Kai Lüke

icon indicating a website link https://kailueke.gitlab.io/

icon company @kinvolk @microsoft icon location Berlin icon location Software developer (Flatcar Container Linux, GNOME Disks, and more), interested in memory safe network stacks.

Results 483 comments of Kai Lüke

Improve text on Packer

With `flatcar-reset` being available now we can make it a little bit easier for users to not shoot themselves in the foot with OS images that have been booted. But...

[RFE] Review kernel config to enable new features

Here the recommendation for `DM_VERTIY` settings: ``` CONFIG_DM_VERITY_VERIFY_ROOTHASH_SIG_SECONDARY_KEYRING CONFIG_INTEGRITY_MACHINE_KEYRING CONFIG_IMA_ARCH_POLICY ``` (The last is for IMA policy usage) I guess this should go along with a kernel update to something...

[RFE] Review kernel config to enable new features

With that done we could enroll a pub key into the keyring and use the private key for signing dm-verity systemd-sysext images. Edit: We also need a way to tell...