Whether you like it or not, the recently much-discussed age-verification requirements are beginning to influence how the Linux desktop is built. In light of this, systemd now includes a birthDate field in its user record format, representing an initial step toward standardizing age-related metadata in the Linux desktop stack.
This update, merged via pull request, extends systemd’s userdb JSON structure to include a user’s full date of birth. The field serves as a system-level source of truth, enabling other components to access age-related information as needed. Users cannot edit this field directly. It must be set by an administrator, typically using the homectl tool.
It is important to understand that this addition does not itself enforce age restrictions or verification. Instead, it provides foundational data for other services. In parallel, xdg-desktop-portal developers are introducing APIs that allow sandboxed applications to determine content accessibility based on user age.
This approach follows the established portal model in Flatpak-based environments. Applications do not access sensitive user data directly. Instead, they request information through a controlled interface. Here, the portal is expected to return only limited results, such as an age bracket or an allow-or-deny decision, rather than the actual birth date.
With that said, systemd acts solely as a backend provider in this architecture. By storing a consistent birth date at the system level, it allows higher-level components, such as portals or account services, to make age-related decisions without requiring each application to implement its own logic or storage.
This development is linked to a broader regulatory context. The systemd pull request references new legal requirements, including California AB-1043, Colorado SB26-051, and Brazil’s Lei 15.211/2025. These laws expand obligations for age verification, parental controls, and access restrictions for minors online.
Expectably, this sparked discussion among developers. Some believe storing a full date of birth introduces unnecessary sensitive data and suggest that age ranges may suffice for most cases. Others argue that retaining the original data at the system level offers flexibility, with stricter controls applied by higher layers such as portals.
Technically, the distinction between storage and exposure is key. Systemd stores the complete birth date, but applications interact only with mediated results from portal APIs, where portals serve as gatekeepers between sandboxed applications and system resources.
But what about systemd-free distributions, like Void, Alpine, Devuan, etc.? Without systemd’s userdb and the birthDate field, they will likely need to either provide an alternative data source, such as by extending AccountsService, or return limited responses through portal APIs, which will certainly require additional development work on their part.
Finally, to reiterate: adding a birthDate field does not immediately affect the user experience on Linux systems. In any case, however, it clearly signals an effort across projects to support age-aware behavior in desktop applications. And by all accounts, it seems that a move in this direction is becoming increasingly inevitable.
That is beyond ridiculous.
Linux is not an OS but a kernel.
What if the installation process installs just the kernel, and you have a script to choose everything else starting with the package manager?
Technically, no one assembles an OS, no one if a provider of an OS.
What happens with the billions of embedded systems?
In the manufacturing plants moving robots and other machinery.
What happens with Android which is not an OS but a layer over a Linux kernel.
Is there a clear definition of what an OS is?
What if start to distribute that only P2P and not knowing who assembles everything into a distribution.
What about the OSs in the cars, planes, literary everything that runs some firmware or tiny Linux kernel and automate our life?
Traffic lights, bridges, medical devices, servers everywhere, watches, the fridges in the kitchen and the TVs?
We are surrounded with operating systems.
Those who crafted the law and others who passed it are idiots.
That can’t work without our cities stops or die.
Systemd is, as usual, overkill and overreach.
If you want to provide a flag on an account that indicates the user is over a certain age, all you need to do is to make that user a member of an ‘over18’ (or over13 or whatever) group.
There are already tools to do this at account setup or later maintenance. They fulfil the somewhat ridiculous requirement of the california law by being modifiable by the sysadmin. They can be queried by existing system calls such as getgrent(). If wished, a usermode (by root) application could maintain overxx flags from a date-of-birth database.
This is one of the many reasons Gavin Newsom will never be president. Absolute clown.
Well if there is any truth in this article this has to be a flatpack file for USA only and to be installed afterwards OS is installed. Cuz this break’s GDPR here in EU and other data protection law’s besides GDPR.
For example if this was used here in Sweden and anyone did pull info from my desktop about age or anything that I cannot block the request to pickup the data those companies and web sites and apps who do pull the data will commit a crime data intrusion and I will be able to make a case and sue the companies who has pulled data against my will. Take them to Court for stealing data and it will be seen as a that they “hacked” the user in court even though it’s not the right technical term for what happened.
