Re: strawman proposal: homed directories for users

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Di, 08.10.24 09:24, Neal Gompa (ngompa13@xxxxxxxxx) wrote:

> On Tue, Oct 8, 2024 at 9:22 AM Michael Catanzaro <mcatanzaro@xxxxxxxxxx> wrote:
> >
> > On Mon, Oct 7 2024 at 12:59:46 PM -04:00:00, Simo Sorce
> > <simo@xxxxxxxxxx> wrote:
> > > Changing a default like this is not something to do lightly IMHO.
> >
> > I'm interested in systemd-homed because we currently have no other
> > plausible path towards encryption of user data by default [1] (since
> > use of LUKS full-disk encryption has been rejected).
> >
> > [1] https://pagure.io/fedora-workstation/issue/82
>
> And that's the context in which we wanted homed working with
> centralized logins. It continues to confuse me that people conflate
> "centralized login provider" with "remote users", which are not the
> same thing at all. Local users that have primary
> authentication/authorization externally managed has been a pattern for
> quite a long time on other platforms.

So one thing I am kinda interested in is adding support for
synthesizing local homed users from oidc/oauth2 accounts, in the long
run, to get something like a Chromebook-like behaviour, that you can
basically say "allow logins from any @google.com" account or similar,
and we'd generate a home dir from that automatically, as you log
in. But quite frankly, we have more pressing issues in systemd-homed
land right now. It's a bigger project, would require support in
various layers, i.e. gdm would probably need to support some form of
web browser and so on.

Lennart

--
Lennart Poettering, Berlin
-- 
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue




[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Users]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]

  Powered by Linux