Andres Beltran
I am a Software Engineer with 5 years of experience working with Linux systems for Microsoft Azure Boost. I have had contributions to the Yocto project, gRPC, and systemd, adding features for buildhistory, socket activation, DHCP, and quota support. I graduated from Case Western Reserve University and am currently pursuing a Masters degree in Systems by the Georgia Institute of Technology, USA. Based in Seattle, WA.
Session
The storage directory settings in systemd help define where services store their data. Two important features have been implemented for these directories. The first one is id-mapped mounts, which is a filesystem feature that allows a mount namespace to show a different UID than what is stored on a file. Storage directories now support id-mapping, so that the files within the mount namespace of a service defined with DynamicUser=yes are owned by its unprivileged UID/GID. The second feature is storage quota support. Storage limits can now be defined in terms of percentages or absolute values to enforce quotas on the consumption of State, Cache, and Logs directories. These features enhance the security and resource management of systemd services.