userdb: add birthDate field to JSON user records by dylanmtaylor · Pull Request #40954 · systemd/systemd
github.com
Stores the user's birth date for age verification, as required by recent laws in California (AB-1043), Colorado (SB26-051), Brazil (Lei 15.211/2025), etc. The xdg-desktop-portal project is addi...

Fork time? Maybe all the anti-systemd zealots were right all along…

  • Liketearsinrain@lemmy.ml
    0·
    9 days ago

    They want to store the actual birthdays (not just a boolean stating it complies with an age bracket). And using claude to review PRs… fucking systemd

  • mazzilius_marsti@lemmy.world
    0·
    8 days ago

    I’m a noob when it comes to deep linux stuff.

    So how does this affect end users and are we at risk of leaking personal info? It looks to me they are adding a birthDate field along with other meta data. Will these metadata be sent to whatever local authorities or whatever data hoarder on the web (like Google) without user consent?

    I meant what stops me from listing false info like: Name: Biggus Dickus DOB: 06/09/1969 Nationality: Spartan …etc. ?

    I usually use systemd for stuff like hibernate/suspend, e.g.

    systemd suspend

    and if on i3wm, I edit configs for sleep and lid close in /etc/systemd/sleep.conf

    Are these affected too?.

    • Oinks@lemmy.blahaj.zone
      0·
      8 days ago

      The other user data is already stored in the userdb versions that nearly everyone who uses a systemd distro already has. You can check what data is being stored with userdbctl. On my system that looks like this:

      userdbctl user --output=json $(whoami)
{
        "userName" : "sky",
        "uid" : 1000,
        "gid" : 100,
        "homeDirectory" : "/users/sky/home"
        "shell" : "/run/current-system/sw/bin/fish"
}

      Honestly this PR is a bit of a nothingburger. I’m not aware of any distro really using userdb to store data beyond what you’d store in /etc/passwd (maybe Ubuntu does?). The main value of userdb seems to be as a frontend so other programs don’t need dedicated code to handle /etc/passwd, LDAP, etc. Notably GNOME recently eliminated their dedicated code in favor of just using userdb.

      And Userdb doesn’t really handle data validation at all. It enforces that you input a valid date after 1900, but that’s kinda it. I guess you need root/sudo privileges to change the birthdate but that’s not much of a hurdle for most Linux users.

      Really this entire PR boils down to:

      ALTER TABLE users ADD birthdate date;
      • jj4211@lemmy.world
        0·
        8 days ago

        And this is how I find out that systemd lets a process running as a user get the crypted password of the user:

        "privileged" : {
                "hashedPassword" : [
                        "$6$AY98/.dwdtU20LBM$L9fFhaH.E2xA6waYBVmHl/wS4HFSPn5v/JaIlrSW6wLOfKkV6H1Boqggj/109WO/uHXF1J/NkyXsK1BaCRKwx/"
                ]
        },

        I mean, why the hell…

  • udc@lemmy.worldEnglish
    0·
    8 days ago

    I don’t understand. What’s systemd got anything to do with age?

    • urandom@lemmy.worldEnglish
      0·
      8 days ago

      As per the linked ticket, they are a story for a handful of user data. An XDG portal needs to store this stuff, and they are already integrated, so this is just to accommodate the other project.

  • CrackedLinuxISO@lemmy.dbzer0.comEnglish
    0·
    9 days ago

    Has anyone even looked at the PR? Why is there such a big stink about adding an optional birthday field to a JSON schema? It’s opt-in and can’t be validated in any way.

    That’s like saying OpenSSL is the thin end of an anti-encryption wedge because they provide FIPS compliant modules. Or complaining that it puts your privacy at risk when you generate an SSH key and it asks for your address.

    The problem is the laws getting passed, not with software that gives people a choice about whether to comply.

    • Brargenzilian@lemmy.orgEnglish
      0·
      9 days ago

      … can’t be validated in any way.

      I feel like this will be a problem for the future.

      Edit: another user already pointed out the “problem for the future” here.

