systemd-sysext is a systemd utility that lets you inject tools and binaries into a read-only immutable Linux system at runtime using OverlayFS, without rebooting. The guide walks through creating a system extension directory structure, adding a metadata 'passport' file matching your OS version, merging the extension into /usr, and cleanly unmerging it when done. It also covers common troubleshooting (version mismatch errors) and explains why sysext is preferable to containers like Distrobox when you need tools to run directly on the host with full system visibility.
Table of contents
Quick Look at ImmutabilityThe Problem: Seeing the "Read-Only" BarrierHow System Extensions Actually WorkTroubleshooting: When the Merge FailsReverting Without a TraceWhy This Beats the Container ApproachConclusionSort: