 children)

              by Anonymous Coward on Friday May 01 2020, @06:44PM (#989098)

              different anon here. i don't give a shit about this "encroachment". i use systemd for almost everything and i like it too. use a non-systemd distro if you don't like it.

              • (Score: 2) by gtomorrow on Friday May 01 2020, @09:31PM (7 children)

                by gtomorrow (2230) on Friday May 01 2020, @09:31PM (#989207) Journal

                Hey, anon coward. Thanks for taking the time out of your busy day to enlighten us all on the subject at hand.

                Oh, wait...you didn't.

                • (Score: 2) by janrinok on Saturday May 02 2020, @07:22AM (6 children)

                  by janrinok (52) Subscriber Badge on Saturday May 02 2020, @07:22AM (#989368) Journal

                  Well you might not like people disagreeing with you, but not everybody has has a problem adapting to systemd, and some people actually like it. I assume that you don't use a systemd distro? So what is you problem with other people using it?

                  This is an OPTIONAL facility that will only affect those using systemd and who chose to activate it. By all means criticise it from a technological point of view but you shouldn't expect everyone to have your opinion too. Just because it is TWO different ACs making their views known doesn't devalue their opinion - or have you missed all the efforts that we have taken to make this place AC-Friendly?

                  • (Score: 5, Insightful) by gtomorrow on Saturday May 02 2020, @08:47AM (5 children)

                    by gtomorrow (2230) on Saturday May 02 2020, @08:47AM (#989386) Journal

                    Do you have a problem with me? Did you not read my comments regarding my personal opinion on systemd or are you getting up the sphincter of anybody that doesn't agree with you (me just being a lucky target)?

                    Regarding the two poor little Anonymous COWARDS, they were replying to me and not you. I asked two different and simple questions. One genius points me to the Heart of Darkness and the other responds, "works for me, you stink na na na-naaa na." I'll responding accordingly, thank you. Anonymous-Coward-friendly my hairy ass. Gee, I hope they're all right, poor things.

                    A largesse for your non-existent short-term memory and to avoid any confusion in the future, I'll repeat and even elaborate:

                    I don't (actually now, didn't) care one way or another regarding systemd (Ubuntu user since...8.04?). It, up until now, didn't affect my computers, my output or my wonderful life. I had no skin in the game beyond having to learn a few new commands and un-learning others. I'm pretty adaptable in regards.

                    I stood aside listening as the eggheads here (and elsewhere) debated and disputed the benefits and improvements of this no-longer-new init system, the admittedly strange inclusion (read: "surrender") to it by most of the distros, and this self-appointed (benevolent?) "dictator"'s method of handling the "community" of users and programmers that were in no way a minor part of making Linux as an operating system what it is today (my take:"my way or the highway.").

                    Now I, mere Ubuntu (systemd) end-user, learn that systemd wants control, yes, control of my /home folder and it wants it today, with the distinct possibility that things will go pear-shaped if using an encrypted /home folder (which, look at that, I do!), with even its creator says it's not working as advertised and so magnanimously makes it an "option"...for now. And you're advocating this?!

                    There are reasons I use Linux, one being a modicum of privacy not afforded by the commercial OSes available. If Linux, for whatever conspiratorial reasons that can be named, is ultimately being groomed to become Windows with its arcane registry, security nightmares, constant user spying and whatever other joys that come with being Windows, I have a more-than-slight problem with that, sir. Linux used to be an island away from that nonsense. I don't need some script-kid to open my DVD-drive via HTTP.

                    And you're fine with all this? Wait...don't answer that. I don't think I want to hear from you again for at least today and at least regarding this article as you have shown your true colors proudly. This is a big, big virtual forum...go sit somewhere else.