      • CrackedLinuxISO@lemmy.dbzer0.comEnglish
        0·
        9 days ago

        It definitely will be a problem, but it will be a legal problem, not a software problem. Even if the systemd devs decided to revert this commit and never collect age data, the law would still be just a shitty as it is now.

        If this law said that everyone needed to provide a phone number instead of a birthday, would everyone here be just as angry at the Bell Labs developers who wrote the GECOS standard?

    • Skullgrid@lemmy.world
      0·
      9 days ago

      The problem is the laws getting passed, not with software that gives people a choice about whether to comply.

      OK, but the law didn’t even get written. That asshole decided to open up and deepthroat the boot before it even entered the room.

    • ipkpjersi@lemmy.ml
      0·
      8 days ago

      The problem is the laws getting passed, not with software that gives people a choice about whether to comply.

      Is it going to give a choice, though? As more and more of these laws are passed, soon people will have no choice. Open-source software was supposed to be about freedom, and I see this as anything but that.

    • skyline2@lemmy.dbzer0.comOP
      0·
      9 days ago

      Yes, the PR specifically calls out the laws as the reason for this change. The problem is BOTH the laws getting passed, and corporate interests complying in advance.

    • Soot [any]@hexbear.netEnglish
      0·
      7 days ago

      By implementing a mechanism that enables this law, it becomes exponentially easier for lawmakers to then make it mandatory (as many already have/are openly planning to).

      Yeah, the problem is the lawmakers. But I don’t have enough money to control the lawmakers. The creators of free software should not actively helping oppressive measures.

    • Atomic@sh.itjust.works
      0·
      9 days ago

      Personally, I just don’t like the taste of asslicking in my distributions. Time to change to a non systemd distro.

  • davel@lemmy.mlEnglish
    0·
    10 days ago

    Unless it is fought, this corporate-driven rot will burrow all the way down to the sub-processor TEE/TPM and all the way up to the web browser/app.

      • davel@lemmy.mlEnglish
        0·
        10 days ago

        🤷

        In a few years, we may be smuggling in contraband Chinese RISC-V computers.

          • Soot [any]@hexbear.netEnglish
            0·
            9 days ago

            I’d done it, I’d smuggled in one of those RISC-whatever boxes. The hardware that doesn’t require a live-scan of your irises and your digital ID to interface. This baby can visit websites without even scanning your brainwaves. I don’t know what country it came from - You’re not allowed to know about foreign countries before you’re 40, the computer blocks them, it’s something about preventing “unauthorised gooning”.

            Just as I sat down, I heard it - the info-chopper, they knew. I grabbed my illegal CPU just as the door was bust open, “INFORMATION PROTECTION OFFICER, CLOSE YOUR EYES AND TELL ME YOUR BIRTHDATE!” You see you’re only allowed to hear certain parts of our rights depending on your details, it’s to protect you from dangerous information. Even seeing his face might evoke corrupted thoughts, but I didn’t care anymore.

            I quickly, but pointedly, looked over, and saw him, cool leather jacket, gun, one of those brain-interceptor helmet things, like a hockey helmet made of cushions and diodes. “NO” I cried, “I WANT TO PLAY SNAKE WITHOUT PROVIDING MY SOCIAL SECURITY NUMBER!”. With that, I cheesed it, spurred on by the sky-high promise of reading a ‘potentially offensive’ Wikipedia article, in private.

        • warmaster@lemmy.world
          0·
          9 days ago

          Only to be backdoored by the Red instead of the Orange.

          Someone call Dr. Strange, he fucked up this timeline real bad.

      • tyler@programming.dev
        0·
        10 days ago

        Email your legislators telling them that parents already have access to network block tools, these laws won’t stop the problem anyway (run through a vpn), they’re a free speech nightmare, they’re collecting more data on American citizens when America has data breaches losing data every few days, and Congress literally studied this twenty years ago and decided it wasn’t a good idea then, what makes it a good idea now?

