Add a required birth date prompt (YYYY-MM-DD) to the user creation flow, stored as a systemd userdb JSON drop-in at /etc/userdb/<user>.user on the target system.
Motivation
Recent age verification laws in California (AB-1043), Colorado (SB26-051), Brazil (Lei 15.211/2025), etc. require platforms to verify user age. Collecting birth date at install time ensures Arch Linux is compliant with these regulations.
This is just a pull request, no changes yet.
The pull-request discussion thread has been locked, just like it happened for the similar thread in Systemd, owing to the amount of negative comments…
This dude need to chill, he also pushed the systemd change, and in his blog he seems to believe android “advance flow” for sideloading protects users.
The one they are targeting is California’s AB-1043, which still have three quarters of a year before it comes into effect…
I think this dude might get too excited for his new subscription of claude code or whatever, and decided to spam every project with these request. Some of these are reasonable, some are compliance in advance.
Also this dude writes two freaking blog every week with LLM. If I were him, I would try to find some joy in my personal life…
I fully expect this person to not be even real and instead just another ai bot to push agenda for corporate scum
He’s the third highest contributor to archinstall.
https://github.com/dylanmtaylor
Still a dipshit but probably not a bot.
it’s so strange to me that he tried to add age verification scripting changes in archinstall. isn’t that the wrong place systemd makes sense but I’m puzzled by the archinstall pr
The thing that’s frustrating is that if the age verification laws weren’t there and they wanted to add a birthday field it wouldn’t seem bad. Details about the human using the account like first and last name are already stored. All you really need is username. But because it’s explicitly in reaction to age verification laws we have to be skeptical about adding it.
The timing makes me even more suspicious. Of all the times one could added this field, this is probably singularly the worst one. Right after discussions of mandatory age check? Seriously?
You don’t need to be suspicious, they’re explicitly adding it because of that. They said as much. Look at what they wrote under “Motivation.”
I sort of get the feeling of something more than just complying with the possible future age verification law. I feel like it has intent do damage and distrupt the community.
fascist cocks won’t suck themselves.
Not the wrong place if you want to comply with the law, as he explains in the PR comments, the law requires the installer to prompt for age when creating users.
Fair enough that’s pretty surprising, so even Arch is not safe from lunatics… That is disappointing. As a Manjaro user, I am likely to pick up their changes via both systemd and since Manjaro is Arch based… Sad and disappointed by useful morons who have no fucking clue.
I don’t know what people expect.
All big linux distros are going to be quickly a target, because the people who like age verification laws like that hate the idea of free software.
Putting a dummy, useless age input, is a good way to comply maliciously, and can be easily reverted if these stupid laws ever get removed.
It wouldn’t surprise me if obvious ways to bypass it appear a few seconds after the changes are validated.
The alternative is that these systems could be outawed in a lot of places, which would have a much more negative impact than an age field.
War is about knowing to take a hit to avoid defeat, sometimes.
I have no idea what to think because this sounds reasonable, but so do the arguments that it’s a slippery slope and complying now makes it easier to surveil us all later. (Yes, I know this is the name of a fallacy. I’m curious as to when is it a fallacy and when is it not. I can absolutely imagine people saying “slippery slope fallacy” and being right, I can also imagine a different situation where people say “slippery slope fallacy” to something and it happens exactly as the people whose claim is being denied with “slippery slope” fallacy said.)
I guess that is why controversial issues are controversial, no easy and obvious resolution?
A slippery slope isn’t always a fallacy. Yes, that is a specific name of a fallacy, which people commonly point out, but it is also the form of a valid logical argument. If there is support that this will happen, it isn’t a fallacy.
I this case, a user-entered field is useless to “protect children” (being generous and assuming this is the actual reason for the laws). Children will just lie, as they have been doing for decades. The state will point to this as the law not fulfilling its stated goals, so they’ll need to verify age through other means. Even if the goal isn’t surveillance of people, this is still likely to be the result logically. This means the slippery slope argument is valid.
It could be a slippery slope. That’s why the point is not to just accept it and move on, but to comply while pushing back against it.
And complying right away, but with a bullshit field, is a good way to signal “we do not agree, and we’re going to always find a way to fight back”.
Taking a hit to avoid defeat, does not mean surrendering. It just means that you need to recognise when a battle is lost. In a way, the other side of the slippery slope is the sunk cost fallacy, where you refuse to admit that something is a lost cause and you keep on pushing, making things worse.
It’s a matter of balance and reason, which people nowadays reaaaally struggle with.
They’re not handing over private crypto keys here. It’s a database entry that the person installing the system can put whatever they like in.
and it happens exactly as the people whose claim is being denied with “slippery slope” fallacy said
But this is the crux of the fallacy. What evidence is anyone providing that there is indeed an insidious chain of events we are enabling by adding the birthdate field? Are there examples of cases similar to this in history?
