Chaos Computer Club - recent events feed

## OpenStreetMap Sound Demo _by Taro Matsuzawa (@smellman)_ ## ArcGIS Living Atlas of the World: Open Data Content _by Deniz Karagulle_ Creative Commons Attribution 3.0 Unported https://creativecommons.org/licenses/by/3.0/ about this event: https://2025.stateofthemap.org/sessions/P3FWCW/

This talk examines the dynamics of collective intelligence in humanitarian mapping projects coordinated through the HOT Tasking Manager, using a dataset of 746 projects and 312,289 tasks to evaluate participation, collaboration, and evidence of intelligent group behavior. Humanitarian mapping projects coordinated through the Humanitarian OpenStreetMap Team Tasking Manager (HOT-TM) represent a paradigmatic case of large-scale digital collaboration. Yet, while their practical utility in disaster response and preparedness is increasingly evident, the underlying collective dynamics that allow these efforts to function effectively remain under-explored. This talk builds on our recent article published in ACM Transactions on Computer-Human Interaction (TOCHI) [1] that presents a comprehensive analysis of HOT-TM projects through the lens of collective intelligence. Collective Intelligence is defined as “groups of individuals acting collectively in ways that seem intelligent [2].” Following this definition, we structured our analysis around three guiding research questions: (RQ1) What characterizes the group of individuals collaborating in HOT-TM mapping projects?, (RQ2) How is collective action organized within these projects?, and (RQ3) What evidence of intelligent action can be identified in this setting? To answer these questions, we constructed and analyzed a dataset encompassing 746 HOT-TM projects executed between December 2021 and November 2023. The dataset includes 312,289 mapping tasks performed by 38,893 contributors, as well as detailed records of over 1.8 million task states. Additionally, we incorporated spatial information on the area of mapped buildings using data extracted from the OpenStreetMap database. Our analysis proceeds in three stages. First, we profile the mapping community. Results show that the vast majority of contributors are beginners, who typically participate in a single project. However, a small group of highly experienced mappers—classified by HOT-TM as "advanced"—contribute to dozens of projects and assume more complex tasks. Notably, only 29% of contributors declare their country, but among those who do, the majority are based outside the regions affected by the mapping projects (see Figure 1). This reinforces existing concerns about the limited presence of local knowledge in humanitarian Volunteered Geographic Information (VGI) initiatives [3]. Second, we investigate the organization of collective action using process mining techniques applied to task state logs. Most mapping tasks follow a simple trajectory: a task is mapped and then validated without being split or invalidated (see Figure 2). However, tasks that involve higher complexity or suffer errors require more contributors and longer processing times. Roles within the mapping system are clearly stratified: while beginners dominate mapping in simpler projects, advanced mappers take the lead in complex cases and are responsible for nearly all validations. Despite the potential for collaboration in the mapping phase—through the sequential editing of tasks—true interdependence among contributors is limited. Most tasks are executed by a single mapper, and where collaboration occurs, it is often sequential and uncoordinated. This suggests that HOT-TM's microtasking design promotes a form of "collection" rather than "collaboration" [4]. Third, we assess the presence of intelligent group behavior by analyzing task validation outcomes through logistic regression. We find that advanced contributors are significantly more likely to produce validated outputs, especially when working alone. However, involving multiple contributors in a task—especially when they are less experienced—decreases the probability of successful validation. Furthermore, tasks with larger building areas or those requiring extensive validation times are less likely to be validated, suggesting that complexity and ambiguity remain major challenges. These findings highlight a paradox at the heart of humanitarian mapping: although the system succeeds in rapidly mobilizing volunteers to produce useful geographic data, its collective intelligence is unevenly distributed and relies heavily on a small core of experienced contributors. The wisdom of the crowd is therefore not uniformly distributed; rather, it is the wisdom of a few that sustains the productivity and reliability of the system. Moreover, the absence of strong collaborative mechanisms and the limited engagement of local mappers constrain the potential for adaptive and context-aware mapping. We conclude by reflecting on possible design improvements for platforms like HOT-TM. These include: (1) enhancing onboarding and mentorship to accelerate the transition from beginner to advanced contributor; (2) incentivizing meaningful collaboration beyond sequential task handovers; and (3) integrating local knowledge more effectively by prioritizing and rewarding contributions from

Humanitarian OpenStreetMap Team proposed the fAIr project (https://fair.hotosm.org/) - an open-source AI-assisted mapping tool. This study describes our user testing organized to compare AI-assisted mapping of buildings in the fAIr tool and classic manual mapping of buildings in the JOSM editor without AI assistance. 26 participants took part in the experiment. Efficiency (number of buildings mapped per minute), effectiveness (proportion of buildings mapped correctly), and satisfaction (feedback from participants) were analyzed. Introduction Humanitarian organizations need maps for their activities. However, there is a lack of quality maps in many countries. The Humanitarian OpenStreetMap Team (HOT) is coordinating a global effort for humanitarian mapping, where volunteers create maps of remote locations. They use satellite imagery to search for roads and buildings and draw them into the OpenStreetMap. Despite all the efforts of volunteers, many regions remain insufficiently mapped (Herfort et al., 2021). Artificial intelligence (AI) is already used to analyze satellite imagery. There is thus an opportunity to use AI for humanitarian mapping as well. HOT proposed the fAIr project (https://fair.hotosm.org/) – an open-source AI-assisted mapping tool (HOT, 2025). In a presentation from SOTM 2024, Anna Zanchetta (Zanchetta, 2024) analyzed the performance of fAIr in detecting buildings in different conditions. Our group, located in the Department of Geography, Faculty of Science, Masaryk University, Czechia, is part of the humanitarian mapping community Missing Maps Czechia and Slovakia. We were in contact with the fAIr developers from HOT – Omran Najjar, Kshitij Sharma, and Anna Zanchetta. They asked us if we could organize user testing of the first version of fAIr. The goal was to compare AI-assisted mapping buildings with the fAIr tool and classic manual mapping buildings without AI assistance. The popular JOSM editor, which offers experienced tools for manual building mapping, was used for comparison. Methodology The experiment took place in an online environment during November 2024. The experiment took place in four different sessions, so each participant could choose the day and time that suited them best. Training datasets were prepared for 24 different localities around the globe. 26 participants took part in the experiment – 14 beginners and 12 experienced contributors. The participants were divided into groups A and B, so there were similar numbers of experienced contributors and beginners in both groups. Each participant was assigned one location for mapping in fAIr and one location for mapping in JOSM. Each session was structured as follows: -An explanation of the rules for correctly and incorrectly mapped buildings. -45 minutes: group A mapped in fAIr, group B mapped in JOSM -5 minutes: break -45 minutes: group B mapped in fAIr, group A mapped in JOSM -Participants filled in the feedback questionnaire. Validators evaluated the mapped buildings, and the results were analyzed. Efficiency (number of buildings mapped per minute), effectiveness (proportion of buildings mapped correctly), and satisfaction (feedback from participants) were analyzed. Results Mapping in JOSM (86.08 %) was significantly more accurate than the fAIr tool (78.22 %). Mapping in JOSM (4.23 buildings/min) was significantly faster compared to the fAIr tool (1.97 buildings/min). Results of experienced users and beginners were also compared. Beginners mapped faster in JOSM (2.89 buildings/min) than in fAIr (2.08 buildings/min), but the mapping quality was almost the same in JOSM (79.28 %) and fAIr (80.41 %). Experienced contributors mapped much faster (5.69 buildings/min) and with higher quality (93.45 %) in JOSM than in fAIr (1.84 buildings/min and 75.38 %). Interestingly, it means that beginners have better results of mapping quality (80.41%) and mapping speed in fAIr (2.08 buildings/min) than experienced contributors (75.38 % and 1.84 buildings/min). On the contrary, experienced contributors have much better results in mapping quality (93.45 %) and mapping speed (5.69 buildings/min) in JOSM than beginners (79.28 % and 2.89 buildings/min). We also analyzed the influence of the complexity of mapping locality, e.g., the density of buildings in the mapped site and the quality of the imagery. For easy localities, experienced contributors generally have higher mapped building counts, indicating better fAIr performance on simpler tasks. For complex localities, the number of buildings mapped by experienced contributors drops significantly, suggesting that complex localities pose a challenge even for experienced contributors. A higher number of errors was found in complex localities, where AI likely generated lower-quality building outline designs. Interestingly, for complex localities, beginners mapped more buildings than experienced contributors, which may suggest that they focus on quantity. This could indicate potential quality issues.

