man7.org > Linux > man-pages

Linux/UNIX system programming training

systemd-homed.service(8) — Linux manual page

NAME | SYNOPSIS | DESCRIPTION | KEY MANAGEMENT | SIGNALS | SEE ALSO | NOTES | COLOPHON 

SYSTEMD-HOMED.SERVICE(8)  systemd-homed.service  SYSTEMD-HOMED.SERVICE(8)

NAME         top

       systemd-homed.service, systemd-homed - Home Area/User Account
       Manager

SYNOPSIS         top

       systemd-homed.service

       /usr/lib/systemd/systemd-homed

DESCRIPTION         top

       systemd-homed is a system service that may be used to create,
       remove, change or inspect home areas (directories and network
       mounts and real or loopback block devices with a filesystem,
       optionally encrypted).

       Most of systemd-homed's functionality is accessible through the
       homectl(1) command.

       See the Home Directories[1] documentation for details about the
       format and design of home areas managed by systemd-homed.service.

       Each home directory managed by systemd-homed.service synthesizes a
       local user and group. These are made available to the system using
       the User/Group Record Lookup API via Varlink[2], and thus may be
       browsed with userdbctl(1).

       systemd-homed.service also manages blob directories for each home
       directory it manages. See User Record Blob Directories[3] for more
       details.

KEY MANAGEMENT         top

       User records are cryptographically signed with a public/private
       key pair (the signature is part of the JSON record itself). For a
       user to be permitted to log in locally the public key matching the
       signature of their user record must be installed. For a user
       record to be modified locally the private key matching the
       signature must be installed locally, too. The keys are stored in
       the /var/lib/systemd/home/ directory:

       /var/lib/systemd/home/local.private
           The private key of the public/private key pair used for local
           records. Currently, only a single such key may be installed.

           Added in version 246.

       /var/lib/systemd/home/local.public
           The public key of the public/private key pair used for local
           records. Currently, only a single such key may be installed.

           Added in version 246.

       /var/lib/systemd/home/*.public
           Additional public keys. Any users whose user records are
           signed with any of these keys are permitted to log in locally.
           An arbitrary number of keys may be installed this way.

           Added in version 246.

       All key files listed above are in PEM format.

       In order to migrate a home directory from a host "foobar" to
       another host "quux" it is hence sufficient to copy
       /var/lib/systemd/home/local.public from the host "foobar" to
       "quux", maybe calling the file on the destination
       /var/lib/systemd/home/foobar.public, reflecting the origin of the
       key. If the user record should be modifiable on "quux" the pair
       /var/lib/systemd/home/local.public and
       /var/lib/systemd/home/local.private need to be copied from
       "foobar" to "quux", and placed under the identical paths there, as
       currently only a single private key is supported per host. Note of
       course that the latter means that user records generated/signed
       before the key pair is copied in, lose their validity.

SIGNALS         top

       SIGUSR1
           Upon reception of the SIGUSR1 process signal systemd-homed
           will reestablish its file watches on /home/ and rescan the
           directory for home directories.

           Added in version 258.

SEE ALSO         top

       systemd(1), homed.conf(5), homectl(1), pam_systemd_home(8),
       userdbctl(1), org.freedesktop.home1(5)

NOTES         top

        1. Home Directories
           https://systemd.io/HOME_DIRECTORY

        2. User/Group Record Lookup API via Varlink
           https://systemd.io/USER_GROUP_API

        3. User Record Blob Directories
           https://systemd.io/USER_RECORD_BLOB_DIRS

COLOPHON         top

       This page is part of the systemd (systemd system and service
       manager) project.  Information about the project can be found at
       ⟨http://www.freedesktop.org/wiki/Software/systemd⟩.  If you have a
       bug report for this manual page, see
       ⟨http://www.freedesktop.org/wiki/Software/systemd/#bugreports⟩.
       This page was obtained from the project's upstream Git repository
       ⟨https://github.com/systemd/systemd.git⟩ on 2025-08-11.  (At that
       time, the date of the most recent commit that was found in the
       repository was 2025-08-11.)  If you discover any rendering
       problems in this HTML version of the page, or you believe there is
       a better or more up-to-date source for the page, or you have
       corrections or improvements to the information in this COLOPHON
       (which is not part of the original manual page), send a mail to
       man-pages@man7.org

systemd 258~rc2                                  SYSTEMD-HOMED.SERVICE(8)

Pages that refer to this page: homectl(1)userdbctl(1)mount_setattr(2)homed.conf(5)org.freedesktop.home1(5)repart.d(5)systemd.exec(5)systemd.directives(7)systemd.index(7)nss-systemd(8)pam_systemd(8)pam_systemd_home(8)systemd-userdbd.service(8)

HTML rendering created 2025-09-06 by Michael Kerrisk, author of The Linux Programming Interface.

For details of in-depth Linux/UNIX system programming training courses that I teach, look here.

Hosting by jambit GmbH.

Cover of TLPI