EDIT: I can tell people are getting emotional about this because I’m being down voted for just asking a question that elaborates the point someone is making.
The justification of the slippery slope is pretty simple.
They ask to add in a DoB field that must be filled out and reported at all times. So we add it into our systems and say no big deal. If you hate it put down your birthday as 1900-01-01 and call it a day.
But what is the problem with a self reported, unconfirmed field like this? It is utterly useless BECAUSE it is a self reported, unconfirmed field. It doesn’t solve any problem AND it doesn’t provide any real personal information. So why even ask for it?
The two options are malicious intent and stupidity that tech can’t be worked around.
We can skip the latter as stupid people will always be stupid. So the former, malicious intent. When they point out that this new law isn’t actually fixing things because of the fact people are lying about their age they will inevitably say we need government IDs added to the system. They will not only make sure you are the correct age for content, but know WHO is viewing such content and they will be tracking it.
Now you might say, wait there is a third option, benevolent people actually wanting safety. Creating a system where personal information is mandatory to your interaction with the internet creates a security target that we all know cannot be covered. And we also know that all tech can be broken so kids will find a way around this stuff. Using your parent’s ID, a globally shared fake ID, hacking the protocol for certification. they will get around it.
The slope is slippery because the only options are
- Stupid => which falls down the hill on accident
- Benevolent => which falls down the hill because its a vertical cliff face that can’t be scaled
- Malicious => they push you down the hill because they are assholes
Thank you for replying without attacking me (as I’ve seen other people do to each other on this topic). I upvoted you.
This law affects so few people in the world, they can bugger off with their changes. No one on my entire content is affected by this stupidity.
Found the corporationist bot.
War is about knowing to take a hit to avoid defeat, sometimes.
We have been taking hits since, like, 1965 at the least. Surely by this point it should have been enough?
Everyone I don’t agree with is a bot!
And what would refusing a field do?
What needs to be done is basically a revolt against current governments and capitalism, not nitpicking every privacy-invading law that comes, and then waiting patiently for the next one to come.
You’d rather put a big target on linux systems for stupid fucks to label it as “the big danger for our kids” which would just bring nothing good.
You want to stop taking hits, then stop waiting for them and then pretend that dodging is the only solution.
What needs to be done is basically a revolt against current governments and capitalism,
I’m doing my part on that, you are invited to also do yours. But also do realize that “a revolt against current governments and capitalism” is a class action, not something that we can do by ourselves like patching an OS to remove age verification is.
And big linux groups cannot remove age verification as easily as users can, as a big group is likely to be sued while an individual isn’t as much.
deleted by creator
People get arrested for ones and zeros all the time.
Or you know, just getting a lot of accesses blocked, your ISP blocking you, etc.
No matter how you put it, it’s more risk than inputting a bullshit field at install.
My ISP doesn’t know which os I’m using, I behind two NATs and a proxy…
Good for you.
Now what about others that are not in your situation? What if this gets flagged as a suspicious behavior? What if your ISP blocks access to devices that are not allowed by a third party (government or company)?
You can always make a slippery slope. The difference is that complying for now brings nothing bad, not complying brings more focus and puts a target on linux and its users.
Everyone is behind at least one NAT, the wifi router.
Generally provided by the ISP, no?
Isps provide modems. You can add your own router and manage the network yourself if you’re so inclined. Why do all these threads have people like you that don’t know basic things about computing and networking commenting on this?
Outlawed software.
Lol
Lmao even.
In soviet america software outlaws you.
It’s very obvious this is just an entry point to degrade even more of our privacy and rights. How many times is this kind of shit gonna keep happening and people will still fall for it.
Was this also true with the real name field?
If you really don’t see this as a problem with governments instituting this you are exactly who I am talking about. Keep drinking the koolaid bud
Governments should not be requiring this of operating systems; it’s absurd on many levels.
But actually implementing it is still pretty innocuous.
My Linux based IOT devices will now need age verification for default accounts…? And now any devices will expect to have non-shareable specific accounts…? So to open my fridge and use its apps I need to verify as me…? I’m me?
If you have a fridge with an app
GET OUT
You laugh but have you seen hdd prices recently? cold storage problems require modern solutions!
I gotta take out my ID to do docker run --rm hello-world
Imo, the move would be if all linux distros were to let the date come and go and just geo block all requests from countries and zip codes that do this. Users breaking the law would not be the problem of the organization making the OS. If they’re not “offering” the OS in those zip codes, refuse all service, patches, updates, everything, they would not be legally responsible.
Getting desktop Linux banned from somewhere like California instead of doing something that is effectively harmless is only helping Google, Apple, and Microsoft.
