Podcasts about Systemd

Coming up in this episode * Oh GNOME! * Mozilla, Don't Watch * And a few high notes The Video Version! (https://youtu.be/FdHulOnBwEo) https://youtu.be/FdHulOnBwEo 0:00 Cold Open 1:07 Dash To Panel Needs Your Help! 27:21 Firefox's New Terms Of Use 51:33 Mark / Contact Button 1:00:34 Scott / Contact Button 1:03:22 Dan / Matrix 1:06:09 chraist / Matrix 1:08:07 bgt lover / Matrix 1:10:00 MarshMan / Discord 1:13:58 Next Time! 1:18:45 Stinger Dash to Panel Maintainer Quits Dash to panel maintainer quits (https://www.theregister.com/2025/03/14/dashtopanel_maintainer_quits/) The GitHub issue (https://github.com/home-sweet-gnome/dash-to-panel/issues/2259)

More from The Lunduke Journal: https://lunduke.com/ This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit lunduke.substack.com/subscribe

Mike McGrath joins the program and we get an update from Red Hat. This week we dig into week 2 of Steve's Desktop Linux struggle. -- During The Show -- 01:00 Hex OS - Craig Self host Files Pictures Home Assistant Jellyfin Wants a GUI Like the idea of ZFS Snapshots Go simple You should know how to fix things Cockpit 11:25 News Wire Wordpress 6.7 - wordpress.org (https://wordpress.org/documentation/wordpress-version/version-6-7/) Postgres 17.1 - postgresql.org (https://www.postgresql.org/docs/release/17.1/) Peazip 10.1 - github.io (https://peazip.github.io/changelog.html) DigiKam 8.5 - digikam.org (https://www.digikam.org/news/2024-11-16-8.5.0_release_announcement/) Systemd 256.8 - github.com (https://github.com/systemd/systemd/releases/tag/v256.8) Linux 6.12 - lwn.net (https://lwn.net/Articles/997958/) GNU-Linux 6.12 - phoronix.com (https://www.phoronix.com/news/GNU-Linux-Libre-6.12) Quadruple Workqueue Concurrency - phoronix.com (https://www.phoronix.com/news/Linux-6.13-Workqueues) Q4OS 5.7 - q4os.org (https://q4os.org/blog.html) RHEL 9.5 - github.io (https://peazip.github.io/changelog.html) 12:33 Mike McGrath Interview Drama around RHEL source code Fedora and Streams Accelerators How does Red Hat keep up Xorg and Wayland Remote Desktop on Wayland ELS 32bit Package Mode vs Image Mode RHEL AI Low power computers/systems Micro DNF UBI OS Tree Bootstrap/Build kit Red Hat AI Licensing What does open source mean to you? 33:43 Steve's Desktop Adventure Issues with desktop going to sleep Build on your knowledge base NixOS Local Flatpak Cache Flatpak size Ansible Why multiple files Outside and inside chroot Cinnamon Desktop -- The Extra Credit Section -- For links to the articles and material referenced in this week's episode check out this week's page from our podcast dashboard! This Episode's Podcast Dashboard (http://podcast.asknoahshow.com/416) Phone Systems for Ask Noah provided by Voxtelesys (http://www.voxtelesys.com/asknoah) Join us in our dedicated chatroom #GeekLab:linuxdelta.com on Matrix (https://element.linuxdelta.com/#/room/#geeklab:linuxdelta.com) -- Stay In Touch -- Find all the resources for this show on the Ask Noah Dashboard Ask Noah Dashboard (http://www.asknoahshow.com) Need more help than a radio show can offer? Altispeed provides commercial IT services and they're excited to offer you a great deal for listening to the Ask Noah Show. Call today and ask about the discount for listeners of the Ask Noah Show! Altispeed Technologies (http://www.altispeed.com/) Contact Noah live [at] asknoahshow.com -- Twitter -- Noah - Kernellinux (https://twitter.com/kernellinux) Ask Noah Show (https://twitter.com/asknoahshow) Altispeed Technologies (https://twitter.com/altispeed)

From Nextcloud Breakup to Blissful Reunion: Chris's journey back to a smarter setup. Plus, Jellyfin's game-changing features and a beloved self-hosted app get the upgrade we've all been waiting for.

Guests Jan Lehnardt | Alba Herrerías Ramírez Panelist Richard Littauer Show Notes In this episode of Sustain, host Richard Littauer engages with Jan Lehnardt and Alba Herrerías Ramírez from Neighbourhoodie, a consultancy company based in Berlin and the Canary Islands. The discussion delves into Neighbourhoodie's work on sustaining open source projects, their collaboration with the Sovereign Tech Fund for enhancing open source project's bug resilience, and the technical and ethical facets of their consultancy services. Insights are shared into their past and current projects, including PouchDB, CouchDB, and their contributions to humanitarian causes, emphasizing their focus on creating a sustainable impact in the open source community. Press download now to hear more! [00:01:55] Jan explains the origin of Neighbourhoodie, which began with the Hoodie open source project, how the company evolved, the decline of the Hoodie project due to timing and resources, and how CouchDB and PouchDB continued to thrive. [00:04:27] Richard asks about the company's name and its novelty domain, and Jan gives an overview of Neighbourhoodie's size and slow and steady growth, and their focus on a positive work environment. [00:05:51] Jan gives a detail explanation of CouchDB and PouchDB's functionality, particularly their offline-first and synchronization capabilities, and how this has been used in critical projects like the Ebola vaccine. [00:08:41] Richard asks about maintaining ethical work practices and avoiding projects that conflict with Neighbourhoodie's values. [00:09:53] Jan discusses how Neighbourhoodie balances reinvesting in open source projects and expanding the company, focusing on professional services around CouchDB and PouchDB. [00:11:53] Alba describes her role in leading Sovereign Tech Fund (STF) projects within Neighbourhoodie, and how they engage with various projects to offer support. [00:13:31] Jan explains the STF's Bug Resilience Program. [00:16:33] Richard asks about the potential ethical dilemma when third-party consultants like Neighbourhoodie might be taking work that could have otherwise gone to maintainers themselves. We hear how Neighbourhoodie, the projects, and the STF agree on statements of work, including milestones and time estimates, to ensure fairness and proper allocation of resources. [00:21:23] We learn from Jan that dealing with low-quality bug reports isn't a primary focus of their work, but improving test coverage, dependency updates, and CI/CD processes helps mitigate these issues as a side effect. [00:22:54] Alba talks about the different types of projects they work in, such as OpenPGP.js, Sequioa, Yocto, PyPi, Systemd, PHP, Log4j, and reproducible builds. [00:23:49] Jan discusses the challenges and learning opportunities that comes with working across diverse projects, each with its own set of tools, communication styles, and cultural contexts. [00:25:29] Richard reflects on the complexity of open source sustainability and Alba describes how they research projects and identify areas where they can provide the most help, tailoring their approach to the specific needs of each project. [00:27:25] Jan explains that they don't dictate solutions but rather collaborate with projects to address their most pressing needs, often helping to mediate between different parts of a project to find common ground. [00:30:07] Jan explains how they educate clients to take responsibility for the scripts they deliver, unless there's a long-term support contract in place. [00:32:00] We learn how the Neighbourhoodie transition was organic and not part of a grand strategy and how they continue to contribute to open source through their consulting work. [00:34:54] Richard questions the choice of open source as the main focus given its limitations, and Jan explains that open source is widely understood and accessible, making it a practical choice for their work. [00:37:35] Alba and Jan share some highlights and fun things from their work. [00:39:32] Find out where you can follow Jan and Alba online. Quotes [00:02:19] “The goal was to have two separate entities so that when the company puts out an open source project in its own name, and then the company goes under, and the project goes away, we wanted to not have that.” [00:24:08] “If you do software long enough, you realize that the technical problems are just the sideshow and everything else you have to solve things on the people layer instead of the technology layer.” [00:25:06] “The current monoculture of everything is on GitHub is not the only truth out there.” [00:35:34] “Open source is the thing that everybody understands.” Spotlight [00:40:57] Richard's spotlight is Gregor Martynus. [00:41:54] Jan's spotlight is AdonisJS. [00:42:45] Alba's spotlight is PouchDB. Links SustainOSS (https://sustainoss.org/) podcast@sustainoss.org (email) (mailto:podcast@sustainoss.org) richard@theuserismymom.com (email) (mailto:richard@theuserismymom.com) SustainOSS Discourse (https://discourse.sustainoss.org/) SustainOSS Mastodon (https://mastodon.social/tags/sustainoss) Open Collective-SustainOSS (Contribute) (https://opencollective.com/sustainoss) Richard Littauer Socials (https://www.burntfen.com/2023-05-30/socials) Alba Herrerías Ramírez LinkedIn (https://www.linkedin.com/in/alba-herrerias-ramirez/) Alba Herrerías Ramírez Website (https://www.albaherrerias.dev/) Alba Herrerías Ramírez Mastodon (https://mastodon.social/@albaherrerias) Alba Herrerías Ramírez email (mailto:alba@neighbourhood.ie) Jan Lehnardt LinkedIn (https://www.linkedin.com/in/jan-lehnardt-750b0816b/) Jan Lehnardt Website (https://writing.jan.io/) Jan Lehnardt Mastodon (https://narrativ.es/@janl) Jan Lehnardt email (mailto:jan@neighbourhood.ie) Neighbourhoodie Software (https://neighbourhood.ie/) CouchDB (https://couchdb.apache.org/) Sovereign Tech Fund (https://www.sovereigntechfund.de/) Bug Resilience Program (STF) (https://www.sovereigntechfund.de/programs/bug-resilience) Sustain Podcast: 2 episodes with guest Daniel Stenburg (https://podcast.sustainoss.org/guests/stenberg) Gregor Martynus-GitHub (https://github.com/gr2m) AdonisJS (https://adonisjs.com/) PouchDB (https://pouchdb.com/) Credits Produced by Richard Littauer (https://www.burntfen.com/) Edited by Paul M. Bahr at Peachtree Sound (https://www.peachtreesound.com/) Show notes by DeAnn Bahr Peachtree Sound (https://www.peachtreesound.com/) Special Guests: Alba Herrerías Ramírez and Jan Lehnardt.

NetBSD 10 on a Pinebook Pro, OpenBSD extreme privacy setup, Version 256 of systemd boasts '42% less Unix philosophy', Posix.1 2024 is out, Blocking Access From or to Specific Countries Using FreeBSD and Pf, and more. Date: 2024.06.17 NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) and the BSDNow Patreon (https://www.patreon.com/bsdnow) Headlines NetBSD 10 on a Pinebook Pro (https://www.idatum.net/netbsd-10-on-a-pinebook-pro-laptop.html) OpenBSD extreme privacy setup (https://dataswamp.org/~solene/2024-06-08-openbsd-privacy-setup.html) News Roundup Version 256 of systemd boasts '42% less Unix philosophy' (https://www.theregister.com/2024/06/13/version_256_systemd/) Posix.1 2024 is out (https://ieeexplore.ieee.org/document/10555529) Blocking Access From or to Specific Countries Using FreeBSD and Pf (https://it-notes.dragas.net/2024/06/16/freebsd-blocking-country-access/) Beastie Bits BSD User Group Düsseldorf Juli 2024 (https://www.meetup.com/de-DE/bsd-user-group-dusseldorf-bsd-nrw/events/301557512/) Another cool UNIX workstation, that was never released (https://www.reddit.com/r/unix/comments/1dd60re/another_cool_unix_workstation_that_was_never/) Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv) Join us and other BSD Fans in our BSD Now Telegram channel (https://t.me/bsdnow)

Online identity is a ticking time bomb. Are trustworthy, open-source solutions ready to disarm it? Or will we be stuck with lackluster, proprietary systems?Sponsored By:Core Contributor Membership: Take $1 a month of your membership for a lifetime!Tailscale: Tailscale is a programmable networking software that is private and secure by default - get it free on up to 100 devices!1Password Extended Access Management: 1Password Extended Access Management is a device trust solution for companies with Okta, and they ensure that if a device isn't trusted and secure, it can't log into your cloud apps.Support LINUX UnpluggedLinks:

Your Linux box is a-changin'. systemd has a huge new release; we'll get into the most impressive features, including the new sudo replacement. Plus, our thoughts on the new Linux Arm laptops that are just around the corner.Sponsored By:Core Contributor Membership: Take $1 a month of your membership for a lifetime!Tailscale: Tailscale is a programmable networking software that is private and secure by default - get it free on up to 100 devices!1Password Extended Access Management: 1Password Extended Access Management is a device trust solution for companies with Okta, and they ensure that if a device isn't trusted and secure, it can't log into your cloud apps.Support LINUX UnpluggedLinks:

