Reinventing Home Directories Let's bring the UNIX concept of Home Directories into the 21st century

-Kate Rashenov

Reinvent home directories for the 21st century with unification, security, and ease of setup and migration through a new backend technology using JSON user records and easy system syncing.

Key takeaways
  • Re-inventing home directories for 21st century, to unify and secure file access control
  • Goals: make it easy to set up a secure and secureable home directory, make migrations effortless
  • Problems: no built-in encryption, no unified user records, no easy sync with other systems
  • Solution: create a new backend (Lux) that uses JSON user records and provides easy sync with other systems
  • Importance of encryption and user records in securing file access control
  • HomeD is a component that makes use of this, but anyone can supply their own backend
  • Ability to convert between different user record formats (e.g. NSS to JSON)
  • Inherent user database design is around passwords, needs to be updated
  • Key goals: all configurations should be hidden from clients, user data should be stored securely, and user controls should be provided
  • The concept of “home” should be re-defined for the 21st century
  • Existing solutions like ZFFS are not sufficient and need to be improved
  • Current home directories lack encryption, user records, and easy migration capabilities
  • Need for better sync and authentication mechanisms
  • Extended local file system permissions and access control
  • Encryption and decryption keys should be stored securely and not in plain text
  • User records should be extensible and contain additional information
  • One important thing is the use of TPM (Trusted Platform Module) for hardware-based encryption