Gardenhouse
Navigation

Gardenhouse Version 2.0 Released!

After many new Gardenhouse components and improvements, we now have Gardenhouse v2.0!

This release follows about a week of daily reimplementations of various systemd components, making Gardenhouse free of all systemd components outside of systemd-udev.

New components

  • Gardenlock - A drop in for systemd-pcrextend, systemd-tpm2-setup and systemd-measure.

    This was done as part of a switch away from Ukify, to allow to pre-measure the PCRs of built UKIs and to extend PCRs during boot with various data.

  • Gardenerdb - A full drop in for systemd-userdb.

    This was done since GNOME started depending on userdb, and the dynamic users idea can be useful for some system daemons. With GardenerDB the concept of having dynamic users for services is now available outside of systemd!

  • Rootloader - A new UEFI bootloader designed to specifically support UKIs.

    This wasn’t done out of necessity, systemd-boot is a good bootloader, but I wanted to play around with making a custom bootloader, and have something thats independent of systemd.

  • Stem - The second UKI compatible kernel stub!

    Until Stem, systemd-stub was the only option for building UKIs, this was a major lock in and forced Gardenhouse to use systemd-utils to be able to use UKIs, with Stem there is no longer a hard dependency on Systemd, this not only helps out Gardenhouse, but also projects like zfsbootmenu which need a UKI compatible stub to function.

  • graft-kernel - A UKI builder which has feature parity with systemds ukify.

    This is related to Gardenlock, as ukify hardcodes the usage of systemds tpm measurment tools, I created a custom UKI builder which allows users to configure the path to the measurment tool. It also brings some niceties like allowing a split up config instead of requiring a single config file and not having any external dependencies apart from go.

  • Gardenhostd - Incomplete drop-in replacement of systemd-hostd.

    This was done to help out the guix project, at the request of Noé, as GNOME-Control-Center hard depends on hostnamed to read and set the system hostname, but doesn’t fall back to the posix gethostname()/sethostname(). It currently does only support two interfaces, but if I can be convinced to, further interfaces may be implemented.

  • Seedfiles - A new tmpfiles implementation.

    Tmpfiles is a widely used tool nowadays, there were many implemenations, but none seemed to stick around, gentoos opentmpfiles for example was prone to a TOCTOU attack due to being written in Shell and not being able to use file descriptors. Seedfiles is written in C, so it does not suffer from these issues!

    Seedfiles is also the first Gardenhouse component to be included in the official gentoo repository! Currently marked as unstable, but it’s also registered as a tmpfiles provider, so it can replace systemd-tmpfiles on every gentoo users system (if properly unmasked)!

This now brings us to a total of 12 Components! With much more to come!

Changes to gardenhouse

Gardenhouse now supports using custom kernels! As presented in a previous news post, Gardenhouse doesn’t require users to use Gentoos dist kernel anymore.

This was something I planned to fix for a while, but was reminded to do after someone asked me to do it since their system requires a custom config to properly function. Yay to more hardware compatibility!

The future

Gardenhouse is far from finished, I am very happy with how it’s already shaped up, and I am excited to be bringing more systemd exclusive features to the rest of the linux world.

As part of an effort to make Gardenhouse fully systemd free, I am planning out ways to remove systemd-udevd, navi already pointed me to projects such as mdevd and libudev-zero, and while these get us far already, they don’t work fully as drop-ins yet. I plan on adding more components that can emulate the interfaces of systemd-udev, in hopes that at some point even desktop systems can go without systemd-udev!

Another topic is mobile systems. postmarketOS recently announced Duranium, which is an immutable spin of postmarketOS, unsurprisingly, they use systemd components (a lot of which I reimplemented as part of Gardenhouse). I understand why they went that path, but I’m hoping to bring Gardenhouse to mobile as well. From a theoretical standpoint I see no reason why Gardenhouse shouldn’t work on mobile devices, but I have not had a way to test it yet. I am looking to buy a phone that is able to run mainline linux to be able to test it further (im more than open to being sponsored a phone :3), hopefully we can see mobile Gardenhouse as well at some point!