Blog Atom Feed

Inside these pages you will find a collection of my personal ramblings (including security disclosures, my thoughts on various topics, and anything else that I feel like writing about). All of the opinions stated here are solely my own, and are released under the Creative Commons BY-SA 4.0 license.

Generating Coverage Profiles for Golang Integration Tests Aleksa Sarai, 12 April 2017.

While Go's system for unit tests is very seamless and full-featured, allowing for coverage reports to be generated as well as various other cool features, the integration testing story is far less full-featured. In particular, most projects don't use go test for integration tests and thus don't have a full picture of how their entire test suite stands in terms of code coverage.

free software golang testing


umoci: a New Tool for OCI Images Aleksa Sarai, 29 November 2016.

Very recently, I've been working on implementing the required tooling for creating and modifying Open Container Initiative images without needing any external components. The tool I've written is called umoci and is probably one of the more exciting things I've worked on in the past couple of months. In particular, the applications of umoci when it comes to SUSE tooling like the Open Build Service or KIWI is what really makes it exciting.

containers free software kiwi oci suse


Adventures into ptrace(2) Hell Aleksa Sarai, 03 July 2016.

As part of my work on rootless containers, I found that many tools try to drop privileges. This makes those tools break inside rootless containers, so I spent a week or two working on a tool that allows users to shim out all of the "drop privileges" syscalls. Here is documented the pain that I went through while figuring out how ptrace(2) is meant to work.

containers free software rant runc suse


Rootless Containers with runC Aleksa Sarai, 27 June 2016.

There has been a lot of work within the runC community recently to get proper "rootless containers". I've been working on this for a couple of months now, and it looks like it's ready. This will be the topic of my talk at ContainerCon Japan 2016.

containers free software runc suse


Debugging why ping was Broken in Docker Images Aleksa Sarai, 04 March 2016.

All complicated bugs start with the simplest of observations. I recently was assigned a bug on our openSUSE Docker images complaining that ping didn't work. After a couple of days of debugging, I was taken into a deep and dark world where ancient Unix concepts, esoteric filesystem features and new kernel privilege models culminate to produce this bug. Strap yourself in, this is going to be a fun ride.

bugs docker free software kernel kiwi suse


Dockerinit and Dead Code Aleksa Sarai, 21 January 2016.

After running into insane amounts of very weird issues with gccgo with Docker, some of which were actual compiler bugs, someone on my team at SUSE asked the very pertinent question "just exactly what is dockerinit, and why are we packaging it?". I've since written a patch to remove it, but I thought I'd take the time to talk about dockerinit and more generally dead code (or more importantly, code that won't die).

docker free software programming suse


Docker Internals and Implementing Rebase Aleksa Sarai, 12 December 2015.

SUSE's semi-annual Hackweek was last week and I decided to work on implementing docker rebase, mainly to learn about the internal image format of Docker and see whether it was possible to improve how the updating of Docker images works in practice (either rebuilding or zypper-docker).

docker free software hackweek suse


Licenses, licenses, licenses Aleksa Sarai, 07 December 2015.

There are many different types of works, and it can often be difficult to decide what license you should use (assuming that you intend to release it so that others may benefit). It's important to remember that not only software requires free licenses, other works do too. There are lots of opinions on this topic, and I'm just adding mine to the fire.

free software licensing


Android Compilation Headaches Aleksa Sarai, 28 November 2015.

I've spent the last week of my life trying to build TWRP, which requires having a full, and working Android build environment. With the emphasis on working, I've had just about enough of the stupidity of the Android build system. Every guide is incomplete or out of date, the build system is broken in every possible way and nobody can explain what is going on. Here's my experience with trying to build Android and hopefully will help somebody realise the futility of trying to build a project with such a complicated build system.

android free software rant


Proprietary Software Poisons Science Aleksa Sarai, 13 November 2015.

As a result of my recent research project (and the one I plan to do next year), I've developed some strong views on how code should be licensed if it is used to prove a result in a journal paper. While papers might explain what their code is doing, it is detrimental to peer review for code used by papers to remain proprietary and restrict the freedoms of other researchers to verify the results of a paper.

free software licensing peer review programming research science