If you’d like to follow along with someone who “has no idea what they’re doing” to learn how to take a base Docker image made with a single line Dockerfile FROM debian:latest and convert it to something launch-able, then read on… …messing about with things like this is the only way to gain extra knowledge of any system internals. We are going to speak Docker and Linux here. What if we want to take a base Docker image, I mean really base, just an image made with a single line Dockerfile like FROM debian:latest, and convert it to something launchable on a real or virtual machine? In other words, can we create a disk image having exactly the same Linux userland a running container has and then boot from it?

read more

Instantbox spins up a temporary Linux system with instant webshell access from any browser. Great for presentations, demos at schools and user groups, testing out random ideas, and more. Distros supported include Ubuntu, CentOS, Arch Linux, Debian, Fedora, and Alpine.

read more

This write up is a mindbending and informative view of the “everything is a file” philosophy of Linux. Alison does an exceptional job of making filesystem internals feel approachable. It’s a must read for those who love to understand how things work.

read more

Talos touts: Security: reduce your attack surface by practicing the Principle of Least Privilege (PoLP) and enforcing mutual TLS (mTLS). Predictability: remove needless variables and reduce unknown factors from your environment using immutable infrastructure. Evolvability: simplify and increase your ability to easily accommodate future changes to your architecture. Hit up the README if you’re curious about the name, why there’s no shell/ssh access, or how it’s different than CoreOS/RancherOS/Linuxkit

read more

Everyone’s favorite package manager for macOS released version 2.0 with official support for Linux and Windows 10 (with Windows Subsystem Linux). Cross-platform setup scripts just got a whole lot easier.

read more

This guide is still a WIP, but if the table of contents is any indicator, it’s going to be spectacularly useful once it’s done. Bookmark/star to save for later. See also: the linux hardening checklist

read more

This is an excellent summation of the state of the world of Linux distros from a development perspective. If I were to start all over again today, I’d probably go with Arch because it speaks to a lot of my sensibilities. However, I’ve been in Debian/Ubuntu land for far too long to make any major changes now. Also, if it ain’t broke…

read more

A hypervisor that traps Linux system call and translates them into Darwin’s system calls. It can interpret ELF files so Linux binaries run without any modification.

read more

Gaming in Linux has evolved a lot in the past few years. Now, you have dozens of distros pre-optimized for gaming and gamers. We tested all of them and hand-picked the best. This is a well-done roundup, replete with features and minimum hardware requirements for each distro. 👌

read more

I did not see this coming. Linus Torvalds, writing to the Linux Kernel mailing list: I need to change some of my behavior, and I want to apologize to the people that my personal behavior hurt and possibly drove away from kernel development entirely. I am going to take time off and get some assistance on how to understand people’s emotions and respond appropriately. Introspection is hard, especially when you don’t like what you see after staring yourself in the mirror. Cheers to him for owning up to mistreating others and attempting to change. Here’s hoping he follows through. 🤞

read more

This repository contains a step-by-step guide that teaches how to create a simple operating system (OS) kernel from scratch. I call this OS Raspberry Pi OS or just RPi OS. The RPi OS source code is largely based on Linux kernel, but the OS has very limited functionality and supports only Raspberry PI 3. 6 lessons available with 5 more on the roadmap.

read more

I use the history command all the time, but I’ve never really dug in to it to see what all is possible. If you’re in a similar spot, this article by Steve Morris is a good primer. 👌

read more

Graphpath is a shining example of the Unix philosophy’s virtues. it’s just a shell script using standards tools (route, arp and ifconfig on *BSD and ip on Linux) The results? Super useful.

read more

For those coming off the heels of The Changelog #292 where we talked with Philipp Krenn about Elasticsearch, you’re gonna wanna play around with full text searching your man pages with Elasticsearch. This post covers: Setup an Elasticsearch instance locally Create an index for the data Feed the index with the man pages of the OS Create a search method for full text searching Full text search the man pages

read more

GameMode is a daemon/lib combo for Linux that allows games to request a set of optimisations be temporarily applied to the host OS. Alternative project names included Turbo Button and I Need NOS.

read more

Cockpit makes Linux discoverable, allowing sysadmins to easily perform tasks such as starting containers, storage administration, network configuration, inspecting logs and so on.

read more

Paul Miller: There are two major reasons I can think of to hack a game console. The first one is obvious: so you can play cracked copies of games. That’s why modern consoles are so difficult to hack, because millions of dollars are on the line. But some people just want to run any software they choose on the hardware they own. And for those people, Linux on the Switch is a huge achievement. This hack boasts touchscreen support, a fully operational death star web browser, and a GPU-powered demo app. Sadly, there are no details out on how you can do it yourself, but Twitter user fail0verlow has a nice video of it in action embedded in a tweet.

read more

Julia Evans: Yesterday I added Linux container support to rbspy, so that an instance of rbspy running on the host machine can profile Ruby programs running in containers… I thought it would be fun to explain what adding “container support” involves in practice! (rbspy is her sampling profiler for Ruby.) This bit is interesting, and why this post isn’t tagged with the Docker topic: We didn’t need to care about Docker or anything like that – it’s irrelevant what container runtime our containers are using, and we certainly don’t interact with Docker at all. I guess a few simple syscalls is all it takes!

read more

A simple shell script to tell if your Linux installation is vulnerable against the 3 “speculative execution” CVEs. The broad sweeping impact of these vulnerabilities is overwhelming.

read more