• Looking to replace Jekyll

    Back in May 2015, I was lured to Medium by its simplicity and growing community, which resulted in me posting a bunch of articles there and enjoying every moment of it. But, eventually, I noticed that I was losing control of my content. So a year later, my experiments to create static homepage resulted in me moving from Blogger and Medium to a Jekyll-managed site. Almost two years have passed since that migration and I can only count 7 miserable new posts. This ridiculously-low number, unfortunately, doesn’t track my willingness to write—but the friction to posting has become so high that I fear composing new essays. [Continue reading]

  • Fighting execs via sandboxfs on macOS

    Since the announcement of sandboxfs a few weeks ago, I've been stabilizing its integration with Bazel as a new sandboxing technique. As part of this work, I encountered issues when macOS was immediately killing signed binaries executed through the sandbox. Read on for the long troubleshooting process and the surprising trivial solution. [Continue reading]

  • Introducing sandboxfs

    sandboxfs is a FUSE-based file system that exposes an arbitrary view of the host’s file system under the mount point, and offers access controls that differ from those of the host. You can think of sandboxfs as an advanced version of bindfs (or mount --bind or mount_null(8) depending on your system) in which you can combine and nest directories under an arbitrary layout. [Continue reading]

  • Introducing sourcachefs

    Announcing the launch of sourcachefs, a FUSE-based persistent caching layer. [Continue reading]

  • Easy pkgsrc on macOS with pkg_comp 2.0

    This is a tutorial to guide you through the shiny new pkg_comp 2.0 on macOS using the macOS-specific self-installer. Goals: to use pkg_comp 2.0 to build a binary repository of all the packages you are interested in; to keep the repository fresh on a daily basis; and to use that repository with pkgin to maintain your macOS system up-to-date and secure. [Continue reading]

  • Keeping NetBSD up-to-date with pkg_comp 2.0

    This is a tutorial to guide you through the shiny new pkg_comp 2.0 on NetBSD. Goals: to use pkg_comp 2.0 to build a binary repository of all the packages you are interested in; to keep the repository fresh on a daily basis; and to use that repository with pkgin to maintain your NetBSD system up-to-date and secure. [Continue reading]

  • Introducing pkg_comp 2.0 (and sandboxctl 1.0)

    Announcing the launch of pkg_comp 2.0, how this differs from the 1.x series, why there was a rewrite, what sandboxctl 1.0 is, and more. [Continue reading]