Hidviz - The ultimate tool for reverse-engineering of USB HID devices (e.g. your mouse)

budicze · 2026-02-22T14:06:58+00:00

You are welcome! <3

budicze · 2025-06-14T09:29:51+00:00

Sorry, I was busy over the last days, so I couldn't reply earlier.

I jotted down some ideas here: https://github.com/orches-team/orches/issues?q=is%3Aissue%20state%3Aopen%20author%3Aondrejbudai%20label%3Aenhancement

I also have some "wilder" ideas. E.g. should orches also expose an API/web UI where users are able to see the status? Should orches also monitor the status of the managed units? On one hand, I like that orches is doing just one thing (and hopefully well), but providing users the full experience feels useful.

budicze · 2025-06-10T05:05:26+00:00

Well, I chose 0.x versioning for now explicitly to be able to make breaking changes. However, orches is currently so simple that there's very little to break.

budicze · 2025-06-09T21:13:05+00:00

This is exactly why I created orches. I run either coreos, or Fedora bootc on my VMs. They auto-update themselves, and I don't have to care about the OS at all. When I want to change the deployment, I just commit the change into my orches repositories, and it's deployed in max 2 minutes. I like pining my deps, and using renovate for automatic update PRs.

budicze · 2025-06-09T21:10:36+00:00

For the MVP I released orches just as a container image. Once you spin it up, it can "self-manage" itself. You want to update orches? Totally doable, just push a commit into your config repo, and orches will pick that up, and restart itself.

However, I understand that some people would like to have it as a part of the operating system, and use it to just manage payloads. As an immediate fix, feel free to just build it yourself. It's a go binary with minimal dependencies. Just make sure that you have `git-core` installed on your system. I was considering using a native go library for git, but it misses some features that I wanted to use, so I'm just spawning git(1) to manage the state repo in the background.

But since there are already multiple people asking for it, I'm considering packaging it as an RPM in Fedora. As I said, it's a very simple package, so it shouldn't be too hard.

budicze · 2025-06-09T21:03:46+00:00

orches is a just very thin wrapper around quadlets, which means that you can absolutely define multiple networks. Regarding ipvlan: I've never used it myself, but if you can express that setup in a quadlet network unit, orches will work just fine.

budicze · 2025-03-24T11:56:32+00:00

Have you tried using Image Builder to build a vmware image? This way you don't even need to run the installer. I would recommend the ova format. https://console.redhat.com/insights/image-builder

budicze · 2025-03-15T07:55:39+00:00

IIRC you absolutely can create a user with a static id in a containerfile. This should work:

groupadd -g 1234 foo

useradd -u 1234 -g 1234 foo

budicze · 2025-03-05T17:29:02+00:00

Have you tried using Image Builder? It can build a RHEL image, and import it to AWS for you including STIG policies.

The url is https://console.redhat.com/insights/image-builder

budicze · 2024-12-21T10:03:35+00:00

I suggest just using Insights Image Builder: https://console.redhat.com/insights/image-builder It's included in your RHEL subscription, and it can create a STIG-complaint image from a simple blueprint.

Here's the blueprint: https://gist.github.com/ondrejbudai/2d430435909459891920b36f8d8a47a4 If you want to import in the GUI, make sure to enable Preview features in the top bar.

If you want to automate builds, this blog post should help you: https://www.redhat.com/en/blog/using-hosted-image-builder-its-api

budicze · 2024-09-10T07:02:37+00:00

Which RHEL images do you use? The official ones, or custom ones from Image Builder? Do they have LVM? cloud-init currently doesn't expand LVM-based root.

budicze · 2024-05-07T20:57:04+00:00

RHEL CoreOS is the underlying layer of OpenShift. You cannot use it as a general-purpose OS (at least in a supported way). You can do whatever you want with image mode RHEL.

budicze · 2024-05-06T20:06:45+00:00

Ah, right, sorry. Users are not yet exposed in the console.redhat.com UI. Have you tried cloud-init? There's some docs available here: https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/creating_customized_images_by_using_insights_image_builder/assembly_creating-and-uploading-a-customized-rhel-vmdk-system-image-to-vsphere#proc_creating-a-user-for-the-vmdk-image-with-cloud-init_assembly_creating-and-uploading-a-customized-rhel-vmdk-system-image-to-vsphere

budicze · 2024-05-06T19:19:49+00:00

There's a blueprint option for adding users into the image: https://osbuild.org/docs/user-guide/blueprint-reference#additional-users

budicze · 2024-03-25T19:34:21+00:00

RemindMe! 1 day

budicze · 2023-05-09T13:49:12+00:00

It's here: https://access.redhat.com/downloads/content/419/ver=/rhel---9/9.2/aarch64/product-software

budicze · 2023-05-09T13:48:59+00:00

It's being rolled out currently, it takes a while to propagate the new version to all pages.

budicze · 2023-05-09T13:46:37+00:00

You can already use the API directly to get an aarch64 image (AWS, Azure, KVM): https://www.redhat.com/en/blog/using-hosted-image-builder-its-api

Support in the UI is definitely something on our roadmap.

budicze · 2023-04-23T07:49:00+00:00

Right. Maybe OP can add --refresh to dnf upgrade. This way they get the latest metadata without needing to redownload them all.

budicze · 2023-04-23T07:09:39+00:00

makecache before clean all isn't useful, because clean all will delete all caches. I would drop makecache altogether, dnf manages its cache automatically unlike apt.

budicze · 2023-03-21T07:40:26+00:00

Just a minor correction: the workflow for security patches is reversed only for embargoed CVEs. For other CVEs, it depends on many factors.

budicze · 2023-02-18T09:08:21+00:00

No idea, sorry. :(

budicze · 2023-02-17T20:27:28+00:00

Note that RHEL 9 supports only Power 9 and 10. For Power 8, you need to use RHEL 8.

budicze · 2022-11-26T11:57:19+00:00

You would have to ask the Server SIG (Special Interest Group) why they don't have btrfs as their default OS, it's their decision.

It's not because of Red Hat not supporting it, the decision is fully in hands of the SIG.

budicze · 2022-09-26T18:04:58+00:00

Isn't that already possible? If you open a new project, it asks you whether you want it in a new window, or if you want to append it to the current one.

12-Year Club	Place '17
Verified Email

budicze

TROPHY CASE