Linux Namespaces from Scratch
Containers are just namespaces and cgroups in a trench coat. Build one yourself with unshare and nsenter — no Docker required. Here's what actually happens.
All the articles with the tag "kernel".
Containers are just namespaces and cgroups in a trench coat. Build one yourself with unshare and nsenter — no Docker required. Here's what actually happens.
Find your Linux distro version, kernel version, and architecture with uname, lsb_release, /etc/os-release, and hostnamectl.
Running new hardware on Ubuntu LTS? The HWE kernel backports newer kernel and graphics support. Here's how to switch from generic to HWE safely.
ulimit and cgroups v2: set per-process CPU, memory, and file limits, use systemd slice controls, and keep one runaway service from killing your server.
CVE-2026-31431 (copy.fail) lets any local user become root on virtually every Linux system since 2017. Here's what it is, why it matters, and how to fix it.
Old kernels pile up in /boot and eat disk space — safely remove unused kernels on Ubuntu and Debian with apt and dpkg.
Linux suspend vs hibernate explained: sleep states, swap setup, initramfs resume hook, wake-on-LAN, lid close behavior, and fixing common hibernate failures on modern Linux systems.
Learn which sysctl parameters actually improve Linux server performance. Network tuning, memory management, and a ready-to-use sysctl.conf for Docker hosts.
Apply Linux kernel security patches without rebooting using kpatch and Canonical Livepatch. Keep servers secure and online simultaneously — here's the practical setup guide.
Tmpfs vs ramfs on Linux: mount RAM-backed filesystems for blazing-fast temp storage. Covers fstab, Docker tmpfs mounts, CI/CD use cases, and the key differences.
Linux entropy explained: /dev/random vs /dev/urandom, entropy pools, haveged, virtio-rng, and hardware RNG. Fix low entropy on VMs and containers for safe crypto key generation.
Learn Linux capabilities to drop root privileges without breaking your apps. Master cap_drop, cap_add in Docker, and setcap for fine-grained privilege control.