        • IronBird@lemmy.world
          0·
          9 days ago

          uh…$? same reason the majority of US politicians vote anyway on anything put in front of them.

          the only thing sacred in the USA is $

      • antrosapien@lemmy.ml
        0·
        9 days ago

        What if users are redefined as context? Now the is does not have users anymore. That’s not a ‘root’ user, it’s a ‘root’ context. And that’s non root context with supercontext privileges

      • krashmo@lemmy.world
        0·
        9 days ago

        I’ll never buy a computer that can’t be run without this shit. If that means I run what I have until it breaks and then never have a PC again then that’s what I’ll do

        • wltr@discuss.tchncs.de
          0·
          9 days ago

          The last computer I bought (a couple of years back) was a decade old PC, the price was €10 or so. I needed to add RAM, SSD, and used it for a couple of years as a Fedora Workstation desktop. It was plenty powerful for most of my needs. I’m not too worried about it. I think I can survive on a machine like that.

      • Orygin@sh.itjust.works
        0·
        9 days ago

        The least effective way is whining on a Lemmy community about open source projects.
        Go talk to your lawmakers, not the people complying with the law.

      • gnuthing [they/them]@lemmygrad.mlEnglish
        0·
        8 days ago

        Honestly the only way to fight all the corporate and govt data collection is to end the dictatorship of the Epstein class by overthrowing then. Until we can unite against them, they will continue to limit our speech in an effort to quell efforts to organize a resistance

    • idriss@lemmy.ml
      0·
      8 days ago

      yep, it might be needed or not, let’s invest valuable dev time into it, it will open the door for user tracking based on age bracket now at least, nobody asked for it, but let’s do it anyways. Fuck Systemd for approving and merging this.

  • Onno (VK6FLAB)@lemmy.radio
    0·
    10 days ago

    In my opinion, storing a date is pretty much irrelevant unless there’s a process that validates the supplied date, otherwise every Linux user was born on 1/1/1, if not, an administrator can “fix” that

    Furthermore, that systemd thinks that it’s the place to store such information is in my opinion beyond absurd.

    Who appointed that project the source of age truth in the Linux ecosystem? What discussion was there, who was consulted and where was the vote?

    • Cethin@lemmy.zipEnglish
      0·
      9 days ago

      You’re right that asking a user for a date is next to useless. However, that isn’t a reason to not fight this stuff. Asking the user for the date is step one to getting people accept it. After that they’ll point out that people were lying, and they’ll need our government ID to verify (and link us to activity). It’s all a step towards a surveillance network tracking every move you make on your computer.

      • Onno (VK6FLAB)@lemmy.radio
        0·
        9 days ago

        I understand your point and agree that this is the thin end of the wedge.

        What we’re doing here is discussing the phenomenon and I’m highlighting some concerns.

        I believe that this is how you get a dialogue happening which will effect change, which is what we’re both advocating.

        I think that age verification is about surveillance rather than protecting children and I think it should be fought at every level.

        This is me contributing to that fight.

    • blobjim [he/him]@hexbear.netEnglish
      0·
      10 days ago

      This change is mostly in the userdb code which is a sub-component of systemd that stores user records. It isn’t in the PID1 process. But I could see an argument for having it be part of the desktop environment in GNOME or something like that instead.

      • JovialSodium@lemmy.sdf.org
        0·
        10 days ago

        I would say the majority of objections to systemd pertain to perceived overreaches of the project (perceptions I generally share). So in that sense, it is kind of on brand.

      • corsicanguppy@lemmy.caEnglish
        0·
        9 days ago

        it is crazy that Poettering is even considering merging this

        You’ve, uh, seen systemd, right? Cmon; this is just one more section for the cancer to eat.

    • njordomir@lemmy.world
      0·
      10 days ago

      They haven’t fessed up yet that that’s part of their plan. I expect to hear from them after they’ve passed the first half.

  • Geki@lemmy.ml
    0·
    8 days ago

    Why do the rest of us have to have this shit added in our systems just because some Yankees (and Brazil) passed some bills? My country has already said they won’t be doing any age verification shit. I’m starting to think there’s some big conspiracy here that FOSS isn’t as independent as we believe it is.

    • jefferyjefferson@lemmy.org
      0·
      8 days ago

      Unfortunately, the internet at large has been embracing cuck behavior and capitulation for years.

