Language Selection

English French German Italian Portuguese Spanish

Linux Journal

Syndicate content
Updated: 1 hour 27 min ago

Linux Mint 19.2 "Tina" Cinnamon Now Available, IBM Has Transformed Its Software to Be Cloud-Native and Run on Any Cloud with Red Hat OpenShift, Icinga Web 2.7.0 Released, Google Rolling Out Android Auto Design Updates and Kernel 5.1 Reaches End of Life

Friday 2nd of August 2019 01:29:23 PM

News briefs for August 2, 2019.

Linux Mint 19.2 "Tina" Cinnamon was officially released today. This is a long-term support release that will be supported until 2023, and it brings updated software and many improvements. Go here to read about all the new features.

IBM yesterday announced it has transformed its software to be cloud-native and run on any cloud with Red Hat OpenShift. From the announcement: "Enterprises can now build mission-critical applications once and run them on all leading public clouds, including AWS, Microsoft Azure, Google Cloud Platform, Alibaba and IBM Cloud and on private clouds. The new cloud-native capabilities will be delivered as pre-integrated solutions called IBM Cloud Paks." IBM also announced Red Hat OpenShift on IBM Cloud, Red Hat OpenShift on IBM Z and LinuxOne, and consulting and technology services for Red Hat.

Icinga Web 2.7.0 was released this week. Improvements include Japanese and Ukranian language support, bonus functionality for Modules, an enhanced UI and much more. You can get the official packages from

Google begins rolling out new Android Auto design updates. ZDNet reports that "the new Android Auto starts playing media and Google Maps as soon as the car starts. Maps will also show suggested locations. If a route has already been planned on a phone, Android Auto automatically adds the directions and displays routing information....Android Auto now also can use widescreen displays to give extra space for step-by-step navigation, media playback, and call controls. Changes to improve visibility include easier-to-read fonts and a new dark mode. Overall, the design changes are meant to get users on the road faster and allow easier management of apps with fewer taps."

Greg Kroah-Hartman recently announced that Linux kernel 5.1 has reached end of life: "Everyone should be moved to the 5.2.y kernel at this point in time. 5.1.y is now end-of-life."

Linux Mint IBM Cloud cloud native Red Hat OpenShift Icinga Google Android kernel

Where the Internet Gets Real

Friday 2nd of August 2019 11:30:00 AM
by Doc Searls

Local is the frontier of truth at the dawn of our Digital Age.

The internet showed up in our house in 1995. When that happened, I mansplained to my wife that it was a global drawstring through all the phone and cable companies of the world, pulling everybody and everything together—and that this was going to be good for the world.

My wife, who ran a global business, already knew plenty of things about the internet and expected good things to happen as well. But she pushed back on the global thing, saying "the sweet spot of the internet is local." Her reason: "Local is where the internet gets real." By which she meant the internet wasn't real in the physical sense anywhere, and we still live and work in the physical world, and that was a huge advantage.

Later I made a big thing about how the internet was absent of distance, an observation I owe to Craig Burton. Here's Craig in a 1999 interview for a Linux Journal newsletter that I sourced later in this 2000 column:

I see the Net as a world we might see as a bubble. A sphere. It's growing larger and larger, and yet inside, every point in that sphere is visible to every other one. That's the architecture of a sphere. Nothing stands between any two points. That's its virtue: it's empty in the middle. The distance between any two points is functionally zero, and not just because they can see each other, but because nothing interferes with operation between any two points. There's a word I like for what's going on here: terraform. It's the verb for creating a world. That's what we're making here: a new world. Now the question is, what are we going to do to cause planetary existence? How can we terraform this new world in a way that works for the world and not just ourselves?

In Linux Journal (see my article "The Giant Zero, Part 0.x") and elsewhere, I joined Craig in calling that world "the giant zero". Again my wife weighed in with a helpful point: the internet has no gravity as well as no distance—meaning we are not only placeless when we're on the net, but that prepositions such as on (uttered earlier in this sentence) were literally wrong, even though they made metaphorical sense. See, most prepositions express spatial relations that require distance, gravity or both. Over, under, through, around, beside and within are all examples. The one preposition that does apply for the net is with, because we are clearly with another person (or whatever) when we are engaged with them on (can't help using that word) the net.

Go to Full Article

The DevOps Issue

Thursday 1st of August 2019 03:00:00 PM
by Bryan Lunduke

Every few years a new term is coined within the computer industry—big data, machine learning, agile development, Internet of Things, just to name a few. You'd be forgiven for not knowing them all.

Some of these are new ideas. Some are refinements on existing ideas. Others still are simply notions we've all had for a long time, but now we have a new word to describe said notions.

Which brings me to a topic we cover in depth in this issue of Linux Journal: DevOps.

Not sure what DevOps is? Need it explained to you? It's okay, I was in the same boat. Start off by reading "Experts Attempt to Explain DevOps—and Almost Succeed" to get a high-level explanation of what this whole DevOps brouhaha is all about.

Once you've got the concept of DevOps firmly implanted in your brain, it's time to dive in and look at how specific parts of DevOps can be implemented, starting with "Continuous Integration/Continuous Development with FOSS Tools" by Quentin Hartman, Director of Infrastructure and DevOps at Finalze.

Next, turn to Linux Journal's very own Editor at Large (and senior performance software engineer at Cray), Petros Koutoupis, for a look at how to install and utilize Ansible to deploy and configure large numbers of Linux servers all at once. It's a nifty tool to have in your toolbelt, especially when looking to do things "The DevOps Way".