Linux Lugcast - https://linuxlugcast.com/ Hacker Public Radio - https://hackerpublicradio.org/ Reichsmark - https://en.wikipedia.org/wiki/Reichsmark 7-11 convenience store - https://www.7-eleven.com/ 7-11 pizza - https://www.7-eleven.com/products/pizza Peanut butter sandwich - https://www.foodnetwork.com/recipes/photos/pb-and-yay- Cereal - https://en.wikipedia.org/wiki/Cereal https://en.wikipedia.org/wiki/List_of_breakfast_cereals Medicaid - https://www.medicaid.gov/ Raspberry Pi - https://www.raspberrypi.com/ MX Linux - https://mxlinux.org/ MX Linux Pi OS Respin - https://mxlinux.org/blog/mx-23-1-raspberry-pi-os-respin/ Raspberry Pi OS - https://www.raspberrypi.com/software/ Chromium Browser - https://www.chromium.org/chromium-projects/ Firefox Browser - https://www.mozilla.org/en-US/firefox/new/ Raspberry Pi 400 - https://www.raspberrypi.com/products/raspberry-pi-400/ How Many Open Browser Tabs Is Too Many Open Browser Tabs? - https://lifehacker.com/does-having-too-many-tabs-open-really-slow-down-your-br-1848554140 HDMI - https://www.lifewire.com/hdmi-facts-high-definition-multimedia-interface-1847337 VGA - https://www.howtogeek.com/821620/what-is-vga/ RCA Connectors - https://www.cablethis.com/demystifying-rca-connectors-how-they-impact-your-audio-quality/ Composite Video - https://www.lifewire.com/composite-video-the-basics-1846869 CDC Pascal - https://standardpascal.org/CDC6000pascal.html https://exhibits.stanford.edu/stanford-pubs/catalog/sz874xb6118 Xerox - https://www.xerox.com/en-us IBM - https://www.ibm.com/us-en Thailand Death Train - https://www.bordersofadventure.com/death-railway-kanchanaburi-thailand/ https://www.thaitrainguide.com/death-railway/ West Virginia - https://www.wv.gov/Pages/default.aspx https://wvtourism.com/ Mining Effects On Fishing - https://fisheries.org/policy-media/policy-statements/afs-policy-statement-13/ Mining Land Remediation/Reclamation - https://www.epa.gov/remedytech/green-remediation-best-management-practices-mining-sites https://en.wikipedia.org/wiki/Mine_reclamation Kwai River - https://www.tripadvisor.com/Attraction_Review-g297924-d554151-Reviews-River_Kwai-Kanchanaburi_Kanchanaburi_Province.html Cassava - https://plants.usda.gov/DocumentLibrary/plantguide/pdf/pg_maes.pdf https://codycovefarm.com/plant-profile-cassava-manihot-esculenta/ Sugar Cane - https://en.wikipedia.org/wiki/Sugar_Kane Rice - https://en.wikipedia.org/wiki/Rice https://www.foodnetwork.com/how-to/articles/how-to-make-perfect-rice-a-step-by-step-guide The story of the great Polish train hack - https://www.railway-technology.com/news/the-story-of-the-great-polish-train-hack/?cf-view CompuServe Headquarters turns 50 - https://abc6onyourside.com/news/local/historical-status-given-to-central-ohio-building-that-once-housed-compuserve Compuserve - https://www.compuserve.com/ https://en.wikipedia.org/wiki/CompuServe PDP-10 Computer - http://www.columbia.edu/cu/computinghistory/pdp10.html Linear Power Supply - https://www.tek.com/en/documents/application-note/understanding-linear-power-supply-specifications Switching Power Supply - https://www.eleccircuit.com/what-switching-power-supply-how-does-it-work/ Asperger's Syndrome - https://www.autismspeaks.org/types-autism-what-asperger-syndrome DietPi - https://dietpi.com/ Debian Linux - https://www.debian.org/ XFCE - https://www.xfce.org/ Systemd - https://www.digitalocean.com/community/tutorials/what-is-systemd MX-23 XFCE (Bookworm) - https://forums.raspberrypi.com/viewtopic.php?t=362478 Thorium Web Browser - https://thorium.rocks/ Waterfox Web Browser - https://www.waterfox.net/ Group Speed Dial (FIrefox) - https://addons.mozilla.org/en-US/firefox/addon/groupspeeddial/ Raspberry Pi 5 - https://www.raspberrypi.com/products/raspberry-pi-5/ PDP-6 - http://pdp-6.net/ MIT - https://web.mit.edu/ MIT Early AI works - https://dspace.mit.edu/handle/1721.1/5460 ZULU Time - https://www.timeanddate.com/worldclock/timezone/zulu Daylight Savings Time - https://www.reuters.com/world/us/what-is-us-daylight-saving-time-why-was-it-created-2023-10-31/ Truck Driver Rules & Regulations - https://truckstop.com/blog/understanding-truck-driving-hours-and-regulations/ Amphetamine - https://en.wikipedia.org/wiki/Amphetamine Men In Black - https://www.imdb.com/title/tt0119654/ Cold War - https://www.britannica.com/event/Cold-War Pershing Ballastic Missle - https://www.lockheedmartin.com/en-us/news/features/history/pershing.html Pershing M26 Tank - https://tanks-encyclopedia.com/ww2/us/m26_pershing.php C4 Plastic Explosive - https://www.military.com/video/ammunition-and-explosives/explosives/c4-explained/1367499806001 Battleship New Jersey - https://www.battleshipnewjersey.org/ B-52 - https://stratofortress.org/history/ Wagner Military Group - https://en.wikipedia.org/wiki/Wagner_Group John Ringo - https://www.simonandschuster.com/authors/John-Ringo/1875432 Ghost (John Ringo book) - https://www.kirkusreviews.com/book-reviews/john-ringo/ghost-3/ Battleship Wisconsin - https://nauticus.org/explore/battleship-exhibits/about-the-battleship/ Jules Verne - https://www.biography.com/authors-writers/jules-verne M28/M29 Davy Crockett Tactical Nuclear Weapon - https://armyhistory.org/the-m28m29-davy-crockett-nuclear-weapon-system/ PTSD - https://www.psychiatry.org/patients-families/ptsd/what-is-ptsd Autistic Spectrum - https://www.cdc.gov/ncbddd/autism/signs.html Dyslexia - https://www.mayoclinic.org/diseases-conditions/dyslexia/symptoms-causes/syc-20353552 Boston - https://www.boston.gov/visiting-boston Clinical Depression - https://www.nimh.nih.gov/health/topics/depression Maine - https://visitmaine.com/ Spread Spectrum Communications - https://www.edn.com/what-is-spread-spectrum-technology/ Israeli Army Unit that recruits autistic teens - https://www.theatlantic.com/health/archive/2016/01/israeli-army-autism/422850/ Open Source - https://opensource.com/resources/what-open-source New Years Resolution - https://www.newsweek.com/new-years-resolution-2022-meaning-origin-ideas-1662947 Mini HDMI Cable - https://www.howtogeek.com/745530/hdmi-vs-mini-hdmi-vs-micro-hdmi-whats-the-difference/ LibreOffice Impress - https://www.libreoffice.org/discover/impress/ Powerpoint - https://www.microsoft.com/en-us/microsoft-365/powerpoint Google Drive - https://www.google.com/drive/ GPD Win 4 - https://www.gpd.hk/gpdwin4 Coreboot - https://www.coreboot.org/ Libreboot - https://libreboot.org/ FOSDEM - https://fosdem.org/2024/ BIOS - https://computer.howstuffworks.com/bios.htm X11 - https://www.baeldung.com/linux/x11 Wayland - https://wayland.freedesktop.org/ Gnome 3 - https://www.gnome.org/getting-gnome/ Mate - https://mate-desktop.org/ Xorg - https://wiki.archlinux.org/title/Xorg Open Suse - https://www.opensuse.org/ KDE - https://kde.org/ Unity - https://unityd.org/ Chromebook - https://www.google.com/chromebook/ ASUS EEE PC 901 - https://www.laptopmag.com/reviews/laptops/asus-eee-pc-901 ASUS EEE PC X101CH - https://www.cnet.com/reviews/asus-eee-pc-x101ch-review/ Star Labs - https://us.starlabs.systems/?shpxid=fc6f3491-925e-4b6c-aba5-4477924fc432 Pulse Audio - https://www.freedesktop.org/wiki/Software/PulseAudio/ Obsessive Compulsive Disorder (OCD) - https://www.nimh.nih.gov/health/topics/obsessive-compulsive-disorder-ocd STEM (Science, Technology, Engineering, & Math) - https://www.lifewire.com/what-is-stem-4150175

00:00 - PreShow Banter™ — RSA Power Moves08:14 - BHIS - Talkin' Bout [infosec] News 2024-05-0609:49 - Story # 1: Shortridge Makes Sense of the 2024 Verizon DBIR15:04 - Story # 2: A recent security incident involving Dropbox Sign20:30 - Story # 3: Sandbox Escape Vulnerabilities in Judge0 Expose Systems to Complete Takeover28:40 - Story # 4: Millions of Docker repos found pushing malware, phishing sites32:53 - Story # 5: 1,400 GitLab Servers Impacted by Exploited Vulnerability42:07 - Story # 6: LastPass goes independent over a year after serious breaches50:16 - Cyber Security Basics for Muggles & Minions with Ashley and Chris50:40 - Story # 7: Ukrainian REvil Hacker Sentenced to 13 Years and Ordered to Pay $16 Million54:12 - Story # 8: Lockbit's seized site comes alive to tease new police announcements56:27 - Story # 9: Systemd v256 Introduces run0: A Safer Alternative to sudo

Josh and Kurt talk about a sudo replacement going into systemd called run0. It sounds like it'll get a lot right, but systemd is a pretty big attack surface and not everyone is a fan. We shall have to see if this ends up replacing sudo. Show Notes Conan O'Brien on Hot Ones Lennart's Mastodon thread xkcd automation

The first LinuxFest is back and better than ever. We share stories and friends from one of the best Linux gatherings of the year: LinuxFest Northwest.Sponsored By:Tailscale: Tailscale is a programmable networking software that is private and secure by default - get it free on up to 100 devices!Kolide: Kolide is a device trust solution for companies with Okta, and they ensure that if a device isn't trusted and secure, it can't log into your cloud apps.Support LINUX UnpluggedLinks:

System D is our topic for today discussing system processes, how do you manage and control processes, services, and fundamental components of Linux operating systems. In this discussion, we cover how to think about it, how it works, alternatives, process controls, and even how they get applied to containers. Containers were a nice bridge from our previous discussions when we were talking about container management systems. If you are interested in Linux and Linux management, Linux automation, this is a good episode for you! Transcript: https://otter.ai/u/KCK3f95lbUEAEzLgA60k-HbDlGk?utm_source=copy_url

Fredrik får besök av Peter Magnusson från grannpodden Säkerhetspodcasten, som hjälper till att reda ut vad som egentligen hänt kring bakdörren i komprimeringsbiblioteket XZ. Under påsken upptäcktes en bakdörr i XZ, som hade potential att ge upphovspersonerna tillgång till maskiner som kör saker som SSH och Systemd. Bakdörren var gömd i binärfiler för testfall, byggd för att inte märkas, och allt som behövdes hade smugits in över tid efter en koordinerad kampanj där upphovspersonerna gavs maintainerbehörighet till XZ. Peter reder ut vad som hänt, framgångar och misstag från angriparnas sida, och ger en säkerhetsinsatts perspektiv på det hela. Det är fascinerande att hela aktionen skett helt i det öppna och helt dokumenterad i text - e-post, commits och så vidare. Dessutom är det intressant att spekulera över vilka som kan tänkas ligga bakom, och vad det betyder med de misstag som faktiskt gjorts i processen och koden. Och givetvis det läskiga i att överarbetade underhållare av öppen källkod kan göras till måltavlor på det här sättet. En ond aktör plötsligt kan ha incitament att bygga upp en helt falsk verklighet kring en specifik person. Vad är chansen att detta är den enda operationen av det här slaget som pågått och kommer att genomföras? Och så måste vi hylla de människor som inte bara accepterar att en ny version av något plötsligt beter sig lite konstigt utan dyker ner och upptäcker händelser som dessa! Ett stort tack till Cloudnet som sponsrar vår VPS! Har du kommentarer, frågor eller tips? Vi är @kodsnack, @thieta, @krig, och @bjoreman på Mastodon, har en sida på Facebook och epostas på info@kodsnack.se om du vill skriva längre. Vi läser allt som skickas. Gillar du Kodsnack får du hemskt gärna recensera oss i iTunes! Du kan också stödja podden genom att ge oss en kaffe (eller två!) på Ko-fi, eller handla något i vår butik. Länkar XZ Peter Tidigare avsnitt med Peter Säkerhetspodcasten Assured Intrångstester Verilog FPGA Arm Trustzone Jesper i Säkerhetspodcasten Tidslinje för XZ-bakdörren SSH Systemd LZMA XKCD-strippen med biblioteket allting bygger på Russ Cox Andreas Freund som hittade bakdörren Intervju med Andreas Freund Debian Sid Hur bakdörren fungerar Länkare RSA-autentisering Lasse Collin Diskussionstrådarna om att lämna över kontrollen över XZ till Jia Tan Säkerhetspodcastens avsnitt om XZ Kodsnacket om och med underhållare av öppen källkod University of Minnesotas oetiska försök att sänka säkerheten i Linuxkärnan Open-source intelligence Fuzzing Clifford Stoll The cuckoo's egg Videor med Clifford Stoll Replay-attacker Ryan Mcbeth ICD 203 RCE - remote code execution NSA Tailored access operations Dual-EC DRBG Git rewrite Solarwinds-hacket Rob Menching - A microcosm of interaction in open source projects Theo T3.gg - What everyone missed about the Linux hack OWASP CI/CD topp tio Podden Fredrik lyssnade på The perfect backdoor is indistinguishable from a bug Mario Heiderich från Cure53 Mario och Angular

The battle of init systems is real. But should it be?

We're breaking down the attack: how it works, how it was hidden, and why time was running out for the attacker.Sponsored By:Tailscale: Tailscale is a programmable networking software that is private and secure by default - get it free on up to 100 devices!Kolide: Kolide is a device trust solution for companies with Okta, and they ensure that if a device isn't trusted and secure, it can't log into your cloud apps.Support LINUX UnpluggedLinks:

Endlich die Ausgabe 333. Mit Issos.. ihr wisst schon. Außerdem mit Floppys, nostalgische Spielmomenten und viel RUST.

Chris spends the week in a VR desktop, revealing the glitches, gains, and VR's open-source future.

Deploying Nextcloud the Nix way promises a paradise of reproducibility and simplicity. But is it just a painful trek through configuration hell? We built the dream Nextcloud using Nix and faced reality. Special Guest: Alex Kretzschmar.

Last year, we had some predictions about what 2023 would bring. How'd we do? There's some news to cover from the past two weeks, like the release of the Fedora Asahi spin, Wayland *not* breaking everything, and the very cursed diagonal monitor mode that only Linux supports. SystemD adds encrypted boot support, Chimera OS might be worth a look for your HTPC, and the Fedora stearing committe is weighing a round of interesting changes for Fedora 40, like unifying /bin and /sbin. Then we cover predictions for 2024, like the importance of Ubuntu's next LTS, AMD's GPU outlook, the future of Cosmic, and how exciting 2024 is going to be for desktop Linux users. We cover our favorite tips from the year, and sneak in a couple more aliases you might want to use. You can find the show notes at https://bit.ly/3veYhix and join us next time for a whole new year of Linux! Host: Jonathan Bennett Co-Hosts: Rob Campbell, Ken McDonald, and Jeff Massie Club TWiT members can discuss episodes in the Club TWiT Discord.

Last year, we had some predictions about what 2023 would bring. How'd we do? There's some news to cover from the past two weeks, like the release of the Fedora Asahi spin, Wayland *not* breaking everything, and the very cursed diagonal monitor mode that only Linux supports. SystemD adds encrypted boot support, Chimera OS might be worth a look for your HTPC, and the Fedora stearing committe is weighing a round of interesting changes for Fedora 40, like unifying /bin and /sbin. Then we cover predictions for 2024, like the importance of Ubuntu's next LTS, AMD's GPU outlook, the future of Cosmic, and how exciting 2024 is going to be for desktop Linux users. We cover our favorite tips from the year, and sneak in a couple more aliases you might want to use. You can find the show notes at https://bit.ly/3veYhix and join us next time for a whole new year of Linux! Host: Jonathan Bennett Co-Hosts: Rob Campbell, Ken McDonald, and Jeff Massie Club TWiT members can discuss episodes in the Club TWiT Discord.

https://youtu.be/CYZte822pzE Forum Discussion Thread (https://forum.tuxdigital.com/t/246-linux-mint-debian-security-flaws-linux-blue-screen-of-death-nextcloud-amp-more-linux-news/6106) On this episode of TWIL (246), we've got new releases from Linux Mint, systemd, Debian and more. We've also got some new security stories to talk about from bluetooth flaws and firmware attacks to 23AndMe being back in the news in a less than ideal way. All of this and more on this episode of This Week in Linux, Your Source for Linux GNews! Download as MP3 (https://aphid.fireside.fm/d/1437767933/2389be04-5c79-485e-b1ca-3a5b2cebb006/2e528e6b-a692-44b1-a49f-b78b30b65127.mp3) Supported by: LINBIT = https://thisweekinlinux.com/linbit (https://thisweekinlinux.com/linbit) Want to Support the Show? Become a Patron = https://tuxdigital.com/membership (https://tuxdigital.com/membership) Store = https://tuxdigital.com/store (https://tuxdigital.com/store) Chapters: 00:00 TWIL 246 Intro 00:35 Linux Mint 21.3 Beta Released - [ link (https://www.linuxmint.com/rel_virginia_whatsnew.php) ] 04:52 Systemd 255 Released - [ link (https://github.com/systemd/systemd/releases/tag/v255) ] 09:23 Debian 12.4 Released - [ link (https://www.debian.org/News/2023/20231210) ] 10:31 Nextcloud Hub 7 Released - [ link (https://nextcloud.com/blog/nextcloud-hub-7-advanced-search-and-global-out-of-office-features/) ] 14:30 LINBIT - [ link (https://thisweekinlinux.com/linbit) ] 15:54 Critical Bluetooth Flaw Affects Android, Apple & Linux Devices - [ announcement (https://github.com/skysafe/reblog/tree/main/cve-2023-45866), link (https://www.darkreading.com/vulnerabilities-threats/critical-bluetooth-flaw-exposes-android-apple-and-linux-devices-to-keystroke-injection-attack) ] 17:16 New LogoFAIL Firmware Attack - [ link (https://thehackernews.com/2023/12/logofail-uefi-vulnerabilities-expose.html) ] 19:08 23andMe Updates User Agreement to Prevent Data Breach Lawsuits - [ link (https://www.bleepingcomputer.com/news/security/23andme-updates-user-agreement-to-prevent-data-breach-lawsuits) ] 22:17 Meta Announces End-to-End Encryption in Messenger - [ announcement (https://engineering.fb.com/2023/12/06/security/building-end-to-end-security-for-messenger/), link (https://www.eff.org/deeplinks/2023/12/meta-announces-end-end-encryption-default-messenger) ] 24:24 W4 Games Raises $15M For Godot Game Engine - [ link (https://w4games.com/2023/12/07/w4-games-raises-15m-to-drive-video-game-development-inflection-with-godot-engine/) ] 25:52 Outro

Systemd brings a killer Windows feature to Linux! Syncing your funny picture folder with Rclone, fetching github info from the command line, and a M.2 HAT for the Raspberry Pi 5.

This week Noah and Steve discuss picking out a vHost and considerations for deploying it into production. -- During The Show -- 02:00 Types of AI Amount of compute required is astronomical Foundational model vs tweaking 05:55 Kid Friendly distro? - Chris Endless OS (https://www.endlessos.org/) What age to give kids a computer Why give a kid a computer Why Endless OS OpenDNS Filtering 14:13 Serial Connection To Proxmox VMs - Michael Client Setting Host Setting Enable the serial console Proxmox Wiki (https://pve.proxmox.com/wiki/Serial_Terminal) 17:15 pfSense blocking active connections - Bradly Stateful firewalls don't break active connections/sessions 21:00 News Wire EXT4 Corruption Bug - LWN (https://lwn.net/Articles/954285/) Gnome 45.2 - Gnome (https://discourse.gnome.org/t/gnome-45-2-released/18358) Libreoffice 7.6.4 - Libreoffice (https://www.libreoffice.org/download/release-notes/) Jellyfin Android TV App - Jellyfin (https://jellyfin.org/posts/androidtv-v0.16.0/) Jellyfin Roku App - Jellyfin (https://jellyfin.org/posts/roku-200) Debian 12.4 - Debian (https://www.debian.org/News/2023/20231210) Alpine Linux 3.19 - Alpine Linux (https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.19.0) Linux 6.8 Dropping Old Graphics Drivers - Phoronix (https://www.phoronix.com/news/Linux-6.8-No-More-UMS-ioctls) NSA & ESF Recommended Practices - NSA (https://www.nsa.gov/Press-Room/Press-Releases-Statements/Press-Release-View/Article/3613105/nsa-and-esf-partners-release-recommended-practices-for-managing-open-source-sof/) OpenZeppelin Vulnerability - Bleeping Computer (https://www.bleepingcomputer.com/news/security/multiple-nft-collections-at-risk-by-flaw-in-open-source-library/) Bluetooth Authentication Bypass - Silicon Angle (https://siliconangle.com/2023/12/07/critical-bluetooth-security-flaw-discovered-google-apple-linux-devices/) Krasue RAT - The Hacker News (https://thehackernews.com/2023/12/new-stealthy-krasue-linux-trojan.html) Automatic LLM AI Jail Break - Robust Intelligence (https://www.robustintelligence.com/blog-posts/using-ai-to-automatically-jailbreak-gpt-4-and-other-llms-in-under-a-minute) EU AI Act - Reuters (https://www.reuters.com/technology/eus-ai-act-could-exclude-open-source-models-regulation-2023-12-07/) Purple Llama - Info World (https://www.infoworld.com/article/3711284/meta-releases-open-source-tools-for-ai-safety.html) Apple Open Sources AI Tools - The Stack (https://www.thestack.technology/apple-quietly-open-sources-key-ai-tools/) Systemd 255 - The Verge (https://www.theverge.com/2023/12/7/23992512/linux-blue-screen-of-death-bsod-systemd-update) - Phoronix (https://www.phoronix.com/news/systemd-255) 24:00 Beeper Mini First impression, really cool but will only work till Apple notices Android users clearly want modern features 3 days after release, it all came to a halt Apple's FUD statement Beeper mini enabled security for non Apple users Apple's response reduces security and privacy Apple's response protects the iMessage lock-in effect Issue with other "encrypted apps" Focus of Beeper Beeper cloud uses its own cloud server Give beeper mini a review Beeper blog post (https://blog.beeper.com/p/beeper-mini-is-back) 37:45 vHost Hardware What is a vHost What does Steve consider network drives RAM CPU Lots of compute nodes vs a few large nodes Stage 1 - is it viable $1k-50k quotes Started with 2 vdevs with 3 drives Stay under 85% Stage 2 Scale up DELL EMC POWEREDGE R7425 8 BAY LFF SERVER 2x AMD EPYC 7451 H330 3 PCI RISER RPS DELL PowerEdge R6525 1U Server 2 x AMD EPYC 7542 2.9Ghz CPU 256 GB No HDD Can save a lot buying used Local vs Central storage Data centralized qcow2 on vHost 2 vdevs 2 disks per vdev Dell EMC KTN-STL3 drive shelf 15 disks in 2U Requires LSI SAS9200-8e NetApp DS4246 24 disks in 4U Requires LSI SAS9200-8e QSFP SFF-8436 Mini SAS SFF-8088 Cable Don't store Nextcloud data on OS qcow2 disk There will always be a single point of failure Change ZFS settings based on data being stored Easiest way to get a vHost up and running KVM vs "appliance OS" Bridging vs MAC vTap RAM is likely your biggest constraint Ubuntu libvirt doc (https://ubuntu.com/server/docs/virtualization-libvirt) -- The Extra Credit Section -- For links to the articles and material referenced in this week's episode check out this week's page from our podcast dashboard! This Episode's Podcast Dashboard (http://podcast.asknoahshow.com/367) Phone Systems for Ask Noah provided by Voxtelesys (http://www.voxtelesys.com/asknoah) Join us in our dedicated chatroom #GeekLab:linuxdelta.com on Matrix (https://element.linuxdelta.com/#/room/#geeklab:linuxdelta.com) -- Stay In Touch -- Find all the resources for this show on the Ask Noah Dashboard Ask Noah Dashboard (http://www.asknoahshow.com) Need more help than a radio show can offer? Altispeed provides commercial IT services and they're excited to offer you a great deal for listening to the Ask Noah Show. Call today and ask about the discount for listeners of the Ask Noah Show! Altispeed Technologies (http://www.altispeed.com/) Contact Noah live [at] asknoahshow.com -- Twitter -- Noah - Kernellinux (https://twitter.com/kernellinux) Ask Noah Show (https://twitter.com/asknoahshow) Altispeed Technologies (https://twitter.com/altispeed)

