Feed cleverhans-blog [copy] http://www.cleverhans.io/feed.xml has loading error: cURL error 22: The requested URL returned error: 404
One Boot Config to Rule Them All: Bringing UAPI Boot Specification to Legacy BIOS (asg2025)
The UAPI Boot Loader Specification defines conventions that let multiple operating systems and bootloaders share boot config files. So far, only systemd-boot implements it - and it’s UEFI-only by design. As a result, hybrid UEFI/BIOS images require maintaining (and keeping in sync) two sets of bootloader configs: one for systemd-boot, and one for a legacy bootloader such as syslinux. I set out to fix that by building a BIOS bootloader that uses the UAPI Boot Loader Specification - allowing both UEFI and legacy boot to use a single shared set of config files. This talk is...
Forget zbus, zlink is the future of IPC in Rust (asg2025)
Last year, Lennart Poettering of the systemd fame, [gave a presentation](https://media.ccc.de/v/all-systems-go-2024-276-varlink-now-) at this very same conference, where he introduced Varlink, a modern yet simple IPC mechanism. He presented a case for Varlink, rather than [D-Bus](https://en.wikipedia.org/wiki/D-Bus) to be the future of Inter-process communication on Linux. As someone who works on D-Bus, I took upon myself to prove him wrong, only to find out that I achieved exactly the opposite. It didn't take long before I got convinced of his vision. Since I was largely responsible for giving the world [an easy to use D-Bus Rust library](https://crates.io/crates/zbus),...
Introducing ue-rs, minimal and secure rewrite of update engine in Flatcar (asg2025)
Introduce ue-rs, a fresh project that aims to be a drop-in reimplementation of update engine, written in Rust. The goal of ue-rs is to have a minimal, secure and robust implementation of update engine, required by A/B update mechanism of Flatcar Container Linux. Just like the existing update engine, it downloads OS update payloads from a Nebraska server, parses its Omaha protocol, verifies signatures, etc. This project, however, is different from the original update engine in the following aspects. First, it aims to be minimal, by reducing heavyweight legacies in the update engine. Moreover, written...
Unprivileged Containers, with Transient User Namespaces and ID Mapping, but Without SETUID Binaries (asg2025)
Many traditional container engines make use of the "subuid" concept and the "newuidmap" tool to implement a concept of "unprivileged" user-namespace containers on Linux. This approach has many shortcomings in my PoV, from both a security and scalability standpoint. Recent systemd versions provide a more powerful, more secure, mor scalable alternative, via systemd-nsresourced, systemd-mountfsd and other components. In this talk I want to shed some light on the problems with the "old ways", and in particular focus on what the "new ways" bring to the table, and how to make use of them in container runtimes. Licensed...
CentOS Proposed Updates: Bridging the Gap between development and production (asg2025)
CentOS Stream is especially suited for production deployments. In these environments it's often common to develop improvements to distribution packages and want to contribute them upstream. Unfortunately, until very recently that required one to then maintain their own build and deployment pipeline for the packages, at least until the changes made their way into the distribution. CentOS Proposed Updates (CPU) SIG aims to bridge this gap - changes that have been submitted as merge requests can be built in this SIG, providing those who run Stream in production with access to needed updates while they...
UKI, composefs and remote attestation for Bootable Containers (asg2025)
With Bootable Containers (bootc), we can place the operating system files inside a standard OCI container. This lets users modify the content of the operating system using familiar container tools and the Containerfile pattern. They can then share those container images using container registries and sign them using cosign. Using composefs and fs-verity, we can link a UKI to a complete read only filesystem tree, guaranteeing that every system file is verified on load. We integrate this in bootc by creating a reliable way to turn container images into composefs filesystem trees, and then including...
A terminal for operating clouds: administering S3NS with image-based NixOS (asg2025)
S3NS is a trusted cloud operator that self-hosts Google Cloud infrastructure in France, targeting the SecNumCloud certification, the most stringent Cloud certification framework. SecNumCloud includes strict legal and operational constraints. To manage these systems securely and reproducibly, we’ve built a family of dedicated administration terminals based on the image based philosophy. These terminals rely on NixOS semantics and draw from the ParticleOS ecosystem: systemd-repart, and dm-verity, ensuring atomic updates, full immutability of the Nix store, and verifiable integrity of the boot chain and runtime system (measured boot), while using remote attestations by TPM2 when...
Closing session of All Systems Go! 2025 (asg2025)
Closing session of All Systems Go! 2025
Licensed to the public under https://creativecommons.org/licenses/by/4.0/de/
about this event: https://cfp.all-systems-go.io/all-systems-go-2025/talk/DR8ELH/
Video:asg2025-383-eng-Closing_session_of_All_Systems_Go_2025_hd.mp4
What's up with test.thing (asg2025)
`test.thing` is a VM runner which targets guests using an API defined by systemd. It started after a conversation at devconf about turning `mkosi qemu` into a library. A quick intro. ~~composefs is an approach to image-mode systems without the disk images. Files are stored in a de-duplicated content-addressed storage with integrity guaranteed through fs-verity. The last year has seen an acceleration of development on composefs-rs, a pure Rust implementation of the ideas behind composefs. Our goal is unification of the storage of bootable system images (via bootc), application Flatpaks,...
Leveraging bootable OCI images in Fedora CoreOS and RHEL CoreOS (asg2025)
In last year's ASG!, bootc and bootable containers were introduced. In this talk, we'll go over what changed since last year, and how Fedora CoreOS and RHEL CoreOS are leveraging bootable containers to reduce maintenance and increase sharing.
Licensed to the public under https://creativecommons.org/licenses/by/4.0/de/
about this event: https://cfp.all-systems-go.io/all-systems-go-2025/talk/87TFB7/
Video:asg2025-375-eng-Leveraging_bootable_OCI_images_in_Fedora_CoreOS_and_RHEL_CoreOS_hd.mp4