                    • (Score: 2) by janrinok on Saturday May 02 2020, @12:43PM (3 children)

                      by janrinok (52) Subscriber Badge on Saturday May 02 2020, @12:43PM (#989437) Journal

                      You seem to have taken offence to something in the comment that I made - I can assure you that no offence was intended and I apologise if my comment has been misconstrued. You have made comments elsewhere that have positively contributed to the discussion and I was merely surprised.

                      As for my 'true colours', I can only point out the claimed advantages [linuxreviews.org] including enhanced security of a user's data:

                      Encrypted folders are not new, most Linux distributions have had support for full disk encryption using LUKS for quite some time. It works. It's fine. But it does have some slight problems. Full disk encryption means that the encryption password, the only important password when it comes to protecting your data, has to be known by everyone who is using a computer on a regular basis. Encrypting each user's home directory with a personal key is a fundamentally far better and more logical approach.

                      Suspending computers to RAM is also an issue when full disk encryption is used since the encryption keys are kept in RAM while the machine is sleeping. Suspending to disk (hibernating) instead of RAM does solve that one. Most do not use that solution either because both suspending and restoring the system takes longer or because they are unaware that cold-boot attacks are a very real threat to cryptographic security. systemd-homed solves the suspend to RAM case by unmounting home directories before the machine suspends to RAM.

                      The ability to easily move home directories around is another clear advantage. This is not just handy if you want your /home/you on a USB stick, it is also very handy when you buy a new computer.

                      There's also support for remote CIFS mounted directories built right into systemd-homed. Those who administer a large number of computers within an organization will likely find those aspects of it to be very appealing.

                      As someone who does encrypt all of his data the security benefits are of interest to me but, of course, these may not be of interest to everybody. And the use of homed is entirely optional by using 'systemctl mask homed' which prevents it from ever being started even if another service depends upon it.

                      Again, I apologise if I have inadvertently caused you any offence.

                      • (Score: 2) by gtomorrow on Saturday May 02 2020, @01:26PM (2 children)

                        by gtomorrow (2230) on Saturday May 02 2020, @01:26PM (#989448) Journal

                        1...2...3...4...5...6...7..8...9...

                        This is a big, big virtual forum...go sit somewhere else.

                        ...and yet, here you are again. Non-comment-reading-yet-still-replying, thread-losing, obtuse janrinok. The same janrinok who I explained in my last reply that my /home folder is encrypted, hence my concern about homed.

                        I'm no more "offended" by you than by anyone else who butts into my conversation with someone else and then has the nerve to reprimand me. I think "annoyed" is more the word. Thanks for nothing for your "I feel I have to apologize but I'm not sure why" apology. You could have saved yourself the trouble by just not responding.

                        Don't go away mad...

                        • (Score: 0) by Anonymous Coward on Saturday May 02 2020, @01:55PM

                          by Anonymous Coward on Saturday May 02 2020, @01:55PM (#989459)

                          lol we can tell who is mad in this thread. But I don't blame you for raging, I blame Poettering.

                        • (Score: 2) by janrinok on Saturday May 02 2020, @02:05PM

                          by janrinok (52) Subscriber Badge on Saturday May 02 2020, @02:05PM (#989466) Journal
                          I won't.
                    • (Score: 0) by Anonymous Coward on Saturday May 02 2020, @07:03PM

                      by Anonymous Coward on Saturday May 02 2020, @07:03PM (#989557)

                      You think if you post your name all over the internet like a good little slave you're going to get to sit closer to the master at the dinner table? You're the fucking coward who doesn't have the guts to stand up for your own privacy. You probably send your own kids to be raised by the state and fund the IRS too. You probably suck up to pigs too.

            • (Score: 2) by fido_dogstoyevsky on Friday May 01 2020, @11:25PM

              ...Defend this encroachment on /home. Where's the (better-be-enormous)benefit?

              It increases systemd's reach.

