mastodon: @brauner@mastodon.social
Twitter: @brau_ner
github: brauner
-
Mounting into mount namespaces
-
An excursion into a mount propagation bug
-
Managing a kernel patch series with b4
-
The Seccomp Notifier - Cranking up the crazy with bpf()
-
The Seccomp Notifier - New Frontiers in Unprivileged Container Development
-
Slides for Kernel Recipes, Paris 2019: pidfd: Process file descriptors on Linux
-
Slides for Open Source Summit (OSS) North America, San Diego 2019: New Container Kernel Features
-
Linux Kernel VFSisms
-
Runtimes And the Curse of the Privileged Container
-
Video and Slides for FOSDEM, Brussels 2019: A Year of Container Kernel Work
-
Android Binderfs
-
Video and Slides for Linux Security Summit (LSS) Europe, Edinburgh 2018: Overview and Recent Developments: Namespaces and Capabilities
-
Video and Slides for OSDN, Kiev 2018: Filesystem mounts in user namespaces
-
Lenovo ThinkPad X1 6en: Enabling S3 Sleep for Linux after Firmware Update
-
Unprivileged File Capabilities
-
History Of Linux Containers By Serge Hallyn
-
Mutexes And fork()ing In Shared Libraries
-
On The Way To LXC 3.0: Moving The Cgroup Pam Module Into The LXC Tree (Including A Detour About Fully Unprivileged Containers)
-
On The Way To LXC 3.0: Splitting Out Templates And Language Bindings
-
On The Way To LXC 3.0: Removal of cgmanager And cgfs cgroup Drivers
-
LXC Lands Unified cgroup Hierarchy Support
-
Storage management in LXD 2.15
-
lxc exec vs ssh