April fool’s Joke. This is the biggest nonsense in it. This would render the distribution using this, no longer allowed for 700 million users in the EU due to GDPR issues. So: nonsense
This is absolute nonsense. It protects no one and nothing. Anyone that believes it does is foolish. Just like the “Are you over 21” prompts on a website do nothing everyone’s birthday is going to be 01/01/70 or the like.
Whoever approved the law should be fired
You’ve got to be kidding me…
This is all part of project 2025 and coming from MAGA. They want to ban porn altogether, so they’re making things worse for everyone. Big tech wants to essentially destroy the internet so that they can rebuild it in a way that will allow them to have 100% control over it. All because people have forgotten how to properly vote. People in mass who care about their privacy and rights need to start writing congress and their representatives. These laws have nothing to do with protecting children and everything to do with taking down the republic to become an empire.
The government wants docile consumers, not leaders and thinkers.
Wise up, open your eyes, learn to vote PROPERLY, and for the love of all that is holy vote.
You know that these laws are from Democrats, right? So maybe check the source before posting something.
Newsom has been collaborating with MAGA for a few years now. He’s had them on his podcast and his policies like criminalizing homelessness fall right in line with right wing republicans. The fact that he’s technically registered as a democrat doesn’t change who is behind these policies and who is bankrolling this legislation.
They aren’t, but you are missing the important part so you can argue about partisanship. The money says do it, so both parties will unless they smell actual electoral losses.
Nobody should be supporting this, but don’t expect your representatives, whoever they are, to vote it down unless you make them.
The law may come from democrats, but the massive lobbying behind these laws comes from big tech, namely Meta. So you can thank good ol’ Zuckerberg for this invasion of privacy
TL;DR:
People are panicking due to an optional matadata field that is not protected from superusers in any way, shape or form.
It’s not windows, people! You are the ones who are setting thouse fields, people! Noone verifies them, ever! This is acctuly usefull thing if you want to implement parental control.
No one’s panicking.
The problem is systemd (and Red Hat) trying to reinforce the intrusiveness of the octopus parasite it is. They are overreaching, trying to NIH a solution once again, and impose it to everyone via their octopus.
Many of us will never trust Red Hat with any kind of data. And many of us don’t need Red Hat to act as if they were the white knight of Linux and do everything and the kitchen sink in an attempt to lock down users to their software and control the Linux stack.
This law is a bad requirement. They should have levied it on the HW team instead.
Age restricting code can just be edited out of Linux. Resist. Do not comply!
We had the internet during the late 90s and 2000s. We had video games and access to VHS and late night TV. I grew up during these times being born at the end of 1980s.
While our world is hyper connected now. We still had MSN messenger, webcams, MySpace, forums, online chat rooms. A huge amount.
We didn’t all grow up to be mentally damaged or harmed by all of this.
These age laws are nothing but governments failing to understand the actual issues.
Meta and co allow harmful media on their platforms. Target that. Not peoples online freedoms which literally do not cause harm as evidenced by history..
This is literally just the same panic of past eras from video games, home video and the early internet.
We need better elected officials who actually understand tech so they can actually tackle the tech companies, rather than do lazy policies that restrict people’s freedoms and invade our privacy.
Also beyond all of this. Decentralisation exists. If you lock everyone out, we’ll just find other routes.
You are almost correct. Speak of peoples freedom but then talk of restricting companies due to their “harmful content.” This is one in the same. You think that separating the “where” your freedom to be separate from the company targeted.
The goal is to enforce content control based on age, if you believe in this goal then this legislation is the logical action. It doesn’t matter how technologically stupid it is.
And law makers get away with this because kids aren’t people, and parents do want to protect their kids but don’t know how. It is why “won’t somebody please think of the children” is so effective.
The goal has very little to do with content control, just like it has nothing to do with protecting children. They want to be able to control you, and sell you off as an asset.
And Censorship wins yet again, now that they got SYSTEMD to follow, a lot of distros that rely on systemd and their latest updates just won’t be able to separate themselves from it and be forced to edit it themselves or just follow with, hopefully some just remove it themselves but damn is it a dark day when Linux starts being forced to adhere to obscure local laws, at this point someone will arrest me for idk flushing too late because in a handful of unimportant places it’s illegal. Imagine bending a worldwide thing for CALIFORNIA AND BRAZIL. And I thought they would stand for beliefs. Thank GOD they at least try to make it as secure as they can, but that is just the bare minimum, although I could see Windows putting it in a text file it sends every app and site it accesses
This field means nothing on its own. The legislation is a serious problem, but there is no central Linux authority checking this value unless it’s a school workstation.