              --
              It's NOT a conspiracy... it's a plot.
          • (Score: 2, Informative) by Anonymous Coward on Friday May 01 2020, @07:04PM (1 child)

            by Anonymous Coward on Friday May 01 2020, @07:04PM (#989113)

            How nice for you. My experience with SystemD has been very different. Ever since the switch to it, I run in to all sorts of problems that never happened before, and yes, they're all SystemD's fault. Networking issues are a surprisingly large amount of them, including systems not shutting down because they get in odd SystemD loops that never finish. More recently, I had a box that suddenly decided it was going to go into suspend mode after being up for about 5 minutes, and kept doing it. Logs show that SystemD is triggering this, but not why it's doing so. Such fun to troubleshoot this shit remotely.

            Lots of the push-back to SystemD is because they want to rework everything else the way they want it to happen, instead of how it's been done in the past. They've very much ignored the unix philosophy, and it keeps getting worse. I've already switched to Devuan wherever possible, but since we have to support clients that use RHEL and Ubuntu and the like, I can't get away from the festering bowl of dog snot that is SystemD.

            Oh, and the problem isn't learning new things. The problem is that the new things aren't working. And letting all this be designed by Pottering, who could system architect his way out of a wet paper bag, just makes it look like a bid for service revenue.

            • (Score: 2, Insightful) by Anonymous Coward on Friday May 01 2020, @08:12PM

              by Anonymous Coward on Friday May 01 2020, @08:12PM (#989167)

              The problem with systemd is similar to the problem with pulseaudio and other replacements to older systems. They make it easier to do the common situations, or at least the developer's vision of "common." But the tradeoff is that once you get out of those situations, things become harder. If your experience doesn't match up with what the developer believes sees as common, good luck to you.

          • (Score: 2) by sjames on Sunday May 03 2020, @06:39PM (2 children)

            by sjames (2882) on Sunday May 03 2020, @06:39PM (#989863) Journal

            On the other hand, I've found that VMs that used to just work every time now occasionally just decide to go into the emergency shell when they're rebooted. There's never actually anything wrong, just systemd deciding it didn't feel like it.

            Unfortunately, it's practically impossible to track down since there's literally hundreds of interlocking config files using broken COMEFROM logic and no understanding of the imperitive. No, upping the network interface is NOT optional on a remote server. No, mounting the specified file systems is not optional. Starting Apache on the web server wasn't a suggestion.

            If you actually want to have networking, it's best to kill NetworkManager dead.

            Now, in your scenario, what functionality was GAINED? That is, what can you do now that you couldn't do before?

            • (Score: 2) by The Mighty Buzzard on Monday May 04 2020, @12:28PM

              Cuss more skillfully.

              --
              My rights don't end where your fear begins.
            • (Score: 1) by DECbot on Monday May 04 2020, @08:19PM

              by DECbot (832) on Monday May 04 2020, @08:19PM (#990412) Journal

              Now, in your scenario, what functionality was GAINED? That is, what can you do now that you couldn't do before?

              You now have a legitimate reason for why you have no fucking clue what caused the VM to break. And now you can blame that on systemd and wait for RH to develop a fix--wait, not-a-bug.

              --
              cats~$ sudo chown -R us /home/base
    • (Score: 5, Touché) by Bot on Friday May 01 2020, @01:29PM

      by Bot (3902) on Friday May 01 2020, @01:29PM (#988932) Journal

      Qui tacet consentire videtur

      He who shuts up, allows.

      --
      Account abandoned.
    • (Score: 2) by DannyB on Friday May 01 2020, @02:09PM (1 child)

      by DannyB (5839) Subscriber Badge on Friday May 01 2020, @02:09PM (#988956) Journal

      I'm genuinely curious. How do you boycott a story?

      --
      I get constant rejection even though the compiler is supposed to accept constants.
    • (Score: 5, Insightful) by Grishnakh on Friday May 01 2020, @02:40PM (2 children)

      by Grishnakh (2831) on Friday May 01 2020, @02:40PM (#988981)

      One big red flag I saw with this story was the atrocious writing quality. The author used "it's" multiple times for the possessive version of that word; did they even finish high school?

