SystemD is loved by some, hated by others. It offers a wide range of features, beyond that of a simple init system. And, today I want to talk about service sandboxing. Now, I know what you’re going to say, why not use containers. Containers aren’t always an option, such as trying to improve security in an existing application deployment. With SystemD, sandboxing is a relatively simple process, just a simple text file defining what capabilities, system calls, and file system paths the service can write to. You can even go further, and run the service under a dynamically generated user account. ...

Over the past 6 months, I’ve been reading C.J. Cherryh’s Foreigner series of books. In other words, I read through all 21 books, and look forward to the next one. Quick run down on the series…. A human colony ship has a navigational error, and ends up losing track of where home is. Colonists after some disagreement with their administration, descend upon an inhabitated alien world. Not suprisingly, war breaks out, and the humans lose the war. A treaty is signed, granting humans safe haven on the planet, in exchange for the transfer of their knowledge and technology. The natives create an office to be occupied by a single human, whose role is the translation and negotiation of technology transfer. After 200 years, that role is assigned to Bren Cameron. ...

It’s been a year since I made the switch. I mean, switching from a metric adventure bike to a Harley-Davidson. It’s quite the switch, so how did I get here? For several years I owned a Suzuki V-Strom 650. I rode the bike all over the place, visiting several states, and even Canada. I rode from sunny coastlines, to snowy mountain passes. But, after several years, I felt the need for more power, and a bit of change. For one thing, I wanted something a bit lower to the ground, a bit more relaxing for those times stuck in traffic. ...

There are many ways to enjoy classic console and computer video games. For most, that is done with software emulation, or in some casesl vintage hardware. A somewhat recent trend is the use of FPGA to build a kind of hardware implementation of those classic systems. If it isn’t obvious from the title, this post is about the MiSTer project. So, what is MiSTer? It’s an open source FPGA implementation of several classic computer, console, and arcade systems. It’s built around a commercially available FPGA development board, which open source hardware addons for things like analog controllers, USB, audio, etc. ...

It’s been 6 months since I purchased my ThinkPad X395, and I felt it was time to make an update on the experience. Specs: AMD Ryzen 5 Pro 3500U 8GB DDR4 256GB NVME 1920x1080 IPS (non-touch) Intel 9260 Wireless Fingerprint Reader I’ve been running Fedora on the laptop since the day I received it. Initially the fingerprint reader didn’t work with Linux. However, after a few months the Linux fingerprint library gained support for the reader (with the help of Lenovo and Synaptics). Overall the experience has been quite good. ...

OK, so not really joyful. I’ve got an HP Proliant ML10 V2 as my home VM host. Recently I redid the system, and reset the BIOS. While setting things up, I noticed it was unusually slow. The only changes from the previous setup was OS (it’s now running Windows Server 2019 Standard, had been running OpenBSD 6.7), and the BIOS being reset. OK, so that’s a lot of changes. Ran through the basics. Checked CPU usage, it was nice and low. Checked the drives to make sure they weren’t failing, S.M.A.R.T. said all is well. Made sure drivers were all up to date, along with firmware. Then, I went back to having Performance Monitor and Task Manager open while doing basic administrative tasks, and noticed it… the CPU clock speed was reported as 0.11 GHz, and wasn’t fluctuating at all. Checked Windows power management profiles, and they were set correctly. Went into iLO, and checked power management, and saw it was set to “Dynamic Power Saving”. Switched it to “OS”, and rebooted…. ...

Recently found myself wanting to “relearn” C++. And, with that I needed the ability store data. Instead of tying myself to a particular storage format, or database engine, I opted to use ODBC. After reviewing several options for ODBC abstractions, I ended up selecting OTL (ODBC Template Library). From tools standpoint, I’m using Emacs + Eglot + clangd. To keep my code looking “consistent”, I’m using clang-format. With all development working being done under Linux, currently Fedora.