Julien

Example fail https://github.com/juju4/ansible-kunai/actions/runs/13229350703/job/36924319727#step:11:39 ``` Feb 09 20:30:29 fv-az1340-745 systemd[1]: Starting 00-kunai.service - Kunai Service... Feb 09 20:30:29 fv-az1340-745 systemd[1]: Started 00-kunai.service - Kunai Service. Feb 09 20:30:29 fv-az1340-745 kunai[3655]: thread...

added some extra check in current ci I confirm than harden mode install fails https://github.com/juju4/ansible-kunai/actions/runs/13619056283/job/38065917415#step:6:654 strangely the kernel config file has "CONFIG_BPF_LSM=y" https://github.com/juju4/ansible-kunai/actions/runs/13619056283/job/38065917415#step:12:30 bpftool output https://github.com/juju4/ansible-kunai/actions/runs/13619444475/job/38066794037#step:14:33 For github action, it...

Confirming no bpf in boot command line for github runner https://github.com/juju4/ansible-kunai/actions/runs/13742228038/job/38432788462#step:12:49 what's strange imho is I still have data https://github.com/juju4/ansible-kunai/actions/runs/13742228038/job/38432788462#step:19:20 just that kunai does not run anymore if systemd hardening...

> OK, if I understand correctly in here this test you are configuring the service with https://github.com/juju4/ansible-kunai/blob/main/templates/systemd-override-kunai.service.j2 ? Is this correct ? I see that you apply a lot of...

Found pending PR from Feb https://github.com/google/oss-fuzz/pull/13018

I did some testing and my working setup as far as I can tell is https://github.com/juju4/ansible-ripe-atlas-swprobe/blob/main/templates/systemd-override-ripe-atlas.conf.j2 I did not manage to find out why any SystemCallFilter, ProtectKernel*, ProtectHostname, ProtectClock and...

another past issue related https://github.com/RIPE-NCC/ripe-atlas-software-probe/issues/44