In the latest episode, we delve into the rapidly evolving AI ecosystem and its implications for us as Elixir developers, highlighting the potential hazards of relying on proprietary services like OpenAI and the benefits of self-hosted, open-source AI models. We touch on the Elixir LangChain library, how Elixir's position of running our own AI models strengthens us, and the governance and financial risks of depending on a single AI provider. Tune in for why these topics matter and how they shape the future of development in the context of Elixir, plus the holiday season's impact on our show schedule, and more! Show Notes online - http://podcast.thinkingelixir.com/179 (http://podcast.thinkingelixir.com/179) Elixir Community News - https://twitter.com/chris_mccord/status/1724861258548052109 (https://twitter.com/chris_mccord/status/1724861258548052109?utm_source=thinkingelixir&utm_medium=shownotes) – Chris McCord teased a new visual on Twitter resembling a colorful flame logo with the text "Soon™", with more details to come. - https://hauleth.dev/post/who-watches-watchmen-ii/ (https://hauleth.dev/post/who-watches-watchmen-ii/?utm_source=thinkingelixir&utm_medium=shownotes) – Hauleth's blog post explores creating an Elixir service supervised by SystemD, building on his series about managing BEAM applications. - https://www.elixirstreams.com/tips/how-page-title-is-updated (https://www.elixirstreams.com/tips/how-page-title-is-updated?utm_source=thinkingelixir&utm_medium=shownotes) – German Valesco explains the updating of the page_title in Phoenix LiveView with a tip and video demonstration. - https://dockyard.com/blog/2023/11/08/three-years-of-nx-growing-the-machine-learning-ecosystem (https://dockyard.com/blog/2023/11/08/three-years-of-nx-growing-the-machine-learning-ecosystem?utm_source=thinkingelixir&utm_medium=shownotes) – Sean Moriarity discusses the past three years and the future of the Elixir Machine Learning Ecosystem and Nx in a blog post on Dockyard. - https://twitter.com/TheErlef/status/1726654135750066390 (https://twitter.com/TheErlef/status/1726654135750066390?utm_source=thinkingelixir&utm_medium=shownotes) – Announcement of the 3rd edition of a BEAM-focused devroom at the 2024 FOSDEM conference, set to take place in Brussels. - https://beam-fosdem.dev/ (https://beam-fosdem.dev/?utm_source=thinkingelixir&utm_medium=shownotes) – FOSDEM's BEAM devroom, an event for the Elixir community and enthusiasts, provides details about the upcoming sidetrack. - https://www.youtube.com/playlist?list=PLqj39LCvnOWbHaZldxw_g02RaTQ4vQ1eY (https://www.youtube.com/playlist?list=PLqj39LCvnOWbHaZldxw_g02RaTQ4vQ1eY?utm_source=thinkingelixir&utm_medium=shownotes) – The official playlist of ElixirConf US videos, with several more sessions expected to be added. - https://www.youtube.com/watch?v=nw-030FD0Qc&list=PLqj39LCvnOWbHaZldxw_g02RaTQ4vQ1eY&index=46 (https://www.youtube.com/watch?v=nw-030FD0Qc&list=PLqj39LCvnOWbHaZldxw_g02RaTQ4vQ1eY&index=46?utm_source=thinkingelixir&utm_medium=shownotes) – ElixirConf US video of Rafal Studnicki discussing keeping real-time auctions running during rollouts. - https://www.youtube.com/watch?v=P44hFAhKPao&list=PLqj39LCvnOWbHaZldxw_g02RaTQ4vQ1eY&index=47 (https://www.youtube.com/watch?v=P44hFAhKPao&list=PLqj39LCvnOWbHaZldxw_g02RaTQ4vQ1eY&index=47?utm_source=thinkingelixir&utm_medium=shownotes) – Tyler Young's ElixirConf US presentation on migrating data without downtime. - https://www.youtube.com/watch?v=4XaB4XWg-Qg&list=PLqj39LCvnOWbHaZldxw_g02RaTQ4vQ1eY&index=48 (https://www.youtube.com/watch?v=4XaB4XWg-Qg&list=PLqj39LCvnOWbHaZldxw_g02RaTQ4vQ1eY&index=48?utm_source=thinkingelixir&utm_medium=shownotes) – Michał Śledź's session at ElixirConf US on rewriting Pion in Elixir. - https://www.youtube.com/watch?v=E9pZP5jUYZg&list=PLqj39LCvnOWbHaZldxw_g02RaTQ4vQ1eY&index=49 (https://www.youtube.com/watch?v=E9pZP5jUYZg&list=PLqj39LCvnOWbHaZldxw_g02RaTQ4vQ1eY&index=49?utm_source=thinkingelixir&utm_medium=shownotes) – Andrew Berrien introduces ECSx and discusses a new approach to game development in Elixir at ElixirConf US. - https://www.youtube.com/watch?v=F42B6AZ879Q&list=PLqj39LCvnOWbHaZldxw_g02RaTQ4vQ1eY&index=50 (https://www.youtube.com/watch?v=F42B6AZ879Q&list=PLqj39LCvnOWbHaZldxw_g02RaTQ4vQ1eY&index=50?utm_source=thinkingelixir&utm_medium=shownotes) – Geoffrey Lessel's introduction to Vox, a static site generator for Elixir enthusiasts, at ElixirConf US. - https://adventofcode.com/ (https://adventofcode.com/?utm_source=thinkingelixir&utm_medium=shownotes) – Advent of Code is approaching, presenting new coding challenges starting December 1st with a new rule against using AI for leaderboard rankings. - https://twitter.com/ljgago/status/1724917401462997413 (https://twitter.com/ljgago/status/1724917401462997413?utm_source=thinkingelixir&utm_medium=shownotes) – Leonardo Gago tweets about his kino_aoc smart cell to assist with Advent of Code puzzles in Livebook. - https://github.com/ljgago/kino_aoc (https://github.com/ljgago/kino_aoc?utm_source=thinkingelixir&utm_medium=shownotes) – GitHub repository for KinoAoc, a Livebook smart cell created by Leonardo Gago for solving Advent of Code puzzles. Do you have some Elixir news to share? Tell us at @ThinkingElixir (https://twitter.com/ThinkingElixir) or email at show@thinkingelixir.com (mailto:show@thinkingelixir.com) Discussion Resources - The discussion explores the AI ecosystem's influence on Elixir developers, addressing risks and dependencies unrelated to Elixir itself. - Concerns are raised about the dangers of building on top of OpenAI and the risk of service outages, as experienced with an AI fitness trainer. - Open-source AI models are discussed as viable alternatives that offer the possibility of self-hosting and independence from proprietary systems. - Mention of the Elixir LangChain library signifies an interest in being able to seamlessly switch AI models without altering application code. - The discussion covers the risks of government regulation, policy changes, financial and governance uncertainties, and how they could affect dependencies on single AI providers. - An industry desire for regulatory measures is expressed, aiming to build a legal buffer that could protect from competition. - The conversation questions the broader implications of reliance on AI, including why the topic is intriguing and why self-hosted, open-source models are crucial. - Arguably, Elixir is considered to have a strong position for running self-managed AI models, highlighting the alignment with open-source philosophies. - Looking to the future, Elixir is positioned well to do this. - A final note touches on the holiday season's effect on the podcast's show schedule with potential changes or pauses in the regular programming. Find us online - Message the show - @ThinkingElixir (https://twitter.com/ThinkingElixir) - Message the show on Fediverse - @ThinkingElixir@genserver.social (https://genserver.social/ThinkingElixir) - Email the show - show@thinkingelixir.com (mailto:show@thinkingelixir.com) - Mark Ericksen - @brainlid (https://twitter.com/brainlid) - Mark Ericksen on Fediverse - @brainlid@genserver.social (https://genserver.social/brainlid) - David Bernheisel - @bernheisel (https://twitter.com/bernheisel) - David Bernheisel on Fediverse - @dbern@genserver.social (https://genserver.social/dbern) - Cade Ward - @cadebward (https://twitter.com/cadebward) - Cade Ward on Fediverse - @cadebward@genserver.social (https://genserver.social/cadebward)

Try the new version of Thunderbird (it's now my email & calendar client of choice!): https://mzla.link/tb-flatpak

Can we build an indestructible server that stands up to the test of giving out root login to the Internet?

Live vom CCCamp 2023 aus Mildenberg in Brandenburg. Mit Felix, Ingo und Sebastian als Gast. Wir sprechen vor allem über das Chaos Communication Camp.

SHOW NOTES ►► https://tuxdigital.com/podcasts/this-week-in-linux/twil-228/

On this episode of This Week in Linux, Asahi Linux announced a major change with a new flagship distro for using Linux on Apple Silicon. GNOME and KDE released some exciting news for their respective desktop environments. systemd has a cool new feature called soft reboot and we have a whole lot of distro news […]

The boys are back, this week, we talk about SystemD, Gnome's new Window management, and more KDE Plasma 6 Updates. ==== Special Thanks to Our Patrons! ==== https://thelinuxcast.org/patrons/ ===== Follow us

I've been meaning to put down my thoughts about SystemD for the HPR community for some while, so here goes. I want to say that I am not a SystemD hater. When SystemD was a hot topic of debate, many became irrational over it, but I want to start by saying that I don't think it's a bad technology. I think it is a rather good technology. I just don't want it on my personal computer. So I would like to run things down in this order: what is it (as in, what is it really,) what makes it a good technology, why I don't want it now (but might later,) and a few tips for you if you decide that you don't want it currently. SystemD Is not an init system. SystemD includes an init system. SystemD Init was faster than SysVInit, but SystemD Init isn't the fastest init system, and SysVInit now has a parallelization helper, at least on Debian. So, if SystemD Init is not SystemD, than what is SystemD? To understand this we must first understand something about Linux. Linux operates under a model where there are root processes, and there are user processes. These two kinds of processes are usually called "layers." SystemD is actually a third layer, that can be called a system layer. So when SystemD is added to a Linux system, that changes the system so that there are three layers, a root layer, a user layer, and a system layer. As such, you now ask SystemD to set how the system runs. This is why SystemD includes things like an init system, because if you want to change what the system is running, you ask SystemD to change it. SystemD then messages an appropriate system to implement the change, like messaging its init system to bring up or bring down a system daemon. Once you play out this in your head a bit, you really realize that SystemD acts more like a message passing system in this regard. So why do I say SystemD is a good technology? Because this can standardize system control. Without SystemD a fleet of computers becomes like individual fingerprints or unique snowflakes. If you manage many computers, as many professional IT people do, you want them to all run the same, all have the same profiles and general configurations. So if you have a bunch of computers you are running, you can run a lot more if they are all run the same way. If your job requires you to run 10,000 webservers, you want them to run identically because it is impossible to keep an understanding of 10,000 unique configurations in a human head. SystemD really shines in its support of virtualization as well. So to speak of servers, I used to run an email server for a few friends. Each of us had a userid and number as unix users. The mapping of unix userids and postfix userids can get confusing when it gets big. Thanks to SystemD's virtualization work, you can actually put a service like email into a namespace situation so that it has only the users root and the daemon user id (like "postfix"), so SystemD greatly enhances security for server installations. This might help explain its dominance in linux distributions that have been traditionally server-centric, such as debian and redhat. So why don't I don't want it? Well, I've been doing a lot of talking about professional computer work and corporate work environments, but I use a "Personal Computer" as a hobby. I've been out-of-industry for decades now. And when I say "Personal Computer" I'm not talking a hardware specification, rather I'm talking about "This is my personal computer where I do things my way, as opposed to my work computer where I do things my companies way". Dear listener, please remember that I did the first community show contribution to HPR, and my topic was about personalization. For me, a hobbyist interested in operating system experimentation, I don't want a system layer, I want a traditional unix-like system that operates on a two-layer model and does things my way, nobody else's way. So, what advice can I give to those who don't want SystemD now? Well, recently I've left Debian. Debian, you see, supports init system diversity, but as you now know dear listener, that is different than being without SystemD. You may have heard that SystemD is linux-specific, that is to say that it runs only on linux, not anything like a BSD system or a Windows system. But you may be curious to know that it is also Gnu-libC specific. Which means that the C compiler must use GNU's libC standard library. Thus, if you have a system built around the Musl C standard library like Alpine or Void, or a system like Android that runs on the Bionic C Standard library, you wont have a SystemD system. I'm personally learning Void as its package manager supports both binary and a ports collection much like the BSD's. But that is what I'm doing on my personal computer, I leave you in the freedom to do things your way on your personal computer!

