A new systemd ☠️ pre-release ☠️ has just been tagged. Please download the
tarball here:
https://github.com/systemd/systemd/archive/v254-rc1.tar.gz
NOTE: This is ☠️ pre-release ☠️ software. Do not run this on production
systems, but please test this and report any issues you find to
On Thu, Jul 06, 2023 at 06:49:47PM +0300, Mantas Mikulėnas wrote:
> On Thu, Jul 6, 2023 at 6:05 PM Paulo Coghi - Coghi IT
> wrote:
>
> >
> > 4. Storage and Inodes
> > On OpenVZ, we could create "virtualized" file systems, like ploop, which
> > avoids consuming inodes on the host's file system,
Using arch linux, I have had my kernel upgraded from 6.3.9 to 6.4.1.
After regenerating the UKI, that works, I get just a black screen when
systemd-cryptsetup should be either using the TPM to unlock the drive or
to ask me the rescue password.
Luckily I have an old UKI with 6.3.9 (also the
On Thu, Jul 6, 2023 at 6:05 PM Paulo Coghi - Coghi IT
wrote:
> Hello Systemd Devel team,
>
> I've been using OpenVZ for 11 years in production without the security
> problems I faced with LXC. But as a non-official mainstream library of
> Linux kernel, there is always a gap. Virtuozzo is working
I apologize for my discovery journey.
In 2015 Lennart was quoted[1] saying that "Initially we wrote it for
testing purposes, but *nowadays we consider it ready for many production
uses*. In fact CoreOS' rkt container tool makes use of it as the lower
level container backend."[2]
[1]
Watching Lennart's presentation on youtube (the famous one in 2013),
Lennart explains that systemd-nspawn is not conceived to be used on
production and server environments (as OpenVZ is, at least for us), but
only for testing, development, debugging, etc.
Does this limitation of scope still
Obs: when I mentioned the open source manager, what I meant was about my
startup doing the development, in case the systemd community is interested.
On Thu, Jul 6, 2023 at 5:04 PM Paulo Coghi - Coghi IT
wrote:
> Hello Systemd Devel team,
>
> I've been using OpenVZ for 11 years in production
Hello Systemd Devel team,
I've been using OpenVZ for 11 years in production without the security
problems I faced with LXC. But as a non-official mainstream library of
Linux kernel, there is always a gap. Virtuozzo is working on OpenVZ 9 with
kernel 5.14 now, but it is still not released.
In order to achieve the check of a number of PCRs, what do you guys
think of this approach?
1. When running ukify, add the "measure" flag so that the expected value
of the PCR11 is printed.
2. Then, script the reset of an unused PCR (in my case, 23), and the
extend it with the current value
