Systemd will change the way your Linux home directory works

The team behind it systemd want you to introduce a new way of managing home directories. Calling it a “new way” is something to be taken lightly – this is a real paradigm shift for Linux. Here is everything you need to know systemd-homedwhich is likely to come to a Linux distribution near you.

No stranger to controversy

When systemd Introduced in 2010, the Linux community was divided into three camps. Some thought it was an improvement, others thought it was a flawed design that wasn’t adhered to the Unix philosophy. And some didn’t care either way.

Opponents’ backlash was loud, heated and in some cases almost fanatical. Lennart Poettering, a software engineer red hat and co-developer of systemd, even received death threats.

Songs advocating violence against poettering have been published on YouTube, and websites appeared trying to boycott Linux users systemd. His co-developer, Kay SieversHe was also criticized and verbally abused, but Poettering certainly bore the brunt of the burden.

But within eight months Fedora used systemd. Till the End of 2013, arc, Debian, Manjaro, and Ubuntu had all moved systemd. Of course, the glory of open source is when you don’t like something, you can fork the source code and do your own thing with it. New distributions – like Devuanwhich were a fork of Debian – were created solely to avoid use systemd.

How to manage systemd services on a Linux system

Your $ HOME directory

In the Linux directory structure, everything you do is in the “/ home” directory. Your data files, pictures, music and the entire personal directory tree are stored in this one directory, which is named after your user account.


The settings for your applications are saved in your home folder in hidden “point directories”. If the first character of a file or directory name is a period (.), It is hidden. Since these settings are stored locally rather than in a central registry – and since a backup of your home directory contains these hidden files and folders – all of your settings are also backed up.

When you restore a backup and start an application like LibreOffice or Thunderbird, it will look for its hidden directory. It also finds your document settings, toolbar settings, and all other customizations. Thunderbird will find your email account information and your email. You don’t have to go through the hassle of slowly setting up each application.

You can use ls with the -a (all) option to show hidden files and directories. First, enter the following:

ls

This will show you the regular files and directories. Next, enter the following:

ls -a

Now you can see the hidden files and directories.

Since it is the most valuable part of an installation, it is common for the “/ home” directory to be mounted in its own partition or on a separate hard drive. That way, if something catastrophic happens to the operating system or the partition it is on, you can either reinstall your Linux distribution or switch to a new one. Then you can simply remount your existing home partition on “/ home”.

The Linux directory structure, explained

Data about you

Your home directory doesn’t just store your data; it also stores information about you. including some attributes of your digital identity. To the example, Your “.ssh” directory stores information about remote connections you have made to other computers and any SSH keys you have generated.


Other system attributes such as your account username, password, and unique user ID are stored elsewhere in files such as “/ etc / passwd” and “/ etc / shadow”. Some of them can be read by anyone, others can only be read by people with root rights.

This is what the content of the “/ etc / passwd” file looks like:

cat /etc/passwd

How to change user data with chfn and usermod on Linux

The systemd-homed changes

The intention of the systemd-homed Changes is to provide a fully portable home directory that stores both your data and Linux digital identity. Your UID and all other identification and authentication mechanisms are only saved in your home directory.

Due to their “all eggs in one basket” design, home directories are encrypted. They are automatically decrypted when you log in and encrypted again when you log out. The preferred method is to use the Linux Unified Key setup (LUKS) full disk encryption. However, there are other schemes such as fscrypt.

A JavaScript object notation User (JSON) record stores all of your identity information in a directory called “~ / .identity”. It is cryptographically signed with a key over which you have no control.


Each person’s home directory is mounted on a loopback device, similar to a snap Application is mounted. In this way, the directory tree within the home directory appears as a seamless part of the directory tree of the operating system. By default, the mount point is “/home/$USER.homedir” (“$ USER” is replaced by the person’s account name).

What are the advantages?

Since your home directory is a secure encapsulation of all your data, you can even save your home directory on removable storage media. To the example, you can use a USB drive to move it between your work and home computers or another systemd-homed Computer.

This is what Poettering meant by “a completely portable home directory”. Even if you don’t want to move your home directory on a portable device, it makes upgrades and migrations easier and makes it more secure.

It removes what he calls “sidecar databases,” which contain snippets of critical information about you that Poettering believes should be centralized. The files “/ etc / passwd” and “/ etc / shadow” contain authentication information and hashed passwords. However, they also contain information such as your default shell, the General Electric Comprehensive Operations Manager (GECOS) field.

Poettering said that Metadata should be streamlined and stored in meaningful groups within each person’s JSON record in their home directory.

Manage your new $ HOME

the systemd-homed Service is controlled by the new homectl Command line tool.


There are options for creating users and home directories and setting storage limits for each user. You can also set the password, block someone from their account or delete an account entirely. Users can be verified and their JSON user records can also be read.

Time zones and other location-related information can also be set for each user. You can specify the default shell and even set environment variables so that they are in a specific state when someone logs in.

If you look in the “/ home” directory, you will see systemd-homed managed entries that look like this, with “.homedir” appended to the username:

/home/dave.homedir

Remember, this is only a mount point. The actual encrypted home directory is located elsewhere.

Limitations and Problems

systemd-homed is only intended for use on human user accounts. It cannot process user accounts with a UID less than 1,000. In other words, root, daemon, bin, etc. cannot be managed with the new scheme. There will always be a need for the standard methods of managing users. Because of this, systemd-homed is not a global solution.

It is known Catch-22 that has to be resolved. As mentioned earlier, a person’s home directory is decrypted every time they log in. However, if someone accesses the computer remotely via SSH, the SSH keys in the home directory cannot be referenced because the home directory is still encrypted until the person logs on. Of course, you need the SSH key to authenticate yourself before she can log in.


This was a recognized problem of the systemd-homed Team, but we couldn’t find any indication of a solution to this. We are sure that you will find a solution; it would be a spectacular case if they didn’t.

Suppose someone moves their home directory to a new computer. If someone else is already using the UID on the new computer, they will automatically be assigned a new UID. Of course, ownership of all of its files must be assigned to the new UID.

Currently this is done through a recursive, automatic application of the chown -R command. This is likely to be handled differently in the future when a more elegant scheme is developed. This cumbersome approach does not take into account the daemons and processes that are running as other users.

How to create and install SSH keys from the Linux shell

When does this happen?

This is happening now. The code changes were submitted on January 20, 2020, and they were in build 245 of. contain systemdthat shipped with Ubuntu 20.04 in April 2020.

Enter the following to check which version you have:

systemd --version

the homectl However, the command does not yet exist. Ubuntu 20.04 uses a traditional / home directory rather than systemd-homed.


Of course, it’s up to the individual distributions to decide when to include and support them systemd-homed and homectl.

So there is no need for anyone to switch to Pitchforks and Burning Torches mode. Because the standard methods of managing users and home directories are retained, we all still have a choice.

What’s new in Ubuntu 20.04 LTS “Focal Fossa”

Related Posts