Age verification on Systemd and Flatpak
londonanon
105 points
91 comments
April 03, 2026
Related Discussions
Found 5 related stories in 87.6ms across 3,471 title embeddings via pgvector HNSW
- systemd has not implemented age verification pabs3 · 12 pts · March 24, 2026 · 74% similar
- Store birth date in systemd for age verification sadeshmukh · 70 pts · March 19, 2026 · 68% similar
- System76 on Age Verification Laws LorenDB · 57 pts · March 06, 2026 · 67% similar
- The unfortunate need for an "age verification" API for legal compliance turrini · 18 pts · March 03, 2026 · 65% similar
- Ubuntu is planning to comply with Age Verification law taubek · 16 pts · March 04, 2026 · 65% similar
Discussion Highlights (20 comments)
lschueller
Quite spooky imaging that apple might create by that a fully verified pii database for half of gen z and every coming gen users
jmclnx
This is a no win situation and I think systemd is making this change too early. But I have read that field is optional. But my main concern with this is applications like Firefox will eventually require this systemd age specific field and a standard systemd function to call. That means this age field will need to be populated and thus locking out the *BSDs and non-systemd Linux. If that happens, this makes the systemd critics 100% right, systemd is being forced upon all distros by various upstream applocations.
nout
It's interesting that the package managers become choke points that can be used for government overreach. Luckily Linux is open source so I expect there will be options that just don't do this from principle. Otherwise my Intel NUC server with Debian is 2 years old, so I expect the honest age would be 2 years? I may have parts for some old PCs to put together that could get adult software I guess...
Shank
It seems incredibly silly to me that this is being rushed into systemd and other linux components. I understand Apple making changes, and even Canonical, but systemd is not run by one corporation and there is no reason to adhere to a badly written law. Why play along with the charade? If root is root, the "age verification" field does not make any sense. Why are these changes being made on a worldwide basis when the laws that have been introduced are a relatively small fraction of the world? California isn't going to go after individual systemd maintainers. Will California go after Torvalds? I doubt it. Apple? Surely, but this is, quite frankly, a ridiculous thing to even suggest for inclusion into these setups.
RcouF1uZ4gsC
> Will my system believe me? And how about their system, whoever “they” are? If not, then what else will I need to do to prove my birth date and age? Who will check if root can’t be trusted? How will they check? If they ever seize your computer, they can probably also tack on computer fraud charges
ekr____
OP is certainly right that a lot of this legislation is written in ways that are hard to interpret and that often seem like they would have undesirable side effects even under the assumption that the basic idea is good (whether that's actually true is a whole different question). In the specific case of CA AB1043: (1) Systems are required to ask the user for their age and just trust whatever they say (2) Applications are required to query the system for the user's age range. Other enacted and proposed device-based age assurance mandates have different properties. This post goes into quite a bit of detail about the various points of concern: https://educatedguesswork.org/posts/device-based-age-assuran...
pgt
Fellow software engineers, what are we doing here? Why are we letting the EU / UK define the future of software?
looperhacks
This systemd change is absurdly overdiscussed. It's a field for a number, no verification, no enforcement for anything. And no, I do not accept the slippery slope fallacy.
tombert
I've been running NixOS for awhile, which is very firmly integrated with systemd. I wonder if it's time to try something like sixos or Guix SD.
supliminal
Is 9front impacted?
pharrington
This is actually nuts. You can't even constantly implement "age verification" at the system level in a way that makes sense across world cultures. The only sane way to do this is you were playing along with arbitrary legislative age-gaters would be to add a generic "additional user info" blob to the account fields, if it didn't already exist.
sunshine-o
The story reads like an april fool. For root to manage privileges in an OS, isn't a group the most straitforward way? Can't flatpak read the groups of an user?
ur-whale
Carry permit to operate a compiler is in our near future.
motbus3
I think you miss the point (But who am I) the simple fact you sending the same signal over and over again, with all other signals your browser send, it will be another key to make you apart. They don't care if you lie. Important that you lie the same story every time. And after having your dob, who could easily be a flag if you are less than 18, they could easily request your name, or a document number, but I think it will be much better, it will have some ISP and/or Device ID.
stevenalowe
NO, DO NOT COMPLY WITH FORCED SPEECH Might seem harmless now but it won’t next time, and you will have already capitulated
uyzstvqs
People need to understand the difference between age indication and age verification . Two very different things. Age indication is a completely private and realistically as-effective alternative to the invasive age verification . Age _indication_ means that when you set up your device or create a user account, you enter a date of birth for the user. The OS then provides a native API to return a user's age bracket (not full date-of-birth). If the user is a minor, the OS will require parental authentication in some way to modify the setting again. This can all be done completely offline. It works because parents almost always buy the devices used by children, and can enter the correct date-of-birth during setup. Age _verification_ means that some online service has to verify your age, and collects a bunch of (meta)data in the process. This is highly problematic for privacy, security, and the open internet.
cyberge99
Age verification in the OS is one milestone of a greater objective: removing anonymity on the internet
garganzol
Let's restrict this plague to California/UK only. If Gulag wants to be a Gulag, let them be.
petre
This is stupid. The age should be in the passwd gecos field or somewhere else in the user's config directory. Not in systemd. Unix-ike systems are multiuser. Now I wonder what age to put in the root, adm or games accounts.
renegat0x0
Article asks what next. I know what's next. It is similar with crypto wars. They try and try until they have backdoor everywhere. About verification they will try to implement WEI on browsers, and verification on os. It is a crusade to make you always identifiable. Companies and governments want it so much because it is so valuable to them, it adds so much power over people. So what's next. They will move borders here, and there. Every year.