Andres is a Software Engineer with 5 years of experience working with Linux systems for Microsoft Azure Boost. He has contributed to Open-Source systems including the Yocto project, gRPC, and systemd, adding features for buildhistory, socket activation, DHCP, and quota support. He graduated from Case Western Reserve University and is currently pursuing a Master's degree in Systems by the Georgia Institute of Technology, USA. Andres is based in Seattle, WA.

Presentations

23x

Modernizing local storage management for systemd services

The storage directory settings in systemd help define where services store their data. Two important features have been implemented for these directories. The first one is id-mapped mounts, which is a filesystem feature that allows a mount namespace to show a different UID than what is stored on a file. Storage directories now support id-mapping, so that the files within the mount namespace of a service defined with DynamicUser=yes are owned by its unprivileged UID/GID. The second feature is storage quota support. Storage limits can now be defined in terms of percentages or absolute values to enforce quotas on the consumption of State, Cache, and Logs directories. These features enhance the security and resource management of systemd services.

See Presentation