From the mailing list I'm reading that kernel maintainers have heard a few companies looking for something like this, so yes?
Edit:
However, to be clear, the Hornet LSM proposed here seems very reasonable to me and I would have no conceptual objections to merging it upstream. Based on off-list discussions I believe there is a lot of demand for something like this, and I believe many people will be happy to have BPF signature verification in-tree.
Preventing kernel modifications to expand upon the work done for kernel lockdown. Add additional layers to system security.
Kernel_lockdown:
prevent both direct and indirect access to a running kernel image, attempting to protect against unauthorized modification of the kernel image and to prevent access to security and cryptographic data located in kernel memory, [...]
Windows Subsystem for Android
Killed 18 days ago, Windows Subsystem for Android was a feature of Windows 11 which allows users to install and run Android apps. It was about 3 years old
Ah, so that's what happened to it.
Edit:
Microsoft partnered with Amazon, but without official access to Google’s Play Store [...]. That’s probably a big part of the reason Microsoft has chosen to simply kill off its Android apps on Windows 11.
Another way would be to create a small derivation that copies the default tor derivation, overwrites the etc folder and then use that as your system Tor. (See runCommand)
environment.systemPackages =
let
my-custom-tor = pkgs.runCommand "my-custom-tor" {} ''
mkdir $out
cp -r ${pkgs.tor}/* $out/
chmod -R 755 $out
echo "config" > $out/etc/tor/torrc
''
in
[
...
my-custom-tor
...
]
Rust/linux^Rust^
As far as I can see you don't define any way to start Tor in nix but that is how nix normally passes along the tor config.
ExecStart=/nix/store/<hash1>-tor-0.4.8.14/bin/tor -f /nix/store/<hash2>-torrc
ExecStart=${pkgs.tor}/bin/tor -f ${localTorrcDefinition}
You could define a file in etc that is your torrc, then point your service manager to use that as the -f argument for Tor.
Another way would be to create a small derivation that copies the default tor derivation, overwrites the etc folder and then use that as your system Tor. (See runCommand)
Straight to jail.
What a terrible day to have eyes.
Nice, now your computer is mining crypto for someone else and part of a botnet.
Ftfy
Firsts look at what volumes are, then look at the Volume= quadlet option and remember that any data not part of a volume is going to be deleted.
Once you set up a volume you can just copy data inside of it from the host using the path you specified in the Volume and access it inside the container using the target path you specified in the volume.
If you only want to copy something once then you can use podman cp (though you will still need volumes if your container has any persistent data!)
You triggered the independent thought alarm
How many Beans does it take to turn on a lamp?