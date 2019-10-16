from the resistance-is-futile.-/home-will-be-assimilated dept.
Good News:
Linux home directory management is about to undergo major change:
With systemd 245 comes systemd-homed. Along with that, Linux admins will have to change the way they manage users and users' home directories.
[...] Prior to systemd every system and resource was managed by its own tool, which was clumsy and inefficient. Now? Controlling and managing systems on Linux is incredibly easy.
But one of the creators, Leannart Poettering, has always considered systemd to be incomplete. With the upcoming release of systemd 245, Poettering will take his system one step closer to completion. That step is by way of homed.
[...] let's take a look at the /home directory. This is a crucial directory in the Linux filesystem hierarchy, as it contains all user data and configurations. For some admins, this directory is so important, it is often placed on a separate partition or drive than the operating system. By doing this, user data is safe, even if the operating system were to implode.
However, the way /home is handled within the operating system makes migrating the /home directory not nearly as easy as it should be. Why? With the current iteration of systemd, user information (such as ID, full name, home directory, and shell) is stored in /etc/passwd and the password associated with that user is stored in /etc/shadow. The /etc/passwd file can be viewed by anyone, whereas /etc/shadow can only be viewed by those with admin or sudo privileges.
[...] Poettering has decided to make a drastic change. That change is homed. With homed, all information will be placed in a cryptographically signed JSON record for each user. That record will contain all user information such as username, group membership, and password hashes.
Each user home directory will be linked as LUKS-encrypted containers, with the encryption directly coupled to user login. Once systemd-homed detects a user has logged in, the associated home directory is decrypted. Once that user logs out, the home directory is automatically encrypted.
[...] Of course, such a major change doesn't come without its share of caveats. In the case of systemd-homed, that caveat comes by way of SSH. If a systemd-homed home directory is encrypted until a user successfully logs in, how will users be able to log in to a remote machine with SSH?
The big problem with that is the .ssh directory (where SSH stores known_hosts and authorized_keys) would be inaccessible while the user's home directory is encrypted. Of course Poettering knows of this shortcoming. To date, all of the work done with systemd-homed has been with the standard authentication process. You can be sure that Poettering will come up with a solution that takes SSH into consideration.
Will systemd be considered complete once the kernel and boot loader have been absorbed into systemd?
(Score: 1) by shrewdsheep on Friday May 01, @11:11AM (6 children)
... why not expressing your discontent by boycotting this story? I hate *this* change, so I'll keep shut.
(Score: 4, Insightful) by fido_dogstoyevsky on Friday May 01, @11:19AM
I really doubt that boycotting will help because homed will not be his last territorial demand in Linux.
It's NOT a conspiracy... it's a plot.
(Score: 0) by Anonymous Coward on Friday May 01, @11:25AM
What, you don't like this change? But they way it is managed now is clumsy and inefficient!
(Score: 2, Informative) by Anonymous Coward on Friday May 01, @11:46AM
I think you have it backwards. It does get tiring when people drag in tired systemd references into unrelated computer related stories, but this is exactly the story where the hate and vitriol, and support, should be.
(Score: 3, Insightful) by The Mighty Buzzard on Friday May 01, @11:51AM
Why would I do that when I can mock him for reinventing kerberos, poorly? No, that's unfair. He reinvented kerberos and a couple lines worth of login scripting, poorly.
Thank you, Covid-19, for proving for all time that college isn't essential but liquor stores are.
(Score: 2) by gtomorrow on Friday May 01, @11:59AM (1 child)
Says who?
I just recently commented in another article saying how systemd leaves me neither hot nor cold. Not anymore. I guess the new rule is "keep fucking with Linux until even the systemd supporters can't defend it." Keep encroaching on user territory until it's Windows...or Android.
(Score: 0) by Anonymous Coward on Friday May 01, @12:02PM
https://en.wikipedia.org/wiki/Google_Fuchsia [wikipedia.org]
Use a superior kernel.
(Score: 2) by VanessaE on Friday May 01, @11:27AM (2 children)
Say whatever you want about systemd (I don't care for it) and Poettering's other projects, but for fuck sake KEEP YOUR HANDS OFF MY HOME DIRECTORIES!
I have a hard enough time keeping things straight as it is.
Besides, /home has been a thing in Unix-ish OS's for, what, 50 years now? What possible benefit could there be to the end user (or the admin for that matter) to start changing it up now?
(Score: 1) by shrewdsheep on Friday May 01, @11:48AM
Your only chance is to retreat. I have long given up on defending my home folder. Too many programs just write stuff wherever they see fit. Programs even start invading the Documents folder. I have now my own subfolder in home (the name of which I keep a secret) that I call my very home (whoever touches it, gets nuked).
(Score: 1, Insightful) by Anonymous Coward on Friday May 01, @11:58AM
It's called 'not in house syndrome' with a touch of 'we sell support so lets make this as difficult to use without it on purpose'.
(Score: 3, Funny) by The Mighty Buzzard on Friday May 01, @11:43AM
What the hell, Leannart? Why would you store important information in a human readable form like json when you could store it in a binary container that requires a specific executable tool to interact with?