Okay, you've got the idea of DevOps, and you know some of the tools you can utilize with it as you build out a big, expansive online service. But what does a truly excellent system really look like? What components does it consist of? How does one go about selecting said components?

Luckily, we've got Kyle Rankin's aptly titled "My Favorite Infrastructure" to answer those questions. Linux Journal's illustrious Tech Editor (and Chief Security Officer at Purism) gives a tour of, what he considers to be, the best infrastructure he ever built. Including details on the architecture, configuration management, security and disaster recovery.

Oh, but we're not done! Ever want to build an OpenStack implementation on top of Fedora, openSUSE or Debian? John S. Tonello, the Global Technical Marketing Manager at SUSE, walks through exactly that with the help of free software tools like Kolla, Docker, qemu and pip. It's a veritable smorgasbord of Linux server-y goodness.

Go to Full Article

Canonical Announces the Availability of Xibo as a Snap, Chrome 76 Released, Viruses Discovered in LibreOffice, Pop!_OS 18.10 Reaches End of Life, and Dutch Ministry of Justice and Security Warns of Microsoft Office Online Privacy Risks

Thursday 1st of August 2019 12:14:32 PM

News briefs for August 1, 2019.

Canonical yesterday announced the availability of the Xibo open-source digital signage platform as a snap. From the announcement: "Xibo provides a comprehensive suite of digital signage products, with its Content Management System (CMS) at the heart of this experience-led offering. Xibo for Linux is completely free and natively built for the Xibo CMS, which can be installed on servers or combined with Xibo cloud hosting." You can download the Xibo snap here.

The Chrome team has promoted Chrome 76 to the stable channel for Windows, Mac and Linux. According to Softpedia News, "Highlights of the Chrome 76 release include Flash plugin blocked by default, Dark Mode support for websites, more improvements to the Payments API to allow merchant websites or web apps to respond when a user changes payment instruments, better support for PWAs (Progressive Web Apps), and the ability to control the 'Add to Home' screen mini-infobar."

Silent macro viruses have been discovered in LibreOffice. The Register reports that there's an "issue where documents can be configured to run macros silently on opening". The vulnerability was reported by Nils Emmerich and assigned CVE-2019-9848. According to The Register, "It appears that the supposedly fixed 6.2.5 is still vulnerable—confirmed by us." There is an updated bug report here. To fix it, "disable LibreLogo immediately if it is present and enabled in your build of LibreOffice."

System76 announces that Pop!_OS 18.10 has reached end of life and will no longer receive security updates. To keep your system secure and up to date, upgrade your OS to version 19.04.

Due to security and privacy risks, the Dutch Ministry of Justice and Security is warning government institutions not to use Microsoft Office online or mobile apps. According to The Register, "A report from Privacy Company, which was commissioned by the ministry, found that Office Online and the Office mobile apps should be banned from government work. The report found the apps were not in compliance with a set of privacy measures Redmond has agreed to with the Dutch government."

News Canonical Xibo Snap Chrome LibreOffice Security System76 Pop!_OS Microsoft Privacy

Collabora Announces xrdesktop, Blender 2.8 Released, Arduino Selects Auth0 as Its Identity Management Platform of Choice, Microway Showcasing Its Data Science WhisperStation at PEARC19 and KDE Plasma Maintenance Update

Wednesday 31st of July 2019 01:14:55 PM

News briefs for July 31, 2019.

Collabora yesterday announced xrdesktop. This new open-source project "enables interaction with traditional desktop environments, such as GNOME and KDE, in VR. Sponsored by Valve, xrdesktop makes window managers aware of VR and is able to use VR runtimes to render desktop windows in 3D space, with the ability of manipulating them with VR controllers and generating mouse and keyboard input from VR." See the wiki for instructions on how to install xrdesktop.

Blender 2.80 has been released. This new version "features a redesigned user interface that puts the focus on the artwork that you create. A new dark theme and modern icon set were introduced. Keyboard, mouse and tablet interaction got a refresh with left click select as the new default. Quick Favorites menus provide rapid access to often-used tools." See the Release Notes for details.

Auth0 announces Arduino has selected Auth0 as its identity management platform of choice. Auth0 will be replacing Arduino's own Single Sign On solution for all of its public-facing web properties. From the announcment: "Arduino discovered its homegrown authentication solution would not scale to meet the rapidly developing needs of its growing global community, and reached out to Auth0. In addition to Single Sign On, Arduino will take advantage of Auth0's new Universal Login, which enables developers to completely customise their branded authentication experiences quickly, and Device Flow for browserless or input-constrained devices."

Microway is showcasing its Data Science WhisperStation, a Unique Ultra-Quiet NVIDIA Data Science Workstation, at PEARC19 in Chicago this week (ending on August 1st). From the press release: "Up to 10 times faster than CPU solutions from data preparation to result, the Data Science WhisperStation helps data scientists, analysts, and engineers transform massive datasets into insights in less time." You can learn more about PEARC here, and more about the Data Science WhispterStation here.

KDE released the fourth maintenance update to the latest KDE Plasma 5.16 desktop environment. The release adds three weeks' worth of new translations and a few bug fixes, which are small but important. See the full changelog for details.

News Collabora xrdesktop VR Valve Desktop Blender Arduino Auth0 Security Microway Big Data Hardware KDE Plasma

Continuous Integration/Continuous Development with FOSS Tools

Wednesday 31st of July 2019 11:30:00 AM
by Quentin Hartman

Up your DevOps game! Get the fundamentals of CI/CD with FOSS tools now!

One of the hottest topics within the DevOps space is Continuous Integration and Continuous Deployment (CI/CD). This attention has drawn lots of investment dollars, and a vast array of proprietary Software As A Service (SaaS) tools have been created in the CI/CD space, which traditionally has been dominated by free open-source software (FOSS) tools. Is FOSS still the right choice with the low cost of many of these SaaS options?

It depends. In many cases, the cost of self-hosting these FOSS tools will be greater than the cost to use a non-FOSS SaaS option. However, even in today's cloud-centric and SaaS-saturated world, you may have good reasons to self-host FOSS. Whatever those reasons may be, just don't forget that "Free" isn't free when it comes to keeping a service running reliably 24/7/365. If you're looking at FOSS as a means to save money, make sure you account for those costs.

Even with those costs accounted for, FOSS still delivers a lot of value, especially to small and medium-sized organizations that are taking their first steps into DevOps and CI/CD. Starting with a commercialized FOSS product is a great middle ground. It gives a smooth growth path into the more advanced proprietary features, allowing you to pay for those only once you need them. Often called Open Core, this approach isn't universally loved, but when applied well, it has allowed for a lot of value to be created for everyone involved.

An Embarrassment of Riches

The DevOps concept exploded in the past several years. The term quickly saturated the mainstream technology industry. With this increased mindshare comes a corresponding increase in the number of tools available to accomplish DevOps-related tasks. That's a blessing and a curse as a DevOps practitioner. Thanks to the endless buffet of options, you're sure to find something that meets your needs, but to a newcomer, the multitude of choices is overwhelming. Combine that with the vast scope of tasks that fall under the DevOps umbrella and the competing claims of "best" from all sides, and you have a recipe for paralysis. A good place for finding tools and filtering by a variety of criteria is The content is all open source, and the maintainers are diligent about merging contributions, but it hasn't seen a lot of updates lately. Despite that, it makes a great jumping off point. If you find something noteworthy that should be included, a pull request would be appreciated!

Go to Full Article

Linux Ending Support for the Floppy Drive, Unity 2019.2 Launches Today, Purism Unveils Final Librem 5 Smartphone Specs, First Kernel Security Update for Debian 10 "Buster" Is Out, and Twitter Is Switching from Mesos to Kubernetes

Tuesday 30th of July 2019 02:02:06 PM

News briefs for July 30, 2019

Linux won't support the floppy drive much longer. ZDNet reports that Linus Torvalds has "declared the floppy drive project 'orphaned'". The article quotes Linus: "Actual working physical floppy hardware is getting hard to find, and while Willy was able to test this, I think the driver can be considered pretty much dead from an actual hardware standpoint. The hardware that is still sold seems to be mainly USB-based, which doesn't use this legacy driver at all."

Unity 2019.2 launches today. From the Unity blog: "We have over 1000 developers dedicated to extending and improving Unity for you. In this release, you get more than 170 new features and enhancements for artists, designers, and programmers. We've updated ProBuilder, Shader Graph, 2D Animation, Burst Compiler, UI Elements, and many more." See this video for more details on all the new features, and go here to download.

Purism has unveiled the final specs for the Librem 5 Smartphone, which should begin shipping in Q3 2019 (Display: 5.7" IPS TFT screen @ 720x1440; Processor: i.MX8M Quad Core max. 1.5GHz; Memory: 3GB; Storage: 32GB eMMC internal storage—see the post for the rest). If you pre-order before July 31st, you'll get the early-bird discount price of $649.

The first kernel security update for Debian GNU/Linux 10 "Buster" is now available. According to Softpedia News, the update addresses security flaw CVE-2019-13272. Jann Horn of Google Project Zero "discovered that the ptrace subsystem in the Linux kernel mishandles the management of the credentials of a process that wants to create a ptrace relationship, allowing a local user to obtain root privileges under certain scenarios". The issue affects older versions of Debian as well, so all users should update now.

Twitter is switching from Mesos to Kubernetes. Zhang Lei, Senior Technical Expert on Alibaba Cloud Container Platform and Co-maintainer of Kubernetes Project, writes "with the popularity of cloud computing and the rise of cloud-based containerized infrastructure projects like Kubernetes, this traditional Internet infrastructure starts to show its age—being a much less efficient solution compared with that of Kubernetes". See Zhang's post for some background history and more details on the move.

News kernel unity Purism Librem 5 Phone Debian Security Twitter Kubernetes

Bash Shell Games: Let's Play Go Fish!

Tuesday 30th of July 2019 12:00:00 PM
by Dave Taylor

How to begin developing a computer version of the popular card game.

Between the previous 163 columns I've written here in Linux Journal and the dozens of games I programmed and explored during the creation of my Wicked Cool Shell Scripts book, I've written a lot of Bash shell games. The challenge is to find one that's simple enough where a shell script will work, but isn't so simple that it ends up being only a half-dozen lines.