systemd is a service manager for Linux. It is the first process that runs on many Linux distributions and manages all other user processes. It includes utilities for logging, process isolation, process dependencies, socket activation, and many other tasks. psystemd is a python library to communicate with systemd over dbus from python as an alternative to shelling out from an application to control services. Anita Zhang is an engineerd managerd at Meta and Alvaro Levia is a production engineer at Meta. I attended their systemd workshop at the Southern California Linux Expo. Topics covered: What's systemd? Giving talks and workshops cgroups and namespaces systemd timers vs cron Migrating from CentOS 6 to 7 Production engineers need to go lower in the stack to debug applications Meta's Linux userspace team Use of public cloud at Meta Meta's bootcamp Pystemd Mastodon Anita Zhang Alvaro Leiva Workshop systemd workshop Conference talks Journey into the Heart of systemd - Scale 19x Systemd: why you should care as a Python developer - PyCon 2018 Move Fast without Breaking things - Scale 18x Solving All the Problems with systemd - LISA18 Using systemd to high level languages - All Systems Go! The Curious Case of Memory Growth - Scale 19x Related Links systemd psystemd systemd-run systemd-timers Transcript You can help edit this transcript on GitHub. Introductions [00:00:00] Jeremy: So today I'm talking to Avaro Leiva and Anita Zhang. Avaro is the author of the pystemd library and he's a production engineer at Meta. And Anita is an engineerd managerd at Meta, and I'll let her explain that further. [00:00:19] Jeremy: But thank you both for joining me today. [00:00:21] Anita: Yeah, thanks for having us. [00:00:24] Jeremy: I guess where we could start, Anita, maybe you could explain a little bit your, your title that I just gave you there. engineerd managerd [00:00:31] Anita: Yeah, so by default I, I should be a software engineering manager, but when I transitioned to management, I was not, Ready to go public with, um, my transition. So I kind of hid it by, changing the title. we have some weird systems in place that grep on like the word engineer. So I had to keep engineer in there somehow. and so I kind of polled my friends what I should change my title to, and they're like, oh, you're gonna support the systemd team, so you should change it to like managerd. So I was like, sounds good. engineerd, managerd. I didn't wanna get kicked out of any workplace groups, for example, that required me to be an engineer. [00:01:15] Jeremy: Oh, okay. [00:01:17] Anita: Or like engineering function, I guess. [00:01:19] Jeremy: Yeah. Yeah. And you just gotta title it yourself, so as long as you got engineer in it, you're good. [00:01:24] Anita: Yeah, pretty much. Some people have really fun titles like Chief Potato Officer and things like that. [00:01:32] Jeremy: So what groups does the, uh, the potato officer get to go in? [00:01:37] Anita: Yeah. Not the C level ones. (laughs) What's systemd? [00:01:42] Jeremy: I guess maybe to, to start, we should explain to people who aren't familiar, uh, what systemd is. So if either of you wanna wanna take that one. [00:01:52] Alvaro: so people who doesn't know, right? So systemd is today is your init system, right? Is the thing that manage your, your process. and the best way to understand this, it is like when your computer, it needs to execute something. And that's something is what we call pid one. And that pid one is the thing that is gonna manage everything from now from there on, right? Uh, in the most basic level, if you remember how to, how does program start, how does like an idea becomes a program? Uh, you need to fork exec, right? So that means that something has to be at the top of that tree and that is systemd. now that can be anything, right? So there was a time where that was like systemv and there was also like upstart, uh, today's systemd is the thing that, uh, it's shipped in most distributions. [00:02:37] Jeremy: Yeah, because I, I definitely remember when I first started working with Linux, uh, it was with CentOS 6, and when I would want to run a service, I would have to go and write a bash script and kind of have all these checks for, is this thing running? Does it have permission to these things, which user is it running as, and so there was a lot of stuff that I remember having to do before systemd came out. [00:03:08] Alvaro: The good old days as we call them, [00:03:11] Jeremy: Or the bad old days. [00:03:13] Anita: Yeah. Depending on who you ask. [00:03:15] Alvaro: Yeah. So, so that is super interesting because, um, During those time, like you said, you have to write a first script. That means that you were basically yourself, your own service manager, right? So ideas as simple as, is my program running? There was no real answer. You have to figure it out, right? So if you run a program, uh, you maybe would create a pid file which hold the p or the pid of the process, of the main process, right? And then something needs to check, oh, is this file exist? Does the file exist and does the content of this file actually match to a process? And then you grab the process. So it was all these ideas that you had to do, and then for, you have to do it for every single software that you would deploy on your machine, right? That also makes really hard to parallelize stuff, right? Because you have no concept of dependencies. So if your computer has to put, uh, I, I dunno if you remember like long time ago, like Linux machine would, takes like five minutes to boot like your desktop. I remember like openSUSE. I can't remember, like 2008, 2007. Uh, it would take like five minutes to boot and then Ubuntu came and, and it start like immediately. And it was because, you can parallelize things, but you cannot do that if all you're running are bash script. Why was systemd chosen to be included in Linux distributions? [00:04:26] Jeremy: I remember before the Linux distributions didn't include it. And I wonder if you have any insight into how systemd got chosen to be the thing to manage our processes and basically how we got to where we are today. [00:04:44] Anita: I mean, we can kind of speculate a little bit. at the time when Lennart started systemd, um, with. Kai Sievers probably messed up his name there. Um, they were all at Red Hat and Red Hat manages fedora these days and I believe fedoras kind of like the bleeding edge for a lot of the new software ideas. Um, and when they picked up systemd as the defaults, um, eventually it started to trickle down to the rest of their distributions through RHEL and to CentOS and at the same time, I think other distributions started to see how useful it was in terms of managing all the different processes and services. Um, I know Debian at one point had kind of a vote on like whether they should make systemd either default or like, make it easy to switch between both. And then they decided to just stick with systemd because it's, I mean, the public agrees that it's like easy to use and it's more useful. It abstracts away a lot of things that they had to manually do before Who is interested in systemd? Who comes to your talks and workshops? [00:05:43] Jeremy: Something I've been kind of curious about. So just this year at SCaLE uh, you ran a, a workshop teaching people how to use systemd and, and sort of what it is about. I guess when, when you get people coming to these workshops, what are they typically, where are they typically coming from? Are they like system administrators or are they software developers? Like when you run these workshops, who are you looking for as your audience? [00:06:13] Alvaro: To be fair, this was the first time that we actually did a workshop for this. But we have like, talk about this in, in many like conferences. here's what happened, right? So every time that you put systemd on the title of, uh, of a talk, you are like baiting people into coming in, right? Because you do want to hear like some people who are still like reluctant from that war that happened like a few years ago. Between systemd and Ups tart right? most of the people who we get are, I would say like, software engineers, people who do software, and at least the question that I always get a lot, it is like, why should I care about systemd um, if I run everything on my containers in my Docker containers, right? The other type of audience that you get, you do get system administrators. Uh, but in general those people only cares about starting and stopping services don't really care about like the, like the nice other features that systemd has to offer. And then you get people who just wanna start like flame wars and I'm here for them. Why give talks and workshops on systemd? [00:07:13] Jeremy: In previous years, you've given conference talks and, and things like that related to systemd. And I wonder for, for both of you where, where the, the interests came from, where this is something that you feel strongly enough about that you wanna give talks about it. Because it's like, a lot of times when people give a conference talk, it's about, like new front end technology or some, you know, new shiny thing. Whereas systemd is like, it's like very valuable, but it's something that I feel like a lot of people don't think about. And so I'm just kind of curious where the interest came for, for both of you. [00:07:52] Anita: I think I just like giving talks and teaching in general. So if I have work that I found really exciting or interesting, then I'd want to like tell people about it and like teach them and like show them something cool. I think systemd is kind of a really good topic in that case because a lot of people want to learn more about it. Today there's like lots of new developments going on in systemd. So there's like a lot of basic stuff that you can learn, but also a lot of new advanced topics that are changing every year as well. aside from that, there's also like more generally applicable things. Like everyone wants to know how to debug something if you're like a software engineer or developer or even a sysadmin. Um, so last year I did a debugging talk. there's a lot of overlap I'd say how about you Alvaro? [00:08:48] Alvaro: For me, it, my interest in systemd started in, back when I was working on Instagram, we needed to migrate from CentOS6 to CentOS7. and that was the transition where you would have like a random init system to systemd, right? So we needed to migrate all of our scripts from like shell script to whatever shell script is going to interact with systemd. And that's when I was like, I don't like this. So I also have a thing where if I find something that doesn't have an Python API for it, I go and create a Python api. So I, I create pystemd like during that time. And I guess for me, the first reaction was when I was digging up systemd was like, whoa, can systemd do that? Like, like really, like I can like manage, network firewalls, right? Can I, can I stop my service from actually accessing the internet without having to deal with iptables at the time? So that's kind of like the feeling that I wanted to show people when I, when we do these these talks and, and these workshops, right? It's why like most of our talks, eh, have light demos in them because we do want to show people like, Hey, like, this is real. You can use it. [00:09:55] Jeremy: I don't know if this was a conscious decision on your part, but the thing about things like systemd is they, they feel like more foundational things that don't change that quickly. Like if you look at front end development, for example, at at meta you've got React, and that ecosystem changes so often that it's like there's always this new thing, you learn the way to do it and then it changes, right? Whereas I feel like when you're in the Linux user space and you're with systemd, like they're adding new things, but the, the. Foundations kind of stay the same. I'm not sure if that sounds accurate to both of you. [00:10:38] Anita: Yeah, I'd say a lot of the, there are a lot of stable building blocks in systemd, but at Meadow we also have a kernel team, which is working on like new kernel features all the time. They take years possibly to adopt, but with systemd, if we're able to influence the community and like get those kernel features in earlier, then like we can start to really shape what the future of operating systems look like. So it's not, it's very like not short term, uh, work that we're doing. It's a lot of long term, uh, work. [00:11:11] Jeremy: Yeah, that's, that's interesting in that I didn't even think about the fact that you are sitting at the, the user level with systemd, but you kind of know what you want. And so if there's things that the kernel can do to support that, you're having that involvement. With the open source community, make sure that you have your, your say get put in there. Yeah. [00:11:33] Anita: Mm-hmm. [00:11:35] Alvaro: It, it goes both way, right? So one part it is like, yeah, sure, we want features and we create them. Um, and we actually wanted to those to be upstream because we like, one thing that you should, you should never do is manage internal patches for like, things like the kernel, because that's rebase hell. Um, but you also want to be like part of the community and, and, and, and get the benefit of like, being part of it. Who should care about systemd? [00:11:59] Jeremy: And so, like one thing you mentioned ear earlier, Alvaro, is that people will sometimes ask you, I'm running my application in, in Docker containers. Why do I care about systemd? So, so maybe you could explain like, how you would respond to that. Yeah. [00:12:17] Alvaro: Well for more, for most people who actually run their application container I'd say like, no, you probably shouldn't care. Right? Like, you're good where you are. But in general, like, like system is foundational in the sense that it is the first thing that your computer boots your computer doesn't boot off of Docker or Kubernetes or, or any like that. So like something has to run these applications. there's also like a lot of value is that not all applications exist in the vacuum. Like, uh, like let me give you an example. Like if you have a web server, When people are uploading stuff to the web server, you will upload temporary things and then you have to clean it up after a while. So you may want to take advantage of systemd timers or cron or, or whatever you want, right? While the classical container view is that your pid one of the container is the application that you're running, right? So you do want to have like this whole ecosystem, Not all companies can run on containers. not everything can run in containers. So that's basically where all the things start to, to getting into shape. There's a lot of value in understanding how programs actually like exist, right? With the thing that I told you at the beginning of how an idea becomes a program understanding like, like you hit, you are in your bash, right? And you hit ls Star full enter, right? What happened in your machine? Understanding all the things, uh, there is a lot of value and understanding how systemd works. It's, it, it provides, uh, like that knowledge for you. [00:13:39] Jeremy: So for the average engineer at Meta who is relying on your team to deploy their, their code, I guess, if that's the right term, do you think that they're ever needing to think about systemd or is that kind of more like the responsibility of your team and they're just worried about like, I put my thing into my container and I don't, I don't worry about it. [00:14:04] Anita: I think there's like a whole level of the stack that sh ideally we should not even care or know that we're running systemd below them. I think that's, say we're doing our job well, cuz then the abstraction is good enough that they don't have to worry about it. But there's like a whole class of engineers below that that have to, you know, support the systems that run our on bare metal and infrastructure and make it happen. And those are the people who really care about what we're putting in systemd or like what the corner cases are and things like that. [00:14:37] Jeremy: Yeah, that, that makes sense. I mean, one of the talks that was at SCaLE was, uh, Brian Cantrill um, he gave a talk about the forgotten operator, and he was talking about how people forget that there are actual servers behind all the things we're deploying to, right? [00:14:55] Anita: Mm-hmm. [00:14:55] Jeremy: There is a person that you're racking the machines and plugging the power, and like, even though there's all these abstractions in front, that still exists. And so it sounds like things happening at the kernel level and the Linux user space and systemd that's also true because all this infrastructure that people are using to deploy their software on your team is the one who has to keep that running and to keep that running, they need to understand, uh, systemd and, and all these foundational Linux pieces. Yeah. [00:15:27] Anita: Mm-hmm. Yeah. [00:15:29] Alvaro: Like with that said um, I, and maybe it's because I'm very close to to, to the source. Um, and, and you know, like, like I said, like when, when all your tool is a hammer, everything looks like a nail? Well, that hammer for me, a lot of the times it is like even like cgroups or, or namespaces or even like systemd itself, right? there is a lot of times where, um, like for instance, a few years ago we have not, like, like last year or something, uh, we had an application that was very was very hard to load, right? It used a lot of memory. And so we start with, with a model where we would load like a, like a parent process and then child process would deal with, with, um, with the actual work of the thing, the classical model of our server. Now, the thing is that each of the sub process that would run would need to run, uh, on a separate set of privileges, right? So it would really need to run as different users. And that was like very easy to do. But now we actually wanted to some process to run with a, with only view of the file system while the parent process actually doesn't have to do that, right? Uh, or we want to limit the amount of CPU that a child process would use. So like all of these things, we were able like to, to swap it out uh, with using like systemd and, and, uh, like, like a good, Strategy for like, you create a process, you create a new cgroup, you put that into the cgroup, you create the namespace, uh, you add this process into that namespace, and then you have like all this architecture, and it's pretty free because forking it's free in general. [00:17:01] Anita: Actually, Alvaro's comment reminded me of like why we even ended up building the systemd team in the first place. It's kind of like if we have all these teams trying to touch cgroups on their own or like manage processes on their own, they're all gonna do it a different way and not, all of them will be ideal or like, to put it bluntly, I guess, we're really aiming to try and provide like a unified, really good foundational experience, for the layers above us. And so, systemd and the other things that go into the operating system are a step to get there. What are cgroups and namespaces? [00:17:40] Jeremy: And so for someone who's not familiar with the concept of cgroups or of namespaces, could you kind of give like a brief description? [00:17:50] Anita: so namespaces are, uh, we're talking about the kernel feature where, um, there are different ways to isolate, uh, different resources to the process or like, so that they have their own view of certain things, the network or, the processes and things like that. Um, and Cgroup stand for control groups. It's, at meta we only use Cgroups v2 which is a way to organize your processes into, Kind of like a directory view. but processes will be grouped into different, folders, shall you say, but that allows you to, uh, manage the resources between different groups of processes, which is how systemd does its services. [00:18:33] Alvaro: So a, a control group will allow you to impose restrictions on how each system uses the resources, right? So with a cgroup, you can say, only use 20% of cpu, and the, and the kernel will take care of that. Uh, while namespace it is basically how you view the system around you. So like your mount directory like, like where does your home points to? that's, I would say it's more on the namespace side of things. So one is the view then one is the actual, the restrictions. And like Anita said, like systemd does a very clever thing. It doesn't have two, is not the. It's not why cgroups exist, but every time that you start a systemd service, systemd will create a cgroup for that service and will put every process in that cgroup, even though all cgroups would end up being the same, for instance. But eh, you can now like have a consolidated list of what process belong to a service. So a simple question like, like what services has my Apache web service started? That's show you how old I am. But yeah, you can answer that now because you just look at the cgroup, you