systemd manages the cgroup hierarchy from the root.
This is considered an exclusive operation and it is sufficient when system
units don't encompass any internal cgroup structure.
To facilitate arbitrary needs of units, it is possible to delegate the subtree
to the unit (a necessity for such units executing as unprivileged users).
However, the unified cgroup hierarchy comes with so called...
When a virtual machine gets cloned, it still contains old data that believes are unique - random number generation seeds, UUIDs, etc. Linux recently included support for VMGenID to reseed its in-kernel PRNG, but all other RNGs and UUIDs are still identical after a clone.
In this session, we will discuss approaches to solve this and reveal experiments on which we worked...
In this talk, I'll discuss the new proposed compact mode for systemd-journald. Via a number of different optimizations, we can substantially reduce the disk space used by systemd-journald. I'll discuss each of the optimizations that were implemented, as well potential improvements that might further reduce disk usage but haven't been implemented yet.
In this talk we'll have a look at:
- systemd-stub (the UEFI stub for the Linux kernel shipped with systemd)
- unified kernels (i.e. kernel images glued together from systemd-stub, the kernel itself, an initrd, and more)
- systemd-sysext (an extension mechanism for initrd images and OS images)
- systemd service credentials (a secure way to pass authenticated and encrypted bits of...
Distributions ship signed kernels, but initrds are generally built locally. Each machine gets a "unique" initrd, which means they cannot be signed by the distro, the QA process is hard, and development of features for the initrd duplicates work done elsewhere.
Systemd has gained "system extensions" (sysexts, runtime...