Managing System Extensions on openSUSE MicroOS with sysextmgrcli

If you are running openSUSE MicroOS, you already know the drill: the root filesystem is read-only, and transactional updates are the law of the land.

But what happens when you need to add software or system extensions without rebooting or messing with your base OS layers?

E.g. You need strace or gdb to debug a running application, but a reboot to install this tools would change the situation.

Enter System Extensions (sysext images) and the utility designed to make them manageable: sysextmgrcli.

What is sysextmgrcli?

At its core, sysextmgrcli is a command-line client for managing systemd-sysext images and has been written by Thorsten Kukuk. It is designed specifically to play nice with the atomic nature of MicroOS.

Instead of forcing you to use sudo for every query, it talks to a background daemon (sysextmgrd) via Varlink. This architecture allows unprivileged users to list existing system extension images without needing root permissions, while the daemon handles the heavy lifting of downloads and verification via systemd-pull. For security reasons, root provileges are still required for installing or updating sysext images.

The Architecture: Smart Snapshots

One of the cleverest things about sysextmgrcli is how it handles storage to be efficient and “rollback-safe”:

• /var/lib/sysext-store: This is where the actual image files live. Since /var is a separate subvolume shared across all Btrfs snapshots, you only store the image once, saving disk space. If you have no network available, that’s the location for storing offline or even own build sysext images via e.g. an USB device.

• /etc/extensions: This directory contains symlinks to the images in the store. Because /etc is part of your root snapshot, the extensions are tied to your current system state.

Why does this matter? If you perform a system rollback, your symlinks roll back too. This ensures the active sysext images always match the OS version you are currently booted into.

Essential Commands

Getting started is straightforward. Here are the primary commands you’ll use to manage your extensions:

1. Listing and Checking Images

Want to see what’s available or if your images are compatible with your current OS version?

# List all images and report compatibility sysextmgrcli list # Check for updates and verify compatibility sysextmgrcli check 

2. Installing New Extensions

You can install by providing a name and a source URL. The tool automatically handles SHA256 verification and checks if it fits your OS.

# --url is optional (default: https://download.opensuse.org/tumbleweed/appliances/ ) sysextmgrcli install [NAME] --url [https://your-image-repo.com](https://your-image-repo.com) 

3. Maintenance and Updates

Updates are handled by comparing local files against remote manifests. If a newer version matches your current snapshot, it gets pulled down and symlinked.

# Update existing images to the latest compatible versions sysextmgrcli update # Clean up: Remove images in the store that are no longer referenced by any snapshot sysextmgrcli cleanup 

The “Activation” Catch

It is important to note that sysextmgrcli is a manager, not an activator. It handles the logistics: downloading, version checking, and symlinking. To actually “plug in” the extensions to your running system, you still use standard systemd-sysext commands:

• Manual activation: systemd-sysext merge

• Manual deactivation: systemd-sysext unmerge

• Enable at boot: systemctl enable systemd-sysext.service

Available default system extention (sysext) images:

• debug (babeltrace, gdb, ltrace, strace, traceroute)
• gcc (cpp, gcc, make, patch)
• git (git, git-core)

Summary

You need git on your openSUSE MicroOS ?

Just call sysextmgrcli install git ; systemd-sysext merge and use it…

You do not need ‘git’ anymore on your system ?

Just call systemd-sysext unmerge and it is not available anymore…

sysextmgrcli bridges the gap between static immutable infrastructure and the need for flexible system additions. By leveraging the Btrfs directory structure of MicroOS, it ensures your system remains clean, version-synced, and easy to manage.

DirtyGlassEye hat dem Pool ein Foto hinzugefügt:

This was another b-lister that wasn't really supposed to make it to the big screen but I saw some light on it so I decided to give it an honest shot, consider it a filler of sorts.
It's been a while since I posted anything from here so allow me to explain again. This was a bnb I stayed at in Kyoto by the name of Nachiya, and it was a damn good one, probably the best one I ever stayed at. And the owner gave me the green light to take pictures around the property. It was a good consolation prize cause I didn't know what I was going to successfully shoot in Kyoto (especially since it was a bit more urban than the brochures said). So to be able to crash at a place that resembled the historical look I was pining for was a real good failsafe.
The courtyard had a wood gate with double doors, and an inscription of the property on it in Hiragana. Beyond it was a bamboo banister going up stone steps. The lights you see is on the inside of a sliding front door and a wall seperating the side yards. The property is surrounded by bamboo but it was too dark to see at this time. The shadow on the closer part of the banister isn't mine I didn't add that in editing, I think it was the light on the underside of the gate that I was standing underneath to get this.
But what I did do in editing was turn the clarity up on the stone steps, I turned down the highlights on the overhead ceiling lights, not enough to get rid of it's illumination of the roof and wall around them, but just to keep them from being eyecatchers. I saturated the wall and the front door, and decided to edit out some of the visible bamboo lines in the foliage it looked more like physical damage to old camera film than an actual part to the photo.