Information can be put into dmi tables via some qemu-system hosts (x86_64 and aarch64). That information is exposed in Linux under /sys/class/dmi/id and can be read with dmidecode. The names are very annoyingly inconsistent. The point of this doc is to map them.
See qemu-system-x86_64 --help for the fields that qemu will accept.
qemu smbios flags vary with qemu version.
Example qemu cmdline:
qemu-system-x86_64 -smbios type=,field=value[,...]
get-archive-info - get a tar tvf output and the .APKINFO for every file in the archive.
build-stage - throw a bunch of files and see which build. they do not depend on each other (each only builds with the wolfi repo)
I used this to help create batches of things when changing lots of files.
test-installable - its like the c-i test that checks that all packages
In order to give someone access to hosts that are available only by ssh "bouncing" (ProxyJump),
add a user for this specific purpose.
We have an internal openstack where instances get IPs on per-tenant networks. Each tenant has a 'bastion' host that has a "public" ip (floating ip). You can access other instances by bouncing through the bastion. From time to time I want to let someone else into an instance. This could be done either with:
a.) just give them shell access to the bastion and let them hop through. Sharing an unrestricted shell account on my bastion is less than ideal. b.) assign a floating/"public" IP to the instance so they could go directly in. Floating IPs are limited, so this is less than ideal.
So instead, I have set up a single user as described here that can only be used for ProxyJump. It allows others proxied access to my instances but without granting them full shell access.
A lightweight tool for executing commands over VM sockets (AF_VSOCK), providing SSH-like functionality for virtual machine communication. It supports both interactive shell sessions and non-interactive command execution, similar to SSH.
It may be useful for host->guest use cases where ssh is not needed.
Note, there is exactly zero security here.
backdoor-image can be used to easily add user with passwordless sudo access to a image or a root filesystem.
Operating on an image requires the 'mount-image-callback' tool from
cloud-utils. That can be installed on ubuntu via apt-get install -qy cloud-image-utils.
Install nerd-fonts from https://www.nerdfonts.com/font-downloads. Credit to this gist and comments there for inspiration
Edit 'myfonts' function to install more fonts.
$ ../nerd-font -h
nerd-font subcmd [options]
The installer used in MAAS is curtin
The Stable Release Updates is the process which controls new packages being accepted into Ubuntu stable releases. In order to test these packages before they are made available to all users, enable the proposed 'pocket' in ubuntu.
To affect configuration of curtin in MAAS the user currently has to
I spent some time debugging a change in melange behavior and put together a reproduce script. I wanted to save that knowledge off.
After putting together repro.sh, I was able to let git bisect tell me where the
change came in.
In this gist there is some general knowledge on how to call melange with everything in place (as of today) and how to call git bisect.