Post has shared content
+Lennart Poettering just posted the 21nd part of the systemd For Administrator series, this time covering container integration. Enjoy!
Add a comment...

Post has shared content
+Lennart Poettering just posted the 21nd part of the systemd For Administrator series, this time covering container integration. Enjoy!
Add a comment...

Post has shared content
Earlier today I gave a talk at the NLUUG Najaarsconferentie
2014 in Bunnik, Netherlands, about "Security Features in systemd". I promised to upload the slides, so here they are.

Even if you didn't attend the conference the slides might be interesting, please have a look.

Oh, and before you ask: no, to my knowledge the presentation was not videotaped.
Add a comment...

Post has shared content
Last week I posted my slides from my talk at NLUUG Najaarsconferentie 2014 about security features in +systemd . Apparently the talk was videotaped after all and the videos are now online. Hence: here you go!

(Slides at http://0pointer.net/public/systemd-nluug-2014.pdf)

Enjoy!
Add a comment...

Post has shared content
Here's a little gem I just added to systemd's "nss-myhostname" NSS module: in addition to resolving the local host name to the locally configured IP addresses, and to resolving the host name "localhost" to the usual 127.0.0.1 and ::1, it will now also resolve the special host name "gateway" to the local default gateway address. This is pretty useful inside of containers or in local LANs, as it assigns a stable name to the container's host or the router if there's one. With this in place, a "ping gateway" command on the shell prompt will do just that: ping the default gateway. And if you enter http://gateway/ into your web browser, you'll now always end up on the configuration UI of your WLAN router. How cool is that?

Of course, if the name "gateway" is used in DNS it still overrides this new magic assignment, in order not to break existing setups that use that name.
Add a comment...

Post has shared content
A new Linux Action Show is OUT: http://bit.ly/las342

+Lennart Poettering shares the surprising origins of systemd, and answers our questions,  +Brandon Philips the co-founder of +CoreOS discusses Rocket, +Matthew Miller from the +Fedora Project talks about the upcoming Fedora 21, and more!

Enjoy: http://bit.ly/las342
Add a comment...

Post has shared content
Here's a small, but powerful new tool I added to +systemd today: "systemd-import" can pull and update container images from the Internet, in the format and via the APIs of today's best known Linux container solution. This lightweight tool downloads the images, converts them into btrfs subvolumes/snapshots and makes them available as simple directory trees in /var/lib/container/, like any other container tree, which you then can boot with "systemd-nspawn".

This how you use it:

# systemd-import pull-dkr mattdm/fedora
# systemd-nspawn -M fedora

This first downloads "mattdm/fedora", and installs it into /var/lib/container/fedora, and then boots it directly via systemd-nspawn, like any other container tree.

All this with only a bit of C code, as part of the systemd suite. No new dependencies. No Go, no Python, no other runtime.

Next: add support for non-btrfs systems for this (by transparently creating a dynamically sized loopback file somewhere in /var, with btrfs inside, which can be used for this, so that only the redundant container images can reside in it, but your private user data and the rest of the OS don't have to be entrusted to btrfs).

Enjoy!
Add a comment...

Post has shared content

Post has shared content
Here's another new small feature in systemd-nspawn: the -i switch can now be used to boot MBR disk images, too, if they follow certain rules (like: only one partition of type 0x83, marked bootable). Previously it already worked for GPT images.

What's so great about this? Well, this means you can invoke nspawn directly on an official, unmodified, Fedora Cloud disk image and it will boot it up.

For details see the the commit linked below.
Add a comment...

Post has shared content
Here's a new interview with yours truly in +Linux Voice. The online version is only the first part of it, the full interview is in the print magazine.

Go, and buy it, it's good, and the Linux Voice guys are certainly the good guys, and truly believe in Free Software, so please support them!
Add a comment...
Wait while more posts are being loaded