No one cares if it means nothing. It shouldn’t be imposed to all distros in an ever attempt to control every part of the stack by Red Hat, and now get your data too!
This is not their job to take care of this for everyone (for their own software, it’s fine). Nobody asked them to.
They act like this Linux almighty and the kitchen sink entity popping to NIH everything and later impose it when we didn’t ask. We just don’t need them to. They are way too intrusive and overreaching.
I mean those aren’t the only two places with laws like this already in place or coming soon, and just those two together have a population of over a quarter of a billion people…
Who knew so many people were born on 01/01/1970?
And all of this for a law lobbied by Meta.
Or 31 Dec 1969 for those of us west of UTC/GMT time zone!
How did you know my birthdate?
Have you been reading my diary?!
You mean, the one you publish on the internet for all to see?
Take a look at Devuan for Linux without systemd.
I suppose nobody has noticed that the California laws violate the privacy rights enshrined in Article 1 Section 1 of their state constitution. Weird, right?
Boycotting systemd just means you’re going to have to comply in some other way, and systemd isn’t going to verify the value. Go after the laws and the politicians pretending they care about security.
Yes, exactly, we want to comply in some other way, not via systemd!
We don’t want Red Hat to NIH this, we don’t want them to store our data either. They don’t need to be overreaching, we didn’t ask. Let them do it for their own software and leave others be.
Meta spent billions to get this laws lobbied, needs to stop now!
This kind of age verification is a way to broadcast to perps that this user is a juvenile and vulnerable. Not the intent, but the result. There are 24 excellent desktop distributions that currently refuse to use SystemD. There are a few others that are intended for servers or hypervisors. (And there is always the *BSD world.) Several distributions have already fallen into line, but just as many have objected and refused to implement. Some have license detail added to their distribution indicating that it is licensed to be used anywhere in the world EXCEPT where such requirements are law. (Of course, that does not stop people form USING the distribution, it just provides them legal protection for not submitting to that law. Commercial distributions do not have access to that recourse if they want to sell support in those locations.)
You’re mistaken, William. Not in what it will do, that part is obvious to anyone who ever bothers to USE the thing between their ears.
Your mistake is in believing that this outcome isn’t the true intent of those who are pushing these laws and facilitating the necessary code contributions. They know what they’re doing, they know what will happen, and they wouldn’t do this if they didn’t want that.
How the heck do you jump to that conclusion? It isn’t like the system will broadcast the age of the user everywhere.
If you install an application that require you to be 18+ it will check the system API and it will provide a verification. You can’t just question this API from outside the computer.
Maybe time to start exploring BSD ?
It will fall under the same laws as all the other operating systems. It is all an invasion of privacy and overreaching. The worry is about kids, social media apps, gaming and porn. Not about someone running a server, but under the laws they all need some kind of verification check. The kids will just lie or figure a way around it anyway.
Probably a net gain if more people learn to customize their installs. Imagine a world were everyone knows Gentoo inside and out.
The usual Red Hat modus operandi.
I am not against providing my age range, neither am I against Red Hat implementing this for their own software to comply with the law and avoid fines, like every project should.
But this is just yet another attempt from Red Hat at controlling the Linux stack further by acting as the white knight offering a solution that they will control, despite no one asking them to. They’re overreaching and overbearing as usual, acting with their chronic toxicity.
Moreover, Red Hat is the company I trust the least with storing my data (even less than Microsoft)
And forcing this down everyone’s throats via systemd to lock you into systemd tentacles and their software even further is just really pathetic at this point. Contrary to 15 years ago, everyone understands the little influence game of Red Hat these days. We know they’re trying hard and unethically to extinguish any competition.
Then, there is very little justification to using systemd for home usage over other init systems anyways.
Only a small minority actually makes use of more than 10% of systemd bloat, or more than a few common services, on their personal computers.
You don’t lose anything and you have performance gains when using alternatives. It’s actually hard to go back to systemd once you’ve seen the other side.