      They are genuinely excited to be a bunch of scared little bitches eager to please their masters.

    • Ulu-Mulu-no-die@lemmy.zip
      0·
      8 days ago

      FOSS isn’t as independent as we believe it is

      Some parts are indeed sponsored by corporations, that’s not a bad thing per se because financial support is important.

      Problems arise when corporations push changes solely for their own interest instead of the benefit of the community, this PR seems to be that case.

    • Magiilaro@feddit.org
      0·
      8 days ago

      Germany has effectivly the same law, active since december 2025, and I am sure more countries will intruduce such laws soon. Linux Distributions have to be compliant with this laws, if we like it or not.

      • Andrew Furrow@mastodon.furrow.me
        0·
        6 days ago

        @DarkMetatron @Geki do you have inside knowledge of more countries you speak of? Stop spreading FUD and face the problem head on. You Germans have earned a reputation for intolerance of fascism and Nazi sympathizers in your own land. Get out there and protest such laws instead of musing online about the decline of freedom as if it’s a forgone conclusion. These laws are pushed by scum to chip away at freedom. They do not protect anyone.

        • Magiilaro@feddit.org
          0·
          5 days ago

          I am not spreading fud, I only added something to a list. The fact that we have such a law is not known by many, even most germans are not aware of it, that is why I talk about it. It is only possible to Protest and fight against something if it is known, and I try to spread this knowledge. This is a way to fight against it, or at least the preparation.

          I am very sorry that my posts gave the impression that I am not against such laws, because I for sure am!

          And Yes, i should have said that I fear that more countries created such laws, my pessimistic world view got me when I wrote my first post.

          • Andrew Furrow@mastodon.furrow.me
            0·
            5 days ago

            @DarkMetatron sorry for the aggression, it’s just the relative helplessness us Americans feel in the shadow of so much stupidity and greed. It makes me jumpy when I perceive backsliding in more liberated places such as yours. I want to hold out hope the foolishness is mostly contained here in my nation.

      • Muehe@lemmy.ml
        0·
        8 days ago

        Germany has effectivly the same law

        I haven’t heard anything about that and a search doesn’t turn anything up either. Can you give any details on what you mean specifically?

        • Magiilaro@feddit.org
          0·
          8 days ago

          §12 Jugendmedienschutzstaatsvertrag: https://www.landesrecht-bw.de/bsbw/document/jlr-JMedienSchStVtrGBWV10StVtr-P12

          (1) Anbieter von Betriebssystemen, die von Kindern und Jugendlichen üblicherweise genutzt werden im Sinne des § 16 Abs. 1 Satz 3 Nr. 6, stellen sicher, dass ihre Betriebssysteme über eine den nachfolgenden Absätzen entsprechende Jugendschutzvorrichtung verfügen. Passt ein Dritter die vom Anbieter des Betriebssystems bereitgestellte Jugendschutzvorrichtung an, besteht die Pflicht aus Satz 1 insoweit bei diesem Dritten.

          (3) In der Jugendschutzvorrichtung muss eine Altersangabe eingestellt werden können.

    • pedz@lemmy.ca
      0·
      8 days ago

      Most distributions use systemd but there are still distros and other unix-like operating systems that are using something else. However, they are not “user friendly” and will probably not be what most people are looking for.

      Slackware uses its own init system and never used systemd but it has the reputation of being difficult to use. Gentoo also lets users choose between systemd and OpenRC. Alpine Linux uses OpenRC too. There’s more than a dozen distros not using systemd, but again, probably not what most people want to use. It’s also possible to replace systemd with OpenRC on some distros, but it possibly, probably, might cause some quirks.

      Otherwise, there are other unix-like operating systems. Debian GNU Hurd also has its own init system but it’s not using the Linux kernel, so it’s a different beast. OpenBSD and FreeBSD also have their own init system, but not Linux. And AFAIK there’s no such thing as modern gaming on those.

      There are ways not to use systemd, but realistically speaking, it will probably not be worth it unless you’re really militant about this. I started with Slackware at the end of the 90ies, I know how to compile a kernel, and tried GNU Hurd at some point, but I will not change something unless it’s really implemented deeper into the general software. It’s frustrating that the systemd devs are “collaborating”, but we’ll see what happens after a few rounds of updates.

