Thomas Leonard
Thomas Leonard
Some possible improvements to the client API (for discussion): - Add 'fast-forward-only' commit mode, that fails if there have been any changes on the branch since the transaction started. The...
On: ``` root@ucp:~# uname -a Linux ucp 4.3.0-0.bpo.1-amd64 #1 SMP Debian 4.3.5-1~bpo8+1 (2016-02-23) x86_64 GNU/Linux ``` Moby build under Datakit failed, with dmesg reporting: ``` [259075.913336] ------------[ cut here ]------------...
Moby (Linux 4.1.18) requires an EOF to push data to the application, with two EOFs in a row meaning a real end-of-file. Perhaps older versions treat a single EOF as...
From https://github.com/mirage/qubes-mirage-firewall/pull/116#issuecomment-716625681: > I've switched the base image in the Dockerfile from Alpine to Fedora, and it seems to be working now. It would be a good idea to investigate...
In Qubes 3, AppVMs were configured to send DNS traffic to the firewall, which redirected it to sys-net. In Qubes 4 it looks like AppVMs are configured to use `10.139.1.{1,2}`...
The mirage-firewall distribution includes dummy `modules.img` and `initramfs` files. These were needed on Qubes 3 for it to accept something as a kernel. On Qubes 4 (according to https://www.qubes-os.org/doc/managing-vm-kernel/): >...
Qubes 3 required us to connect to the GUI daemon in dom0 before it would consider the firewall to have started. Qubes 4 no longer requires this (see `man qvm-features`)....
Currently, we don't checksum incoming packets and we calculate the full checksum when doing NAT. This means: 1) We may fail to detect invalid incoming packets (although hopefully NetVM will...
When I sync my CueKeeper stores (by exporting and importing slices), it only works if all the commits have the email address "[email protected]". It seems that irmin-git replaces all email...
`key.pem` is just a symlink to `/run/secrets/key.pem`, as I don't want to commit it to my repository (it will be provided by Docker at runtime). But then `dune subst` fails:...