this post was submitted on 26 Mar 2026

129 points (91.6% liked)

Linux

13023 readers

677 users here now

A community for everything relating to the GNU/Linux operating system (except the memes!)

Also, check out:

Original icon base courtesy of lewing@isc.tamu.edu and The GIMP

founded 2 years ago

MODERATORS

Ategon@programming.dev

anzo@programming.dev

dwraf_of_ignorance@programming.dev

129

Inside the Systemd Age Verification Debate: Developer Responds to Criticism (itsfoss.com)

submitted 3 days ago by cm0002@europe.pub to c/linux@programming.dev

77 comments fedilink hide all child comments

Dylan M. Taylor is not a household name in the Linux world. At least, he wasn’t until recently.

The software engineer and longtime open source contributor has quietly built a respectable track record over the years: writing Python code for the Arch Linux installer, maintaining packages for NixOS, and contributing CI/CD pipelines to various FOSS projects.

But a recent change he made to systemd has pushed him into the spotlight, along with a wave of intense debate.

At the center of the controversy is a seemingly simple addition Dylan made: an optional birthDate field in systemd’s user database.

you are viewing a single comment's thread
view the rest of the comments

[–] IrateAnteater@sh.itjust.works 109 points 3 days ago (6 children)

I was expecting civil discourse and a level-headed response.

He may have been hoping for that, but surely he didn't truely expect it. The FOSS community can barely have a civil discussion about filesystems.

[–] tangonov@lemmy.ca 9 points 2 days ago

You definitely can't have your cake and eat it too. Linux for many has been about freedom and privacy. He made a direct contribution toward a system that would help take that away

[–] jimmy90@lemmy.world 12 points 2 days ago* (last edited 2 days ago) (1 children)

Q. You say this is "just attestation, not verification" but we know that infrastructure always gets repurposed later. This is where the legit fear lies. Today it's birthDate. Tomorrow could it be location, identity, or verification tokens? I understand that you are providing a workaround but where should we draw the line between compliance and resistance?

A. Funny you mention that, location is already a field in userdb. Like birthDate, this field is also trivially nullable, stored locally, and can be set to anything. As long as we are talking about a user self-attesting a date - especially with the ability to enter any value we want - we aren't in the realm of identity tracking. I draw the line at when a third party internet-connected service is doing validation of ID. Let’s be honest though, I strongly believe such a thing isn’t possible on a FOSS operating system environment unless they could control what was bootable on the device at a firmware level, enforce signatures to ensure that you couldn’t boot something unrestricted, remove the ability to be root, and block LD_PRELOAD so signals couldn’t be faked. There’s probably more ways to circumvent that. What I’m trying to say is real ID verification on Linux would be awfully hard to implement, and I guarantee you, nobody would put up with it. They’d fork to a version that doesn’t have it immediately as a protest. Right now, we’re considering implementing something akin to the date pickers that were ubiquitous when signing up for internet services in the early 2000s where it’s just an honor system. Things like actual ID checks and/or facial scanning + age estimation would be just too incompatible with Linux where we have the freedom to change whatever we want to.

the intellectually diverse lemmings represented in this post and many others cannot understand this

won't stop them expressing their feelings tho, bless their hearts

[–] Senal@programming.dev 2 points 2 days ago* (last edited 2 days ago)

That's a sound argument, mostly (in the quote, i mean)

If the technical implementation of how they would try and force age verification was the problem people were concerned about, this take would be very useful.

Physical locks on glass doors are easy to bypass, doesn't mean you won't get shafted if someone just so happens to catch you in the act.

If third party age verification is legally mandated the implementation being technically difficult (or easy to bypass) doesn't stop it from being illegal.

Being a condescending prick works better if the position you take is unassailable, you do you though.

[–] Avicenna@programming.dev 26 points 3 days ago* (last edited 3 days ago) (1 children)

At the moment of most intense debates about mandatory age checks and government surveillance you (Dylan) hoped people to be calm about this? Then you my friend are simply delusional. They are angry and for a good reason. Why the rush to comply with a surveillance practice that hasn't forced on you with some sanction or enforcement. You did not even wait for it to play out. You did not have a discourse about alternatives. You just went ahead and hastily applied a change as if as if doing some sort of coup.