Magic 8-Ball is a perfect example. It turns out that the entire "predict the future" gizmo was really just a 20-sided die floating in dark purple fluid. So an array of 20 possible values and a random number selector and boom—you've got a magic 8-ball script:

#!/bin/sh # magic 8 ball. Yup. Pick a random number, output message # messages harvested from the Wikipedia entry answers=("It is certain." "It is decidedly so." "Without a doubt." "Yes - definitely." "You may rely on it." "As I see it, yes." "Most likely." "Outlook good." "Yes." "Signs point to yes." "Reply hazy, try again." "Ask again later." "Better not tell you now." "Cannot predict now." "Concentrate and ask again." "Don't count on it." "My reply is no." "My sources say no." "Outlook not so good." "Very doubtful.") echo "Oh! Magic 8 Ball, Please Tell Me True..." ; echo "" /bin/echo -n "What is your question? " read question answer=$(( $RANDOM % 20 )) echo "" echo "I have looked into the future and I say: " echo " ${answers[$answer]}" ; echo "" exit 0

Let's do a quick run to see if I'm the most popular LJ writer:

$ sh Oh! Magic 8 Ball, Please Tell Me True... What is your question? Am I the most popular LJ writer? I have looked into the future and I say: My reply is no.

Ouch, that's harsh. I write the darn divination program, and it just drops a brick on my foot. Yeesh.

More seriously, Magic 8 Ball is too simple to make an interesting shell script. By contrast, Call of Duty is way too complex, even if I did a version with text output instead of gorgeously rendered 3D graphics.

Card Game Function Library

That's why card games prove to be good as programming challenges or exercises: the core mechanism of a 52-card random deck is pretty straightforward, so it's all about the actual cardplay.

Not only that, but as I've written before about card games as shell scripts, I already have a handy set of functions to create, shuffle and display cards out of a deck. If you want to rummage in the archives, I've tackled Acey-Deucey, Baccarat and some bits and pieces of Cribbage.

In order to jump right into the new game that I'm going to describe how to build, Go Fish!, let's steal the following functions from my earlier scripts:

Go to Full Article

Kernel 5.3-rc2 Is Out, Latte Doc v0.9 Officially Available, GitHub Blocking Developers from Certain Countries, the Khronos Group Announces the Public Release of OpenXR 1.0, and Netflix Joins the Academy Software Foundation

Monday 29th of July 2019 01:43:13 PM

News briefs for July 29, 2019.

Linux kernel 5.3-rc2 is out. Linus Torvalds writes, "There are fixes all over, I don't think there's much of a pattern here. The three areas that do stand out are Documentation (more rst conversions), arch updates (mainly because of the netx arm platform removal) and misc driver fixes (gpu, iommu, net, nvdimm, sound ..). But there's a smattering of fixes all over (core kernel, netfilter, filesystems, you name it). I don't think anything stands out as particularly damning."

Latte Dock v0.9 stable is now officially available after a full year of development. This version includes many improvements and enhancements, such as new colors painting, new indicators, multiple layouts, flexible settings and more. You can get Latte Dock from or from

GitHub confirms that it has blocked developers from certain countries in compliance with US export law. TechCrunch reports that "GitHub, the world's largest host of source code, is preventing users in Iran, Syria, Crimea and potentially other sanctioned nations from accessing portions of the service, chief executive of the Microsoft-owned firm said." The article also quotes a tweet from Nat Friedman over the weekend: "It is painful for me to hear how trade restrictions have hurt people. We have gone to great lengths to do no more than what is required by the law, but of course people are still affected. GitHub is subject to US trade law, just like any company that does business in the US."

The Khronos Group today announced "the ratification and public release of the OpenXR 1.0 specification together with publicly available implementations and substantial ecosystem momentum. OpenXR is a unifying, royalty-free, open standard that provides high-performance, cross-platform access to virtual reality (VR) and augmented reality (AR)—collectively known as XR—platforms and devices." You can get the specification at or via GitHub.

Netflix has joined the Academy Software Foundation. According to the press release, Netflix has joined the ASWF—"a neutral forum for open source software development in the motion picture and media industries"—as a member. In addition, OpenTimelineIO has been accepted as a hosted project, and it's one of the first projects Netflix will contribute to. From the press release: "OpenTimelineIO (OTIO) is an Open Source API and interchange format that facilitates collaboration and communication of editorial data and timeline information between a studio's Story, Editorial, and Production departments all the way through Post-Production."

News kernel Latte Dock KDE GitHub Khronos Group OpenXR Netflix Academy Software Foundation open source OpenTimelineIO

Python's Mypy: Callables and Generators

Monday 29th of July 2019 11:00:00 AM
by Reuven M. Lerner

Learn how Mypy's type checking works with functions and generators.

In my last two articles I've described some of the ways Mypy, a type checker for Python, can help identify potential problems with your code. [See "Introducing Mypy, an Experimental Optional Static Type Checker for Python" and "Python's Mypy—Advanced Usage".] For people (like me) who have enjoyed dynamic languages for a long time, Mypy might seem like a step backward. But given the many mission-critical projects being written in Python, often by large teams with limited communication and Python experience, some kind of type checking is an increasingly necessary evil.

It's important to remember that Python, the language, isn't changing, and it isn't becoming statically typed. Mypy is a separate program, running outside Python, typically as part of a continuous integration (CI) system or invoked as part of a Git commit hook. The idea is that Mypy runs before you put your code into production, identifying where the data doesn't match the annotations you've made to your variables and function parameters.

I'm going to focus on a few of Mypy's advanced features here. You might not encounter them very often, but even if you don't, it'll give you a better picture of the complexities associated with type checking, and how deeply the Mypy team is thinking about their work, and what tests need to be done. It'll also help you understand more about the ways people do type checking, and how to balance the beauty, flexibility and expressiveness of dynamic typing with the strictness and fewer errors of static typing.

