[systemd-devel] How does the mount process of systemd-homed work?

Jörg Kastning joerg.kastning at gmail.com
Tue Sep 24 17:16:25 UTC 2019


Hello to Lennart and this list,

I watched the recording of Lennarts talk at the All Systems Go (
https://cfp.all-systems-go.io/ASG2019/talk/VSQRXA/) and would like to ask
some questions about the new way to process user home directoties and
authentication.

In the talk was said that the user does log in and systemd-homed.service
mounts the user home directory as a LUKS loop back device which contains
the '.identity' file with all the user information in the JSON struct,
right?

Isn't there a chicken egg problem? When all the user Information are stored
in an encrypted LUKS file how should the user be able to login? Could
someone explain this to me and may give an example, please?

Lennart said there is plenty of documentation about the JSON struct. I
didn't find any on the Internet. Could you please point my nose to it?

In the JSON file was a section for the users groups. Does the users get the
same groups on every system they login to? Is there any way a user could be
in different groups depending on the system where the user login to?

The JSON struct has a block for each system in the binding section
containing uid and gid. Will systemd prevent that a new user is added with
the same uid using useradd for example? Where does systemd stored this
Information when the user's home is not mounted?

Hopefully my questions are understandable. Looking forward reading you,
soon.

Best Regards,
Joerg
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/systemd-devel/attachments/20190924/3f33f725/attachment.html>


More information about the systemd-devel mailing list