Andreas Schneider4d ago

I'm happy to annouce kirmes version 0.1.0 providing an async C API now!

Kirmes is a Rust and C implementation of the IPC protocol for the systemd userdb Varlink interface. kirmes provides a safe, async Rust API talking to systemd's userdb. In addition it provides blocking and async C APIs to communicate over Varlink or just parse JSON records for users and groups.

https://crates.io/crates/kirmes

Example: https://gitlab.com/kirmes/kirmes/-/blob/main/example/async_user_record.c

#systemd #varlink #linux

crates.io: Rust Package Registry

crates.io serves as a central registry for sharing crates, which are packages or libraries written in Rust that you can use to enhance your projects

Morten LinderudMar 8

So attezt now contains 3 components.

- `atteztd` which is an Attestation CA with an inventory API
- `attezt-agent` that implement device enrollment and an p11-kit agent.
- `attezt` that is the client for both the agent and the attestation ca. Modelled after step/step-ca

Everything has an #varlink APIs as well.

https://github.com/Foxboron/attezt

Very much a work in progress and not everything is wired up correctly. Readme also needs a bit more work.

#TPM #Attestation #Security #security

Andreas SchneiderFeb 19

I've released version 0.0.5 of kirmes. A Rust and C client library to access systemd-userdb. This version switched from tokio to smol, as I plan to provide an async C API soon. @abbra contributed support for generic types based on UserRecord and GroupRecord. This way you can parse extension your userdb varlink services provides.

https://gitlab.com/kirmes/kirmes/

#systemd #varlink

kirmes / kirmes · GitLab

A library providing a simple way to access systemd's userdb information from Rust or C.

GitLab
Show threadmortFeb 18

I want to be convinced that there is a good reason to use \0, because the future of Linux is gonna use that heavily as a DBUS replacement thanks to varlink (https://varlink.org/). I want someone to convince me that this isn't just a protocol design mistake that will be with us for the foreseeable future now.

#varlink #systemd #linux #gnulinux

VARLINK

The Varlink Website

VARLINK
Felicitas PojtingerFeb 18
Obviously not going to push this to `main`, but damn I love #varlink .
Felicitas Pojtinger 🌅Feb 18
Obviously not going to push this to `main`, I love #varlink even more now after seeing it in the #systemd talk at FOSDEM. I was playing around with how I could allow other apps to do things like "start timer in Sessions" or "query timer state from Sessions", and it literally took 5 minutes to expose _every single UI element_ via a corresponding Varlink service that I could then immediately discovery and use via `varlinkctl`. Calling the Varlink methods even interacts with the UI properly 🤯
Andreas SchneiderFeb 15

Here is a screenshot of ai-playground where an AI agent is running on the left in a #systemd container, but cargo is running outside of the container on the host through the gatekeeper. I use the #varlink streaming protocol to stream stdout/stderr of the process executed on the host. It was pretty easy turning on streaming using #zlink

Learn more at:
https://gitlab.com/cryptomilk/ai-playground

Andreas SchneiderFeb 13

I've created yet another AI agent sandbox and just released 0.1.0. I did it differently than the others. It is called AI Playground.

Features:
* Lightweight containers (systemd-nspawn)
* Git worktree support
* Easy to set up and keep up to date (it is a chroot)
* Host command gatekeeper - lets you approve or deny host commands from inside the container (varlink)
* Multiple AI tools supported
* Contributions welcome

https://gitlab.com/cryptomilk/ai-playground

#systemd #varlink #zlink #fedora #ai #sandbox

Andreas Schneider / ai-playground · GitLab

A command-line tool to run AI coding agents like OpenCode in a secure systemd-nspawn container.

GitLab
Petr Menšík Feb 6
Watched @pid_eins #fosdem2026 presentation record about #Varlink. I think the idea is good, except it should use some binary protocol for communication between services. RFC 8949 #CBOR seems like excellent candidate. Text serialization is not necessary if human is never direct part of a pipeline. Data conversion is not slow, but not necessary between localhost- only services.
Andreas SchneiderFeb 6

I've just released version 0.0.4 or kirmes, a Rust and C API to query and enumerate users of systemd's userdb.

This version supports the record filter options introduced to the USER_GROUP_API of systemd in version v258.

https://crates.io/crates/kirmes

#systemd #varlink #rust #c #linux