Star trekissä oli vuorossa legendaarinan natsijakso. Tämähän oli yllättävän hyvin kirjoitettu, odotin jotain paljon pöhkömpää.

#startrek #sarjat

After fighting with container nesting, I think that this concept would still make sense:

https://lwn.net/Articles/723477/

It's not discussed in the cover letter but obviously this would be much better tool for "full user space nesting" than namespace based containers.

I.e., kind of between Podman and Kata Containers as an infrastructure.

my #build #container framework:

sudo unshare \
  --fork \
  --mount \
  --uts \
  sh -c "
    mkdir -p $ROOTFS/proc
    mkdir -p $ROOTFS/sys
    mkdir -p $ROOTFS/dev
    mount -t sysfs /sys $ROOTFS/sys
    mount -t proc /proc $ROOTFS/proc
    mount --rbind /dev $ROOTFS/dev
    hostname $MACHINE
    su $USER
    export PUAVO_CACHE_PROXY=$PUAVO_CACHE_PROXY
    sudo unshare --root $ROOTFS $CMDLINE
  "

Nests nicely with #Docker and #Podman :-)

I wonder if I could apply for Nobel for this one:

https://bsky.app/profile/jarkk0.bsky.social/post/3lmkaiqxdb22o

https://www.youtube.com/watch?v=r_AYDkuMg-U #commodore #amiga

As a small scale investor I get great benefit from Trump's stock market manipulation.

That's what it is all about ... It's an evil plot basically.

#economy

Time for yet another LSM upstream meeting :-) My favorite meeting of the month.

I think the bright side in the current times is that the relationship towards both Sweden and Estonia has been tightened up, and I can feel that there is more mutual respect towards each other :-)

🇪🇪 🇸🇪 🇫🇮

I dared to apply this to my -next:

https://lore.kernel.org/keyrings/Z_e9CVsmiXD3QYkg@kernel.org/

It's a good timing, given that we are at -rc1. key_put() is exactly type of code where:

1. You need to be extremely conservative.
2. Still there's a chance for breakage.
3. struct key is widely accessed kernel object in various context's. Thus, it is practically impossible to consider every possible use case.

I'll put this to my v6.16 PR if it turns out to not cause too much devastation :-)

#linux #kernel #keyring

#FreeDOS 1.4 is out: https://freedos.org/download/

oldie but still goldie https://www.youtube.com/watch?v=47yFRXZqB0g

Flying to Berlin in near future to meet up friends from Tallinn :-) It's cheaper than train + boat.

literally me

"marvel's mignight suns" is a cool game but why they have to talk so much, and why i need to hang out.

i don't hang out IRL either 🤷

thank you mr showerhead for giving this freedom my US comrades (pun intended).

https://www.whitehouse.gov/presidential-actions/2025/04/maintaining-acceptable-water-pressure-in-showerheads/

container hack for build: unshare + chroot. unshare guarantees unmounts, given a ephemeral file system namespace :-)

#!/bin/sh

set -eu

rootfs_dir=$1
adm_user=$2

if [ "$#" -eq 3 ]; then
  proxy_address=""
  cmdline=$3
else
  proxy_address=$3
  cmdline=$4
fi

sudo unshare --mount --pid --fork sh -c "
  mount --bind /sys '$rootfs_dir/sys'
  mount --bind /dev '$rootfs_dir/dev'
  mount -t proc proc '$rootfs_dir/proc'
  mount -t devpts devpts '$rootfs_dir/dev/pts'
  chroot '$rootfs_dir' su - '$adm_user' -c 'export PUAVO_CACHE_PROXY=\"$proxy_address\"; $cmdline'
"

Anyone interested on keyring:

https://web.git.kernel.org/pub/scm/linux/kernel/git/jarkko/linux-tpmdd.git/commit/?h=keys-graveyard

If this would work out then possibly also radiate to /proc/keys.

I.e. it could also similarly "knock for reference" but that is not within scope of this patch.

#linux #kernel #keyring

Happy International Asexuality Day!

My fourth Obnam 3 development session. Put into place the scaffolding to add chunk encryption, but didn't have the time to actually implement the encryption.

Small steps and tea is the way to reach goals while having fun.

(Obnam 3 is my Sunday project to experiment with implementing fundamental components for backup software.)

https://obnam.org/blog/2025/obnam3-04

#obnam #backupImplementation