[arch-general] How will Arch handle systemd 245 and homed?

brent s. bts at square-r00t.net
Fri May 8 03:42:01 UTC 2020

On 5/7/20 22:54, David C. Rankin wrote:
> All,
>   I just read the article about the major change coming to systemd 245 at:
> https://www.techrepublic.com/article/linux-home-directory-management-is-about-to-undergo-major-change/?ftag=TRE475558a&bhid=12825460&mid=12819432&cid=712355268
> What is terrifying is the SSH Problem. 9/10 hosts I interact with I do via
> ssh. And do we really need LUKS encrypted volumes for every user's $HOME
> directory? Sure for enterprise setups, etc.. but will there be a way to simply
> keep a normal unencrypted /home. How would scripts be able to backup certain
> work locations from user directories if the user is logged out?

Sytemd 245 is already released and is in Arch repos:


Arch already has an article on homed in the wiki that answers many of
your questions:


or the upstream docs:



"However, you must **enable and start** the systemd-homed.service."
(emphasis added)

"It achieves portability by moving all user-related information into a
storage medium, **optionally encrypted**, and creating an ~/.identity
file that contains signed information about the user - password, what
groups they belong to, UID/GID and other information that would
typically be scattered over multiple files in /." (emphasis added)

In short:

- It is already installed in your system, if it's up-to-date. I'm
assuming you did not notice any differences, right? That's because
- It's "opt-in" in the first place, and
- home directory encryption is *optional*, and
- it doesn't interfere with "traditional" (/etc/{passwd,group,shadow})
user databases.

There are a lot of systemd haters out there (still) that love to spread
plenty of FUD or half-accuracies about systemd. Generally speaking, your
best bet is to just simply explore the experience and documentation of a
distro that implements systemd properly (like Arch) and ignore anything
and everything you read in publications about it.

brent saner
GPG info: https://square-r00t.net/gpg-info

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 899 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/arch-general/attachments/20200507/7efadf96/attachment.sig>

More information about the arch-general mailing list