Explore the latest developments in systemd beyond traditional service management in this DevConf.CZ 2023 conference talk. Delve into authenticated and measured boot functionalities in both the boot loader (sd-boot) and running system (PID1, new services). Learn about the infrastructure being built to bind disk decryption and service secrets to local machines and operating systems. Discover how comprehensive measurements of system state can be utilized for nuanced policy creation regarding secret access and remote attestation. Examine the improvements in Unified Kernel Images support, including new systemd tools for pre-calculating PCR values, signing policies, and binding secrets before booting into specific kernels. Gain insights into the current implementations and potential future developments in systemd's expanding capabilities.
Overview
Syllabus
What's new in systemd - DevConf.CZ 2023
Taught by
DevConf