      • (Score: 1, Insightful) by Anonymous Coward on Friday May 01 2020, @05:36PM (1 child)

        by Anonymous Coward on Friday May 01 2020, @05:36PM (#989064)

        No, they're just Millennials, where every thing discovered is new, and everything new is better.

        • (Score: -1, Flamebait) by DECbot on Friday May 01 2020, @07:21PM

          by DECbot (832) on Friday May 01 2020, @07:21PM (#989123) Journal

          OK Boomer.

          No, their're just Millennials...

          FTFY

          --
          cats~$ sudo chown -R us /home/base
  • (Score: 5, Insightful) by VanessaE on Friday May 01 2020, @11:27AM (38 children)

    by VanessaE (3396) <vanessa.e.dannenberg@gmail.com> on Friday May 01 2020, @11:27AM (#988862) Journal

    Say whatever you want about systemd (I don't care for it) and Poettering's other projects, but for fuck sake KEEP YOUR HANDS OFF MY HOME DIRECTORIES!

    I have a hard enough time keeping things straight as it is.

    Besides, /home has been a thing in Unix-ish OS's for, what, 50 years now? What possible benefit could there be to the end user (or the admin for that matter) to start changing it up now?

    • (Score: 1) by shrewdsheep on Friday May 01 2020, @11:48AM (12 children)

      by shrewdsheep (5215) on Friday May 01 2020, @11:48AM (#988873)

      Your only chance is to retreat. I have long given up on defending my home folder. Too many programs just write stuff wherever they see fit. Programs even start invading the Documents folder. I have now my own subfolder in home (the name of which I keep a secret) that I call my very home (whoever touches it, gets nuked).

      • (Score: 5, Interesting) by bzipitidoo on Friday May 01 2020, @12:53PM (10 children)

        by bzipitidoo (4388) on Friday May 01 2020, @12:53PM (#988906) Journal

        Huh, that's what I've done. My real home directory is a subdirectory I created in /home/me. Too many programs want to clutter up the home directory and the official subdirectories. If I use the home directory the system set up, makes it difficult to tell which files and subdirectories are mine.

        I found it useful to break the big stuff out separately. Video I made goes in a separate subdirectory.

        I got another idea that helps me stay more organized. I made /home/me/tmp for my own temporary stuff. Anything I put in there is subject to deletion, but not by any system process, only by me, when I'm ready. Makes me think about whether I want to keep something when I'm creating it.

        • (Score: 0) by Anonymous Coward on Friday May 01 2020, @01:01PM (5 children)

          by Anonymous Coward on Friday May 01 2020, @01:01PM (#988913)

          Bbut... where do you put Pictures? And Videos? And Templates? That recreate if you delete them. It doesn't make any sense?!

          • (Score: 4, Informative) by Arik on Friday May 01 2020, @01:39PM (1 child)

            by Arik (4543) on Friday May 01 2020, @01:39PM (#988941) Journal
            "That recreate if you delete them. It doesn't make any sense?!"

            When this happens;

            1. Figure out which program is doing it.
            2. Check if this is a configuration option.
            3. a. If it is, fix the config.
               b. If it is not, remove the program.
            --
            If laughter is the best medicine, who are the best doctors?
            • (Score: 2) by meustrus on Friday May 01 2020, @07:35PM

              by meustrus (4961) on Friday May 01 2020, @07:35PM (#989138)

              Naw, if something keeps messing with your files, it's too late. They've been found. If you didn't tell the software where those files are, they were discovered by some "convention".

              If your software does something you don't like, don't fight it. Let it do its thing. Move your stuff somewhere safe. Like GP suggests.

              /home has been pwned since it was first invented. Any files that software messes with belong to the machine now. Keep your stuff somewhere safe.

              Heck, the homed idea would actually be pretty slick if it didn't involve breaking the world and asserting control. Auto-mount an encrypted drive that belongs to the user at login? Awesome! Just don't touch anything inside it.

