Florian Haftmann

Florian Haftmann is working as software engineer and consultant, beside being an enthusiastic free software user.

During two stages of his career he was particularly affiliated with free software: from 2005 to 2011 at the technical university of Munich (isabelle.in.tum.de), and from 2011 to 2018 being a system developer and architect for a Linux-based desktop environment for the city administration of Munich.

Accepted Talks:

POSIX pitfalls in modern desktop environments and how to work-around them

The Unixoid operating systems (particularly Linux) have grown up in the era of workstations. Hence they use a couple of mechanisms designed for operating finite, closed and trusted structures of systems and user accounts: Global numeric IDs for user accounts, a permission system for cooperative file sharing built on groups, coming with arcane devices like primary groups and umasks. When running a stand-alone system, e. g. a notebook, using Linux today, these mechanisms get hardly in the way: there is only one user account running and operating the system. Problems arise when a huge infrastructure with thousands of systems and users is centrally configured using a directory service (e. g. LDAP). When done naively, the relics of the workstation era sneak in, obscuring the idea of modern desktop systems. This talk points out potential pitfalls and suggests work-arounds. It draws on experience running a huge Linux infrastructure in the public administration at the city of Munich.

Keywords: Directory services (LDAP, AD / Samba), PAM, System Security Services Daemon (SSSD), POSIX groups, heterogeneous desktop environments