Callable Types

When I tell participants in my Python classes that everything in Python is an object, they nod their heads, clearly thinking, "I've heard this before about other languages." But then I show them that functions and classes are both objects, and they realize that Python's notion of "everything" is a bit more expansive than theirs. (And yes, Python's definition of "everything" isn't as wide as Smalltalk's.)

When you define a function, you're creating a new object, one of type "function":

>>> def foo(): ... return "I'm foo!" >>> type(foo)

Similarly, when you create a new class, you're adding a new object type to Python:

>>> class Foo(): ... pass >>> type(Foo)

It's a pretty common paradigm in Python to write a function that, when it runs, defines and runs an inner function. This is also known as a "closure", and it has a few different uses. For example, you can write:

Go to Full Article

Icinga 2 Version 2.11 Release Candidate Announced, Pinebook Pro Available for Pre-Order, Sailfish OS 3.1 Seitseminen Released, VirtualBox 6.0.10 Is Out, and It's National Sysadmin Day

Friday 26th of July 2019 02:05:18 PM

News briefs for July 26, 2019.

The Icinga team announces a release candidate for Icinga 2 version 2.11. Main improvements in Icinga 2.11 include a rewritten network stack, improved cluster sync, self-healing and debugging docs, and much more. See the Icinga blog for more details.

The Pinebook Pro is now available for pre-order. It's FOSS reports that "The new Pinebook Pro is capable of playing 4K videos and performs as a decent low-end desktop computer like Raspberry Pi 4." It comes with Debian as the default OS, and Chromium OS and Android 9 also are available. It costs $199.99, and you can pre-order from here. Pine64 notes that "When fulfilling the purchase, please bear in mind that we are offering the Pinebook Pro at this price as a community service to PINE64, Linux and BSD communities. We make no profit from selling these units."

Sailfish OS Seitseminen is now available. Sailfish OS 3.1 is the biggest update since the launch of Sailfish 3 a year ago, and it's named after Seitseminen National Park. This version "brings redesigns to core apps such as People, Phone, Messages and Clock. Other areas that have been improved include; Document viewers, Email, Calendar, Dual SIM Card viewer information and Gallery gestures which have been improved." Security improvements include filesystem encryption support, "fingerprint authentication support for XA2 devices, updates to VPN to increase the security of your traffic from the first moment you use your phone and added protection to many system APIs and functionalities."

VirtualBox 6.0.10 was released recently. According to Softpedia News, this version fixes various issues and includes "some notable changes for Linux-based operating systems, especially Ubuntu and Debian GNU/Linux hosts, which received support for UEFI Secure Boot driver signing. Additionally, Linux hosts got better support for various kernels on Debian GNU/Linux and Fedora systems." Go here to download.

Last but not least, Happy SysAdmin Day!

News Icinga PineBook Pro Sailfish VirtualBox SysAdmin

Simplifying Function Tracing for the Modern GCC

Friday 26th of July 2019 11:30:00 AM
by Zack Brown

Steven Rostedt wanted to do a little housekeeping, specifically with the function tracing code used in debugging the kernel. Up until then, the kernel could enable function tracing using either GCC's -pg flag or a combination of -pg and -mfentry. In each case, GCC would create a special routine that would execute at the start of each function, so the kernel could track calls to all functions. With just -pg, GCC would create a call to mcount() in all C functions, although with -pg coupled with -mfentry, it would create a call to fentry().

Steven pointed out that using -mfentry was generally regarded as superior, so much so that the kernel build system always would choose it over the mcount() alternative by testing GCC at compile time to see if it actually supported that command-line argument.

This is all very normal. Since any user might have any version of a given piece of software in the toolchain, or a variety of different CPUs and so on, each with different capabilities, the kernel build system runs many tests to identify the best available features that the kernel will be able to rely on.

But in this case, Steven noticed that for Linux version 4.19, Linus Torvalds had agreed to bump the minimum supported GCC version to 4.6. Coincidentally, as Steven now pointed out, GCC version 4.6 was the first to support the -mfentry argument. And, this was his point—all supported versions of GCC now supported the better function tracing option, and so there was no need for the kernel build system to cling to the mcount() implementation at all.

Steven posted a patch to rip it out by the roots.

Peter Zijlstra gave his support for this plan, as did Jiri Kosina. And, Jiri in particular spat upon the face of the mcount() solution.

Linus also liked Steven's patch, and he pointed out that with mcount() out of the picture, there were several more areas in the kernel that had existed simply to help choose between mcount() and fentry(), and that those now also could be removed. But Steven replied that, although yes this should be done, he still wanted to do split it up into a separate patch, for cleanliness' sake.

Go to Full Article

PHP 7.4.0beta1 Released, HypriotOS 1.11.0 Now Available, ALA Asks LinkedIn Learning to Change Terms of Service that Jeopardize Privacy Rights, Red Hat Announces RHEL 8.1 Beta and The Forbidden Arts Coming to Linux

Thursday 25th of July 2019 01:44:40 PM

News briefs for July 25, 2019.

PHP 7.4.0beta1 has been released, marking the first beta of PHP 7.4. Go here to see the list of changes, and go here to download. Note that this is an early test version and not intended for use in production. The next release, Beta 2, is scheduled for August 8th.

HypriotOS 1.11.0, "the fastest way to get Docker up and running on any Raspberry Pi", is now available. This release features the latest Docker 19.03.0 Community Edition, is up to date with Raspbian Lite Buster and includes support for the entire Raspberry Pi family and more. See the release notes for further details.