don't look at the process tree. [00:19:42] Jeremy: So it, it sounds like the, the namespacing is maybe more for the purposes of security, like you said, giving you a certain view of your, your system. and the cgroups are more for restricting resources, but also, like you said, being able to see what are all the processes, um, are associated. Um, so that you, you don't have a process that spins up other processes and then you don't know who owns those, and then you don't know how to shut 'em all down. That, that takes care of that for you. [00:20:17] Alvaro: So I, I always reluctant to use the word security or privacy. I would like to use the word isolation. Yeah. And then if people want to impose the idea of security and privacy to those, that's fine, but it's, but it's mostly about isolation. [00:20:32] Anita: Yeah. Namespaces are what back all the container technologies are. Anytime you run things in a container, it's probably using some kind of name spacing. But yeah, you, you kind of hit the nail in the head. Isolation versus like resource control [00:20:46] Alvaro: As Anita just said that's what fits on containers, uh, namespaces and cgroup like a big mix of those. But that doesn't mean that the only reason why those things exist are for containers. You can take advantage of those technologies without actually having to think of a container. systemd timers vs cron [00:21:04] Jeremy: Something you had mentioned a little bit earlier is, is how systemd has other features and one of them was, was timers. And I was kind of curious, cuz you said you could, you wanna schedule a job, you can run it using cron or you can run it using systemd timers. And it, I feel like whenever I see people scheduling jobs, they're always talking about cron but, but not so much about systemd timers. So I was curious if you had any thoughts on that. [00:21:32] Anita: I don't know. I feel like it's used pretty interchangeably these days. Um, like even when people say cron they're actually running a systemd timer with the cron format, for their time. [00:21:46] Alvaro: So the, the advantage of of systemd timers over cron is, is basically two, right? The first one it is that, you get more control on the time, right? So you have monotonic and absolute times, right? Which is basically like, you can say like this, start five minutes after the previous run. Or you can say this, start after five minutes after the vote, right? So those are two type of time, that is the first one, uh, which may be irrelevant for most people, but that's it. Uh, the other one is that you actually have advantage over the, you take full advantage of systemd, right? In current you say run this process, right? And how that process run, it's basically controlled by the process itself, right? So if you, uh, like if the crontab is for the user, that's good for you, but if you want to like nice it or make it use less cpu, that's what it is. Well, with systemd you say, This cron will start the service and the service, you take full fledged advantage of all the things a service can do. [00:22:45] Jeremy: From what I could tell, looking at the, the timers api, it, it felt like it would be a lot easier to kind of see when things ran, get, you know, get a log of, I ran this time job and it, it failed. Um, it seemed like systemd had a lot more kind of built in to, to kind of look into that. but, uh, yeah, like Anita was saying, like when you, you hear kind of cron all the time, but like you said, maybe it's, maybe they're not actually using cron all the time. They're just saying cron [00:23:18] Alvaro: Well, I would say this for cron like the, the time, the time, uh, syntax for it, it's pretty, it's pretty easy to understand, even though I never remember where, I remember where weekday is, right? The fourth, which one is which? [00:23:32] Jeremy: I, I'm with Anita. I need to look it up whenever I'm gonna use it. (laughs) [00:23:36] Anita: Yeah. I use a cron translator when I have to use cron format. [00:23:41] Alvaro: This is like, like a flags to tar, right? Like, I never remember which, which flags to put. [00:23:48] Anita: Yeah, that's true. [00:23:50] Alvaro: We didn't talk about this, we haven't talked about systemd-run, but one of the advantages of the, one of the advantages of using timers is that you can schedule them on demand, right? So like cron if you wanna schedule something over time, you need to modify the cron the cron file. Uh, and that's, it's problem right? With systemd, you can have like ephemeral units and so you can say like, just for now, go and run this process five hours from now. Like, and after that, just forget about it. [00:24:21] Jeremy: Yeah, the, during the workshop you mentioned systemd-run and I hadn't even heard of it. And after I saw that I was like, wow, this, this could be really useful. [00:24:32] Alvaro: It is quite useful. How have things changed at meta? [00:24:34] Jeremy: One of the things you had mentioned, I, I guess you've, you've been at Meta for, for quite a while and you were talking about how you started with having all these scripts you were running on CentOS 6 and getting off of that to something more standard. I wonder if you could speak a little bit to that, that process. Like what did things look like then and, and how have they they changed over the years? [00:25:01] Alvaro: I would say the following thing, right? Like Anita said, like for most engineers, the day to day of things don't really change that much, because this is foundational things, right? So if you have to fundamentally change the way that you run applications every couple of years, then you waste a lot of time, right? It's not the same as you say, like react where, or, or in the old days, angular where angular one, angular two, angular three, and then it's gone, right? Like, so, so I, I would say it like for the average engineers things don't change that much, uh, for the other type of engineers, like, like us who we, who that we really care about, like how things run. like having a, an API where you can like query the state of your service. Like if like asking like, is my service running with an API that returns true or false, that is actually like a volume value that you can like, Transferring in your application, uh, that, that helps a lot on, on distributed systems. a lot of like our container infrastructure that we use internally at Meta is based on a lot of these ideas and technologies. [00:26:05] Anita: Yeah, thinking back to the CentOS 6 to 7 migration, I wasn't on like the any operating systems team at the time, but I was working with them and I also was on a team that had to migrate, figure out how to migrate our scripts and things over. so the one thing that did make it easy is that the OS team, uh, we deploy all our things using Chef. Maybe you've heard like Puppet and Ansible, that's our version, the Open Source Chef code. Um, and they wrote some really good documentation on how to migrate, from Runit, which is what we were using before to systemd. it was. a very large scale effort across multiple teams to kind of make sure their stuff works, do the OS upgrade and then get used to using systemd. [00:26:54] Jeremy: And so the, the team who is performing this migration, that's not the product team. That would be the, is it production engineering? Is that, is that what you called that? [00:27:09] Alvaro: So, so I was at the other side of, of that, of that table where I, the same as Anita, we were doing the migration more how most things work at Facebook is that it's a combination of the team that is responsible for the technology and the teams who uses the technology. Right. So we are a company, so we. Can like, move together. it's the same thing when you upgrade kernels. Most of the time the kernel team will do the effort to upgrade the kernels, and when they hit a roadblock or something, they will call for the owner of the service and the owner of the service can help debug uh, for the case of CentOS 6 and CentOS 7, eh, I was the PE at Instagram P Stand for Production Engineer. I was the PE at Instagram who did most of the migration of our fleet. So I, I rewrote most of the things because I understand how our things work, and the OS team provide like the support to understanding like, like when can I use some things, when can I use not other things. There was the equivalent of ChatGPT at those days, right? I was just ask them how to do stuff. They will gimme recipes. so, so it it's kind of like, like a mix, uh, work, uh, between those two teams. Uh, Anita, maybe you can talk a little bit about what you talk when you were upgrading the version of systemd and you found a bug? [00:28:23] Anita: Oh, the, like regular systemd upgrades nowadays? I, I'd say it's a lot easier these days. I mean, since the, at the time when we did the CentOS 6 to 7 migration, it was like, our fleet was a lot more fragmented. I'd say nowadays it's a lot more homogenous, which makes, which makes it easier. yeah, in the early versions there were some kind of obscure like, interactions with the kernel or like, um, we, we make pretty heavy use of systemd to run our container system. So, uh, if we run into any corner cases, um, like pretty obscure stuff sometimes, because we make pretty heavy use of the resource control properties. we usually those end up on the GitHub tracker, things like that. [00:29:13] Alvaro: That's the side effect of hiring very smart people. They do very smart things that are very hard to understand. (laughs) [00:29:21] Jeremy: That's kind of an interesting point about you, you saying you're using these, these features, you know, of the kernel very heavily because, you're kind of running your own infrastructure, I think even your own data centers, so you're kind of forced to go to this level, it sounds like just because of the sheer number of services you're running and the fact that like, you have to find a way to pack 'em all onto the same machine. Does that, does that sound right? [00:29:54] Anita: Yeah, I'd say at, at our scale, like it's more cost effective to act, own the servers and run all everything on it ourselves versus like, you know, leasing from, uh, AWS or something, which we've also explored in the past. But that also means we need more engineers to build and run things on our servers. [00:30:16] Jeremy: Yeah. So the, the distinction between, let's say you're a, a small company or a mid-size company and you pay AWS or, or Google to, to do your hosting for you, then you may not necessarily get exposed to a lot of the, the kernel level problems or even the Linux user space problems because you're, you're working at a higher level and that's why you don't necessarily encounter those kinds of things. [00:30:46] Anita: I'd say not, not necessarily. I think, once you get even like slightly lower in the stack where you're just like on your own server, Then you will want to start really looking into like what systemd's doing, how does it interact with other, uh, services, um, on your server, and how can you like connect these different features together? [00:31:08] Alvaro: One of the things that every developer who who works like has to worry about is log right, and that, and that's the first time that you actually start interacting with systemdata available, right? So you have to understand, like maybe it's not just tail /var/log foo, but log right. Maybe it's just journalctl and it's like, what? But yeah. [00:31:32] Jeremy: Yeah. That's a good point too about whenever you're working with the operating system, like you're deploying onto a Linux machine. Regardless of the distribution, if you're the person who's responsible for that, you, you need to know this stuff. Right. Otherwise it's kind of like, you're just putting stuff out there and hoping for the best. Yeah. [00:31:54] Alvaro: Yeah. There, there's also another thing that, I dunno if I've said this before, but, a lot of the times you don't have to know these technologies, but knowing them will help you do your work better. [00:32:05] Jeremy: Yeah, totally. I mean, I think that that applies to pretty much anything in, in development, right? I, I've heard often that some people will say, you take the level that you work at currently and then kind of just go down one level. Right. And then, so you can kind of see what's underneath that. And you don't necessarily need to keep digging, cuz eventually if you keep digging, you're getting into, you know, machine instructions and whatnot. But, um, Yeah, maybe just one level is, is good to, to give you a better sense of what's happening. Production engineers need to go lower in the stack to be able to debug applications [00:32:36] Alvaro: Um, every time that I, that I, that somebody ask me like, what is the difference between a PE and a SWE, uh, software engineer, production engineer, typical conference, uh, one of the biggest difference that I, that I say is that a PE would tends to ask a lot of questions going the same thing that you're saying, we're trying to go down the stack, right? And I always ask the following question, eh, do you know how time dot sleep is implemented? Right? Do you like, like if you, if you were to see time dot sleep on your Python program, like do you actually know what is doing under the hood, right? Is it a while true? While the time, is it doing a signal interrupt? Is it doing a select on a file descriptor with a timeout? Like what is it doing? would you be able to implement it? And the reason why I say this, because like when you're debugging an application, like somebody something's using your cpu, right? And then you see that line on your code, you. You can debug every single line of your code. But also there's a lot of value to say like, no time.sleep doesn't cause CPU to spike. Right. Because it's implemented in a way that it would not be possible to do that. Meta's linux user space team [00:33:39] Jeremy: Another thing that I think might be kind of interesting to talk about is, so Meta has this Linux user space team. And I, I wonder like including your role in it, but just as a whole, like what does that actually mean day to day? Like, what are the kinds of problems people are facing that, a user space team would be handling? [00:34:04] Anita: Hmm. It's kind of large cuz now that the team's grown out to encompass a few other things as well. But I'll focus on the Linux user space part. the team started off, on the software engineering side as the systemd developer team. So our job was really to contribute to the community. and both, you know, help with, problems and bugs that show up in upstream, um, while also bringing in new features, that we think would be useful both at Meta and to like, folks, in the Linux community as a whole. so we still play a heavy role in, systemd. We also support it, uh, within the fleet, like we roll out new releases and things like that. but we're also working on a few other projects in. User space. Um, BP filter is one of them, which is, uh, how can we convert like IP tables and network filtering, into BPF programs. Um, on the production engineering side, they focus a lot on, the community engagements. So in addition to supporting CentOS they also handle, or they like support several packages in Fedora, Debian and other distributions, really figuring out how we can, be a better member of the open source community, and, you know, make connections there and things like that. [00:35:30] Jeremy: And, and what was your, your process for getting in involved with this team? Because it sounded like maybe it either didn't exist at the start, or it was really small and, and now it's really, really grown. [00:35:44] Anita: So I was kind of the first member of like the systemd team, if you would call it that. Um, it spun out of containers. So my manager at the time, who's now my director, was he kind of made a call out on workplace looking for people who'd be willing to, contribute to systemd. He was, supporting the containers team at the time who after the CentOS 7 migration, they realized the potential that systemd could have, making their jobs a lot easier when it came to developing the container backend. and so along with that, they also needed someone to help, you know, fix bugs, put in new features and things that would, tie into the goals of the containers team. Um, and eventually now our host management team, I was the first person who reached out to him and said, Hey, I wanna give this a try. I was on the security team at the time and I always had dreams of going back into like, operating systems development and getting better at it. So yeah, that's kind of how I ended up in this space. A few years later, he decided, Hey, we should build a team and you should like hire some people who will also do this with you and increase our investments in systemd. so that's how we kind of built out the Linux user space team to encompass systemd and more like operating system, projects. Working on the internal security team vs the linux userspace team [00:37:12] Jeremy: And so when you were working on the security team before, was that on software internal to meta or were you also involved with, you know, the open source, user space side as well? [00:37:24] Anita: That was all internal at the time. Which was kind of a regret because there was a lot of stuff that I would've liked to talk about externally. But I think, moving to Linux user space made me realize like, oh, there's so much more potential in open source projects, in security, which is still like very closed source from our side. [00:37:48] Jeremy: And, and so like in your experience, what have been some of the big differences? I mean, definitely getting to talk about it is a big one. but like in terms of your day-to-day, what are the big differences between working on something internal versus something that that's open source? [00:38:04] Anita: I have to talk more with external folks. we're, pretty regular members of like the systemd like conclave sync that we have with the other upstream maintainers. Um, Oh yeah. There's a lot more like cross company or an external open source community building that we have to do. it kind of puts into perspective like how we manage our time and also our relationships versus like internally, like everyone you work with works at Meta. we kind of have, uh, some shared leadership at the top. it is a little faster to turn around, um, because, you know, you can just ping people on work chat. But the, all of the systems there are closed source. So, um, there's not like this swath of people outside that you can ask about when it comes to open source things. [00:38:58] Jeremy: You can't, can't look in, discord or whatever for questions about, internal meta infrastructure to other people. It's gotta be. all in the same place. Yeah. [00:39:10] Anita: Yeah. And I'd say with like the open source projects, there's a lot of potential to tap into, expertise and talent that just doesn't exist internally. That's what I found really valuable, cuz people have really great ideas outside as well. Um, and we should like, listen to them and figure out how to build that into their systems and also ours Alvaro's work at meta [00:39:31] Jeremy: And, Avaro, I don't know when you first started, was that on internal, infrastructure and tooling as well? [00:39:39] Alvaro: Yeah, so, um, my path is different than Anita and actually my path and Anita doesn't share any common edges. so I, I don't work at the user space or the Linux kernel or anything. I always work in teams adjacent to it. Uh, but. It's always been very interesting to know these technologies, right? So I started working on Instagram and then I did a lot of the work in containers in migrations at where, where we build psystemd and also like getting to know more about that technologies. We did, uh, a small pilot on using casync which is a very old tool that like, it's only for the fans, (laughs) it's still on systemd repository, I dunno if that's used or anything, but it was like a very cool idea of how to distribute images. Uh, and in Instagram we do very fast deployments. So we deploy, or back then we used to deploy the source code, of Instagram every seven minutes, right? So every seven minutes, every time that a developer did commit to master, uh, we pushed that into production in less than an hour and we did that every seven minutes. So we were like planning to, to use those technologies for that. Um, And then I moved to another team inside of Meta, which is called Cloud Foundation, where we do a lot of like cloud infrastructure, uh, like public cloud. Uh, that's the area, that is very much not talked much about. but I keep like contributing to, to like this world. never really work on, on, on those teams inside of Meta. [00:41:11] Jeremy: So I guess it's your, your team is responsible for working with the engineers who work on product to be able to take their code and, and deploy it. And it's kind of like you work in combination with the user space team or the systemd team to make sure that what you're doing can be supported by them. Is that kind of an accurate description? [00:41:35] Alvaro: