Feed cleverhans-blog [copy] http://www.cleverhans.io/feed.xml has loading error: cURL error 22: The requested URL returned error: 404
One Boot Config to Rule Them All: Bringing UAPI Boot Specification to Legacy BIOS (asg2025)
The UAPI Boot Loader Specification defines conventions that let multiple operating systems and bootloaders share boot config files. So far, only systemd-boot implements it - and it’s UEFI-only by design. As a result, hybrid UEFI/BIOS images require maintaining (and keeping in sync) two sets of bootloader configs: one for systemd-boot, and one for a legacy bootloader such as syslinux. I set out to fix that by building a BIOS bootloader that uses the UAPI Boot Loader Specification - allowing both UEFI and legacy boot to use a single shared set of config files. This talk is...
Dirlock: a new tool to manage encrypted filesystems (asg2025)
In the Linux world there are several tools and technologies to encrypt data on a hard drive, most falling into one of two categories: block device encryption (like LUKS) or stacked filesystem encryption (like EncFs or gocryptfs). This presentation will introduce Dirlock, a new tool that belongs to a third category: native filesystem encryption, using the kernel's fscrypt API. Dirlock is currently being developed and its aim is to provide a flexible way to encrypt files, suitable for both user accounts and arbitrary directories, with full PAM integration, support for hardware-backed mechanisms such as...
New Linux Kernel Coredump Infrastructure (asg2025)
Coredumping on Linux has long been a nightmare. Currently two modes are supported: (1) Dumping directly into a file somewhere on the filesystem. (2) Dumping into a pipe connected to a usermode helper process spawned as a child of the system_unbound_wq or kthreadd. For simplicity I'm mostly ignoring (1). There's probably still some users of (1) out there but processing coredumps in this way can be considered adventurous especially in the face of set*id binaries. The most common option should be (2) by now. It works by allowing userspace to put a string into /proc/sys/kernel/core_pattern like: ...
Modernizing GNOME (asg2025)
GNOME has collected some very old code over the years. During the recent GNOME 49 release, we've made some drastic cleanups. Most visibly, we've dropped support for X11 and gained many dependencies on systemd. Let's explore some of the what and why for these changes!
Licensed to the public under https://creativecommons.org/licenses/by/4.0/de/
about this event: https://cfp.all-systems-go.io/all-systems-go-2025/talk/FQE7QZ/
Video:asg2025-364-eng-Modernizing_GNOME_hd.mp4
Closing session of All Systems Go! 2025 (asg2025)
Closing session of All Systems Go! 2025
Licensed to the public under https://creativecommons.org/licenses/by/4.0/de/
about this event: https://cfp.all-systems-go.io/all-systems-go-2025/talk/DR8ELH/
Video:asg2025-383-eng-Closing_session_of_All_Systems_Go_2025_hd.mp4
UKI, composefs and remote attestation for Bootable Containers (asg2025)
With Bootable Containers (bootc), we can place the operating system files inside a standard OCI container. This lets users modify the content of the operating system using familiar container tools and the Containerfile pattern. They can then share those container images using container registries and sign them using cosign. Using composefs and fs-verity, we can link a UKI to a complete read only filesystem tree, guaranteeing that every system file is verified on load. We integrate this in bootc by creating a reliable way to turn container images into composefs filesystem trees, and then including...
GNOME OS' prêt-à-booter image (asg2025)
GNOME OS is a distribution based around systemd-sysupdate. This year, we finally created a live installer image using the same /usr partition as the installed OS. The main innovation however is the ability to install without the need to reboot. The user can start working while the installation is happening.
This live image is built using systemd-repart. And the installer itself also uses systemd-repart. But systemd-repart is not the complete solution and we had to solve some challenges.
Licensed to the public under https://creativecommons.org/licenses/by/4.0/de/
about this event: https://cfp.all-systems-go.io/all-systems-go-2025/talk/QRJVL3/
Video:asg2025-352-eng-GNOME_OS_pret-a-booter_image_hd.mp4
Unprivileged Containers, with Transient User Namespaces and ID Mapping, but Without SETUID Binaries (asg2025)
Many traditional container engines make use of the "subuid" concept and the "newuidmap" tool to implement a concept of "unprivileged" user-namespace containers on Linux. This approach has many shortcomings in my PoV, from both a security and scalability standpoint. Recent systemd versions provide a more powerful, more secure, mor scalable alternative, via systemd-nsresourced, systemd-mountfsd and other components. In this talk I want to shed some light on the problems with the "old ways", and in particular focus on what the "new ways" bring to the table, and how to make use of them in container runtimes. Licensed...
OS as a Service at Meta Platforms (asg2025)
I overview how OS management is done at Meta. We run millions of Linux servers and we have to make sure that OS gets updated on all of them in a given period of time. To do that we developed several products: MetalOS (Image based version of CentOS), Antlir (image builder) and Rolling OS Update (a service that keeps a set of DNF repos in sync with upstream repos and uses them to update OS )
Licensed to the public under https://creativecommons.org/licenses/by/4.0/de/
about this event: https://cfp.all-systems-go.io/all-systems-go-2025/talk/VNCDRL/
Video:asg2025-332-eng-OS_as_a_Service_at_Meta_Platforms_hd.mp4
What's up with test.thing (asg2025)
`test.thing` is a VM runner which targets guests using an API defined by systemd. It started after a conversation at devconf about turning `mkosi qemu` into a library. A quick intro. ~~composefs is an approach to image-mode systems without the disk images. Files are stored in a de-duplicated content-addressed storage with integrity guaranteed through fs-verity. The last year has seen an acceleration of development on composefs-rs, a pure Rust implementation of the ideas behind composefs. Our goal is unification of the storage of bootable system images (via bootc), application Flatpaks,...