@daandemeyer

205 Followers
16 Following
120 Posts
daandemeyerMar 9
Lennart PoetteringMar 9

Hey, lazy web. Together with AWS and Microsoft, we are working on adding some minimal, native IMDS support to systemd, given how ubiquitous the concept is in the cloud world these days. It's supposed to be fully automatic, and reasonably generic. i.e. all the cloud-specific info (i.e. how to detect the clouds, which URLs to use) are placed in systemd's hwdb database, so that the code itself can be kept generic.

Right now the PR I prepped for this supports 5 major clouds. And I need your help…

daandemeyerFeb 27
Lennart PoetteringFeb 27

It's that time again! The systemd v260 release is coming closer. Let's restart the "what's new" series of posts for this iteration! Hence:

1️⃣ Here's the 1st post highlighting key new features of the upcoming v260 release of systemd. #systemd260 #systemd

In v259 we introduced the concept of "NvPCRs", i.e. additional TPM PCRs, that are implemented based on TPM NV Indexes in PCR mode, rather than true PCRs. PCRs are scarce, and this relieves the pressure a bit (not too much though, NV index…

Show threaddaandemeyerFeb 27
This is hooked up into nspawn via a new --private-users-delegate= switch to delegate N uid ranges into the nspawn container. With this we're very close to making nested nspawn work but this requires a few more changes to nspawn which will come in 261. I'm also hooking this up to mkosi so we can finally boot VMs and containers from directories unprivileged and without /etc/subuid. vmspawn also learned to boot from a directory using nsresourced in v260.
daandemeyerFeb 27

@pid_eins started his series again so let me add an entry. In v260, I've added support for delegating UID ranges to containers from nsresourced and mountfsd. This allows nested containers to acquire their own UID ranges from nsresourced without needing to set up /etc/subuid inside the container. You can also easily enter a user namespace now with the foreign UID range mapped in to create container rootfs trees for use with transient UID ranges from nsresourced.

#systemd260 #systemd

daandemeyerFeb 23
Christian Brauner 🦊🐺Feb 23

RE: https://mastodon.social/@brauner/116071424787849407

I took it one step further and implemented both CLONE_AUTOREAP (now for non-pidfd as well) and CLONE_PIDFD_AUTOKILL (requires no new privileges for the child now):

https://patch.msgid.link/20260223-work[email protected]

daandemeyerFeb 20
Adrian VovkFeb 18

I wrote a blog post about the GNOME OS hackfest we had at FOSDEM this year!

https://blogs.gnome.org/adrianvovk/2026/02/18/gnome-os-hackfest-fosdem-2026/

GNOME OS Hackfest @ FOSDEM 2026

For a few days leading up to FOSDEM 2026, the GNOME OS developers met for a GNOME OS hackfest. Here are some of the things we talked about!

Adrian's blog
daandemeyerFeb 20
All Systems Go!Feb 19
📣 All Systems Go! is back in 2026! Same location, same dates.
We hope to see you 🫵 in 📍Berlin 📆 Sept 30-Oct 1 for 2 days of presentations, conversations and collaboration around foundational user-space Linux technologies.
More info here 👉 https://all-systems-go.io/
Follow to get notified when the CFP opens and 🎟️ tix go on sale.
All Systems Go!

All Systems Go!

All Systems Go!
daandemeyerJan 31
Show threadblucaJan 30

This year at #fosdem2026 I'll be doing a talk in the Distributions devroom on Sunday, presenting about #systemd awesome** immutable Linux distro*, come along if you want to learn all about it!

https://fosdem.org/2026/schedule/event/DVVAV9-particle-os-from-trad-distro-to-immutable-image/

*not a distro
**probably not awesome either, except at bricking your laptop, your toaster and your goldfish too

FOSDEM 2026 - ParticleOS, from Fedora to Feast: Stirring Traditional Distros into Immutable Delights

daandemeyerJan 31
jellyJan 30
You know you are in Belgium when alcohol low is 4.5% #fosdem2026
daandemeyerJan 27
Rodrigo Campos CatelinJan 27

RE: https://mastodon.social/@amutable/115967747219090945

I'm very excited to join Amutable, with a really amazing team!

@blixtra, @brauner, @davidstrauss @michaelvogt, @pothos, @zbyszek, @daandemeyer, @cyphar, @jrocha, @pid_eins