pid_eins

pid_eins, 15 days ago to random

When pondering whether we should start linking to some external library in systemd, I usually spend some time looking at the library's sources, to understand the quality of the code. While coding style differences are fine, there are certain red flags that make libraries unsuitable for use in systemd, or that indicate questionable quality of the code.

Red flags like this are for example absence of OOM guards on malloc(), absence of reasonable error propagation,

pid_eins, 25 days ago to random

Kernel breaking userspace episode nr. 43858262:

https://github.com/torvalds/linux/commit/a1912f712188291f9d7d434fba155461f1ebef66

Hacking around it:

https://github.com/systemd/systemd/pull/32892

pid_eins, 27 days ago to random

1️⃣5️⃣ Here's the 15th installment of posts highlighting key new features of the upcoming v256 release of systemd.

systemd integrates with many components of the OS. Due to this it links against various external libraries. Generic distributions – which typically enable all features a package provides – usually have to deal with relatively large dependency trees in cases like this.

pid_eins, 1 month ago to random

1️⃣3️⃣ Here's the 13th installment of posts highlighting key new features of the upcoming v256 release of systemd.

ssh is widely established as the mechanism for controlling Linux systems remotely, both interactively and with automated tools. It not only provides means for secure authentication and communication for a tty/shell, but also does this for file transfers (sftp), and IPC communication (D-Bus or Varlink).

pid_eins, 1 month ago to random

7️⃣ Here's the 7th installment of my series of posts highlighting key new features of the upcoming v256 release of systemd.

In systemd we put a lot of focus on operating with disk images, specifically file system images that carry an expressive GPT partition table – something that we call DDIs ("Discoverable Disk Images").

pid_eins, 1 month ago to random

6️⃣ Here's the 6th installment of my series of posts highlighting key new features of the upcoming v256 release of systemd.

In the 2nd installment of this series we have already discussed system and service credentials in systemd a bit. Quick recap: these are smallish blobs of data that can be passed into a service in a secure way, to parameterize, configure it, and in particular to pass secrets to it (passwords, PINs, private keys, …).

pid_eins, 1 month ago to random

5️⃣ Here's the 5th installment of my series of posts highlighting key new features of the upcoming v256 release of systemd.

I am pretty sure all of you are well aware of the venerable "sudo" tool that is a key component of most Linux distributions since a long time. At the surface it's a tool that allows an unprivileged user to acquire privileges temporarily, from within their existing login sessions, for just one command, or maybe for a subshell.

"sudo" is very very useful, as it…

pid_eins, 2 months ago to random

A while back we started to turn many of the library dependencies of systemd from regular ELF dependencies (which you can explore with tools like lddtree or readelf -d … | grep NEEDED) into dlopen() deps, in order to minimize the dep footprint of systemd. The primary reason for this was to make it easier to build small disk images without optional components, in particular for the purpose of initrds or container deployments. Recently, another reason for doing this came into focus:

pid_eins, 2 months ago to random

PSA: In context of the xzpocalypse we now added an example reimplementation of sd_notify() to our man page:

https://www.freedesktop.org/software/systemd/man/devel/sd_notify.html#Notes

It's pretty comprehensive (i.e. uses it for reload notification too), but still relatively short.

In the past, I have been telling anyone who wanted to listen that if all you want is sd_notify() then don't bother linking to libsystemd, since the protocol is stable and should be considered the API, not our C wrapper around it. After all, the protocol is so trivial

siosm, 5 months ago to fedora

sudo without a setuid binary or SSH over a UNIX socket: https://tim.siosm.fr/blog/2023/12/19/ssh-over-unix-socket/

I have been working on this setup as part of my investigation to reduce our reliance on setuid binaries and trying to figure out alternative for common use cases.

#Fedora #ConfinedUsers #UnixLegacy

pid_eins, 8 months ago to random

The excellent CCC VOC people published the AllSystemsGo! videos from this week. Here's the UKI talk I did there:

https://media.ccc.de/v/all-systems-go-2023-185-unified-kernel-images-ukis-

Enjoy!

pid_eins, 9 months ago to random

Busy at the Image-Based Linux Summit, Berlin!

pid_eins, 9 months ago to random

Can't wait for Wednesday, for AllSystemsGo! 2023. So many exciting talks! Have a peek at the schedule:

https://cfp.all-systems-go.io/all-systems-go-2023/schedule/

pid_eins, 10 months ago to random

Exciting: → https://blogs.gnome.org/alatiera/2023/08/04/developing-gnome-os-systemd-sysext/

pid_eins, 11 months ago to random

Quick! Only three more days, and the All Systems Go! 2023 CfP ends! Submit now! https://cfp.all-systems-go.io/all-systems-go-2023/cfp ← ⚡️🏃🏻💨💨

pid_eins, 11 months ago to random

Pssst! 🤫 We have an impressive systemd release v254 coming up soon! If you are curious, have a look at what's cooking here, but don't tell anyone just yet: https://raw.githubusercontent.com/systemd/systemd/main/NEWS (We hope to tag rc1 next week or the week after)

pid_eins, 11 months ago to random

The AllSystemsGo! 2023 CFP ends in ⏳ ~2 weeks ⏳. Make sure to submit your talk now! 🏃‍♂️🏃‍♂️🏃‍♂️🏃‍♂️ See you in Berlin! → https://all-systems-go.io/

pid_eins, 11 months ago to random

interesting: https://fedoramagazine.org/use-systemd-cryptenroll-with-fido-u2f-or-tpm2-to-decrypt-your-disk/

pid_eins, 1 year ago to random

@brauner and I did a talk about mounting disk images (i.e. block based file systems) in unprivileged code reasonably securely, back at LFSMMBPF in Vancouver, two weeks ago. A video of the session is now online: https://www.youtube.com/watch?v=RbMhupT3Dk4 – enjoy!

pid_eins, 1 year ago to random

Here's a fun new feature we are working on in systemd: userspace-only reboot. In order to reduce grey-out times on image-based OS updates to next to nothing we are making a reboot happen where kernel stays as it is, but userspace shuts down as usual, then possibly transitions into a new rootfs, and starts up again with an initial transaction as it would on a classic system boot. During the transition selected services can pass along their fds and listening sockets, to pass "live" resources…

pid_eins, 1 year ago to random

PSA: Thou shalt not write udev rules with ACTION="add|change". Thou shalt use ACTION!="remove" instead.

If you look for "positive" events (i.e. that the device is present when it happens) then this is what you have to do. Why does this matter? Various kernel subsystems nowadays issue additional action event types (bind, unbind, …) that fire as part of device bring-up (usb…), and if your rule doesn't match on those the effect of your rules will likely be undone as these new actions are fired.

pid_eins, 1 year ago to random

Now to one of the big questions of our times: what's better style? open("…", O_DIRECTORY|O_RDONLY|O_CLOEXEC) or open("…", O_DIRECTORY|O_CLOEXEC)?

Of course, both are entirely equivalent, because O_RDONLY on Linux is 0. But on a philosophical, conceptual level, what's the better way to write this?

(Asking because half of the systemd codebase does it one way, the other does it the other way.)

This is your time to shine, and contribute to the major philosophical discussion of today!