Levitating

@jpkolsen wow

"again" seems to imply that wasn't even the first roast of the broadcast lol

@bisonrimant you've built an army!

@pid_eins

https://github.com/systemd/systemd/issues/41546

https://github.com/systemd/systemd/issues/41544

@pid_eins I can't seem to be able to combine --private-users=managed with --bind-user. I get "Failed to clone /home/rein: Operation not permitted", and some overlayfs errors from the kernel.

Furthermore I can't seem to get /run/user/1000 to bind with idmap, which is why I was hoping to identity map the users in the first place.

@pid_eins I have been experimenting with this to see if I can recreate fedora's toolbx using nspawn.

One hurdle I came across is that mstack containers are limited to managed or no user namespacing.

Is this a hard limitation, or something that may be lifted in a future release?

https://github.com/systemd/systemd/blob/fb4bfe651b7dda85b0545d340eac21c7988fe383/src/nspawn/nspawn.c#L6612-L6613

@dpk When you set up an authentication source in Forgejo, there's a "tips" section that lists documentation for various OAuth2 sources.

That lists currently says "Gitea" with a link to the Forgejo OAuth2 docs. And although those docs do include information on configuring Codeberg as a provider, it might not be obvious to people.

@pid_eins This has been a great update. Love the support for varlink APIs and systemd-nspawn.

I am curious who will integrate the bootctl varlink API into their installer first. My guess would be GnomeOS, they've been doing a great job utilizing new systemd APIs.