Mapping in iD is designed to be a welcoming experience that should require little to no required knowledge to get started. Additionally, the editor does also have some additional features up its sleave for more advanced mapping tasks. Regardless if you are a new, intermediate or advanced mapper: it can never hurt to know a trick or two that make your mapping more efficient! This talk will go through common mapping workflows in iD and how they can elevate your mapping experience. There will be sections dedicated for beginners, intermediate and advanced mappers. For starters, it will be shown how one can get up to speed most efficiently with iD through its built-in walkthough and other help functionality. For intermediate mappers, the talk will cover topics such as photo-mapping, efficient use of keyboard shortcuts, integrated quality assurance tools, useful browser extensions, etc. The talk concludes with advanced techniques such as adding custom background imagery or map data. The showcased mapping workflows shall give a good overview of the spectrum of different mapping tasks one might encounter as a mapper on an regular basis, and will also highlight tools other than iD that allow to dive even further into the respective topics. Creative Commons Attribution 3.0 Unported https://creativecommons.org/licenses/by/3.0/ about this event: https://2025.stateofthemap.org/sessions/H3NM7X/

This talk explores the extrinsic quality of OpenStreetMap data in Brno by comparing the city’s most frequently mapped amenities against a custom, field-collected reference dataset. The findings highlight relatively high attribute accuracy in OSM but reveal gaps in feature completeness, with only about 34.94% of features matched with the reference dataset. OpenStreetMap is a notable example of a database created by volunteers. Due to its open approach to data collection, establishing trust in the data is essential. Three key factors must be considered to evaluate this trust: completeness, correctness, and positional accuracy. The most common method in recent years for assessing large datasets like OpenStreetMap is to examine intrinsic data quality [1-3], which relies on metadata. However, this approach does not allow for a thorough analysis of the mapped features, resulting in only a rough estimate of the data's trustworthiness. To provide a more detailed understanding of the data, extrinsic data quality is evaluated by comparing OpenStreetMap with a reference dataset. This method is effective for evaluating feature completeness. However, when assessing attribute accuracy, a similarly detailed dataset for comparison is often unavailable. In these instances, the evaluator must gather their own reference dataset, which can be expensive and time-consuming. Because of that, previous studies mainly focused on assessing attribute accuracy by utilizing intrinsic data quality. In our study, we focused on assessing the extrinsic data quality of the city of Brno in the Czech Republic. We wanted to know how much we can trust OpenStreetMap in our city and if there is some correlation between attribute accuracy and metadata of the features. A secondary objective was to determine how well ISO 19157 can be used to assess the attribute quality of the OpenStreetMap. We chose the city’s ten most mapped amenity features and gathered a reference dataset for these features. Since we knew what we would be evaluating, we have acquired a dataset perfect for evaluating OpenStreetMap. Thus, there was no need for major compromises in data evaluation. Over the course of several months, we traveled over 1,000 km on foot and gathered a few thousand reference features using the Locus GIS app. Each feature contained a list of evaluated attributes together with a photo of the object for further evaluation. Evaluated amenities were bench, waste_basket, recycling, restaurant, bicycle_parking, cafe, vending_machine, post_box, pub and fast_food – the most mapped node features in Brno. Our assessment of OpenStreetMap's attribute accuracy revealed generally positive results. Several attributes in our sample achieved 100% accuracy, particularly those with boolean values. However, the most significant issues arose with string attributes that lack defined value lists, such as opening_hours. Ultimately, the primary concern identified was the completeness of the data. We found that the completeness of feature occurrence is inadequate; we were only able to match 34.94% of all reference features with those in OpenStreetMap. This completeness varied significantly across evaluated amenities, with waste_baskets and benches being notably underrepresented. We also assessed the positional accuracy of the data. Each amenity was evaluated separately, revealing average positional errors ranging from 2.63 meters to 4.02 meters. The median error was found to be between 1.83 meters and 3.13 meters. Overall, OpenStreetMap appears to be a relatively accurate positional database for the city of Brno, despite some isolated deviations (outliers). When examining the relationship between attribute accuracy and feature metadata, we assumed that more users editing a feature would lead to more accurate data. This concept is known as the “many eyes principle” [4, 5]. However, the correlations between metadata (such as the number of contributors, versions, and days since the last edit) and attribute correctness are typically not statistically significant. As a result, no explicit dependency can be determined, and no clear patterns emerge from the statistically significant values. Our work also shows that evaluating OpenStreetMap using ISO 19157 can be problematic because this standard does not consider multiple correct values or the varying degrees of attribute correctness (“level of detail” of attributes). Additionally, automating the evaluation of specific attributes, such as opening_hours, is challenging since these attributes can contain different yet correct values. Furthermore, missing or incomplete documentation significantly impacts evaluation, as there should be clear rules indicating which values are correct or not. However, achieving this is difficult for projects that rely on the folksonomy principle, which encourages users to create new values that often lack documentation. OpenStreetMap offers a comprehensive database, but its data quality varies signific

This is a story about the last 7 years of OSMTracker and how, from an academic space in a Costa Rican public university, we managed to keep alive the app with computer engineering undergrad students. We want to share what we have learned: the challenges and contributions during this process, and how we plan to continue. OSMTracker is one of the oldies free software data capture tools in the OSM ecosystem. Its simplicity, low technical requirements, easy customization, and ability to use the exported data in various applications make it a valuable resource for mappers. The app became part of the methodological resources used by the Laboratorio Experimental de Computación y Comunidades (LabComún) for development of university extension projects together with communities like Erizo Juan Santamaría Informal settlements and Alajuela en Cleta urban cycling collective. Naturally, the usage of OSMTracker in this context showed us improvements needed in the app, and consequently, we contributed with code that were incorporated in the tool. In 2018, nguillaumin, the original developer of the app, transferred the maintenance OSMTracker to LabComún. Since then, LabComún has been managing the challenge of developing free software from a (global south) public university: scarcity of resources, bureaucratic difficulties, and how to align the process of developing software while offering a sustainable educational experience for students. The ongoing focus of development of OSMTracker highlights the importance of engagement of undergrad computer science students in projects that are related to territories and people. This offers a real perspective on how their contributions to software could improve the quality of life. From a technical and academic perspective, the opportunity to be part of a bigger free software and open data community is unique. Finally, we want to open discussion on how to enhance the sustainability of OSMTracker, involving other actors in collaborations and keeping the app useful for thematic mapping projects. Creative Commons Attribution 3.0 Unported https://creativecommons.org/licenses/by/3.0/ about this event: https://2025.stateofthemap.org/sessions/9HN9SX/

