[$] Building secure images with NixOS

Image-based Linux distributions have seen increasing popularity, recently. Theypromise reliability and security, but pose packaging problems forexisting distributions. Ryan Lahfa and Niklas Sturm spoke about the work thatNixOS has done to enable an image-based workflow at this year'sAll Systems Go!conference in Berlin.Unfortunately, LWN was not able to cover the conference for scheduling reasons,but thevideos of the event are available for anyone interested in watching thetalks.Lahfa and Sturm explained that it is currently possible to create aNixOS system thatcryptographically verifies the kernel, initrd, and Nix store on boot - althoughdoing so still has some rough edges. Making an image-based NixOS installation issimilarly possible.