
Systemd-homed merged as a fundamental change to Linux home directories - mbreese
https://www.phoronix.com/scan.php?page=news_item&px=Systemd-Homed-Merged
======
knorker
I read the design document for this.

What's the point? This is not the 1990s. Who exactly is this for?

Who actually has multi-user systems. _Really_ has them.

Clients are either all single-user laptops (at home and at work), or single-
user workstations. Very rarely they're multi user workstations, but then they
use something non-local for their home directories anyway, so again who is
this for?

This isn't the 1990s with 100 users on your computer club Linux server.
Everyone just gets their own VM, now.

Honestly, who still runs a 1990s style shared shell server?

And per-user /home encryption on a shared system just sounds like a threat
model contradiction. If you want to protect the users from each other then
turning a blind eye to the regular local root exploits sounds odd at best. On
servers for cifs /home if my home directory is secret, why would I expose it
to every server I log in to?

And if not for human user accounts, how will this help anyone run their docker
containers or any other type of service?

Am I just out of touch? Does this actually have users? Does it actually solve
a problem?

It _breaks_ many use cases, that's very obvious.

~~~
Iolaum
Anecdotally, my laptop is being used by two users. It irks very much that
neither Ubuntu nor Fedora can easily support a common directory for data to be
shared between users. I ve created custom bash commands to fix group file
ownership and similar issues arising from sharing a directory between two home
users.

~~~
shrubble
It should be easy to do this? Create a group, place the two users in that
group, create a directory and setgid it to the group.

~~~
Iolaum
That works when copying but not when moving files. For the latter case you
need to manually edit those properties.

------
trulyrandom
I really hope this gets nicely abstracted away into a NixOS module soon. I've
been looking for a solution to securely suspend to RAM by clearing the LUKS
keys and reopening the LUKS volume when resuming. It looks like systemd-homed
will be the first viable option to accomplish that.

------
Randor
Interesting,

I don't really understand why distribution maintainers are allowing this one
project to have so much control over the operating system.

~~~
Bnshsysjab
I think the fact that all major distros have gone the direction of systemd is
probably a good indicator that it makes sense to move there.

I’m sure the distro leads are smarter than I am, too.

~~~
goatinaboat
They had no choice. After the udev fiasco running the Linux kernel without
systemd becomes prohibitively complicated for many use cases. The main GUIs
were similarly captured (e.g. with logind). You obviously can still run a
Linux kernel based system without systemd but it is already hard and will get
harder to run the larger userland components that other distros get “for
free”.

If you don’t like systemd then the only sane option for you is to make the
jump to FreeBSD.

~~~
YarickR2
Gentoo is looking at you disapprovingly .

~~~
Bnshsysjab
I used gentoo without systemd for some time but things became problematic.
Bluetooth headphones were barely functional, Firefox required pulse audio or
sound didn’t work out of the box.

I’m not in love with systemd, personally. But it’s harder to live without it
than with it.

------
wnoise
Without the amount of changes systemd makes to the operation of a system, at
this point it should be thought of as a new operating system that shares a
kernel with Linux.

~~~
throw0101a
We're not there yet:

Every program attempts to expand until it can read mail. — Zawinski's Law

~~~
inetknght
All that's missing is a gvfs module to mount your IMAP directories...

~~~
rbanffy
From a UI perspective, this is brilliant. Windows had it with a shell
extension that essentially turned Windows Explorer (not IE) into what would
later be Outlook Express. It's awful that they opted out of making the desktop
Explorer smarter and went the stand-alone application route.

------
pmlnr
I recently migrated to FreeNAS/FreeBSD. It's joyfully oldschool sysadmining,
and for hobbyists/home server owners, it's so much nicer.

For business vs systemd... you gotta keep your crew busy with change, right?

~~~
geofft
For business we want something that works. At my last three jobs in a row I've
had problems that systemd has been solving in an elegant, robust way. (Eight
years ago it was startup ordering bugs with Upstart in an appliance; four
years ago it was cleaning up a pile of cronjobs and handling the ordering
relationships between them; today it's cleaning up a single cronjob that
starts a big supervisord.)

For home use, sure, there's a joy to making things work. Same as some people
enjoy building a computer from parts - but you'll never see a business telling
their employees to go to PCPartPicker and put something together.

~~~
pmlnr
> Upstart in an appliance

> single cronjob that starts a big supervisord

/me screams

Seriously, why? All of those you're listing are monsters, and they should
never have existed in the first place.

~~~
geofft
Because real-world systems aren't as pretty as hobby systems.

------
kick
I think this is going in the opposite direction of where I'd like to see Linux
and UNIX home directories going, but it's still an interesting change.

Has anyone played with it any? I know it just got merged, but I figure one of
you may have tried it prior to that, so I might as well ask.

~~~
JohnFen
I agree that this is not the direction that I want Linux to go. I object to
systemd all by itself for the same reason, and it's why I'm moving from Linux
to BSD.

I haven't played with this, though. I don't have a use case for it.

------
mekster
21k lines of new code added in systemd to maintain home directories?

What would happen if the daemon goes down or has security hole? Are users
screwed?

~~~
shrubble
Yes. I have already set up a VM for a friend where the root user could login
but regular users could not.

Took some research and at least an hour of my time... something was not set up
in the user slice configuration for systemd's liking.

------
erik_seaberg
I seem to recall this is incompatible with cronjobs, which puts it pretty far
to the the game console end of the tool spectrum.

~~~
tyingq
Pretty sure it also breaks ssh logins. This needs more discussion before
blessing it. Systemd has bled far, far, beyond an init replacement.

~~~
throw0101a
> _Systemd has bled far, far, beyond an init replacement._

This has been my main objection to it: feature creep (with tight coupling
between 'components').

------
lousken
I'd much rather see easily portable desktop environments configs e.g. in KDE
and xfce

~~~
mfcl
How would that work?

~~~
lousken
I was thinking of a tool that would list GUI and integrated apps (maybe with a
bunch of advanced options), you'd select which of those you'd like to backup
and would give you an option to save a file which you'd then be able to import
on another machine. It'd only dump non machine specific settings into the
file.

But in order to do this there should be some kind of a standard so that pretty
much any app could integrate into such tool if it listed allowed settings and
its locations.

------
0xFFFE
Can systemd dynamically load new kernels at this point?

~~~
DoofusOfDeath
Systemd can launch an Emacs session, so...

