User temporary directory
systemd-tmpfiles /tmp and other temporary directories and files are now managed by systemd and are not tmpfs. sytemd-tmpfiles gives to the user the ability to choose what they want to do with temporary directories/files. There are a ton of options that the user can choose from and everything is managed though config files (see man tmpfiles.d). Create a temporary directory in your HOME folder Using the global /tmp directory can be security issue as anyone can read this directory....
A basic CLI tool to build Ubuntu images
Genesis a CLI project written in Python. It can build Ubuntu images from scratch. The tool is named genesis (because you start from nothing). And is available as a python package: https://github.com/gjolly/genesis (it鈥檚 also packaged as a deb in a PPA. A basic example We are going to create a very minimal image of Ubuntu 23.04 (Lunar Lobster) and try to boot from it using qemu. Creating a base image First you want to start by bootstrapping a basic filesystem:...
FDE, Secureboot and unified kernel image
The flow In order to decrypt the root filesystem, the kernel uses a initial ram disk (initramfs). The initramfs provides an temporary filesystem from which extra kernel modules can be loaded, it also contains a set of scripts used to boot the system including scripts to decrypt the user鈥檚 root filesystem. This initramfs image is a file stored un-encrypted next to the kernel image. However, unlike the kernel image, it is not signed by the kernel publisher as the iniramfs is generated locally and can be modified by the user....
Boot Linux without GRUB
To boot the Linux Kernel, most distro use a bootloader and one of the most popular is GRUB. But did you know you can directly boot the Kernel without using a bootloader? DISCLAIMER: This is only for fun and learning, I do not advise anyone to do that on their main system. Be safe, use a VM. VM setup Just a quick recap of what is needed (mostely stolen from powersj鈥檚 excelent blog post)....
QEMU cheatsheet
The basics https://powersj.io/posts/ubuntu-qemu-cli/ Mount disk images It is ofter very convenient to mount a FS locally to be able to debug and/or fix a problem with a broken disk. Pre-requisite to everything: mkdir /tmp/rootfs To know the format of your disk: qemu-img info disk.img (note that qemu-img can output JSON to automate your stuff) Raw disk images losetup -f -P disk.img losetup -l | grep -v snap # to find the loop device you just created and yeah those snaps....
Firewall, Tailscale and Ubuntu
I recently enabled the Firewall on my desktop on Ubuntu. I probably did a quick lookup online to find out that sudo ufw enable was enough to enable it. I entered the command and forgot about it. $ sudo ufw enable Firewall is active and enabled on system startup Obviously, (and to be honest I was waiting for it), it didn鈥檛 take long for things to go bad. A few weeks later, while I was not at home and wanted to SSH on my machine via tailscale, I realized that I couldn鈥檛 and quickly remember about the Firewall....
The UNIX `who` command
While working on a completely different project, I started to ask myself how the who command was working under the hood. In the end, I thought it was a good topic for a blog post. Who is who Let鈥檚 start with the basics. the who command allows you to list the users currently logged on the system. For example, on my machine: $ who gauthier tty2 2020-08-30 15:06 (tty2) gauthier pts/1 2020-08-30 15:06 (tmux(1555)....