Announcement

Collapse
No announcement yet.

Systemd-homed: Systemd Now Working To Improve Home Directory Handling

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • bobpaul
    replied
    Originally posted by rhavenn View Post
    Stay out of my home directory. I've had more or less the same .cshrc and .login file since the late 90s with some tweaks here and there to add / remove aliases / whatever.
    Did you even watch the video? It's not touching anything inside your home directory. Your .cshrc etc are untouched; they're inside your home directory.

    Concept A is a replacement for pam and can remove human users from /etc/passwd and /etc/shadow. This is done in a cryptographicly secure manner so your profile can roam to machines that have signed your profile without the need for LDAP. It's extensible so you could login with hardware key (eg Yubi), pattern (like Android/iOS), and other non-password methods if you want. It lives along side the existing /etc/{passed,shadow} system and doesn't prevent users defined in there from logging in.

    Concept B is storing your home folder in an encrypted file in a way that works with Concept A. Nothing inside your actual home folder is altered.

    ​This is something that can both compliment as well as replace nfs+ldap for roaming profiles. Concept B doesn't work on machines that are primarily accessed over a network (headless server, etc) and is really designed around protecting data on a mobile device that suspends frequently (eg a laptop), but would work fine for employer owned desktop workstations as well.
    Last edited by bobpaul; 22 September 2019, 11:19 AM.

    Leave a comment:


  • josh_walrath
    replied
    Originally posted by Cape View Post

    OFC not! Actually - with the FSF becoming a diversity hellhole - we should be very worried for the future of Free Software for all users!
    This doesn't mean we should carry on a 70yo OS.

    Ideally I'd like to see RMS founding a new organization with the intent of forking GNU and slowly transition it to the 21st century by incorporating piece after piece into systemd πŸ€—
    ​​​​
    Sadly, along with the inability to keep their turn-of-the-century sexism to themselves on *email mailing lists*, people like RMS also can't comprehend new ways of doing things. They shaped this operating system that expects "multiple seats" on a timeshared mainframe and where you have to read about arcane commands in man pages with terminal programs keybound for long-extinct key layouts and enter your sudo password every five minutes and where cron tries to email you errors and which is just getting sandboxed containers.

    It's natural, and this is why death is salutary for society -- old minds adapted for the past and scleric with its traumas just die, and new ones come along that can better adapt to the present. They would probably start with not using email lists.

    And what's wrong with the FSF becoming more diverse? They're actually already surprisingly diverse looking at their present board, but I guess that's not diverse enough because it's still enough of a deluded echo chamber to unironically recommend distros like Trisquel to people. Idealism is the shit.

    Also, we definitely shouldn't be carrying on the 50-year-old language of C! If SystemDOS isn't written in Rust, rip.
    Last edited by josh_walrath; 22 September 2019, 09:39 AM.

    Leave a comment:


  • Guest's Avatar
    Guest replied
    Originally posted by Apokalypz View Post
    I'm still waiting for linuxd...that's where they're headed. Also, when are they gonna start implementing desktop environments and window managers? Gnomed, KDEd, i3d, and openboxd all sound like so much fun. OMG, what about GTKd, qtd, or EGLd? Blenderd, Libre Officed, firefoxd, ddd.

    You know what? I'm just gonna not use a computer anymore and maybe I'll train a NN to replace myself. I'll see if the systemd devs want to implement it and maybe call it userd.
    That's because some people don't like to stay at their place. I already tested FreeBSD on real hardware (my PC) and it is great. Then, there is the Hackintosh, and then even Windows.

    Leave a comment:


  • aht0
    replied
    Originally posted by Cape View Post
    This doesn't mean we should carry on a 70yo OS.
    ​​​​
    UNIX conforms to POSIX. FYI, most recent POSIX specification is only year or two old. Ignorance is a bliss.

    Leave a comment:


  • Apokalypz
    replied
    I'm still waiting for linuxd...that's where they're headed. Also, when are they gonna start implementing desktop environments and window managers? Gnomed, KDEd, i3d, and openboxd all sound like so much fun. OMG, what about GTKd, qtd, or EGLd? Blenderd, Libre Officed, firefoxd, ddd.

    You know what? I'm just gonna not use a computer anymore and maybe I'll train a NN to replace myself. I'll see if the systemd devs want to implement it and maybe call it userd.

    Leave a comment:


  • Guest's Avatar
    Guest replied
    Originally posted by F.Ultra View Post

    You do realise that just doing a "ls /home" will touch several hundred of thousands of lines of code from fetching the data of the drive to writing it to your screen. So if you are afraid of potential bugs then you should not use software period.
    You really dont know what software is.

    Leave a comment:


  • intelfx
    replied
    Originally posted by polarathene View Post

    I remember seeing some project(possibly russian maintainers) that was looking to do something like this. Although I think it did involve wrapping a process in a container like lxc or something..
    Not exactly. You don't strictly have to containerize anything. However, it's impossible to properly checkpoint a process which shares resources or state with another process that is not being checkpointed (unless you can extract the state from that other process, which is out of scope for CRIU). Therefore, to guarantee a successful checkpoint and restore of a process, you will naturally need to limit which processes it can talk to, and then checkpoint the whole group.

    (Source: briefly worked on CRIU)
    Last edited by intelfx; 21 September 2019, 05:14 PM.

    Leave a comment:


  • intelfx
    replied
    Originally posted by Neraxa View Post
    Another feature I would like to see is improved freezing to disk of single processes to disk, which can be later unfrozen, even after system reboot. Very interesting feature with interesting possibilities.
    That'd be CRIU. And it's super damn hard to do properly.

    Leave a comment:


  • F.Ultra
    replied
    Originally posted by frank007 View Post

    The bug can be anywhere.
    You do realise that just doing a "ls /home" will touch several hundred of thousands of lines of code from fetching the data of the drive to writing it to your screen. So if you are afraid of potential bugs then you should not use software period.

    Leave a comment:


  • Guest's Avatar
    Guest replied
    Originally posted by Slithery View Post
    It just uses regular LUKS volumes that can be opened/mounted with the usual cryptsetup commands. Any of the bugs you refer to would be with LUKS not systemd-homed.


    Nope. The LUKS volume is just one of the available backends, standard directories are another.
    The bug can be anywhere.

    Leave a comment:

Working...
X