OSMlanduse is the first EU-wide 10 m land-use map integrating 3.2 million OpenStreetMap geometries with Sentinel-2 imagery through an open deep-learning workflow. Delivering CORINE-level thematic detail with finer spatial resolution, it achieves 89% accuracy, providinng wall-to-wall coverage while retaining OSM’s sub-metre detail where available. Released under open licences with reproducible scripts, it supports applications from climate modelling and biodiversity surveys to urban planning and policy monitoring. By uniting crowdsourced mapping and Earth observation, OSMlanduse demonstrates a scalable, transparent approach to producing reliable, high-resolution land-use information at continental scale. Spatially resolved information on present-day land use (LU) is fundamental for climate-mitigation tracking, food-system monitoring and spatial planning, yet Europe still relies on inventories such as CORINE Land Cover (CLC) that are updated quinquennially at 100 m and under-represent the urban micro-mosaic. Meanwhile, new 10 m remote-sensing maps excel at spectral land-cover separation but lack the thematic richness contributed by citizens through OpenStreetMap (OSM). We introduce OSMlanduse, the first European Union-wide LU map at 10 m resolution that fuses 3.2 million OSM geometries with Sentinel-2 multispectral composites by means of a completely open workflow. The product supplies CLC-level thematic detail while matching the spatial grain of Copernicus imagery. Our objective was to demonstrate that globally recurrent, freely licensed data streams can be combined through deep learning to overcome the spatial incompleteness of volunteered geographic information. We converted the March 2020 OSM planet snapshot into 13 CLC classes, directly labelling 61.8 % of EU28 territory. For the unlabeled remainder we trained country-specific residual convolutional neural networks (ResNets) on medoid composites of cloud-masked Sentinel-2 top-of-atmosphere reflectance, then mosaicked predictions and original labels into a seamless raster–vector hybrid. Accuracy was assessed with 4 616 stratified reference points interpreted independently on sub-metre Bing and Google imagery. The map attains 89 % overall accuracy (95 % CI ± 2 %); producer’s accuracies range from 77 % (shrub/herbaceous vegetation) to 99 % (water bodies), while user’s accuracies exceed 93 % for agricultural strata. Most confusion arises between spectrally similar urban greens and semi-natural grasslands, or between early construction sites and bare soil, reflecting both spectral ambiguity and occasional tag noise. OSMlanduse inherits sub-metre geometric detail wherever OSM mapping is dense—Dutch canal parcels, German allotment gardens, Romanian farmyards—yet guarantees wall-to-wall coverage through 10 m raster infill. GeoTIFF tiles, training rasters and the OSM-to-CLC translation table are released under CC-BY 4.0 (DOI: 10.11588/data/IUTCDN) and visualised at https://osmlanduse.org; GPL-3.0 scripts ensure full reproducibility. Three methodological insights emerge. First, the current density and thematic granularity of OSM LU tags suffice to train deep networks that generalise across divergent biogeographic regions without external annotation campaigns. Second, multi-temporal medoid compositing plus per-country modelling dampens atmospheric noise and phenological divergence, enabling continental consistency from uncalibrated top-of-atmosphere data. Third, open-science principles—public code, permissive licences, cloud execution—place high-resolution mapping within reach of resource-constrained institutions. The dataset opens new avenues for investigating LU dynamics, from crop-rotation detection and peri-urban sprawl quantification (SDG 11.3.1) to habitat-specific sampling frames for biodiversity surveys and downscaling of economic statistics. Moreover, its billions of labelled pixels address the chronic scarcity of public training corpora highlighted by recent computer-vision studies. Limitations persist. Crowdsourced tags remain temporally asynchronous; the March 2020 snapshot necessarily precedes pandemic-era peri-urban expansion. Spectral ambiguity endures in arid shrublands and gravel pits, and the 10 m grid misses features narrower than one pixel such as hedgerows. Nevertheless, by releasing not only the final map but all processing scripts under GPL-3.0 we invite replication, auditing and regional adaptation. Training was performed on the FAO SEPAL cloud using Nesterov-accelerated Adam, batch size 64 and early stopping on 20 % held-out OSM tiles per country. Managing the 1.2 TB Sentinel-2 archive through orbit-wise partitioning and raster caching allowed execution of the full continental workflow within 96 GPU-hours on commodity instances. Sampling 5 000 patches per class and tile balanced the abundant yet noisy training labels while preserving rare categories such as mines and wetlands. While earlier studies either harvested OSM tags to create fragme

This study presents a geospatial framework that combines NLP, machine learning, and GIScience to extract and georeference tweets related to the November 2016 Haifa wildfire, enabling near real-time insights into urban fire dynamics. Using OpenStreetMap and GeoNames to geocode over 16,000 tweets, the researchers demonstrated strong spatial and temporal alignment with official fire incident reports, highlighting social media’s potential as a supplementary data source for disaster response. The approach offers a scalable model for leveraging crowdsourced and user-generated data in emergency informatics, especially in data-scarce regions. The increasing frequency and severity of urban wildfires demand new sources of near real-time information to support emergency response and disaster risk reduction [1-4]. In this study, we present an application for extracting and georeferencing the spatiotemporal distribution of tweets associated with the November 2016 wildfire in Haifa, Israel. The unprecedented urban fire influenced densely populated neighbourhoods, caused extensive infrastructural damage, and led to the evacuation of thousands of residents [5]. However, because of the nature and extent of the fire that lasted nearly 3 days, complete and reliable information concerning the emergence and development of new fire locations at the sub-city scale was only partial. Accordingly, management and decision-making procedures were complicated and some of the cascading events along the occurrence of the catastrophe were hard to be detected and addressed. The purpose of the study was to analyse tweets as a potential source of near real-time information and examine to what degree Twitter can be used to assist decision-making during occurrences on urban catastrophes. The implemented research combined Natural Language Processing (NLP), Machine Learning (ML), and Geographic Information Science (GIScience) to filter, classify, and precisely geolocate tweets at the city, neighbourhood or street-level resolution. One of the main components of the established geospatial framework was OpenStreetMap (OSM, https://www.openstreetmap.org, accessed July 2019), used in conjunction with the GeoNames gazetteer (http://www.geonames.org/, accessed July 2019) to construct a comprehensive spatial reference corpus. This enabled the geocoding of both explicitly and implicitly localized tweets that lack GPS metadata—an essential challenge given that only 1–3% of the tweets are geotagged with reliable geographic coordinates [6, 7]. We have collected approximately 2.4 million tweets using keywords related to the wildfire (in the Hebrew, Arabic, and English languages) between November 24th –27th, 2016. After classification using topic modelling and RCNN (Recurrent Convolutional Neural Networks) [8], around 114,000 tweets were labelled as relevant to the event. Of these, only 31 tweets were geotagged with geographic coordinates which is obviously an insufficient number of observations to perform spatial analysis. To overcome this shortcoming, we implemented a text-based georeferencing approach leveraging gazetteer data extracted from the OpenStreetMap and GeoNames databases. Accordingly, we converted 18 OSM shapefiles into a unified point dataset containing a wide variety of geographic features—ranging from neighbourhoods and roads to public buildings and natural landmarks. This dataset was merged with a version of the GeoNames corpus to create a point-based localized gazetteer representing the Haifa metropolitan area and its environs. For the purpose of geocoding, each point was associated with its place name in Hebrew, Arabic, or English. Following, the geocoding pipeline consisted of the following key steps: (1) NLP techniques including tokenization, stemming, and stop-word removal to extract named entities and spatial references from the tweet’s metadata [9]; (2) FuzzyWuzzy-based string matching algorithm that computes the Levenshtein distances between strings extracted from the tweet tokens and the place names in our gazetteer [10]; and (3) matchings were assigned a confidence score, which allowed us to filter or weight the credibility and accuracy of the spatial data. For example, georeferenced tweets with scores above 90% were deemed highly reliable for spatial trend detection. The process yielded 16,672 georeferenced tweets distributed across 130 unique localities within Haifa and its close vicinity. Following, we conducted a spatiotemporal inspection by aggregating tweets into 5×5 km grid cells and 8-hour intervals—bins that were informed by the density of localities extracted from the OSM/GeoNames hybrid gazetteer. We used Esri ArcGIS Pro to generate Kernel Density Estimation (KDE) maps [11] and 3D visualizations of the tweets’ distribution. The results presented strong temporal (Figure 1) and spatial (Figure 2) correspondence between georeferenced tweets and the officially reported fire incidents by the Israel Fire and Rescue Services (IF