The American Library Association urges LinkedIn Learning to change terms of service that impact user privacy rights. From the press release: "LinkedIn Learning—formerly, a platform used by libraries to provide online learning opportunities to library users—plans to make substantial changes to its terms of service that would significantly impair library users' privacy rights. Under LinkedIn Learning's new terms of service, a library cardholder will need to create a LinkedIn profile in order to access LinkedIn Learning. In addition to providing their library card number and PIN, users will have to disclose their full name and email address to create a new LinkedIn profile or connect to their existing profile. New users will have their LinkedIn profile set to public by default, allowing their full name to be searched on Google and LinkedIn."

Red Hat announces the availability of Red Hat Enterprise 8.1 beta. This release "improves manageability, adds new security enhancements and enables greater developer productivity. This release also includes updated drivers that deliver new features and bug fixes for supported hardware platforms."

The Forbidden Arts an action adventure platformer is coming to Linux. GamingOnLinux reports that the game is in Early Access on Steam with a release planned for Windows next month. The estimated release date for Linux is Q4 2019. The GamingOnLinux post notes that this game is interesting in that it combines 2D and 3D gameplay in one game: "As you explore dungeons you get the 2D platforming, while the world map has you run around in a 3D world."

News PHP HypriotOS Raspberry Pi Docker Privacy Red Hat gaming

Job Control: the Bash Feature You Only Think You Don't Need

Thursday 25th of July 2019 11:30:00 AM
by Mitch Frazier

There are basically three types of people in the world: those who know little or nothing about bash job control, those who know enough to believe that it's nothing that they would ever use, and those who can just skim the rest of this post. Now, don't get me wrong, I'm not saying that bash's job control is going to change your world, but there are a couple simple everyday scenarios where job control can be useful, and often, it even can eliminate an "oh crap" moment.

Go to Full Article

FTC Announces $5 Billion Settlement with Facebook, First Preview Release of Fedora CoreOS Now Available, Red Hat Certificate System Achieves Common Criteria Certification, GNOME 3.33.4 Released and Summer Update on /e/

Wednesday 24th of July 2019 01:42:42 PM

News briefs for July 24, 2019.

The Federal Trade Commission announces a $5 billion settlement with Facebook. CNN reports the deal resolves "a sweeping investigation by regulators into how the company lost control over massive troves of personal data and mishandled its communications with users. It is the largest fine in FTC history—and yet still only about a month's worth of revenue for Facebook."

The Fedora CoreOS team announces the first preview release of Fedora CoreOS, "a new Fedora edition built specifically for running containerized workloads securely and at scale". From the announcement: "It's designed specifically for running containerized workloads without regular maintenance, automatically updating itself with the latest OS improvements, bug fixes, and security updates. It provisions itself with Ignition, runs containers with Podman and Moby, and updates itself atomically and automatically with rpm-ostree." Note that only the testing stream is available at this time. You can download the Fedora CoreOS preview release here.

Red Hat Certificate System has achieved Common Criteria certification. This means that "Red Hat Certificate System has demonstrated conformance to an internationally recognized set of security and functionality standards. Certifying against these standards attests that Red Hat Certificate System, the operating system running it, and the underlying hardware platform, can meet the highly-regulated and security-conscious needs of governments and commercial organizations around the globe."

GNOME 3.33.4 was released today. Go here for the full list of updated modules and changes. Note that this release is a snapshot of development code and is primarily intended for testing purposes.

Gaël Duval has posted a summer update on /e/. Read the post to learn more about the status of the "unGoogled mobile OS" that's currently supported on 80 different smartphone models and the smartphones available for purchase with /e/OS preloaded that customers have just started receiving (in Europe only at this point).

News Facebook Privacy Fedora CoreOS Red Hat Certificates GNOME /e/ Google

Extending the Kernel with Built-in Kernel Headers

Wednesday 24th of July 2019 11:30:00 AM
by Joel Fernandes

Note: this article is a followup to Zack Brown's "Android Low Memory Killer—In or Out?"

Linux kernel headers are the unstable, constantly-changing, internal API of the kernel. This includes internal kernel structures (for example, task_struct) as well as helper macros and functions. Unlike the UAPI headers used to build userspace programs that are stable and backward-compatible, the internal kernel headers can change at any time and any release. While this allows the kernel unlimited flexibility to evolve and change, it presents some difficulties for code that needs to be loaded into the kernel at runtime and executed in kernel context.

Kernel modules are a prime example of such code code. They execute in kernel context and depend on this same unstable API that can change at any time. A module has to be built for the kernel it is running on and may not load on another because of an internal API change could break it. Another example is eBPF tracing programs. These programs are dynamically compiled from C to eBPF, loaded into the kernel and execute in kernel space in an in-kernel BPF virtual machine. Since these programs trace the kernel, they need to use the in kernel API at times, and they have the same challenges as kernel modules as far as internal API changes go. They may need to understand what data structures in the kernel look like or call kernel helper functions.

Kernel headers are usually unavailable on the target where these BPF tracing programs need to be dynamically compiled and run. That is certainly the case with Android, which runs on billions of devices. It is not practical to ship custom kernel headers for every device. My solution to the problem is to embed the kernel headers within the kernel image itself and make it available through the sysfs virtual filesystem (usually mounted at /sys) as a compressed archive file (/sys/kernel/kheaders.tar.xz). This archive can be uncompressed as needed to a temporary directory. This simple change guarantees that the headers are always shipped with the running kernel.