              --
              If there isn't at least one reference or primary source, it's not +1 Informative. Maybe the underused +1 Interesting?
          • (Score: 0) by Anonymous Coward on Friday May 01 2020, @11:28PM (1 child)

            by Anonymous Coward on Friday May 01 2020, @11:28PM (#989258)

            A lot of programs will place their files wherever you tell them your $HOME is. You can alias the cd command, with no arguments, to cd /home/username , so that it appears to be working more or less as normal. I'm sure there are some programs out there that won't like it, but anything written correctly should function just fine and for anything that's important, you should be able to have the program place the files where you want them via symlinks or just changing the configuration.

            It's astonishing to me, how little knowledge and creativity people have about these things. This isn't Windows, or god forbid, OSX, you can change these things if you really want to.

            • (Score: 0) by Anonymous Coward on Saturday May 02 2020, @12:08PM

              by Anonymous Coward on Saturday May 02 2020, @12:08PM (#989427)

              Not to give the pots too much credit, but he did co-author the XDG_ environment spec that enables you to further manipulate where .config .local .cache and such goes... if programs respect them.

          • (Score: 1) by drgibbon on Saturday May 02 2020, @08:26PM

            by drgibbon (74) on Saturday May 02 2020, @08:26PM (#989577) Journal

            You can define the locations of those in ~/.config/user-dirs.dirs

            E.g., XDG_VIDEOS_DIR="$HOME/media/videos"

            or whatever you like [archlinux.org].

            --
            Certified Soylent Fresh!
        • (Score: 2, Interesting) by shrewdsheep on Friday May 01 2020, @01:03PM (2 children)

          by shrewdsheep (5215) on Friday May 01 2020, @01:03PM (#988915)

          I made /home/me/tmp for my own temporary stuff

          Huh, that's what I've done.

          Let me do some mind-reading: you only backup that subfolder of yours together with some select folder from home (.ssh, some stuff from .config). Your large stuff (Music/Videos) go into different backups than the rest of the files (the latter are backupped incrementally and being encrypted, but my crystal is a bit blurred on that). Finally, some important application config files are moved to your private home and symbolically linked to their expected location.

          • (Score: 3, Interesting) by Grishnakh on Friday May 01 2020, @02:59PM (1 child)

            by Grishnakh (2831) on Friday May 01 2020, @02:59PM (#988994)

            Interesting, but I don't see the point in backing up Music/Videos separately. Personally, I just backup my home dir onto portable USB drives using rsync. The large stuff doesn't change often, so it doesn't take any time to backup unless you've changed it. Even if you use some kind of snapshotting backup program, this would still be the case.

            The biggest problem I have with home dirs is that large desktop environments typically keep a lot of crap buried in some dot-directory like .config, and then when they update to a new version, something in there breaks (the new version doesn't read the old config file correctly, and madness ensues). The standard advice from the DE maintainers is to simply wipe out your entire home directory and start over....

            • (Score: 3, Interesting) by bzipitidoo on Friday May 01 2020, @06:04PM

              by bzipitidoo (4388) on Friday May 01 2020, @06:04PM (#989083) Journal

              Backing up video, images, and music separately made more sense when I started that system, which was when a big flash drive was 1G, and I still sometimes used CD-Rs and CD-RWs. I even tried those Iomega Zip drives. Lost everything to their infamous Click Of Death problem.

              One hint that everyone else had moved on from CDs was that in newer kernels, I encountered several bugs related to their use. There was a problem with the type of optical media from kernel version 2.6.6 through 2.6.8 -- CD-Rs did not work, but CD-RWs were fine. If I was the first to discover these problems, that had to mean no one else was still using that hardware. More recently, I learned that 2.6.25 is the last version that can handle 40 wire PATA cables. Better find an 80 wire cable if you want to run a newer kernel on such old hardware.

