Posts

📦 That new package smell We’ve all been there: you see a shiny new app on GitHub and you want to “unwrap” it immediately. But in the traditional Linux world, opening a package often feels like opening a box of glitter in your living room—before you know it, dependencies are scattered everywhere, and you’re still finding weird library versions in /usr/lib three months later. This is why I’ve started reaching for the Flatpak. It’s like an unboxing experience where the box stays a box. You get all the “goodies” inside, but the mess stays contained. Let’s see what happens when we tear off the shrink-wrap. ...

👋 Intro If you have ever spent time hardening Linux applications, you probably know the frustration of the all-or-nothing permission model. In the standard Linux environment, once a process starts running, it usually has far more filesystem access than it actually needs. While we have tools like seccomp, chroot, or heavy-duty modules like SELinux and AppArmor, they often feel too complex for simple, application-level sandboxing. Landlock changes this. Since its merge into the Linux kernel in version 5.13, it has become a game-changer for developers. It allows a process to restrict itself without requiring root privileges, moving security away from global system policies and directly into your application code. ...

🧂 Salt without the sudo Follow-up from the previous post, today we are going to put our systemd-managed containers to work and use them for some useful tasks. The idea is to set up an environment to learn how the configuration management Salt works, and play/hack around with it, without even needing root or sudo rights. After all, in the infra-world, the Salt must flow! So we will setup two containers, one as a salt server and the other as a salt “minion” (representing the machine that will be configured via salt). ...

Intro Yesterday, February 21st, I had the pleasure of attending Zig Day Milan 2026, a fantastic event dedicated to the Zig programming language. It was a full day of learning, coding, and meeting great people in the beautiful city of Seregno(Milan) ⚡ What is Zig? For those who might not know, Zig is a general-purpose programming language and toolchain for maintaining robust, optimal, and reusable software. It’s often seen as a modern successor to C, but it brings so much more to the table. ...