Enabling systemd-homed managed user&home dir during Fedora install

Hi.

Before posting here I was looking elsewhere on how to install Fedora with systemd-homed managed user&home dir. Many posts/HOWTOs/etc instructs on how to add/convert users to systemd-homed controlled variants on already existing installations, but is there a way to install Fedora afresh with systemd-homed managed/controlled user ?

Regards
ArtūrasB.

1 Like

Do you have a link, to see to what you are referring?

That’s systemd-homed, systemd’s subsystem to manage user home directories together with user - Home Directories. I found multiple examples/cases on how to convert existing “traditional” users with home directories into ones managed by systemd-homed after Linux is installed, but I cannot find information in how to install a Linux distro (e.g., Fedora) with systemd-homed managed user and user’s home dir without the need to do post-install conversion.

All right, update of my findings on the subject. As I interpret various bug reports, blog/social media posts, etc, few thing are still missing for homed not only for it’s use during installation, but for post-install user conversions as well:

  • SELinux policies for homed for “normal” homed operations, e.g., user creation, etc. That’s about distros using SELinux.
  • Adjustments to logging in (e.g., GNOME/KDE/etc sessions) frameworks/configurations, so logging via GUI will result into proper unlock and use of users’ home directories managed by homed.
  • It might be more “loose ends” which I haven’t found during my week long “research”.

My personal conclusions:

  • Homed is not ready for prime time End-to-End, not at least for simple installation/post-install conversions. It is mature enough as a technology alone, but not in combination with other bits and pieces.
  • It is possible to convert regular Linux users/create new homed users if one is familiar with SELinux policies and knows how to create it for homed. Or in distros which do not have SELinux enabled. Of course, it is always possible to disable SELinux completely or switch to permissive mode, but that is not recommended way as it opens installation to more security threats.
  • Similarly with PAM - if one has knowledge on how to setup PAM modules and its configs, it might work for logging in via GUI to homed-managed users.

I’m using Fedora which employs SELinux and I do not have enough knowledge (e.g., beyond tutorials, howtos, instructions) of homed, PAM, SELinux, I leave the idea of converting my user to homed managed user for now.

Regards
Artūras B.

1 Like