Posts
5879
Following
356
Followers
555
.

Jarkko Sakkinen

Edited 8 days ago
I've been fine-tuning and polishing Buildroot packaging for GNOME base packages and their deps plus Console/Web (i.e. common in-image apps) at least two months :-) It's very difficult to get right in detail.
0
0
1

Jarkko Sakkinen

0
0
1

Jarkko Sakkinen

Edited 9 days ago
Great. I got GNOME Web packaged to Buildroot; and so that it actually also launches too. I though that a basic browser is better to be in the core image of Puu OS instead of seeding the browser from Flatpak.

To improve fonts I just include BR2_PACKAGE_GOOGLEFONTDIRECTORY next 🤷

#gnome #web #buildroot
1
0
3
@bluca https://github.com/systemd/systemd/pull/42397#issuecomment-4771175180

Yeah it works, no need to switch to anything :-) I cherry-picked the patches and applied them on top of 261, and:

$ sudo cat /proc/keys | grep -i fscrypt
0352496a I--Q--- 1 perm 08010000 0 0 .fscrypt 21627ce15f7514ece9182bd61b4b5c34.uid.0
1b265a14 I------ 1 perm 080b0000 0 0 keyring fscrypt-21627ce15f7514ece9182bd61b4b5c34-users: 1
0
0
0
@bluca It's an alternative I can cherry-pick wip patches to buildroot build
1
0
0
@tris I'll package it for Buildroot and try it out...
0
0
0
@tris thank you, it actually looks worth of researching for.
1
0
1

Jarkko Sakkinen

Why SystemD as of 261 does not support fscrypt v2?

Just wondering because it has been around for a some time.

#systemd
2
1
3

Jarkko Sakkinen

Implemented multi block groups supprot for this crate: https://github.com/christhomas/rust-fs-ext4/pull/14#event-27013587719

I'll do later one more addition to multi group support, and later also support for '-O encrypted'.

The reason is that at the moment 'mkfs.ex4' is the only external command used for formatting file systems in Puu OS installer. XFS and FAT32 are managed by in-tree code.

https://codeberg.org/puu/puu-installer
0
0
0

Jarkko Sakkinen

Devicons in Oulu :-)
0
0
1

Jarkko Sakkinen

Cool I had forgotten IBM 8514/A. Interesting piece of history.

https://www.youtube.com/watch?v=ZOiKKhYg63I
0
0
0

Jarkko Sakkinen

tpm2-protocol 1.0.0, the first stable major version: https://crates.io/crates/tpm2-protocol/1.0.0
0
0
0

Jarkko Sakkinen

0
0
0

Jarkko Sakkinen

Edited 12 days ago
"All cryptography goes now through OpenSSL (libcrypto) so the binary depends
on a single, FIPS-certifiable crypto backend. The Authenticode/PKCS#7 and
PE container structures are assembled and parsed with the small hand-rolled
DER helpers below rather than a third-party ASN.1 stack."

Definitely worth of trouble :-) I don't want to deal with RustCrypto crates.

I don't *need* FIPS but I still don't want purposely cause such engineering bottlenecks to my software.

https://codeberg.org/puu/puu-installer/commit/02edec9517c8a87be8529b3b72320ccdac67a171
0
0
0

Jarkko Sakkinen

If coding agents are so great, why does all the software that Anthropic releases suck? And I mean objectively, quality-wise, it's all trash.
0
0
1

Jarkko Sakkinen

tpm2sh 0.20.0

Now all internals are fully zerocopy and casting based instead of being marshaled/unmarshaled.

$ tpm2sh --help
Usage: tpm2sh [-d <device>] [-A <auth...>] [-V] <command> [<args>]

TPM 2.0 command-line interface

Options:
  -d, --device      device file
  -A, --auth        list of authentication values in the format '<handle>:<hex
                    string>'
  -V, --version     print version information
  -h, --help, help  display usage information

Commands:
  algorithm         Lists available algorithms supported by the chip.
  create            Creates a secondary key or a sealed data object.
  create-primary    Creates a new primary key in a specified hierarchy.
  delete            Deletes active and cached objects.
  evict             Create persistent object from transient object.
  import            Import external keys to TPM keys.
  load              Loads a PEM or DER TPMKey file to cache.
  memory            Lists active TPM objects or inspects a single handle.
  pcr-event         Extends a PCR with an event.
  return-code       Prints a TPM return code in human-readable format.
  reset-lock        Resets the dictionary attack lockout counter.
  seal              Creates a sealed data object (passive KeyedHash).
  unseal            Retrieves data from a sealed data object.
0
0
0

Jarkko Sakkinen

maybe this could be used for other bootc operating systems (when generalized a bit)

https://crates.io/crates/puu-installer/0.2.15
0
0
0

🔋 Good news: The world installed 112 gigawatts of new grid battery storage in 2025, a tenfold increase from just four years ago, and Australia is quietly out front: one in every 25 homes now has a residential battery.

🌊 Not-so-good news: Islands in India's Hooghly estuary have already been lost to rising seas and erosion and their residents are now climate refugees. As one journalist put it: the engineers knew, the scientists warned, and the decision was made not to act.

💰 What you can do: Check whether your retirement savings are invested in fossil fuels. Free tools like Fossil Free Funds (US and Canada), Ethical Consumer (UK), and Market Forces (Australia) make it fast and easy to find out. Then, take action.

Click the link below to read this week's full newsletter, and share one thing you learn with someone else. That conversation matters more than you know ... and you might be surprised where it leads! https://www.talkingclimate.ca/p/the-battery-boom-is-here

1
4
0
Show older