Several kernel developers disagreed with the solution; however, kernel maintainer Greg Kroah-Hartman was supportive of the solution as were many others. Greg argued that the solution is simple and just works as did other kernel developers. Linus pulled the patches in v5.2 of the kernel release.

To enable the embedded kernel headers, build your kernel with CONFIG_KHEADERS=y kernel option, or =m if you want to save some memory.

The rest of this article looks at challenges with kernel headers, solutions and the limitations.

Challenges with Kernel Headers

Filesystem or Archive?

Go to Full Article

Feral Interactive Announces Commanders Update for Company of Heroes 2 for Linux, Participate in Fedora Test Week for Kernel 5.2, coreboot 4.10 Released, GNU Parallel 20190722 Released and EST Launches File Security for Linux v 7.0

Tuesday 23rd of July 2019 01:51:29 PM

News briefs for July 23, 2019.

Feral Interactive yesterday announced Company of Heroes 2 for macOS and Linux: Commanders update is now available. This update of the WWII strategy game has five new commanders. See the game's official blog for more details. If you already have Company of Heroes 2, you can update for free; otherwise, you can purchase it from the Feral Store for $19.99.

Participate in a Fedora test week for kernel 5.2. This kernel version was recently released with several security fixes and will be coming soon to Fedora. The test week runs from now through July 29. See the wiki page for links to the test images and more details on how to test.

coreboot 4.10 has been released This release comes eight months following the 4.9 release, and includes 2538 commit changes from 198 authors. From the announcement: "Most of the changes were to mainboards, and on the chipset side, lots of activity concentrated on x86. However compared to previous releases activity (and therefore interest, probably) increased in vboot and in non-x86 architectures. However it's harder this time to give this release a single topic like the last: This release accumulates some of everything."

GNU Parallel 20190722 ("Ryugu") has been released. You can download the shell tool for executing jobs in parallel here, and go here to read more about GNU Parallel.

ESET launches version 7 of its File Security for Linux product, which Help Net Security says "provides advanced protection to organisations' general servers, network file storage and multipurpose servers". The article notes that ESET File Security for Linux is "powered by the latest ESET LiveGrid technology and eliminates all types of threats, including viruses, rootkits, worms and spyware. Version 7.0 offers a host of advanced features, including real-time file system protection, tighter security and a real-time web graphical user interface (GUI)."

News Feral Interactive gaming Fedora kernel coreboot GNU Parallel Security ESET Servers

What Does It Take to Make a Kernel?

Tuesday 23rd of July 2019 12:00:00 PM
by Petros Koutoupis

The kernel this. The kernel that. People often refer to one operating system's kernel or another without truly knowing what it does or how it works or what it takes to make one. What does it take to write a custom (and non-Linux) kernel?

So, what am I going to do here? In June 2018, I wrote a guide to build a complete Linux distribution from source packages, and in January 2019, I expanded on that guide by adding more packages to the original guide. Now it's time to dive deeper into the custom operating system topic. This article describes how to write your very own kernel from scratch and then boot up into it. Sounds pretty straightforward, right? Now, don't get too excited here. This kernel won't do much of anything. It'll print a few messages onto the screen and then halt the CPU. Sure, you can build on top of it and create something more, but that is not the purpose of this article. My main goal is to provide you, the reader, with a deep understanding of how a kernel is written.

Once upon a time, in an era long ago, embedded Linux was not really a thing. I know that sounds a bit crazy, but it's true! If you worked with a microcontroller, you were given (from the vendor) a specification, a design sheet, a manual of all its registers and nothing more. Translation: you had to write your own operating system (kernel included) from scratch. Although this guide assumes the standard generic 32-bit x86 architecture, a lot of it reflects what had to be done back in the day.

The exercises below require that you install a few packages in your preferred Linux distribution. For instance, on an Ubuntu machine, you will need the following:

  • binutils
  • gcc
  • grub-common
  • make
  • nasm
  • xorriso
An Extreme Crash Course into the Assembly Language

Note: I'm going to simplify things by pretending to work with a not-so-complex 8-bit microprocessor. This doesn't reflect the modern (and possibly past) designs of any commercial processor.

Go to Full Article

Kernel 5.3-rc1 Released; VLC Security Flaw Discovered; Melissa Di Donato Appointed CEO of SUSE; Dropbox Brings Back Support for ZFS, XFS, Btrfs and eCryptFS; and YugaByte Is Now 100% Open Source

Monday 22nd of July 2019 02:27:37 PM

News briefs for July 22, 2019.

Linux kernel 5.3-rc1 has been released. Linus Torvalds writes, "This is a pretty big release, judging by the commit count. Not the biggest ever (that honor still goes to 4.9-rc1, which was exceptionally big), and we've had a couple of comparable ones (4.12, 4.15 and 4.19 were also big merge windows), but it's definitely up there." He also notes that "...there's a lot to like in 5.3."

German cybersecurity watchdog CERT-Bund recently discovered a security flaw in the VLC media player Softpedia News reports that "a successful exploit of the vulnerability allows for unauthorized disclosure of information, unauthorized modification of files, and disruption of service." See CVE-2019-13615 for specifics. A patch is in the works.

Melissa Di Donato has been appointed CEO of SUSE. From the press release: "Accomplished technology executive and former SAP leader, Melissa Di Donato, has been named chief executive officer of SUSE in a move that will herald the next phase of growth and momentum for the world's largest independent open source software company....Di Donato is highly regarded for her forward-thinking leadership style and is a passionate advocate for workplace diversity. This includes her role as Technology Group chair of the 30% Club—an organization with the goal of achieving 30 percent female directors on S&P 100 boards by 2020. She also holds prominent positions in other organizations, including Notion Capital, and is a trustee for charity Founders4Schools."