Thank you, Covid-19, for proving for all time that college isn't essential but liquor stores are.
(Score: 1, Interesting) by Anonymous Coward on Friday May 01, @11:46AM
This exists only to create problems, add pointless complexity, and cause incompatibilities. Imaginary "improvements" are the fig leaf, breaking things is the real purpose.
(Score: 1, Insightful) by Anonymous Coward on Friday May 01, @11:50AM
>> Lennart Poettering has always considered systemd to be incomplete
And he always will... until it takes over 100% of the functionality, at which point we will start calling it Lennux (as in, "I can't get my Lennux system to boot because of systemd").
(Score: 3, Interesting) by Dr Spin on Friday May 01, @12:02PM (2 children)
Didn't your granny ever tell you "Don't put all your eggs in one basket
Especially if systemd has been within 10 furlongs of of the basket.
Every time I get an update to my Ubuntu system, resolv.conf gets totally fucked. No matter how I remove symlinks, make it immutable, write protected, etc.
Listen Poettering, If I remove your symlink, and mark my resolv.conf as un-writeable by anyone - leave the fuck alone. When the sign says "do not touch" don't bloody touch it, OK?
All my other systems use OpenBSD - and they don't keep getting fucked by unexpected updates. I have had two year uptimes (obviously not on internet connected systems). Unix was fine before you got involved. Go and lock yourself down, and don't come back.
Putting your data in the cloud is like sending your teenage daughter backpacking in a 3rd world country with a pimp
(Score: 1, Funny) by Anonymous Coward on Friday May 01, @12:11PM (1 child)
Linux is open source. If you don't like the way systemd handles your resolv.conf file, then just fork systemd, make the changes you want, review the license agreement with your lawyers, write a Code of Conduct for your fork, and then your problem's fixed.
(Score: 2) by SemperOSS on Friday May 01, @12:22PM
So, let me get this right, you think that instead of complaining of a completely strange and unnecessary behaviour that does not make sense, people should fork the program and correct it themselves?
That, unfortunately, is not a viable solution for most people … and not a good solution either. The problem with systemd is that Lennart Poettering does not listen to anyone but himself and that he does not care whether what he creates makes sense or not, whether it adds value or not. He wants it and most of the rest of the Linux world has to suffer!
I still wonder how a person with such traits as LP's ever got so much power and why some people thinks he is such a genius?
I don't need a signature to draw attention to myself.
Maybe I should add a sarcasm warning now and again?
(Score: 3, Interesting) by Farkus888 on Friday May 01, @12:03PM (2 children)
We all know that Bach is good. But here in the real world nearly everyone listens to top 40 anyway. We want to eat healthy, but choose fast food. In the same way, Poettering likes the idea of Linux but hates everything about it. So many people seem to feel the same way. Thanks to all those people, I have to essentially learn a new OS as a 20 year Linux user. My newest joy was discovering that Debian doesn't include ifconfig anymore. Like the actual luddites, I'm not opposed to change in itself. I think that change should be considered and only adopted if it is the best way to add the alleged value. What does ip give me that couldn't be solved with a new flag in ifconfig?
(Score: 3, Informative) by Anonymous Coward on Friday May 01, @12:08PM
>> What does ip give me that couldn't be solved with a new flag in ifconfig?
The ability to confuse you so much that you have to buy Red Hat support services, which is the raison d'etre for Poettering's existence.
(Score: 2) by Arik on Friday May 01, @12:18PM
No, you don't. http://www.slackware.com/
Debian was once a respectable distro, but it's been enemy territory for years now.
"The *other* sort of Marxist."
(Score: 0) by Anonymous Coward on Friday May 01, @12:13PM
I would have much more respect for Red Hat and Lennart, if they would come clean and at least admit what they're really doing -- developing a totally different operating system. This is what systemd is. Hence the comment title: systemd/linux. Sure its a variant on UNIX and gnu/linux, and runs much of the same software, but it is a different OS. Plus, I believe what I have read others say: systemd is a take-over attempt on the free software world. Red Hat wants to be the Microsoft of Linux.
This is not a good development in my book.
(Score: 0) by Anonymous Coward on Friday May 01, @12:16PM
No, they will not.
(Score: 2) by Bot on Friday May 01, @12:22PM
One more crippling bombshell hit the already beleaguered systemd/poetterix community when poettering confirmed that a new feature has dropped in yet again, now down to less than a fraction of 1 percent of all servers being unaffected. Coming on the heels of a recent RH-sponsored survey which plainly states that linux users want more performance out of their /home partition layout (whatever that means), this news serves to reinforce what we've known all along. Systemd administration is collapsing in complete disarray, as fittingly exemplified by failing dead last in the recent Sys Admin comprehensive "I know what I am doing" test.
You don't need to feature a >80 IQ to predict poetterix victims' future. The hand writing is on the wall, converted to a binary timestamped db: systemd admins face a bleak future. In fact there won't be any future at all for them because system administration is dying. Things are looking very bad for them. As many of us are already aware, poetterix continues to add features. Red Hat code additions flow like a river of blood...