I think you’ve severely underestimated just how critical Linux is to the tech industry, and just how hard it would be for companies to move off of it.
If companies were afraid they’d have to face that kind of work, they would push back on our behalf.
Or they would make their own forks, we’d end up with a painful unmaintainable mess, and then they’d push back on our behalf.
You manage upwards against people unwilling to listen or comprehend by forcing them to experience the pain of their own poor decisions that they were already warned of. You don’t accomplish anything by proactively capitulating to bad requests.
Uh, “no u”.
Putting the birthdate into linux is only helping Google, Apple and Microsoft.
…you can’t just say and claim that. At least give me some argument why would that be helping those companies.
On one hand. It’s the same as the standards we already have to store email adresses and phone numbers for Posix users it’s harmless. And honestly, it’s also useful for application developers that want to implement parental controls (and despite what the tinfoil hat gallery is saying this is important). It would stop being harmless if it was tied to real IDs, but currently that would be strawman argument.
On another hand, if you prevent Linux adoption in a large demographic, you remove a threat to big tech’s dominance.
(Thanks for actually engaging with the discussion).
On another hand, if you prevent Linux adoption in a large demographic, you remove a threat to big tech’s dominance.
Ok, sort of, maybe but this move is the move of big tech dominance. By caving to it, “linux” is positioning itself into a position of compliance with them, not opposition. What complying does is also removing the option to really oppose and evade big tech’s dominance.
We’re simply entering the era where installing an illegal operating system becomes a thing that is possible, because previously nobody cared to make an operating system illegal. And I would to have many distros to choose from that don’t comply with this, but I will pick the wacky silly outlier if I hate to. At least I like to think of myself as doing that.
I agree with your worries about the second point. Mandating thing like this by law is bad. But having a standard on its own is not. Ideally this should have come from an industry standard and not a legal one, but inaction is part of what got us into this mess.
Mandating thing like this by law is bad. But having a standard on its own is not.
I agree with this. Here’s where it gets weird. All these bills stem from meta lobbying. Why do they regulation in this specific thing when they’re totally capable of forming a standard committee or something with Microsoft and Google?
Because they knew some people in the OS community would take the bait.
It wouldn’t be easy to ban desktop Linux without inadvertently banning Linux servers and IoT devices. So we should let them walk into this quagmire and get bogged down with an impossible task, instead of capitulating at the first opportunity.
there’s so much shit to implement in linux, new shit to make, old shit to fix. preemptively adding this bullshit, without anyone even threatening any meaningful action, should be shot down in flames and this joker excluded from any and all FOSS avenues on account of spam and trolling.
I am sure the tali-fucking-ban are tali-fucking-banning women from using the computers by way of whatever passes for laws over there. is this bootlicker gonna implement “just a JSON field” to that end as well?
grow a spine, you corpo-fetishizing cowards. where’s the “fuck you, make me” attitude? what, california of all places is gonna ban linux? fucking lol.
deleted by creator
I thought that the law hasn’t even passed yet? Why are distros so eager to show legislators that they’re on board for being regulated?
The only one apparently eager to implement this is the dylanmtaylor Github user, who has created PR’s for systemd, archinstall, and Ubuntu. Maybe more.
The California bill was approved and signed into law back in October:
https://leginfo.legislature.ca.gov/faces/billTextClient.xhtml?bill_id=202520260AB1043
Its only one state, the rest of the world for now still have some fucking sense. If anything its disproportionate to appease a local government with global systems, whats next? Appease North Korea? Or Putin? Block Linux from working in Ukraine? How fucking insane is this dipshit to add changes to a global product for a thing that affects only 40m people out of fucking billions?
Brazil has something similar. Other US states are working on it. And the UK, some EU countries, Australia and others are pushing for the same. This won’t be just California for long: it’s a worldwide push to make it impossible to do anything involving a computer without first disclosing your real identity to the authorities.
https://www.tomsguide.com/computing/vpns/online-age-verification-a-complete-global-timeline
But hasn’t taken effect yet:
This bill, beginning January 1, 2027, would require, […]
Gentoo/Artix
I’ve started updating my own Arch install script to work with Artix instead. Hopefully have it done in a few days.
Artix has a calamares installer, do you need a script?
I don’t need it, no. Its more akin to an unattended installer with a answer file - once you start the script you only need to input the new password for root and user account and thats it.
Yes, this is the way. Big ups.
evidently the systemd and arch requests were from the same guy.
Ok, so the systemd change was acceptable (since it was optional), this is absolutely not. Fuck this shit. If it’s coming to NixOS I’m going to do everything I can to stop it, and otherwise I’m keeping a Nixpkgs patch that reverts the commit