Between September 2024 and August 2025, we conducted a comprehensive street-level survey of Milano, Italy, capturing approximately one million 360° panoramic images using a monopod-mounted camera setup. These images were uploaded to Mapillary, contributing to open-access urban geospatial data. This presentation shares practical insights into continuous data collection methods and analyzes urban characteristics discernible from the imagery, such as graffiti prevalence, urban greenery distribution, and the potential of these visuals as foundational data for 3D digital twin models. I will discuss the current capabilities and limitations of using crowdsourced street-level imagery for urban analysis and planning. Between September 2024 and August 2025, we undertook a comprehensive street-level survey of Milano, Italy, capturing approximately one million 360° panoramic images using a monopod-mounted camera setup. These images were uploaded to Mapillary, contributing to open-access urban geospatial data. This presentation shares practical insights into continuous data collection methods and analyzes urban characteristics discernible from the imagery, such as graffiti prevalence, urban greenery distribution, and the potential of these visuals as foundational data for 3D digital twin models. I will discuss the current capabilities and limitations of using crowdsourced street-level imagery for urban analysis and planning. Advancements in consumer-grade 360° cameras have significantly enhanced image resolution, with modern devices achieving up to 11K. These improvements, coupled with enhanced low-light performance, have expanded the temporal window for effective data collection beyond daylight hours. Mapillary’s object detection capabilities can identify over 150 object classes, including traffic signs, poles, and vegetation. However, challenges remain in detecting certain features like graffiti and nuanced vertical urban greenery, highlighting areas for future development. By analyzing the Milano dataset, we can assess the efficacy of current detection algorithms and identify gaps where manual annotation or algorithmic refinement is necessary. This analysis informs strategies for leveraging 360° imagery in urban planning, such as monitoring infrastructure conditions and informing greening initiatives. The session will conclude with a discussion on the future of crowdsourced 360° street-level imagery, exploring how community-driven data collection can support comprehensive urban analysis and planning efforts. Creative Commons Attribution 3.0 Unported https://creativecommons.org/licenses/by/3.0/ about this event: https://2025.stateofthemap.org/sessions/NRJEVM/

The world is not just made of streets, buildings, and zones; it is shaped by how people engage and interact with places in their everyday lives. This abstract presents a web-based geospatial tool that supports the mapping of these lived places and locales named PlaceCrafter. PlaceCrafter supports researchers in identifying platial regions: functional, human-centred areas that cross administrative and formal boundaries. The framework is built on OpenStreetMap, combining (near) real-time clustering, analysis, and statistical validation of these platial regions. PlaceCrafter supports researchers in exploring the subjective experiences of place through existing datasets and city structures. Contemporary urban analysis requires tools and analytical software that can not only capture the physical structure of the city, but also the dynamic and human-centred places that can emerge from everyday interactions. While these technologies, such as existing OpenStreetMap (OSM) [1] views and Geographic Information Systems (GIS) [2] are effective for spatial tasks, these abstractions fail to understand the notions of place when compared to space [3]. Recent work [4, 5] has sought to shift the focus towards platial information systems, tools which situate the human experience, subjective knowledge, and fuzzy representation as a comparison to existing spatial systems. These fuzzy, subjective, and personal representations attempt to model ‘place’ as a contrast to space, which may not align with traditional geometries or formal administrative zones. PlaceCrafter responds to this challenge by integrating a spatial-platial [6] approach to identifying regions that are functionally cohesive, representing dense and meaningful concentrations of specific points of interest (POI). The POIs are traditional representations of space within GIS [3], such as cafes, restaurants, museums, pathways, and places of worship. Rather than relying on the top-down designation of locations, PlaceCrafter supports users, analysts, and researchers curating clusters that represent how space is used as opposed to administratively divided. The approach aligns with recent calls in GIScience to shift from ‘space’ to ‘place’ in smart city analysis [7] and to continue building on work which has operationalised the sense of place in urban contexts [8]. PlaceCrafter is designed not just to analyse space, but to make its platial structure visible, explorable, and comprehensible to analysts, researchers, and planners. Figure 1 presents the web-based application, developed in TypeScript using React, Vite, Leaflet, Turf.js, and D3.js. The software uses the Overpass API [9] to retrieve (near, depending on number of POIs loaded) real-time user-filtered POI data. The datasets are organised into semantic categories based upon the existing OSM semantic structures [10]; these filters can be customised dependent on the analytical task. This functionality supports the broad purpose of the web-based application, which is to enable researchers and practitioners to understand city form and structure through a platial lens. PlaceCrafter is structured around four phases guided by the OSM filtering approach: the initial phase (1) focuses on filtering and selection of relevant OSM categories, building upon existing work, such as POI Pulse [11] which classifies regions using semantic signatures, and user behaviour to generate profiles of locations in the Los Angeles area and ClusterRadar [12] which supports comparative spatial clustering and parameter tuning through interactive visualisation to examine how clusters change temporally; the second phase (2) is where the fuzzy clustering approaches are applied interactively and include K-Means [13] for compact cluster formation, DBSCAN [14] for spatial structures, and hierarchical clustering for multi-level spatial structures. These clustering methods are applied to the filtered POI data to reveal platial regions. The penultimate phase (3) focuses on statistical validation, where each clustered region is evaluated using established spatial metrics. These evaluations include the nearest neighbour index to assess spatial clustering, silhouette scores [15] for understanding cluster coherence, and spatial autocorrelation is measured using a simplified Moran’s I statistic for insights into category-based dependency [16]; The final phase is (4) visualisation, which explores the concept of platial readability, where each region is presented not just spatially but semantically, with data supported by POI type, diversity score, and density metrics. Additionally, the platial visualisation techniques used support the emerging approaches to conveying ambiguity, overlap, and functional gradients [3, 17]. The visualisation subsystem is modular for a wide array of end-user requirements, supporting fuzzy spray can visualisation and region influence grids as presented in Figure 2, in addition to convex hulls, kernel density heatmaps, and region quality

OpenStreetMap and games feel like they go hand-in-hand and that's more than just coincidental. Both OSM and gaming have the power to bring people together, foster community engagement, and provide unique experiences. In fact, the OSM wiki has a page for games built using OSM data (https://wiki.openstreetmap.org/wiki/Games) and in recent years, we've seen the increase in the use of tools such as MapRoulette and StreetComplete that gamify the experience of contributing to OSM. While the latter is a very interesting topic in itself, this talk will focus on the former—games that use, but are not necessarily intended to contribute, OSM data. In this talk, we will explore the world of OSM-based/OSM-adjacent games to try and identify various game categories/genres and uses of OSM such as in location-based games (e.g. PokemonGO), serious and realistic simulation games, educational and trivia games, other niche/bespoke games, as well as both digital and tangible/tactile experiences. Furthermore, we will try to investigate the benefits and drawbacks of using OSM in games and look into other open source "games/game resources/gaming communities" (such as those in the Open Source Tabletop/RPG genre) to uncover possible intersections and opportunities. Whether you're a beginner or experienced OSM contributor, a game developer, or just a fellow gamer, this talk aims to spark new ideas and inspire further discussions, activities, and developments around the intersection of OpenStreetMap and games. Beyond the use of gamification for improving the OSM contributor experience, I feel that there is an opportunity to re-examine and revisit the broader topic of games using OSM data especially since OSM offers a rich and vibrant data source that can serve as the foundation for unique gaming experiences. How is/was OSM data used in games? What works/worked? What doesn't/didn't? Where (or where else) can OSM and games intersect? A lot of games use maps, can we use OSM there too? What other games can we create with OSM (e.g. Tactics? TTRPG? Board Games?). These are just some questions I'd like to ask and hopefully answer in the presentation. Creative Commons Attribution 3.0 Unported https://creativecommons.org/licenses/by/3.0/ about this event: https://2025.stateofthemap.org/sessions/LPDJXY/

The Humanitarian OpenStreetMap Team (HOT) celebrates its 15th anniversary in 2025. This presentation will explore HOT's evolution from a small group of mappers responding to the Haiti earthquake to a global organization at the forefront of humanitarian mapping. We'll delve into key milestones, technological advancements, the growth of the HOT community, and the increasing role of local mappers in leading humanitarian responses. The talk will also address the challenges and opportunities for the next 15 years, including sustainability, technological innovation, and expanding the impact of open mapping in a changing world. This presentation will examine how HOT has transformed disaster response, development initiatives, and community empowerment through collaborative mapping. It will also look at how HOT has fostered a global community of mappers and the impact of open data on humanitarian efforts. Furthermore, the presentation will discuss the strategic directions HOT is taking to ensure its continued relevance and effectiveness in an ever-changing technological and global landscape, emphasizing the importance of partnerships, innovation, and inclusivity. Creative Commons Attribution 3.0 Unported https://creativecommons.org/licenses/by/3.0/ about this event: https://2025.stateofthemap.org/sessions/U9MSCX/

Closing session of All Systems Go! 2025 Licensed to the public under https://creativecommons.org/licenses/by/4.0/de/ about this event: https://cfp.all-systems-go.io/all-systems-go-2025/talk/DR8ELH/

The UAPI Boot Loader Specification defines conventions that let multiple operating systems and bootloaders share boot config files. So far, only systemd-boot implements it - and it’s UEFI-only by design. As a result, hybrid UEFI/BIOS images require maintaining (and keeping in sync) two sets of bootloader configs: one for systemd-boot, and one for a legacy bootloader such as syslinux. I set out to fix that by building a BIOS bootloader that uses the UAPI Boot Loader Specification - allowing both UEFI and legacy boot to use a single shared set of config files. This talk is about why that matters, how I built it, and what comes next. In this talk, I’ll cover: - What the UAPI boot spec is - Why you'd want to use legacy boot instead of EFI/systemd-boot - *spoiler: you don't! but you might have to* - How I implemented UAPI boot support for legacy BIOS - What about UKIs? - A live demo of the bootloader in action - The current state of the project and what’s next https://uapi-group.org/specifications/specs/boot_loader_specification https://github.com/nkraetzschmar/bootloader Licensed to the public under https://creativecommons.org/licenses/by/4.0/de/ about this event: https://cfp.all-systems-go.io/all-systems-go-2025/talk/ANC879/

I overview how OS management is done at Meta. We run millions of Linux servers and we have to make sure that OS gets updated on all of them in a given period of time. To do that we developed several products: MetalOS (Image based version of CentOS), Antlir (image builder) and Rolling OS Update (a service that keeps a set of DNF repos in sync with upstream repos and uses them to update OS ) Licensed to the public under https://creativecommons.org/licenses/by/4.0/de/ about this event: https://cfp.all-systems-go.io/all-systems-go-2025/talk/VNCDRL/

Updates are a critical piece of managing your fleet of devices. Nowadays, Yocto-based distributions can utilize layers for well-established update mechanisms. But, did you know that recent releases of Yocto already come with a simple update mechanism? Enter systemd-sysupdate: a mechanism capable of automatically discovering, downloading, and installing A/B-style updates. By combining it with tools like systemd-boot, we can turn it into a comprehensive alternative for common scenarios. In this talk, we will briefly introduce systemd-sysupdate, show how it can be integrated with your Yocto distribution, and share thoughts on how it can be improved further. Licensed to the public under https://creativecommons.org/licenses/by/4.0/de/ about this event: https://cfp.all-systems-go.io/all-systems-go-2025/talk/MU7JM8/

`test.thing` is a VM runner which targets guests using an API defined by systemd. It started after a conversation at devconf about turning `mkosi qemu` into a library. A quick intro. ~~composefs is an approach to image-mode systems without the disk images. Files are stored in a de-duplicated content-addressed storage with integrity guaranteed through fs-verity. The last year has seen an acceleration of development on composefs-rs, a pure Rust implementation of the ideas behind composefs. Our goal is unification of the storage of bootable system images (via bootc), application Flatpaks, and traditional OCI container environments, bringing deduplication and integrity guarantees to all three. An overview.~~ Licensed to the public under https://creativecommons.org/licenses/by/4.0/de/ about this event: https://cfp.all-systems-go.io/all-systems-go-2025/talk/MLTTHW/

With Bootable Containers (bootc), we can place the operating system files inside a standard OCI container. This lets users modify the content of the operating system using familiar container tools and the Containerfile pattern. They can then share those container images using container registries and sign them using cosign. Using composefs and fs-verity, we can link a UKI to a complete read only filesystem tree, guaranteeing that every system file is verified on load. We integrate this in bootc by creating a reliable way to turn container images into composefs filesystem trees, and then including the UKI in the container image. We will share the progress on the integration of UKI and composefs in bootc and how we are going to enable remote attestation for those systems using trustee, notably for Confidential Computing use cases. https://github.com/containers/composefs-rs https://github.com/bootc-dev/bootc https://github.com/confidential-containers/trustee Licensed to the public under https://creativecommons.org/licenses/by/4.0/de/ about this event: https://cfp.all-systems-go.io/all-systems-go-2025/talk/TNKPQS/

S3NS is a trusted cloud operator that self-hosts Google Cloud infrastructure in France, targeting the SecNumCloud certification, the most stringent Cloud certification framework. SecNumCloud includes strict legal and operational constraints. To manage these systems securely and reproducibly, we’ve built a family of dedicated administration terminals based on the image based philosophy. These terminals rely on NixOS semantics and draw from the ParticleOS ecosystem: systemd-repart, and dm-verity, ensuring atomic updates, full immutability of the Nix store, and verifiable integrity of the boot chain and runtime system (measured boot), while using remote attestations by TPM2 when connecting to production assets. We will present the purpose of these terminals and what needs they serve along with their high level characteristics: partition layouts, provisioning and connection flow to the production assets. This talk will show an application of many of the concepts that were presented in the NixOS ecosystem and in All Systems Go itself by the systemd community. Licensed to the public under https://creativecommons.org/licenses/by/4.0/de/ about this event: https://cfp.all-systems-go.io/all-systems-go-2025/talk/TBDBDA/

Introduce ue-rs, a fresh project that aims to be a drop-in reimplementation of update engine, written in Rust. The goal of ue-rs is to have a minimal, secure and robust implementation of update engine, required by A/B update mechanism of Flatcar Container Linux. Just like the existing update engine, it downloads OS update payloads from a Nebraska server, parses its Omaha protocol, verifies signatures, etc. This project, however, is different from the original update engine in the following aspects. First, it aims to be minimal, by reducing heavyweight legacies in the update engine. Moreover, written in Rust, it brings a huge advantage for security, especially memory safety, in contrast to the original update engine, which is written mainly in C++ and bash. Finally, in addition to traditional OS update payloads, it supports systemd-sysext OEM, which is supported by Flatcar. Licensed to the public under https://creativecommons.org/licenses/by/4.0/de/ about this event: https://cfp.all-systems-go.io/all-systems-go-2025/talk/JAC3DH/

In last year's ASG!, bootc and bootable containers were introduced. In this talk, we'll go over what changed since last year, and how Fedora CoreOS and RHEL CoreOS are leveraging bootable containers to reduce maintenance and increase sharing. Licensed to the public under https://creativecommons.org/licenses/by/4.0/de/ about this event: https://cfp.all-systems-go.io/all-systems-go-2025/talk/87TFB7/

In the Linux world there are several tools and technologies to encrypt data on a hard drive, most falling into one of two categories: block device encryption (like LUKS) or stacked filesystem encryption (like EncFs or gocryptfs). This presentation will introduce Dirlock, a new tool that belongs to a third category: native filesystem encryption, using the kernel's fscrypt API. Dirlock is currently being developed and its aim is to provide a flexible way to encrypt files, suitable for both user accounts and arbitrary directories, with full PAM integration, support for hardware-backed mechanisms such as FIDO2 or TPM and with a D-Bus API for easy management. Licensed to the public under https://creativecommons.org/licenses/by/4.0/de/ about this event: https://cfp.all-systems-go.io/all-systems-go-2025/talk/AAWNQT/

Traditional package updates using tools like RPM or Zypper can introduce risks, such as incomplete updates or accidentally breaking the running system. To overcome these challenges, we developed **container-snap**, a prototype plugin designed to deliver atomic OS updates—updates that are fully applied or rolled back without compromising the system's state. container-snap leverages OCI images as the source for updates and integrates seamlessly with openSUSE’s [tukit](https://github.com/openSUSE/transactional-update) to enable transactional OS updates. By utilizing Podman’s btrfs storage driver, it creates btrfs subvolumes directly from OCI images, allowing systems to boot from the OCI image. This approach empowers users to construct their own OS images using familiar container image-building tools, like Docker or [Buildah](https://buildah.io/). In this session, we’ll dive into: - The architecture and technical implementation of container-snap - Challenges encountered during development and how we resolved them - Key lessons learned along the way - A live demo showcasing container-snap in action Come and join this session to learn more about how to boot from an OCI image without bricking your system! Licensed to the public under https://creativecommons.org/licenses/by/4.0/de/ about this event: https://cfp.all-systems-go.io/all-systems-go-2025/talk/YTCMSG/

File descriptors for processes on Linux have been available for quite some time now. Userspace has adapted them widely. Over the last two years or so we've extended the abilities of pidfds significantly. This talk will go over all the new features and deep dive into their implementation and usage. Licensed to the public under https://creativecommons.org/licenses/by/4.0/de/ about this event: https://cfp.all-systems-go.io/all-systems-go-2025/talk/3BMJVH/

Last year, Lennart Poettering of the systemd fame, [gave a presentation](https://media.ccc.de/v/all-systems-go-2024-276-varlink-now-) at this very same conference, where he introduced Varlink, a modern yet simple IPC mechanism. He presented a case for Varlink, rather than [D-Bus](https://en.wikipedia.org/wiki/D-Bus) to be the future of Inter-process communication on Linux. As someone who works on D-Bus, I took upon myself to prove him wrong, only to find out that I achieved exactly the opposite. It didn't take long before I got convinced of his vision. Since I was largely responsible for giving the world [an easy to use D-Bus Rust library](https://crates.io/crates/zbus), I thought it's only fitting that I do the same for Varlink. This talk will be the story of the creation of such a library, the challenges I faced, where Varlink fits the Rust idioms really well and where it does not and how all of this affected the development and the API. Licensed to the public under https://creativecommons.org/licenses/by/4.0/de/ about this event: https://cfp.all-systems-go.io/all-systems-go-2025/talk/SYGBNH/

CentOS Stream is especially suited for production deployments. In these environments it's often common to develop improvements to distribution packages and want to contribute them upstream. Unfortunately, until very recently that required one to then maintain their own build and deployment pipeline for the packages, at least until the changes made their way into the distribution. CentOS Proposed Updates (CPU) SIG aims to bridge this gap - changes that have been submitted as merge requests can be built in this SIG, providing those who run Stream in production with access to needed updates while they make their way into CentOS Stream. We hope this will help increase collaboration between RHEL engineers, CentOS Stream contributors, and the rebuild community as well, especially those that have distributions derived from CentOS Stream directly (such as AlmaLinux with AlmaLinux OS Kitten), as everyone can focus on making improvements without reinventing their own build pipelines. Licensed to the public under https://creativecommons.org/licenses/by/4.0/de/ about this event: https://cfp.all-systems-go.io/all-systems-go-2025/talk/9QUZNY/

Going for minimal containers with restricted system calls and unprivileged users is the usual Kubernetes approach these days, and it works great for most web apps. However, the development of more complex infrastructure extensions frequently hinders application functionality. While looking for a solution to deploy virtiofsd in an unprivileged container for KubeVirt, we stumbled on seccomp notifiers. Seccomp notifiers are a kernel feature which monitors syscalls and get notifications to a userspace application when a syscall is executed. Alternative options involved either the use of a custom protocol using UNIX sockets or the deployment of virtiofs as a privileged component alongside the unprivileged VM. After our evaluation, the seccomp notifier turned out to be the simplest solution among all the choices. Unfortunately, the main constraint is the monitor's resilience after a restart, such as after a crash or an upgrade. This limitation forced us to back up to one of the less elegant approaches. But there is hope how this could be solved! The session will explain why seccomp notifiers are a lean solution to avoid extra userspace communication and synchronization, the current limitations and possible future solutions to overcome today’s challenges. Our experience will teach audiences several methods for dividing their privileged infrastructure. Utilizing virtiofsd as an actual example and a target application for KubeVirt integration and deployment. We will discuss the difficulties of using rootless containers in this session, as well as the design patterns, technologies, and tactics we thought about and ultimately chose to maintain or reject. Licensed to the public under https://creativecommons.org/licenses/by/4.0/de/ about this event: https://cfp.all-systems-go.io/all-systems-go-2025/talk/SPGAXS/

GNOME has collected some very old code over the years. During the recent GNOME 49 release, we've made some drastic cleanups. Most visibly, we've dropped support for X11 and gained many dependencies on systemd. Let's explore some of the what and why for these changes! Licensed to the public under https://creativecommons.org/licenses/by/4.0/de/ about this event: https://cfp.all-systems-go.io/all-systems-go-2025/talk/FQE7QZ/

Coredumping on Linux has long been a nightmare. Currently two modes are supported: (1) Dumping directly into a file somewhere on the filesystem. (2) Dumping into a pipe connected to a usermode helper process spawned as a child of the system_unbound_wq or kthreadd. For simplicity I'm mostly ignoring (1). There's probably still some users of (1) out there but processing coredumps in this way can be considered adventurous especially in the face of set*id binaries. The most common option should be (2) by now. It works by allowing userspace to put a string into /proc/sys/kernel/core_pattern like: |/usr/lib/systemd/systemd-coredump %P %u %g %s %t %c %h The "|" at the beginning indicates to the kernel that a pipe must be used. The path following the pipe indicator is a path to a binary that will be spawned as a usermode helper process. Any additional parameters pass information about the task that is generating the coredump to the binary that processes the coredump. In the example core_pattern shown above systemd-coredump is spawned as a usermode helper. There's various conceptual consequences of this (non-exhaustive list): - systemd-coredump is spawned with file descriptor number 0 (stdin) connected to the read-end of the pipe. All other file descriptors are closed. That specifically includes 1 (stdout) and 2 (stderr). This has already caused bugs because userspace assumed that this cannot happen (Whether or not this is a sane assumption is irrelevant.). - systemd-coredump will be spawned as a child of system_unbound_wq. So it is not a child of any userspace process and specifically not a child of PID 1. It cannot be waited upon and is in a weird hybrid upcall which are difficult for userspace to control correctly. - systemd-coredump is spawned with full kernel privileges. This necessitates all kinds of weird privilege dropping excercises in userspace to make this safe. - A new usermode helper has to be spawned for each crashing process. On recent kernels a new mode has been added making use of AF_UNIX sockets. This talk will talk about the new modes, how they can be used, what advantages they have in comparison to the other modes, and look at technical implementation details. Licensed to the public under https://creativecommons.org/licenses/by/4.0/de/ about this event: https://cfp.all-systems-go.io/all-systems-go-2025/talk/MADB7R/

It has been 10 years since Axis Communications had a presentation at the systemd conference. Back then, we have shown how we have increased our product quality, stability and boot times by porting our platform to systemd. 10 years later, we had different challenges to keep the resource usages and boot times under control. We have started from bottom up and sliced our software for this purpose. This work also got us inspired to create virtual versions of our hardware products that we cluster deploy using systemd's nspawn. We have hundreds of engineers working on a software platform that is the base for different product types. It is a different challenge to keep the resource usages of different software composition when so many independent engineers collaborate together. We have applied a different strategy to keep our products as slim and as optimized as possible using different systemd principles like targets, slices, resource prioritization. As a side effect of this work, we have started from ground up and started to virtualize our products using systemd-nspawn. The next step for us was to figure out how in best way to cluster deploy our virtual products so that we can increase the quality of our end to end systems. Licensed to the public under https://creativecommons.org/licenses/by/4.0/de/ about this event: https://cfp.all-systems-go.io/all-systems-go-2025/talk/Z3NGWJ/

GNOME OS is a distribution based around systemd-sysupdate. This year, we finally created a live installer image using the same /usr partition as the installed OS. The main innovation however is the ability to install without the need to reboot. The user can start working while the installation is happening. This live image is built using systemd-repart. And the installer itself also uses systemd-repart. But systemd-repart is not the complete solution and we had to solve some challenges. Licensed to the public under https://creativecommons.org/licenses/by/4.0/de/ about this event: https://cfp.all-systems-go.io/all-systems-go-2025/talk/QRJVL3/

Flatpak is the de-facto standard for distributing desktop applications across various Linux based systems. It also offers other advantages such as sandboxing. It is particularly useful for image based systems as it installs the applications into a separate location and doesn't try to modify the system. GNOME OS is GNOME's development, testing and QA operating system. It builds the latest and greatest in-development versions of the GNOME desktop and core applications. It is also Linux based system that tries to fully embrace the systemd ecosystem. The applications are however built into the system. While this might be great for testing the apps as they would be in most distros, we also want to build our Flatpak applications from the same build definitions and our users (or more correctly early adopters) prefer to use Flatpak for various reasons. In this talk we'll explore what other image based distributions do to provide Flatpak applications to their users, what users expect from "Flatpak applications" and the various proposals for implementing that in GNOME OS. We hope to be able to present our end result by the time of the conference. Licensed to the public under https://creativecommons.org/licenses/by/4.0/de/ about this event: https://cfp.all-systems-go.io/all-systems-go-2025/talk/98W9EX/

Many traditional container engines make use of the "subuid" concept and the "newuidmap" tool to implement a concept of "unprivileged" user-namespace containers on Linux. This approach has many shortcomings in my PoV, from both a security and scalability standpoint. Recent systemd versions provide a more powerful, more secure, mor scalable alternative, via systemd-nsresourced, systemd-mountfsd and other components. In this talk I want to shed some light on the problems with the "old ways", and in particular focus on what the "new ways" bring to the table, and how to make use of them in container runtimes. Licensed to the public under https://creativecommons.org/licenses/by/4.0/de/ about this event: https://cfp.all-systems-go.io/all-systems-go-2025/talk/E7FHPY/

oo7-daemon is the new D-Bus Secret Service provider that aims to fully replace gnome-keyring. In this followup (continuation of my 2024 talk) lightning talk, I will go through the progress made, the challenges faced and the status of systemd credentials integration. Licensed to the public under https://creativecommons.org/licenses/by/4.0/de/ about this event: https://cfp.all-systems-go.io/all-systems-go-2025/talk/NFNFJS/

Marco will review the features available in the initramfs-tools ecosystem, the initrd generator used by Debian and Ubuntu, and how they can be implemented (or not) by adopting mkosi-initrd. Licensed to the public under https://creativecommons.org/licenses/by/4.0/de/ about this event: https://cfp.all-systems-go.io/all-systems-go-2025/talk/E989ZX/

At Meta, we've been looking to revamp our internal container runtime (Twine). Instead of maintaining all the low level container runtime code ourselves, we'd much prefer having more of this managed by systemd. This talk will go over what we did to make systemd transient units a suitable environment for running system containers (pid namespace support, cgroup namespace support, namespace delegation, ...), and why we went this route instead of reusing systemd-nspawn. Licensed to the public under https://creativecommons.org/licenses/by/4.0/de/ about this event: https://cfp.all-systems-go.io/all-systems-go-2025/talk/BBTJSF/

Simplify systemd management with `isd`! `isd` is a TUI offering fuzzy search for units, auto-refreshing previews, smart sudo handling, and a fully customizable interface for power-users and newcomers alike. If you ever became frustrated while typing: - `systemctl start --user unit-A.service` (manually starting a unit) - `systemctl status --user unit-A.service` (seeing that it failed) - `journalctl -xe --user -u unit-A.service` (checking the logs) - `systemctl edit --user unit-A.service` (updating the unit) - (repeat until problem is solved) `isd` could help. In this presentation, we will discuss the features that `isd` currently supports, the features that are planned for the future, and the experience of developing a TUI for `systemd` commands. I hope attendees will find the content engaging and practical. Audience participation is highly encouraged. I am especially eager to hear your thoughts, ideas, and feature requests. If you think a tool like `isd` might be unnecessary or redundant, I'd love to hear your perspective, too! Licensed to the public under https://creativecommons.org/licenses/by/4.0/de/ about this event: https://cfp.all-systems-go.io/all-systems-go-2025/talk/GCV3PM/

Many OS artifacts today are still verified using proprietary, stateful keyring formats. With the "File Hierarchy for the Verification of OS Artifacts (VOA)" an attempt is made to rid the ecosystem of this limitation by implementing a generic lookup directory. With extensibility in mind, this unifying hierarchy currently provides integration for OpenPGP, with further integrations in planning. While working on improvements to the [ALPM](https://alpm.archlinux.page) ecosystem, the way packages and other OS artifacts are currently verified on Arch Linux has been evaluated. Noticing the extensive vendor lock-in to GnuPG and with today's widespread availability of [Stateless OpenPGP](https://wiki.archlinux.org/title/Stateless_OpenPGP) implementations in mind, a plan was hatched to create a more generic, stateless approach. A specification and implementation for the [UAPI group](https://uapi-group.org/) has been started to create a ["File Hierarchy for the Verification of OS Artifacts (VOA)"](https://github.com/uapi-group/specifications/pull/134). This approach is meant to be technology agnostic and allow further integrations, such as SSH and X.509. Follow along for an overview of what this specification is trying to improve upon and how today's tools could benefit from it in the future. Licensed to the public under https://creativecommons.org/licenses/by/4.0/de/ about this event: https://cfp.all-systems-go.io/all-systems-go-2025/talk/7DDSVZ/

More than six months have passed since Daan tried to ~~shame~~ gently peer pressure Lennart to actually use the stuff he builds, via a FOSDEM talk: https://fosdem.org/2025/schedule/event/fosdem-2025-4057-particleos-can-we-make-lennart-poettering-run-an-image-based-distribution-/ Did he succeed? Is dogfooding standard practice now in the systemd development process? Or do things like randomly breaking logging in GNOME (*cough*) still happen from time to time? Join us for this talk to find out, and to apply yet more peer pressure. We will also spend some time talking about more boring and mundane topics, such as giving an overview of the current status of ParticleOS, and how we build it as a ready-to-consume and secure-by-default signed and self-enrolling appliance on the SUSE Open Build Service. https://github.com/systemd/particleos https://build.opensuse.org/package/show/system:systemd/particleos-fedora https://build.opensuse.org/package/show/system:systemd/particleos-debian Licensed to the public under https://creativecommons.org/licenses/by/4.0/de/ about this event: https://cfp.all-systems-go.io/all-systems-go-2025/talk/QMYAMS/

For many years, firewall solutions on Linux have grown and evolved, without any major change, until eBPF. While eBPF can allow very fast and efficient packet filtering, the learning curve doesn't make it easily accessible to non-developers. bpfilter aims to bridge the gap between existing tools (nftables, iptables) and modern technologies such as eBPF. By translating filtering rules into native code, bpfilter abstracts the complexity behind cutting-edge kernel technologies while maintaining backward compatibility with existing solutions. Let's discuss about bpfilter and see it in action! Licensed to the public under https://creativecommons.org/licenses/by/4.0/de/ about this event: https://cfp.all-systems-go.io/all-systems-go-2025/talk/JEVBTZ/

systemd-sysext provides a nice way to enhance a distribution with a read-only root filesystem without the need to reboot. But there is additional tooling necessary to manage the sysext images: * install an image which is compatible with the installed OS version * update installed images to the newest compatible version * rollback images in case of an OS rollback * cleanup unneeded images In this presentation I will talk about which tooling systemd itself provides for this (importctl, updatectl, ...) and what the benefits and disadvantages of this tools are compared with real world use cases. In the end I created an own, generic and distribution independent tool for this using systemd tools in the backend. Using openSUSE MicroOS as example I will demonstrate how we solved the problems with it and how we integrated it in our update stack. Licensed to the public under https://creativecommons.org/licenses/by/4.0/de/ about this event: https://cfp.all-systems-go.io/all-systems-go-2025/talk/8AA87L/

Landlock is an unprivileged kernel feature that enables all Linux users to sandbox their processes. Complementary to seccomp, developers can leverage Landlock to restrict their programs in a fine-grained way. While Landlock can be used by end users through sandboxer tools, there is currently no well-integrated solution to define security policies tailored to system services. Although AppArmor and seccomp security policies can already be tied to a system unit, we aim to provide a more dynamic, standalone, and unprivileged option with Landlock. In this talk, we'll briefly explain what Landlock is and highlight its differences from other Linux security features (e.g., namespaces, seccomp, other LSMs). We'll then focus on the new configuration format we are designing for Landlock security policies, its characteristics, and how it could extend systemd units by taking into account runtime context (e.g., XDG variables). Licensed to the public under https://creativecommons.org/licenses/by/4.0/de/ about this event: https://cfp.all-systems-go.io/all-systems-go-2025/talk/FXWDCF/

All the big cloud providers provide your machines with a unique cryptographic identity that can be used to talk to their cloud services securely without having to manage or rotate any cryptographic secrets yourself. For example GCP has Service accounts and AWS has IAM roles. This ubiquity of cloud identity and the seamless integration with all the the services of these cloud providers is one of the reasons why they are so successful. SPIFFE (Secure Production Identity Framework For Everyone) tries to unify these concepts of workload identity in a vendor neutral framework. But how do we bootstrap our cryptographic identity securely when we are running things on our own hardware as opposed to on cloud? What is our bottom turtle? In this talk, I will show how I use Nix in combination with the swiss-army knife of tools provided by systemd (ukify, systemd-measure, systemd-repart, systemd-veritysetup-generator) to create reproducible images for which we can predict TPM measurements. Paired with a custom attestation plugin for SPIRE (the reference CA server for SPIFFE) that uses TPM remote attestation I can give each of my servers a unique identity encoded in a TLS certificate if and only if they were booted up with the software that I intended them to boot up with. This then allows me to have workloads talk to each other with mutual TLS without having to manage any keys or certificates myself. Licensed to the public under https://creativecommons.org/licenses/by/4.0/de/ about this event: https://cfp.all-systems-go.io/all-systems-go-2025/talk/X3ZSXV/

On image based desktops distributions such as Fedora Atomic desktops and Universal Blue, users are expected to run their graphical applications using Flatpaks and their command line ones using containers. But that approach does not work well for some applications that require more privileges, direct access to devices or kernel interfaces. With systemd system extensions (sysexts), it is possible to extend an image based system on demand. Sysexts come with a lot of advantages: they can be created out of arbitrary content (not only packages), are quickly enabled or disabled and can be built and shared independently of the main distribution channels. We will demonstrate how the Atomic Desktops can take benefit of sysexts to provide extensions such as virtual machine management (libvirt), alternative container runtimes (moby-engine or docker), IDE (VS Code) or debugging (gdb). We will also look at important details when building sysexts, the current limits when deploying them (SELinux policy modules, service management, RPM database update), what is currently blocking us from using it for more complex cases (kernel modules) and what we would need to properly manage and update them. Supporting examples for this talk: https://github.com/travier/fedora-sysexts Work in progress sysexts manager that targets managing sysexts on Bootable Container systems: https://github.com/travier/sysexts-manager Licensed to the public under https://creativecommons.org/licenses/by/4.0/de/ about this event: https://cfp.all-systems-go.io/all-systems-go-2025/talk/DCVQLK/

Provide a varlink service to access /etc/passwd and /etc/shadow so that no setuid and setgid binaries are necessary for this task. There are two independent "problems" which can be solved with the same idea: all files in /usr should be owned by root:root and no setuid binary should be needed. The first one is a requirement of image based updates of /usr to avoid UID/GID drift, the second one is a security feature wished by systemd developers and security teams. Currently most setuid binaries (or setgid binaries owned by group shadow) beside su and sudo only need this to read the shadow entry of the calling user. This task could be delegated to a systemd socket activated service which provides the user shadow entry for the calling user. In this talk I will present the why, the current implementation and feedback from security teams. Licensed to the public under https://creativecommons.org/licenses/by/4.0/de/ about this event: https://cfp.all-systems-go.io/all-systems-go-2025/talk/RUTE9Y/

systemd-confext is a lightweight overlay mechanism for /etc, allowing you to drop in a configuration extension ("confext") bundle and let systemd make it visible to your service as though it was already shipped with the base image. Building on the same extension magic as systemd-sysext, confext also introduces extra features tailored for the /etc use case, such as vpick-ing the newest version and the ability to pick up config revisions with a `systemctl reload`. This talk presents the changes to systemd-confext since [its debut at All Systems Go! 2023](https://cfp.all-systems-go.io/all-systems-go-2023/talk/XLQNDJ/), the lessons learned along the way to make it work, and how we leverage this capability at Microsoft already to deliver configuration payloads in production. Immutable Linux distributions offer stability and reproducibility, but at the cost of configuration changes needing time to build. A small configuration or system change can then require complete redeployment of the entire OS, adding friction to development work and impacting customers. This is not acceptable for certain Linux environments at Microsoft, where only seconds of planned downtime budget exist every year. systemd-confext is intended to be a signed, `dm-verity`-protected, live configuration update mechanism meant to address this issue. It provides a way to make quick additions in a secure and reliable way with minimum customer impact. Two years later, confext now supports host-level payloads to /etc and also works in the individual namespaces of services and portable units via `ExtensionImages=` and `ExtensionDirectories=` too. One of the recent significant additions is that systemd-confext has been integrated with `systemctl reload`, giving it the ability to pick up new configuration revisions during a reload, not just a restart. Combined with services that implement notify-reload, it is possible to simply drop a new versioned extension into the watched directory to trigger the reload flow and update the service config. We'll review how these features can be used and include a demo of a couple of use cases, including path-activated units to deploy config payloads in production at Microsoft. We'll also briefly discuss the namespace and mounting changes needed in the systemd codebase to make this integration work. Licensed to the public under https://creativecommons.org/licenses/by/4.0/de/ about this event: https://cfp.all-systems-go.io/all-systems-go-2025/talk/GSRYLR/

Haven’t you ever wanted to find ways to make your Rust code the most optimal in the world? I know how you feel. This is a talk, where I’d tell you how easy it is to profile your Rust software and how most often the solutions are trivial. This is a story of how I used a few readily-available Open Source tools to achieve huge optimizations in [zbus](https://crates.io/crates/zbus), a pure Rust D-Bus library. This was long journey but gains were worth the efforts. I will go through each single bottleneck found, how it was found and why it was a bottleneck and how it was optimized away. While attending this talk will by no means make you an expert in optimizations, it is my hope that by you will be able to relate to some of bottlenecks or solutions I will present (“hey”, I also do that in my code!”) and learn from my experience. Maybe afterwards, you can suggest an even better solution? Moreover, if you don’t already have any experience with profiling and optimizations, this talk should be a good introduction for that. Licensed to the public under https://creativecommons.org/licenses/by/4.0/de/ about this event: https://cfp.all-systems-go.io/all-systems-go-2025/talk/TYRJUG/

Let's have an open discussion with systemd developers who are at ASG and users in the audience. We will open with the developers saying what they plan to work on in the near future, and then allow questions / comments from the audience. Licensed to the public under https://creativecommons.org/licenses/by/4.0/de/ about this event: https://cfp.all-systems-go.io/all-systems-go-2025/talk/PXZGEL/

Same as every year, a lot has happened in the systemd project since last year's ASG. We released multiple versions, packed with new components and features. This talk will provide an overview of these changes, commenting on successes and challenges, and a sneak peak at what lies ahead. Licensed to the public under https://creativecommons.org/licenses/by/4.0/de/ about this event: https://cfp.all-systems-go.io/all-systems-go-2025/talk/B8RVCJ/

Communication is paramount in modern application development. This applies equally well to the process of writing applications and to the code itself. The complexity of the tasks ahead of us calls for a distributed and coordinated development effort, and this often manifests in our code: We design distributed, communicating systems to split complexity and responsibility among many people and teams, and at the same time meet the demand for ever faster systems. The last decade showed significantly increased popularity in API design, network protocols, and distributed computations. At the same time some of the most intriguing language research improves how multi-threaded applications synchronize and exchange information without sacrificing safety or performance. Between these two lies an almost forgotten world: Linux Inter-process communication (IPC) has lost ground to thread-communication and networking protocols. Let us look at how other operating systems have evolved their IPC layers, what new systems decide to go with, and why Linux IPC has not seen any major changes since the 90s. And finally, can we lift Linux IPC out of stagnation and catch up with everyone else? Licensed to the public under https://creativecommons.org/licenses/by/4.0/de/ about this event: https://cfp.all-systems-go.io/all-systems-go-2025/talk/8WW7YH/