        • (Score: 2) by Reziac on Saturday May 02 2020, @02:43AM

          by Reziac (2489) on Saturday May 02 2020, @02:43AM (#989310) Homepage

          I've done that since forever, on every OS. I sort my shit out where I want it, somewhere the OS doesn't use and doesn't officially know about. That way there's never confusion or argument.

      • (Score: 0) by Anonymous Coward on Sunday May 03 2020, @08:21AM

        by Anonymous Coward on Sunday May 03 2020, @08:21AM (#989720)

        Same for Windows 10. It puts your 'home' with a bunch of stupid junctions that WILL delete or corrupt data. Can't they just have normal folders?

        I have learnt to only use /home (Users) in Windows for temporary files. Create a folder someone where, preferably on a different drive, for long term storage. Or anything you want to keep when Windows blats your C: data.

        Some things never change. Never thought I'd see this in *nix.

    • (Score: 3, Insightful) by Anonymous Coward on Friday May 01 2020, @11:58AM (8 children)

      by Anonymous Coward on Friday May 01 2020, @11:58AM (#988876)

      It's called 'not in house syndrome' with a touch of 'we sell support so lets make this as difficult to use without it on purpose'.

      • (Score: 0) by Anonymous Coward on Friday May 01 2020, @12:54PM (7 children)

        by Anonymous Coward on Friday May 01 2020, @12:54PM (#988907)

        I haven't dug into homectl yet, but everything else in systemd is trivially easy to learn. We run CentOS at work and we've never had to pay consultants. Most of our sysadmins have been Linux sysadmins since before systemd was created, and they all made the transition effortlessly. Thousands of servers, no problems related to the init system.

        I think your point stands in general. "Well sell support so lets make this as difficult to use without it on purpose" seems to be the business model for Oracle databases, Enterprise Java Beans, Microsoft Group Policies, and lots of other so-called enterprise products. But regardless of the technical merits or flaws in systemd, you can learn everything you need to know about it in a day or two just from reading the public documentation or the man pages.

        • (Score: 0) by Anonymous Coward on Friday May 01 2020, @01:04PM

          by Anonymous Coward on Friday May 01 2020, @01:04PM (#988917)

          >you can relearn everything you already know about it in a day or two

          FTFY. Those days sure add up when it's happening to everything all the time.

        • (Score: 2) by janrinok on Friday May 01 2020, @01:14PM (4 children)

          by janrinok (52) Subscriber Badge on Friday May 01 2020, @01:14PM (#988927) Journal
          I agree with you, but you won't convince many people here. I switch my computers on and they all work. Stopping or starting tasks is simple and takes care of all of the child processes too with no issues. Creating new service scripts is dead easy and they all go in standardised places. I just get on with my work and don't even notice that it is there.
          • (Score: 2) by Arik on Friday May 01 2020, @01:45PM (2 children)

            by Arik (4543) on Friday May 01 2020, @01:45PM (#988945) Journal
            "I switch my computers on and they all work. Stopping or starting tasks is simple and takes care of all of the child processes too with no issues. Creating new service scripts is dead easy and they all go in standardised places. I just get on with my work and don't even notice that it is there."

            This sounds deliberately short-sighted.

            /As long as it doesn't cause me any immediate difficulty, I'll just plod right on and not think about it./

            I'm sure that way of doing things never came came back to bite anyone in the arse. </sarcasm>
            --
            If laughter is the best medicine, who are the best doctors?
            • (Score: 0) by Anonymous Coward on Friday May 01 2020, @04:16PM (1 child)

              by Anonymous Coward on Friday May 01 2020, @04:16PM (#989021)

              Oh that's right. I'm going to get right on writing my own C compiler, and git implementation, shell, and text editor. Thank god you spoke up.

