Aleksa Sarai πŸ•΄πŸ₯› is a user on mastodon.social. You can follow them or interact with them if you have an account anywhere in the fediverse. If you don't, you can sign up here.

Aleksa Sarai πŸ•΄πŸ₯› @cyphar@mastodon.social

Salt, pepper. Olive oil. Knob of butter. Get some colour on there. In the oven, 4 minutes. Herb crusted rack of lamb, done. @gordonramsay

Fuck devicemapper. Fuck MS_REC|MS_PRIVATE. Fuck bind mounts. Fuck it all.

Is there any plans to reimplement libvpx so that it's actually performant and multi-threaded? h264 is much faster.

Does anyone know of research into heuristically detecting compression bombs, using something like entropy profiles or compression ratios?

I *know* you're an exploit goddammit! Why is it not working inside a container? It works under unshare...

0.3.0 released with OCI v1.0 support. Exciting times. 0.1.23 also has come out with support for v1.0 as well. github.com/openSUSE/umoci/rele

Really what would be nice is a way to take a Cargo.toml and use it with RPM macros...

Unfortunately Rust still is hard to package in distributions. While we do have solutions for nodejs and ruby, nobody likes those hacks. I'm hoping it can be improved in the future.

I really want to rewrite everything in Rust at the moment. Container runtimes really should switch away from Go, it's caused nothing but issues in my experience.

🐳K🐳I🐳L🐳L🐳M🐳E🐳N🐳O🐳W🐳

I published a short blog post about how 's integration test coverage profiles are generated and collated. cyphar.com/blog/post/golang-in

0.2.1 released. It supports v1.0.0-rc5 of the runtime-spec and I've streamlined releases. github.com/openSUSE/umoci/rele

openSUSE 0.2.0 released. Lots of refactoring and cleanup in preparation for OCI merging of libraries. github.com/openSUSE/umoci/rele

theregister.co.uk/2017/04/06/m
"Engineers, with permission from Microsoft’s privacy governance team, can obtain users' documents that trigger crashes in applications, so they can work out what's going wrong. The techies can also run diagnostic tools remotely on the computers, again with permission from their overseers."
Jesus fucking christ

I made a website to track the progress of rootless containers so that new people can pitch in more effectively, as well as to serve as some basic documentation on rootless containers. rootlesscontaine.rs/

Why did I know that buying an .rs domain was going to be a really bad idea...

Toot me things you would like to see in a new FOSS build server software. Boost if you have tech followers please.

My enthusiasm for contributing to mastodon is seriously reduced by the commentary from randoms in the GitHub threads

Check out my SUSE Hackweek project: github.com/cyphar/orca. It allows you to build OCI images from a Dockerfile, using entirely OCI standardised tools. And it's going to support rootless containers soon. :wink: