Fork time? Maybe all the anti-systemd zealots were right all along…
Edit: To address whether it is likely that this change will affect users: Gnome is planning a stronger dependence on userdb, the part of systemd where this change is being implemented. https://blogs.gnome.org/adrianvovk/2025/06/10/gnome-systemd-dependencies/
Final Edit: The PR has been merged into main.
I’ve been using Linux for many years and not even once I’ve seen those info being requested by the operating system.
There’s a huge difference between YOU putting your info by your own accord wherever you want (look at what people do on Facebook) and an operating system requesting those.
In case you didn’t notice, this whole ordeal is pushed by Meta to avoid being accountable for the shit they do on their platforms, they’re trying to shift the responsibility to operating systems of all things, and that’s not acceptable.
Is it though? As best as I could tell, this PR is literally just adding the field next to the others, not requesting shit.
Absolutely. I just disagree that this particular addition (particularly considering all the fuss about making sure it doesn’t show up in logs and dumps and what not) is a problem. I don’t think this is the hill that battle should be fought on. Adding or not adding it to systemd doesn’t make the OS / distro built on top of it any less responsible for their handling of that data.
It does provide a standard and (somewhat) central place to implement the security aspects of it though.
That would be the case if everyone used systemd, but it’s not, sysvinit distros still exist and they’re not going away in the foreseeable future.
I could agree with this if the reason for this PR wasn’t age verification, that’s indeed a battle that needs to be fought, on every piece of the puzzle.
That’s nice. Doesn’t change the fact that it needs to be stored somewhere, if the maintainers end up facing legal pressure to implement it. Opposing one (optional) way to store it won’t fix the issue, it’ll just result in the same splintering of competing standards we see everywhere else, with the attendant difficulties in ensuring security and quality across the board. In other things, that might matter less, but if we’re pissed about having to hand over PII to one instance, I’d be even more wary of it being stolen.
You’d be cutting off one leaf of a tree.
Are you going to oppose every other system that allows storing data too, because it might be used to store data for age verification?
No, it’s a battle that needs to be fought at the focal points: lawmakers, law enforcement, developers implementing the verification tools, companies using them.
Spending time and energy waging a culture war over the most insignificant, replaceable, trivial part of it will achieve nothing. It sacrifices all nuance and bulldozes all discussion of other merits (or issues) systemd might have.
There are legitimate, reasonable complaints to have with systemd. “We added a data field, which we’re trying to make sure doesn’t end up in the wrong hands” isn’t one.
Fuck these laws, and fuck the fascists using kids as pretense for surveillance.
Sure, but trying to apply it to the entire world when only a few countries are currently impacted is fishy at best.
And no, we don’t know yet what the entire world will do about it, even if Meta is trying to lobby everyone, there’s also a push for making opensource exempt from it, in that case those applying the PR have worked for nothing.
It depends, if the purpose is age verification then yes I will oppose it.
I didn’t have any so far, for the very simple reason that I don’t have the technical knowledge to judge by myself. This PR tho doesn’t require any tech knowledge to understand what’s going on.
The road to hell is paved with good intentions, even tho by reading the PR thread I’m not sure the intentions behind the push are actually good as you seem to believe.
That’s something I fully agree with.
Let’s hope it succeeds. Actually, let’s hope the law is overturned entirely. And while we’re at it, let’s hope Meta fails, crashes, burns and takes all its bullshit down with it, but that’s only tangentially related.
Then I’ll not tell you what I intend to use that encrypted hash I’m writing to my app’s data storage for.
Any data storage can be abused. This one is transparent about its content, but I don’t see anything implying that you have to enter anything, let alone have to enter your actual birthdate. It can be used for parental controls, it can be used for age restrictions, but if I implement age verification, where I store that data on your machine is the least of your worries.
Where I store your ID on my machine, on the other hand, should be more concerning, and even more so the fact that I need your ID at all.
We can argue whether this is necessary, whether it can serve reasonable use cases (such as voluntary parental controls), but at the end of the day, it’s such a small and exchangeable part of the system that it’s not worth the shit people give systemd over it.
I think controlled, transparent storage is better than intransparent, and any storage is only as evil as the things using it. Target those things instead.
Yes, anything can be abused nowadays, but you can’t cut yourself off technology, unless you want to live as a hermit, I’m pretty sure none of us wants that.
And no, I’ve never given my ID to anyone that’s not my government, and I won’t, if they classify me as a teen because of it, so be it.
Yes, what systemd is currently doing is pretty innocent compared to other things, I believe that’s on purpose so people can easily accept it and they can do worse later. Corporations are behind this, don’t forget that.
That point, I disagree on, because systemd (not) implementing this doesn’t actually make it easier (or harder). Distros that want to comply would just write a file for it somewhere instead. Distros that don’t comply will just not implement any verification process.
What systemd does here is offer a solution to secure it centrally (see the commit discussion about the most efficient and reasonable way to wipe that info from memory again). Considering the whole issue, I think its impact on feasibility of verification is minor, while the advantages of standardisation make it preferable to a wild growth of uncontrolled alternatives.
Another user pointed out the concept of anticipatory obedience to me, and in that context, corporations pre-emptively bowing to authoritarian surveillance is definitely a cowardly move. We agree on that.
Here’s to hoping this entire discussion becomes just as pointless as you expect the PR to become. If that’s what I end up being wrong about, I’ll gladly take the L for cynicism and the W for privacy.
It doesn’t as long as other init systems exist and people can luckily choose, hopefully that will always be the case.
Agree on that, I think that’s the hope for everyone here.