Dropbox brings back support for ZFS, XFS, Btrfs and eCryptFS. According to Linux Uprising, "it appears that this change has made it into the stable Dropbox client for Linux. This isn't directly mentioned on the Dropbox website, but after a fresh Dropbox installation that I performed on Ubuntu, the reported version is 77.4.131, which is a higher version number than the Dropbox beta version for which it was reported that it now supports ZFS and XFS on 64-bit Linux systems, and eCryptFS and Btrfs on all Linux systems. I also gave it a try on a Btrfs filesystem and folder syncing ran without running into any issues."

YugaByte is now 100% open source. reports that "YugaByte, a provider of open source distributed SQL databases, announced that YugaByte DB is now 100% open source under the Apache 2.0 license, bringing previously commercial features into the open source core."

News kernel Security VLC SUSE Dropbox YugaByte open source

Oracle Linux on Btrfs for the Raspberry Pi

Monday 22nd of July 2019 11:30:00 AM
by Charles Fisher

Enterprise comes to the micro server.

Oracle Linux 7 has been released for the Raspberry Pi 3. The release packages Btrfs as the root filesystem on the UEK-branded Linux 4.14 Long Term Support (LTS) kernel. A bootable disk image with a minimal install is provided along with a standard ISO installer.

CentOS appears to support only the "Mustang" Applied Micro X-Gene for AArch64, and it provides the older AArch32 environment for all models of the Raspberry Pi. Oracle Linux is a compelling option among RPM distributions in supporting AArch64 for the Pi Model 3.

This is not to say that Oracle AArch64 Linux is without flaw, as Oracle warns that this is "a preview release and for development purposes only; Oracle suggests these not be used in production." The non-functional WiFi device is missing firmware and documentation, which Oracle admits was overlooked. No X11 graphics are included in the image, although you can install them. The eponymous database client (and server) are absent. Oracle has provided a previous example of orphaned software with its Linux for SPARC project, which was abandoned after two minor releases. There's no guarantee that this ARM version will not suffer the same fate, although Oracle has responded that "our eventual target is server class platforms". One possible hardware target is the Fujitsu A64FX, a new server processor that bundles 48 addressable AArch64 cores and 32GB of RAM on one die, asserted to be the "fastest server processor" that exists.

AArch64 on the Pi

You'll need a Raspberry Pi Model 3 to run Oracle Linux. The 3B+ is the best available device, and you should choose that over the predecessor Model 3B and all other previous models. Both Model 3 boards retain the (constraining) 1GB of RAM—a SODIMM socket would be far more practical. The newer board has a CPU that is 200MHz faster and a Gigabit-compatible Ethernet port (that is limited to 300Mbit due to the USB2 linkage that connects it). A Model A also exists, but it lacks many of the ports on the 3B. More important, the Model 3 platform introduces a 64-bit CPU.

Go to Full Article

More in Tux Machines

How to Create Persistent Fedora LIVE USB From Ubuntu

This quick tutorial explains how to create persistent LIVE USB using Fedora Operating system in Ubuntu. Read more

Android Leftovers

Python Programming Leftovers

  • How to Read SAS Files in Python with Pandas

    In this post, we are going to learn how to read SAS (.sas7dbat) files in Python. As previously described (in the read .sav files in Python post) Python is a general-purpose language that also can be used for doing data analysis and data visualization.

  • Daudin – a Python shell

    A few nights ago I wrote daudin, a command-line shell based on Python. It allows you to easily mix UNIX and Python on the command line.

  • How to Convert Python String to Int and Back to String

    This tutorial describes various ways to convert Python string to int and from an integer to string. You may often need to perform such operations in day to day programming. Hence, you should know them to write better programs. Also, an integer can be represented in different bases, so we’ll explain that too in this post. And there happen to be scenarios where conversion fails. Hence, you should consider such cases as well and can find a full reference given here with examples.

  • Thousands of Scientific Papers May be Invalid Due to Misunderstanding Python

    It was recently discovered that several thousand scientific articles could be invalid in their conclusions because scientists did not understand that Python’s glob.glob() does not return sorted results. This is being reported on by Vice, Slashdot and there’s an interesting discussion going on over on Reddit as well.

Audiocasts/Shows/Screencasts: Open Source Security Podcast, Linux Action News and Manjaro 19.09.28 KDE-DEV Run Through

  • Open Source Security Podcast: Episode 165 - Grab Bag of Microsoft Security News

    Josh and Kurt about a number of Microsoft security news items. They've changed how they are handling encrypted disks and are now forcing cloud logins on Windows users.

  • Linux Action News 127

    Richard Stallman's GNU leadership is challenged by an influential group of maintainers, SUSE drops OpenStack "for the customer," and Google claims Stadia will be faster than a gaming PC. Plus OpenLibra aims to save us from Facebook but already has a miss, lousy news for Telegram, and enormous changes for AMP.

  • GNU World Order 13x42

    On the road during the **All Things Open** conference, Klaatu talks about how to make ebooks from various sources, with custom CSS, using the Pandoc command.

  • Manjaro 19.09.28 KDE-DEV Run Through

    In this video, we are looking at Manjaro 19.09.28 KDE-DEV.