[+] mech@feddit.org -6 points 2 days ago (1 children)

He didn't apply the change, he proposed it.
And there's zero surveillance in the change he proposed.

[–] Avicenna@programming.dev 8 points 2 days ago* (last edited 2 days ago) (1 children)

If we are going to get stuck in semantics, then he also did not just propose it. Propose would be opening an issue, describing how he would plan to do it and letting people discuss. This is how proposals work. Pushing a very controversial change and getting someone to accept it is not "proposing" when the change is something the community will obviously be so divided over.

And it does not have to implement a full on surveillance mechanism to take a step towards better compliance with possible future surveillance laws. The guy literally said in his comments that this was the intent:

https://github.com/archlinux/archinstall/pull/4290

What the hell are we even discussing here?

[–] fruitcantfly@programming.dev 4 points 2 days ago* (last edited 2 days ago) (2 children)

A pull request is very much a proposal: It is a proposal to make specific changes to the code-base. The developers are not forced to accept it in any form, and discussions can take place in the pull request, should the developers (or third parties) not agree with (the exact form of) the proposed changes. Which is exactly what happened in the systemd pull request, to the extent that the actual developers had to lock the thread.

In the case of systemd, the "someone", or rather the "someones", who accepted the pull request also included the lead developer on the project, namely Lennart Poettering. Who else do you propose should decide what pull requests and other proposals to accept?

[–] Avicenna@programming.dev 1 points 16 hours ago

Simply not true. In any such project, major proposals first get discussed as issues and community either vets a plan or comes up with an alternative before more solid steps such as PRs start. What is being done here is clearly trying to downplay a major change as a minor one. There are loads of blog posts and discussions on why this isn't a minor change, especially when the author of the PR himself admits the goal is to comply with age verification laws. I will not get into that here. Suffice to say, at best, this is a political statement of the kind "we are ok to comply with surveillance and will show minimal resistance". Yet they try to play this as if they are just changing a typo in the documents. Thanks to Lennart for his life long contributions to FOSS, despite him at some point joining Microsoft, the antithesis of everything that is FOSS. I am sure many things he did shaped how the open-source developed on a world-wide level. This still does not mean that his reaction to everything will be correct. To me this was more like a "fuck all, this was a minor change, don't care what you say" attitude, which in my world-view has place in propriety software world not FOSS.

[–] FooBarrington@lemmy.world 5 points 2 days ago

You're approaching this with an everyday definition of "proposal", but in the industry that term is overloaded with more specific meanings.

If you asked 100 random devs, I have no doubt that the majority would call a PR to be something much more concrete than a proposal.

[–] breadsmasher@lemmy.world 19 points 3 days ago (1 children)

HEY MY GUY you want a CIVIL discussion about CIVIL DISCUSSION?

[–] panda_abyss@lemmy.ca 14 points 3 days ago (2 children)

Ugh, I’m forking this thread. If you guys can’t agree with me I’ll make my own.

[–] panda_abyss@lemmy.ca 6 points 3 days ago (1 children)

Oh wow, this guy ^ is the best at civil discussion!

[–] Linearity@piefed.zip 1 points 3 days ago (1 children)

Why’d you reply to yourself 😭😭

[–] panda_abyss@lemmy.ca 7 points 3 days ago

It's my thread I can do what I want

[–] Hupf@feddit.org 2 points 2 days ago

How nation states were formed

[–] Overspark@piefed.social 8 points 3 days ago (1 children)

That's a rather negative view. There's a big difference between people who actually contribute to FOSS (in any way, not just code) and random keyboard warriors in the contents. Sure, there's always some drama somewhere, but that's not exclusive to FOSS.

[–] quips@slrpnk.net -4 points 2 days ago* (last edited 2 days ago)

There’s also a massive difference when one proactively participates in destroying linux users’ freedom, one of the pillars of foss

[–] Quill7513@slrpnk.net 6 points 3 days ago

we're what happens when dumpster fighting punks need their laptops to work