    • lilith267@lemmy.blahaj.zoneEnglish
      0·
      9 days ago

      SystemD isnt exactly a program but more of a group of projects, the only “core” SystemD software on most distros is the init system… Which you can run completely without SystemD’s UserDB system (the part being talked about in the post).

      Basically this means you as a user dont have to do anything but switch away from projects that depend on SystemD’s UserDB (like Gnome), not SystemD as a whole

      However if you do want to move away from SystemD as a whole you can replace your init system with another one, gentoo’s wiki is a good starting point for learning a bit more: wiki. Personally I love using openrc but of you have no need to touch init files… Dont switch

        • kieron115@startrek.websiteEnglish
          0·
          9 days ago

          mine doesn’t appear to be? it says installed but disabled. unless i’m looking at the wrong service which is entirely possible.

        • lilith267@lemmy.blahaj.zoneEnglish
          0·
          8 days ago

          KDE is commited to keeping the desktop itself SystemD agnostic. Their new login manager does depend on SystemD, but you can run KDE Plasma from any login manager

      • Oinks@lemmy.blahaj.zone
        0·
        8 days ago

        Basically this means you as a user dont have to do anything but switch away from projects that depend on SystemD’s UserDB (like Gnome), not SystemD as a whole

        You can also just… not put your PII into UserDB. It can store clear names, mail addresses, postal addresses and now birthdates… but it can also just serve as an interface to /etc/passwd. Which conveniently also works with LDAP accounts (unlike your hand written /etc/passwd parser) if you’re an organisation that uses LDAP.

        This is the entirety of what UserDB knows about me:

        userdbctl user --output=json $(whoami)
{
        "userName" : "sky",
        "uid" : 1000,
        "gid" : 100,
        "homeDirectory" : "/users/sky/home"
        "shell" : "/run/current-system/sw/bin/fish"
}

        I don’t expect that to change with this PR.

      • kieron115@startrek.websiteEnglish
        0·
        9 days ago

        Thanks for explaining it a bit more. I moved from Windows 11 to CachyOS (limine bootloader and kde plasma DE) sometime last year and that may be a bit above my paygrade right now. Based on what I’m seeing in the Arch Wiki it would seem that quite a few systemd components are in use for my distro.

    • DFX4509B@lemmy.wtfEnglish
      0·
      8 days ago

      Alt-init distros exist but it’s only a matter of time before either they’re screwed or age-gating goes down to firmware or hardware level.

    • Agent641@lemmy.world
      0·
      8 days ago

      Just use something simple with systemd. The Linux community is its own worst enemy, in inviting people to come to Linux because it’s so simple and beginner friendly, then the trap snaps shut and they tell you to pick a distro and all you have to do is decide on either gnome, plasma or cinnamon, and between arch and debian and ubuntu, and between snap and Flatpack, between Vim, Emacs, nano, and micro, between Wayland and the other one, between systemd and violent self-fellagelation, and whatever you choose, make sure it’s FOSS and exactly what the next person on the forum used and as pure as the driven snow or you’ll be bullied, belittled, and trolled by egomaniacs, elitists, and gatekeepers until you fawn like a thrashed housewife who ‘only gets hit when she fucks up’, or you give up and install windows again.

      Just use whatever works for you, makes your life easier, and avoid the Linux purity circlejerk. When it stops working for you, use something else. Go your own way.

      If you don’t know what systemd does and you aren’t affected by this, use it. If there’s closed source software you wanna run, run it. If you want to install a snap, do it. If you like using VS code, install it on your Linux, it works great. You will never be pure enough to satisfy the Linux community.

      • RumRunningDevil@lemmy.zip
        0·
        8 days ago

        Okay but not really? Systemd does not really provide that much usability that any other init system + elogind doesn’t. The benefit to the FOSS environment is that we, as users and developers, can starve out bad actors.

        Want Nix but don’t like systemd? Guix. Want Arch but don’t like systemd? Void. You know what “compile” means and don’t want systemd? Gentoo.