              • (Score: 0) by Anonymous Coward on Friday May 01 2020, @05:42PM

                by Anonymous Coward on Friday May 01 2020, @05:42PM (#989069)

                Those are horrible examples you bring up. Those programs have been written by teams of competent developers. They also have a history of fixing important issues that get raised because they don't see bugs being pointed out as an attack on their egos. I trust those programs to be handled in a competent manner.

          • (Score: 0) by Anonymous Coward on Monday May 04 2020, @06:34PM

            by Anonymous Coward on Monday May 04 2020, @06:34PM (#990370)

            things were like this long before you were able to own a computer but nice try stupid shill

        • (Score: 2) by Bot on Saturday May 02 2020, @10:50PM

          by Bot (3902) on Saturday May 02 2020, @10:50PM (#989622) Journal

          And here we prove parallel universes do exist.

          --
          Account abandoned.
    • (Score: 4, Insightful) by Bot on Friday May 01 2020, @01:32PM (9 children)

      by Bot (3902) on Friday May 01 2020, @01:32PM (#988934) Journal

      You look at it from your POV, try theirs. Systemd is an instrument of domination, messing with /home is a juicy target to obsolete million mans hours of knowledge and info.

      Fact: all those people using linux for multimedia NEED PLAIN HOMES WITH NO ENCRYPTION hogging up the CPU. Ergo, pick antixxx or mx or void or slackware or whatever non systemd distro now. Any time spent with systemd is time lost.

      --
      Account abandoned.
      • (Score: 2) by VanessaE on Friday May 01 2020, @01:37PM (4 children)

        by VanessaE (3396) <vanessa.e.dannenberg@gmail.com> on Friday May 01 2020, @01:37PM (#988940) Journal

        All I know for sure is if Debian follows suit, I will be very disappointed...

        (considering that Pulse and systemd are already a thing, though THOSE don't seem to be a problem, not like they were in the beginning)

        • (Score: 2) by Arik on Friday May 01 2020, @01:48PM

          by Arik (4543) on Friday May 01 2020, @01:48PM (#988946) Journal
          Debian was lost several years ago. Way past time to switch to a distro that is still shipping gnu/linux.

          http://slackware.com/
          --
          If laughter is the best medicine, who are the best doctors?
        • (Score: 4, Informative) by Anonymous Coward on Friday May 01 2020, @04:49PM

          by Anonymous Coward on Friday May 01 2020, @04:49PM (#989037)

          If you see them going for homed, just swap over to the Devuan release targetted at your current Debian version and apt update -> apt dup, then give it a few hours to download and install and reboot :)

        • (Score: 2, Insightful) by Anonymous Coward on Friday May 01 2020, @09:02PM

          by Anonymous Coward on Friday May 01 2020, @09:02PM (#989192)

          Debian and its giant offspring Ubuntu, and their myriad derivatives, have long gone systemd. Millions of users had no choice. Some distro makers had no choice. Upstream changed because a few individuals puttered, and millions sputtered. The problem is getting things done. I choose a distro for its ability to stay out of my way, have all the software I need IN the repos, so I can work. Many of the purist wonderworks have little functionality beyond being a "pure linux". I need the applications and those have dependencies, some of which may tie back to systemd. Also a lot of the "purist" editions look like a worn-out Yugo next to many of the modern Lambos and Porsches in terms of the UI and windows managers. Sad state of Linux in 2020, where one approaching 30's kid dictates the terms for all the usable distros.

        • (Score: 0) by Anonymous Coward on Saturday May 02 2020, @12:11PM

          by Anonymous Coward on Saturday May 02 2020, @12:11PM (#989429)

          It would have been so much easier if pots had created his own distro.. I could respect that.

      • (Score: 2) by meustrus on Friday May 01 2020, @07:38PM (1 child)

        by meustrus (4961) on Friday May 01 2020, @07:38PM (#989141)

        Easy solution, assuming homed encryption can be turned off per-user: put the multimedia under a separate user. Give out media access by group.