Yeah, that's, that's, that's definitely not an exhaustive description, but yeah, that's the, we, we, we do that. Public cloud at meta [00:41:42] Jeremy: It's interesting that you're, you're talking about public cloud now. So when you move to public cloud, are you using VMs kind of like you would in a data center, or is it, you're actually looking at the more managed services and things like that? [00:41:57] Alvaro: So I'm gonna take a small detour and say like, something that is funny. When I got hired by Facebook, we were working on Instagram. So Instagram was just an acquisition for, for, for meta right. And Instagram ran on AWS. So why wasn't the original team who were moving stuff from AWS into the internal data centers at Meta? On the team that I work now, uh, we work to support workloads that cannot run on meta infrastructure either for legal reasons, or for, for practical reasons. Right, because we don't have the hardware, uh, capability or legal resource because the government ask us, like, this cannot be on, on your data center or security, right? We don't wanna run this, this binary that we don't understand on our network. We do want to work in isolation. and the same thing that Anita was saying, where their team are building the common ways of using these tools, like systemd, and user space. we do the same thing, but for using cloud technologies. So in a way that is more similar to meta. So that's the detour now the, to answer your actual question, uh, we do a potpourri of things, right? So since we manage infrastructure and then teams deploy their code, they are better suited to know how their code, gets to run. Uh, with that said, we do have our preferred ways of how you would run stuff. and it's a combination of user containers, uh, open source containers, and and also like VMs There's a big difference between VMs and meta and in public cloud [00:43:23] Jeremy: So it, it sounds like in this case, you're, you're still using VMs even in public cloud, so the way that you do deployments, the location is different, but the actual software and infrastructure that you're running is, is similar. [00:43:39] Alvaro: So there's there's a lot of difference. Between the two things, right. So, the uniformity of hardware at Facebook, or our data centers, makes deploying things very simple, right? while in, in the cloud, you first, you don't get that uniformity because everybody like builds their AMIs as, as they want to build it. But also like a meta, we use, one operating system, in the cloud, you are a little bit more free of what you want. And one of the reasons why you want to go to the cloud is because you can run stuff on. On, on, on the way that that meta will run. Right? So, so even though we have something that are similar, it's not as simple like, oh, just change your deployment from like this data center to like whatever us is one think you would run. [00:44:28] Jeremy: Can, can you give an example of something where you wouldn't be able to run it on Meta's, image that they would choose to go to public cloud to run a different image for? [00:44:41] Alvaro: So, um, so in, in general, like if the government ask us, like, this is not necessarily like, like the US government, right? So, and like if the government ask us like, hey, like you need to keep this transaction on, on our territory, right? for logs, for all the reasons, for whatever, right? like, and, and we wanted to be in the place, we would have to comply. And that's where we will probably use this, this kind of technologies security is another one that is pretty good. And the other one, it is like, in it general, like, like, uh, like disaster recovery, right? If, if meta is down in a way where we cannot communicate with each other using metas technologies, right? Like you would need to have like a bootstrap point. [00:45:23] Jeremy: Is, is it the case where you are not able to put, uh, meta's image up into public cloud? Because you were, The examples you gave was more about location, right? Where you're saying we need to host in public cloud because it needs to be in this country, but then I think you were also saying the, the actual images you would use on AWS right. Would be. I don't know, maybe you'd be using Amazon Linux or maybe you'd be using a different, os entirely. And is that mainly because you're just not able to deploy the same images you have, uh, in-house? [00:46:03] Alvaro: So in, in, in general, uh, this is kind of like very hard to to explain, but, but, uh, if, if we would have to deploy code to a, machine and that machine would, would, would be accessed by people who are not like meta employees and we have no way of getting them to sign NDAs then we would not deploy meta code into that machine. Uh, because that's Sorry. No, not Pi PI's personal information. I was, uh, ip, sorry, that's that's the word. Yeah. Yeah. [00:46:31] Jeremy: So, okay. So if there's, so if you're in public cloud, there's certain things that you just won't put there just because. Those are only allowed to run on Metas own infrastructure. [00:46:44] Alvaro: Yeah Meta's bootcamp [00:46:44] Jeremy: Earlier you were talking about Instagram was an acquisition and they were in AWS were, were you there at the time or you joined, after? [00:46:54] Alvaro: No, I joined. I joined after I joined to, to meta. The way that Meta does hiring, at least for my area, is that you get hired as a production engineer, but you don't get assigned to a team. So you go through a process called boot camp where you get to try different teams and figure out what things you like. I try a couple of different teams, turns out that I like it to work at the Instagram. [00:47:15] Jeremy: And so at that time they were already running on Facebook's internal infrastructure and they had migrated off of AWS [00:47:24] Alvaro: We were on the process of finishing that migration. [00:47:28] Jeremy: So by the time you were there, yeah. Basically get, getting everything out of AWS and then into meta's internal. [00:47:35] Alvaro: Yeah. And, and, and everything is, is a very hard terms to, to define. Uh, I would say like, like most of all, like the bulk of things we were putting it in inside, like, at least what we call our Django servers. Like they were all just moving into internal infrastructure. How Anita started [00:47:52] Jeremy: This kind of touches on the, the whole boot camp thing, but, Anita, I saw that you, you interned at Facebook and then you took a position there, when you ended up taking a position, I'm kind of curious what were the different projects you looked at or, or how did you end up settling on the one you chose? [00:48:11] Anita: Yeah, I interned, um, and I joined straight out of university. I went into bootcamp similar to Alvaro and I got the chance to explore several different teams. I knew I was never gonna do UI that was just like not my thing. Um, so I focused, uh, my search on all like backend infrastructure teams. Um, obviously security, uh, was one of them because that's the team I was in interning on. Um, I also explored, the kind of testing infra team. we call it sandcastle. It runs our internal like unit tests and things. and I also explored one of the, ads infrastructure backend teams. so it was mainly just, you know, getting to know the people, um, seeing which projects appealed to me the most. Um, and then, you know, I kind of chose based on that, I, I think I've always chosen. My work based on how interesting the project sounded, uh, which has worked out in my favor as far as I could tell. How Alvaro started [00:49:14] Jeremy: How, how about, you Alvaro what were the, the different projects you looked at when you first started? [00:49:20] Alvaro: So, As a PE you do have a more restrictive, uh, number of teams that you can, that you can join. Uh, like I don't get an option to work in ui. Not that I wanted, but, (laughs) I, I, it's, it's so long ago. Uh, I remember I did look at, um, at MySQL as a team, uh, that was also one of the cool team. Uh, we had at that time, uh, distribute, uh, engine, uh, to, to run work, like if, like celery or something like that. But internally, I really like the constable distribute like workloads, um, and. I can't remember. I think I did put, come with the Messenger team, that I, I ended up having like a good relationship with their TL their tech lead, uh, but never actually like joined that team. And I believe because she have me have a, a PHP task and it was like, no, I'm not down for doing PHP [00:50:20] Jeremy: Only Python. Huh? [00:50:21] Alvaro: Exactly. Python. Python. Because it's just above C level. Psystemd [00:50:27] Jeremy: I mean related to that, you, you started the, the psystemd project. And so I wonder if you could explain what the context behind that was. Like what sparked I need to make this, this library? [00:50:41] Alvaro: So it's, it's a confluence of two things. The first one, it is like, again, if I see something that doesn't have a Python API for it, I. Feels the strong urge to create one. I have done this a couple of times, mostly internally, but also externally. that was one. And when, while we were doing the migration, I, I, I honestly, I really hate text processing. So the classical thing was like, if you wanna know if your application's running, you do systemctl, you shell out to systemctl status, then parse the output, find the, find the status column. Okay. And I didn't like that. And I start reading about like, systemd uh, and I got in contact with the or I saw like the dbus implementation of systemd. And that was, I thought that was a very interesting idea how that opened all the doors. Right? Uh, so I got a demo working like in a couple of hours. and then I said like, okay, now how do we make this pythonic? And then I created that and I just created, again, just for migrating Instagram. That was the idea. Then, uh, one of the team members who work with Anita, but also one who doesn't work with us anymore, they saw this and said like, Hey, like this looks like a good thing to open source it. So it was like, sure, like I'm happy to opensource it. So we opensource it and then we went to all System Go, which is a very nice interesting conference that happened in Berlin where like all the head for like user space get together. and, and I talk about it and people seems to like it, and that's the story of that. [00:52:15] Jeremy: And so this was replacing, I guess, like you were saying, a lot of people were shelling out and running cat commands and things like that from their Python scripts. And this was meant to be a layer on top of that. [00:52:30] Alvaro: Yes. So it, it does a couple of things. So first of all, inspecting the processes or, or like the services, getting that information out. That's one of the main usage. But also like starting or stopping or like doing all that operations that you want to do. Uh, knowing the state of, of, of services, uh, that's also another thing that people take advantage of. The other thing that people take advantage of is to modify the status of the, of the processes at runtime, like changing properties, like increasing or decreasing the CPU threshold. because systemd provides a very nice API or interface to modify the cgroups properties that otherwise you would need to kind of understand the tree structure that, uh, that, that whatever. so that's what people tend to use this mostly internally. [00:53:23] Jeremy: And so it, it sounds like at least on the production engineering side, you're primarily working in, in Python. is that something that's the teams before were using Python and so everybody just continues using Python? Or is there kind of like more structure or thought put into that? [00:53:41] Alvaro: I would say the following thing about it, um, like in in general, uh, there's, there's not a direction on which language you should use. It's pretty natural which language you should use, but with without said, there's not a Potpourri of languages inside of, of meta. most teams use c c plus plus Python and rust and that's it. There's go, that appears every once in a while there. Sorry, I should not talk about this like, like, or talk like this about this, but eh, there are team who are actually like very fond of go and they use it and they contribute a lot to that space. It's just not. That much, uh, use internally. I have always gravitated towards Python. That has been the language that teach me how to do real coding. and that's the language that got me a job at meta. So I tends to work mostly on that. Yeah. [00:54:31] Anita: Hey, you forgot hack Alvaro. Our web services. (laughs) [00:54:37] Alvaro: Yes. Yes. Uh, so I would say like, the most used language at Meta is actually PHP it's just like used by, by one particular product. That, that is the Facebook product. Yes. So our, our entire web interface, eh, or web stack uses a combination of hack, which is a compiled php, which is better than uncompiled php, also known as vanilla php. Uh, there is a lot of like GraphQL, React, and, I think that's it. [00:55:07] Anita: Infrastructure is largely like c plus plus Python, and now Rust is getting a huge following as well. [00:55:15] Alvaro: Yeah. Like, like Rust. Rust is, I I would say it's the fastest growing language inside, inside of Meta. And the thing is that there is also what you call like the bootstrap problem. Um, there's like today, if I wanted do my python program and I have a function that fails one every three times, I can add a decorator that is retry, that retries every time that something fails for a timeout, right? And that's built in and it's there used and it's documented. And I can look at source code that uses this to understand how, how works. When you start with a new language, you don't get the things. So people have to build them. So there's the bootstrap problem. [00:55:55] Jeremy: That's also an opportunity as well, right? Like if you are the ones building sort of the foundations, then you, you have an opportunity to be the ones who have the core libraries that people are, are using every day. Whereas if a language has been around a while, it's kind of, some of that stuff is already set, right? And you may or may not like the APIs, but that's what people use. So that's what we, that's what we do. One of the last things I'd kind of like to ask, so Anita, you moved into management in just the last year or two or so, and I'm kind of curious what your experience has. Been like, was that a conscious decision where you wanted to go from engineering, uh, software engineering to management? Or maybe you could talk a little bit to that. [00:56:50] Anita: Oh man, it hasn't even been a year yet. I feel like so much time has passed already. Uh, no, I never had any plans to go into management. I love being an engineer. I love being in the code. but, I'd say my, my current manager and uh, my director, you know, who hired me into the Linux user space team, kind of. Sold me a little bit on the idea of like, Hey, if you wanna like, keep pushing more projects, you wanna build out the team that you wanna see working on these things, um, you can consider going into management, taking it slow in a, what we call a T L M role, which is like a tech lead manager, role where you kind of spend some time doing development, and leading the team while also supporting, the engineers as a manager doing the hiring and the relationship building and things that you do in management. so that actually worked out quite well for me, despite Alvaro shaking his head at first. I really enjoyed being able to split my time into kind of the key projects that I really wanted to work on, um, while also supporting the engineers and having them build out, um, New features in systemd and kind of getting their own foothold in the community as well. but I'd say like in the past few months, it's been pretty crazy. I, I probably naively thought that I'd have a little more control over, I don't know. My destiny has a manager and that's like a hundred percent not true. (laughs) Um, you're, you are kind of at both the whims of your engineers and also the people above you. And you kind of have to strike that balance. But, um, my favorite part still, just being able to hide the nasty stuff away from the engineers, let them focus on their work and enjoy what engineers wanna do best, which is just like coding, designing, and like, you know, doing fun, open source stuff. [00:58:56] Alvaro: I will say like, Anita may laugh about me for, because like she's on the other side, but one thing that I least I find very cool at Meta is that managers are not seen as your boss. Right? They're still like a teammate who just basically has a different roles. This is why like when you're an engineer, you can transition to be a manager and that's, it's not considered a promotion that's considered like a, a like an horizontal step and vice versa, you can come back, right. from a manager into, into like an engineer. Yeah. [00:59:25] Jeremy: That was what I would say. And, uh, I guess when you were shaking your head, I'm guessing this means you, you don't wanna become a manager anytime soon. [00:59:35] Alvaro: So I, I never closed the door on that, but I was checking my head to the work of a tlm. Right. Uh, so the tlm TL stands for Tech Lead and m stands for manager. so you're basically both, but with the time of only one. So, uh, Anita was able to pull it off. I don't think I would be able to pull up like, double duty on that. [00:59:56] Anita: Yeah. Unfortunately I support too many people now to do the TL stuff as deeply as I used to, but I still have find some time to code a little bit here and there. [01:00:09] Jeremy: So you were talking a little bit about how things have been crazy the last few months. If, if someone is making the transition into management, like what are the kinds of things that you would tell them to, to look out for or to be aware that's coming? [01:00:27] Anita: Um, when I, before I transitioned, I talked to a lot of managers about like, oh, what was like, you know, the hardest part about management. And they all have kind of their own horror story about what happened to them when they transitioned or even like, difficult things that happened to them during management. I'd say don't expect it to be easy. you're gonna make a lot of mistakes usually in like the interpersonal relationship side, and it's really just about learning how to learn from your mistakes, pick back up and do better next time. I think, um, you know, if people like books, the Making of a Manager by Julie Jo, she was a designer, and also a manager, at then Facebook. She's no longer here. but she has a really good book on like what you can expect when you transition into management. the other thing I'd say is don't go into management without having a management chain that you can really trust. I'd say that can kind of make or break your first few years as a manager, whether you'll enjoy it or not, or even like whether you'll be able to get through the hard times. [01:01:42] Jeremy: Good point. Yeah. I mean, I think whenever you take on anything new, right? Having the support of the people above you or just around you as well is like, that makes such a big difference, right? Even like the situation can be bad, but if everyone is supportive, then you can, you can get through it. [01:02:02] Anita: Yeah, that's absolutely right. [01:02:04] Jeremy: I think that's a good place to wrap up unless either of you have anything else that you thought we should have talked about. so if people want to check out what you're working on, what you're up to, um, how can they find you? [01:02:20] Anita: well, I guess we're both on matrix now. Uh, I'm Anita Zha on Matrix, a n i t a z h A. we both have Twitters as well. If you just search up our names. Nope. Yeah, you're on Twitter. Yeah. [01:02:36] Alvaro: There is an impostor with my name, right? Actually it's not an impostor. It's just me. I just never log into Twitter anymore. [01:02:40] Anita: We both have Mastodon now as well? Yes. Fosstodon we're both frequently at conferences as well. what's, what's coming up next? I think it's, uh, devconf cZ in the Czech Republic. and then, uh, all systems go in September. [01:02:57] Alvaro: You sent something in Canada? [01:03:01] Anita: Oh, yeah. L F F L F S M M B P F is coming up. That's a, that's more of a kernel conference, though. [01:03:09] Alvaro: An acryonym that is longer than the actual word. Yes. Yeah. [01:03:12] Jeremy: That's a lot. That's a lot of letters. [01:03:14] Anita: It's a, it's a mouthful. (laughs) [01:03:18] Jeremy: That's very neat that you get to, to kind of go to all these different conferences and, and actually get, to meet the people in, in person that are, you know, working with the same things you are and, get to be in the same room. I think that's a, that's a real privilege. Yeah. [01:03:35] Anita: Yeah, for sure. [01:03:38] Jeremy: All right. Well, Anita and Alvaro, thank you so much for chatting with me today. [01:03:43] Alvaro: Thank you for hosting. [01:03:45] Anita: Yeah. Thanks for the opportunity. This is a lot of fun.