I recently switched to the dinit partition I had been preparing, exactly for this, to eliminate another Red Hat piece of software from my computers.
In other news, they have taken over Grub within (non-)freedesktop (also controlled by Red Hat), I bet you it’s to kill it off within 3 years and force systemd-boot down everyone’s throats. This is getting old now after they did the same with X Server, their ways are so obvious now as seen on all topics.
Systemd is better than alternatives. It’s actually useful.
Not really for home desktop use.
Could accept the argument for a corporate environment or for servers.
But for John Doe it would be entirely transparent if he was using some other init system or systemd. It would be set up by the installer and they will never touch any of it. He would even have better performance without the bloat.
The not elected EU Commission, also called a dictatorship, posted very clearly that this “age verification” will be done through the coming “E-ID”. Just search for “age verification” in combination with “E-ID” or any other pseudonym for the digital certificates like “EUID”, “Green Pass”, “EU Green Pass”, “Vaccination Pass” etc. The Greek government actually called it “Freedom Pass”. Don’t laugh, it’s bitter reality.
This is all about identification, control and possibly keeping people out. The EU is already “sanctioning” EU citizens.
The only way to enforce this “age verification” scheme is by forcing all software and hardware makers to prevent owners and users from manipulating the surveillance measures on their own computers, including “smart phones”. We already have that with Android, which is based on Linux. Proof of concept. The argument will be that children must preventing the “age verification” process, which naturally also means that adults must not be able to manipulate the system.
Companies like Apple, Google, and Microsoft are already working on that. But who would be the “trusted” company that brings the dystopian measures to Linux? IBM Red Hat with systemd.
There is one component missing: The boot loader. No problem with UEFI, because enforcing “secure boot” is all it takes. Well, controlling the secret key infrastructure is also needed. Guess why Windows 11 requires TPM 2. But you might think now that there are alternatives, like grub. Besides that such options might be simply no longer part of the BIOS (we called that the “monitor program” a few decades ago), guess who just took over grub: FreeDesktop.org, which happens to be controlled by IBM Red Hat. Look at what they did to X11 in order to manipulate the market in favor of the IBM Red Hat project Wayland and you will understand what they might be willing to do to grub.
This is all well prepared. The only thing that is not reality yet is the legislation, except for Brazil.
“Age verification” is not just about an API. And of course it has nothing to do with the protection of minors. The Epstein Elites are the ones who are pushing “age verification”.
The new control system with digital certificates (E-ID …) is so important for dystopia, because the digital certificates are the basis of the coming central bank digital currencies (CBDC). Nothing is more valuable than having total control over the entire financial system wold-wide.
BTW, the WHO is preparing the next “pandemic”.
https://www.who.int/news-room/events/detail/2026/03/18/default-calendar/who-epi-win-webinar-preparing-for-and-responding-to-an-influenza-pandemic-what-is-the-pip-framework
The first genetic engineering experiment called “vaccination” 5 years already brought us the same digital certificates, even under the same names like “Green Pass”.
Like most conspiracy theorists, there’s are elements of truth to what you say, then, sadly, the rest is pure nonsense.
Three years ago I’d laugh at your comments, but ever since the Epstein Files… I don’t know anymore.
You need therapy, not Internet comments.
1. The EU leaders are elected, by the representatives you elect to the EU. They in turn vote for the positions via proxy (the rights you have given your representatives).
2. E-ID is not about control, it is about saving democracy. Because right now social media is full of troll factories and you have thousands of daily posts made by bots or trolls claiming to be another nationality in order to sway local politics. This will be eliminated with eID.
Yes it is sad that we need it but we do.
3. Please no conspiracy theories, WHO do not start pandemics.
Democracy is already dead in the UK, France, Germany and Spain, the rest will fall soon too. You can’t tell a joke, make a cartoon, criticize a politician or a particular religion in the UK right now without being arrested. That’s democracy? I don’t think so. Freedom of speech is the most important thing in a democracy.
The members of the EU Commission are neither elected by the citizens of the EU nor by any elected representatives. They are only being confirmed by the EU Parliament after being nominated by the states’ governments behind closed doors without any democratic process. The EU Parliament has no budget law, has no right of initiative, and it decides on every matter behind closed doors by a board before an “open vote”. The members of the EU Parliament always follow the decisions of the board and all they can do is to confirm EU legislation by the EU Commission. The voters have no right to a say in any matter. The entire legislative process by the EU Commission is entirely intransparent to the citizens and cannot be controlled by the citizens. Over the past decades, the parliaments of the EU states have surrended the entire legislative process to the EU Commission. All EU regulations have to be put into national laws. If we had any constitutional democracy left in the EU, Leyen and her entire EU Commission would be sitting in jail.