        This is how I manage media in Linux. Mainly I do it so that I could configure Syncthing to maintain redundant copies on multiple machines, running in an isolated account, without giving everyone else access to change the files and break syncing.

        --
        If there isn't at least one reference or primary source, it's not +1 Informative. Maybe the underused +1 Interesting?
        • (Score: 0) by Anonymous Coward on Friday May 01 2020, @08:01PM

          by Anonymous Coward on Friday May 01 2020, @08:01PM (#989159)

          >Easy solution, assuming homed encryption can be turned off per-user: put the multimedia under a separate user. Give out media access by group.

          It's not simpler than avoiding systemd altogether. Thank you non systemd distro maintainers, beacons of freedom.

      • (Score: 2) by janrinok on Saturday May 02 2020, @07:34AM

        by janrinok (52) Subscriber Badge on Saturday May 02 2020, @07:34AM (#989370) Journal

        But nobody is making them use it. I fail to see why I should get excited because somebody else uses Gentoo, or another encrypts his hard drives, or they want to do media streaming on an underpowered computer. Why should anyone else get excited about those who are happy to use systemd.

        Incidentally, I manage to stream media quite satisfactorily from a server powered by an Athlon 2 X4 605e processor using full drive encryption over my network. No problems. I suppose a P II might struggle though. I do have a problem when 3, 4 or more people are trying to stream simultaneously, but I'm not surprised by that.

      • (Score: 0) by Anonymous Coward on Sunday May 03 2020, @08:24AM

        by Anonymous Coward on Sunday May 03 2020, @08:24AM (#989721)

        As of now Firefox disabled checking for the chrome folder in the user profile and for userChrome.css TO SAVE TIME WHEN LOADING FIREFOX.

        What utter stupidity. How many people are now looking at the crap that is the new urlbar and other screwups in the UI, following instructions, and not realising their Firefox does not load userChrome.css anymore?

        Utter stupidity.

    • (Score: 5, Informative) by hendrikboom on Friday May 01 2020, @02:06PM (4 children)

      by hendrikboom (1125) Subscriber Badge on Friday May 01 2020, @02:06PM (#988954) Homepage Journal

      /home wasn't around in 1975. Back then my home directory was at /usr/hendrik.

      So it's beem around for less than the full 50 years.

      -- hendrik

      • (Score: 1, Interesting) by Anonymous Coward on Friday May 01 2020, @04:52PM (1 child)

        by Anonymous Coward on Friday May 01 2020, @04:52PM (#989038)

        I had always wondered why it was called '/usr' but if it was both user binaries and home dirs that would make a lot of sense. Seems like things keep getting under-organized over and over until a restructure is in order, then they break the expectations of the old paradigm, at least in part.

        • (Score: 0) by Anonymous Coward on Friday May 01 2020, @10:22PM

          by Anonymous Coward on Friday May 01 2020, @10:22PM (#989238)

          There was no /usr/bin originally. operating system binaries all went to /bin.

          The whole reason /usr/bin came into existence is because the system became too large to fit on the / disk, and there was no raid or dynamic resizing. Only after that were users moved to /home.

      • (Score: 2) by Bot on Friday May 01 2020, @08:07PM (1 child)

        by Bot (3902) on Friday May 01 2020, @08:07PM (#989163) Journal

        >So it's beem around...

        and here is when one of hendrik's fingers mangles accidentally with his looooong grey beard and mistypes.

        --
        Account abandoned.
    • (Score: 2, Redundant) by DannyB on Friday May 01 2020, @02:25PM

      by DannyB (5839) Subscriber Badge on Friday May 01 2020, @02:25PM (#988968) Journal

      What possible benefit could there be to the end user (or the admin for that matter) to start changing it up now?

      So users would get Red Hat support contracts, which would prevent them from having operational problems.

      I did not use any no-sarcasm tags hear.

      --
      I get constant rejection even though the compiler is supposed to accept constants.
(1) 2 3