How we found peace with the Linux community's perpetual debates; and our tricks for finding the signal from the noise.

Now that we're both on new PCs in the last six months, it's time for us to run through some of our experiences and offer a few (hopefully new) tips for anyone else building a machine. Join us as we talk shop this week about recent BIOS trends, our love of portable apps, unconventional cloud storage strategies, much handwringing about motherboard vendor drivers, Windows package managers, some hefty praise for WSL2 (plus a dangerous digression into the varied feelings about systemd), and more.Some of the less common software mentioned in this episode, which is all easy to Google:Rufus (the full-featured disk imager for making OS install media)PowerToys (make Windows way better)Chocolatey, WinGet, and scoop (the Windows package managers)Input Director (Will's software KVM solution)rclone (command line cloud storage manager)HWiNFO (the gold standard hardware monitor)OCCT (hardware  stability and stress testing)LatencyMon (diagnose audio/video latency issues in Windows)Lastly, the Wired article about the capsized cars: https://www.wired.com/2008/02/the-race-to-save-the-cougar-ace/Support the Pod! Contribute to the Tech Pod Patreon and get access to our booming Discord, your name in the credits, and other great benefits! You can support the show at: https://patreon.com/techpod

https://thehomelab.show/The sponsor for today's episodehttps://www.linode.com/homelabshowhttps://lawrencesystems.com/https://www.learnlinux.tv/

Why Fedora 38 might Sway you to try it; and how it runs on the MacBook M1 Max.

In the Security News: Rorschach, QNAP and sudo, why bother signing things, why bother having a password, why bother updating firmware, smart screenshotting, TP-Link oh my, music with Grub2, byte arrays and UTF-8, what is my wifi password, Debian and systemd, opening garage doors, downgrade your firmware to be more secure, exploit databases, this is like a movie, unsolved CTFs, and Near-Ultrasound Inaudible Trojans! All that and more on this episode of Paul's Security Weekly!   Visit https://www.securityweekly.com/psw for all the latest episodes!   Show Notes: https://securityweekly.com/psw779

A fresh take on open-source funding, Fedora's plan for better encryption out of the box, and our impressions of the latest Ubuntu Beta.

What we're liking about GNOME 44, how Microsoft's Linux distro is trying to attract more users, and we bust a CentOS myth.

Our favorite features in Linux 6.2, the Hollywood tool getting open-sourced, and a systemd update you need to know about.

Microsoft's Linux distro, CBL-Delridge, is no more. However, the Technado team discussed the alternative in CBL Mariner. They also covered version 252 of Systemd, Dropbox's private Github repos getting exposed, the Red Cross looking to create a digital emblem, and AstraZeneca accidentally exposing patient data. Finally, they looked at a mistake within the Linux kernel affecting certain processes.

Microsoft's Linux distro, CBL-Delridge, is no more. However, the Technado team discussed the alternative in CBL Mariner. They also covered version 252 of Systemd, Dropbox's private Github repos getting exposed, the Red Cross looking to create a digital emblem, and AstraZeneca accidentally exposing patient data. Finally, they looked at a mistake within the Linux kernel affecting certain processes.

Are the long-timers holding Linux back? Lennart Poettering argues we are and proposes a new Microsoft-blessed way to secure Linux. Plus, our thoughts on the slow decline of mailing lists in open-source development. Special Guest: Neal Gompa.

systemd arrives on WSL, Audacity gains a huge feature, Mozilla makes (valid) excuses, a bumper KDE Korner, and more.   News Listener Michael sent Joe a LMN 3 Systemd support is now available in WSL Systemd support lands in WSL Audacity 3.2 Released with Realtime Effects, VST3 Support Mozilla calls out Microsoft, Google, Apple over... Read More

systemd arrives on WSL, Audacity gains a huge feature, Mozilla makes (valid) excuses, a bumper KDE Korner, and more.   News Listener Michael sent Joe a LMN 3 Systemd support is now available in WSL Systemd support lands in WSL Audacity 3.2 Released with Realtime Effects, VST3 Support Mozilla calls out Microsoft, Google, Apple over... Read More

Why we feel recent attacks by the Software Freedom Conservancy against Microsoft are costing the SFC serious credibility.

We were fixing servers all night, but at least we have a great story. A special guest joins us to help make a big show announcement. Special Guest: Tim Canham.

The new movement to leave GitHub, an Ubuntu bug biting 22.04 users, the hardware platform Fedora might start taking seriously, and a major desktop dev departs Red Hat.

0:00 Cold Open 2:00 We're Open Source Denizens 12:23 Ch-ch-ch-ch-changes 15:58 Mozilla Watch (feat. Brave) 33:02 OMG OOMD 48:51 Community Focus: The Postmarket OS Podcast 52:25 App Focus: Amberol 1:02:30 Next Time: Ubuntu 1:04:16 Thank you 1:05:10 Stinger Coming up in this episode 1. We'll chat on the deck 2. Watch some Mozilla 3. Drop some cookies for season 3 4. and listen to some blurry tunes Banter Steamdeck (https://store.steampowered.com/steamdeck) Announcements Changes to the show. Introducing "Community Focus" Distro history will be on even numbered episodes What do you think of TilVIDs (https://tilvids.com) Give us a sub on YouTube (https://linuxuserspace.show/youtube) You can watch us live on Twitch (https://linuxuserspace.show/twitch) the day after an episode drops. Mozilla (Browser?) Watch Total Cookie Protection (https://blog.mozilla.org/en/products/firefox/firefox-rolls-out-total-cookie-protection-by-default-to-all-users-worldwide/) Better mic support in 101 (https://www.mozilla.org/en-US/firefox/101.0/releasenotes/) Firefox 102 (https://9to5linux.com/mozilla-firefox-102-is-now-available-for-download-adds-geoclue-support-on-linux) This release will be the new ESR as the current Firefox 91 ESR goes EOL 9/20/22 De-AMP with Brave (https://brave.com/privacy-updates/18-de-amp/) More Announcements Want to have a topic covered or have some feedback? - send us an email, contact@linuxuserspace.show OMG OOMD SystemD OOMD service (https://www.freedesktop.org/software/systemd/man/systemd-oomd.html) The reddit thread that started the conversation (https://www.reddit.com/r/Ubuntu/comments/uyl4i6/ubuntu_2204s_new_oom_killing_system_is_killing/) SystemD OOMD nukes your applications (https://www.phoronix.com/scan.php?page=news_item&px=Ubuntu-systemd-oomd-Headaches) SystemD OOMD is getting fixed? (https://www.phoronix.com/scan.php?page=news_item&px=Systemd-OOMD-Ubuntu-RFC) Canonical's Nick Rosbrook has opened a PR (https://github.com/systemd/systemd/pull/23764) For reference Fedora enabled OOMD in F34 (https://www.phoronix.com/scan.php?page=news_item&px=Fedora-34-Approved-OOMD) Fedora had a couple of issues like this (https://www.reddit.com/r/Fedora/comments/mbmiz1/how_do_i_permanently_disable_systemdoomd/) and this too (https://forums.zoneminder.com/viewtopic.php?t=31419). Housekeeping Catch these and other great topics as they unfold on our Subreddit or our News channel on Discord. * Linux User Space subreddit (https://linuxuserspace.show/reddit) * Linux User Space Discord Server (https://linuxuserspace.show/discord) * Linux User Space Telegram (https://linuxuserspace.show/telegram) * Linux User Space Matrix (https://linuxuserspace.show/matrix) Community Focus PostmarketOS Podcast (https://cast.postmarketos.org/) App Focus Amberol (https://apps.gnome.org/app/io.bassi.Amberol/) Emmanuele Bassi (https://twitter.com/ebassi) https://www.bassi.io/ Next Time **We will discuss Ubuntu 22.04 LTS (http://www.ubuntu.com/) and the history. Come back in two weeks for more Linux User Space Stay tuned and interact with us on Twitter, Mastodon, Telegram, Matrix, Discord whatever. Give us your suggestions on our subreddit r/LinuxUserSpace Join the conversation. Talk to us, and give us more ideas. All the links in the show notes and on linuxuserspace.show. We would like to acknowledge our top patrons. Thank you for your support! Producer Bruno John Josh Co-Producer Johnny Contributor Advait CubicleNate Eduardo Jill and Steve LiNuXsys666 Nicholas Paul sleepyeyesvince