By reverting to insults, slur and the usual rhetoric, you only highlight your political agenda.
What slurs? I didn’t use any of that in my reply. Try again.
EU leaders are elected through a combination of direct public voting for the European Parliament and indirect selection by national governments. The European Council (heads of state) proposes, and the Parliament elects, the European Commission President and members, while the Council also picks its own President and the Foreign Policy
Jan, are you by any chance a German party member of the “Stasi 90/Die Grünen”?
Linux is such a tiny fraction of the worlds Internet users and how many of these are underage children.
This thing seems nefarious and screams of control, not protection.
As a citizen of Sweden, one of the most open internet countries, i never got asked if i wanted to be included in the EU. That was looong before i was old enough to understand anything.
The EU was created for economic reasons, and should continue to be ONLY for free trade. But from the looks of it they are building Soviet 2.0. Just a couple of weeks ago they wanted to take 25% of the fee we pay for electricity transmission. Luckily one of the current governments EU elected officials shut that down this week.
But it won’t last forever. They will take more and more, legislate more and more. Ignoring the member countries own legislated amendments etc. They are taking over Europe. One way or the other. Not to mention Swedish snus, which they want to make illegal in Sweden.
Don’t read the official “polls” on EU satisfaction. Those are not represented by the people. I don’t know anyone who isn’t getting, or have been sceptical to the EU. It is all about control.
Don’t let them ruin Linux aswell.
The end has come, the mass control has begun. All software will use this API, and in the near future, we won’t be able to deny access to any software without verification. After the birth age, the ID will be implemented.
The filing begins, children have nothing to do with it 😉
No this is about control, you know…for the children.
Are you sure? A totalitarian Government starts with the death of privacy. What do you think will happen when nobody can say something critical about the government? Look at Germany, they had an raid over a meme. A f*cking Meme!
Truly, if this was about keeping kids away from social media, I would be for it. Hell, I’d go further. Get mobile phones and laptops out of schools. I’d go even further. The mobile networks should be shutdown. The harm done by smartphones is too great to comprehend.
Not going to happen of course. Too much money involved. The responsibility will be pushed down the chain.
I cannot see these developments as anything other than the thin of the wedge. Once in place, why stop at just “age”? You can be locked out of your own computer for all manor of characteristics and ideology.
You can’t be locked out from your computer, your computer doesn’t have an age verification to login. You can be blocked from launching certain applications that require a higher age.
Alright, they will block me.
That will be a stimulus to learn even more programming languages and write what I need by my own.
That can do any kid that has access to a keyboard.
No one restricts tutorials for 13 years old yet, right?
Agreed. A lot of people rightly attack these laws for the reasons you’ve mentioned, but always fallback on the glorified platitude of “it’s the parent’s responsibility” when it comes to the actual issue if the harm done to children by these devices.
This harm which goes way beyond access to 18+ content. A lot of children’s entertainment is literally (not figuratively, extensive research really goes into this) engineered to be as addictive and this harmful as possible.
“It’s the parents responsibility” – but parents aren’t doing their responsibility. They’re giving internet enabled tablets to toddlers and then drugging them when (suprised pikachu face) they have behavioural problems and can’t concentrate at school. You can barely go out for in public today without being subjected to the sounds from some tablet shoved in the hands of a child. This is abuse and neglect and something needs to be done about it, actually. Not this though, this is at best a waste of time, and at worst the thin of the wedge as you mentioned.
You have no right to interfere with others like you want to. What’s wrong with people like you who think their arbitrary, and ungrounded beliefs are so important they have to impose their will on everyone? You may as well be shourung at 5G cell towers that haven’t been turned on yet.
Because your beliefs are arbitrary. Drugging their kids? You need help and counseling. Maybe you need drugs, giving your increasingly unhinged ranting.
Parenting or lack of it should not allow the government to dictate their will upon the people or their children.
Who is to say what is best for your offspring, I certainly think it’s not corporate government.