Language Selection

English French German Italian Portuguese Spanish

IBM/Red Hat Leftovers

Filed under
Red Hat
  • Disrupted CVE Assignment Process

    Due to an invalid TLS certificate on MITRE’s CVE request form, I have — ironically — been unable to request a new CVE for a TLS certificate verification vulnerability for a couple weeks now. (Note: this vulnerability does not affect WebKit and I’m only aware of one vulnerable application, so impact is limited; follow the link if you’re curious.) MITRE, if you’re reading my blog, your website’s contact form promises a two-day response, but it’s been almost three weeks now, still waiting.

    [....]

    We could have a debate on TLS certificate verification and the various benefits or costs of the Firefox vs. Chrome approach, but in the end it’s an obvious misconfiguration and there will be no further CVE requests from me until it’s fixed. No, I’m not bypassing the browser security warning, even though I know exactly what’s wrong. We can’t expect users to take these seriously if we skip them ourselves.

  • June 10 webinar: Cloud-native development for continuous integration with IBM Wazi

    IBM Wazi for Red Hat CodeReady workspaces simplifies hybrid application development. Developers can leverage open and familiar development tools, deliver a CI/CD pipeline that integrates z/OS into a multi-cloud architecture, and transform testing on mainframes by shifting left transaction-level testing. Be sure to catch the June 10 webinar, Cloud Native Development for Continuous Integration with IBM Wazi, to learn about this new technology. Rosalind Radcliffe, IBM Distinguished Engineer in System Enterprise DevOps, and Mitch Ashley, CEO and Managing Analyst of Accelerated Strategies Group, Inc., give you all the details.

  • Using container technology to make a more secure pipeline

    In our last post we talked about using Multi-Category Security (MCS) instead of Multi-Level Security (MLS) to provide isolation on systems with different levels of sensitivity. In this post we'll cover creating a more secure pipeline via containers.

    A common pattern in MLS environments is to have a series of processes to guarantee the flow of information between networks at different levels, but to guarantee that no information gets accidentally leaked. These pipelines are sometimes called dirty word filters.

    Imagine an MLS environment, where you have two networks connected to a machine. One of the networks is at Top Secret and the other network is at Secret. Now you might have a process downloading content from the Top Secret Network, another process, the filter process, examining the downloaded content and moving approved data from the Top Secret content to the Secret content. Finally you have a third process that is taking the Secret content and sending it out the Secret network.

  • The advantages of microservices for financial industries

    Forces ranging from technological disruption, to demographic shifts, will change the way banking is done, according to the 2020 Banking and Capital Markets Outlook from Deloitte Insights. The report says that banking will increasingly be more open and transparent, more intelligent and tailored, and more secure and seamless.

    Achieving this state of financial services - one in which there is greater internal collaboration and is synchronized to market demands - won’t be without challenges, the report says, pointing to "technical debt, or the lack of technology system modernization, which is a huge impediment to transformation."

  • Red Hat Shares ― Special edition: Red Hat Summit 2020 Virtual Experience recap

    Red Hat Summit 2020, like most things this year, looked a little different than in the past. This year's theme was "From here, anywhere." But the shift from an in-person to a virtual event resulted in a Summit perhaps better characterized as "From anywhere, here." While we weren’t able to gather in San Francisco as originally planned, the virtual event gave us the privilege of connecting with so many more open source enthusiasts (56,063* so far, to be exact) worldwide.

  • How to be prepared for changes in Red Hat Smart Management and Satellite

    In my work as a Red Hat Technical Account Manager (TAM), one of my responsibilities is ensuring my customers are aware of the roadmap for various Red Hat products. This includes informing customers of upcoming changes to products, such as features being deprecated, and helping them plan for these changes.

    The Satellite 6.7 release notes listed that several items are deprecated and would be removed in a future release of Satellite. This post will cover several of these items, and what customers can do to prepare for these changes. I would recommend reviewing the release notes to see if any of the other items might affect your Satellite environment.

More in Tux Machines

Kernel: Rust, Language, and Linux Plumbers Conference

  • Linus Torvalds' Initial Comment On Rust Code Prospects Within The Linux Kernel

    Kernel developers appear to be eager to debate the merits of potentially allowing Rust code within the Linux kernel. Linus Torvalds himself has made some initial remarks on the topic ahead of the Linux Plumbers 2020 conference where the matter will be discussed at length. In the mailing list thread when discussing Greg Kroah-Hartman's past comments on the Rust prospects for the kernel, it was mentioned that one of the conditions being sought is that it would effectively be disabled by default until there has been sufficient testing.

  • Linux 5.8 Formally Adds The Inclusive Terminology Guidelines

    Merged overnight into the Linux kernel source tree are the new guidelines concerning the use of "inclusive terminology" for future code. It was just one week ago that the inclusive terminology guidelines for the Linux kernel were first proposed to mixed reaction and have now been merged into the source tree after receiving enough approval of various upstream kernel maintainers. [...] There are around 19.5k mentions of "slave" within the kernel source tree, mostly within the kernel networking code. The string "master" is mentioned some 26.9k times. For "blacklist" are around 888 mentions when checking in the current Git tree. Linux is currently at around 69.3k text files with around 3.54 million lines of code comments and 20.1 million lines of code (along with 3.6 million blank lines).

  • Linux team approves new terminology, bans terms like 'blacklist' and 'slave'

    Linus Torvalds approved on Friday a new and more inclusive terminology for the Linux kernel code and documentation. Going forward, Linux developers have been asked to use new terms for the master/slave and blacklist/whitelist terminologies.

  • Linux Plumbers Conference: Systems Boot and Security Microconference Accepted into 2020 Linux Plumbers Conference

    We are pleased to announce that the Systems Boot and Security Microconference has been accepted into the 2020 Linux Plumbers Conference! Computer-system security is an important topic to many. Maintaining data security and system integrity is crucial for businesses and individuals. Computer security is paramount even at system boot up, as firmware attacks can compromise the system before the operating system starts. In order to keep the integrity of the system intact, both the firmware as well as the rest of the system must be vigilant in monitoring and preventing malware intrusion. As a result of last year’s microconference Oracle sent out patches to support Trenchboot in the Linux kernel and in GRUB2. An agreement was also reached on problems with TPM 2.0 Linux sysfs interface.

  • GNU Tools Track Added to Linux Plumbers Conference 2020

    We are pleased to announce that we have added an additional track to LPC 2020: the GNU Tools track. The track will run for the 5 days of the conference.

Programming: GNOME/GTK, GNU C Library, Perl and Python

  • Implementing Gtk based Container-Widget: Part — 2

    This write-up is in continuation of its previous part — setting up basic container functionality. In the past couple of weeks, we moved on from just adding children to actually repositioning them (child widgets of the container, NewWidget) when enough space is not available for all widget to fit in the given width. Though the grid structure is yet to put in place, the widget could be seen taking shape already (look at below gif).

  • This week in GNOME Builder #2

    This week we fixed some specific topics which were planned for the previous cycle. If anyone wants to contribute so see some of our “Builder wishlist” go there: Builder/ThreePointThirtyfive Last time i had forgotten to mention the great work of our translation team which contributed various translations to Builder. Thank you!

  • Synopsys DesignWare ARC HS CPUs Now Supported By GNU C Library

    The Synopsys DesignWare ARC HS is designed for high performance embedded environments with the 32-bit HS5x and 64-bit HS6x series. Synopsys has long offered their own GNU toolchain builds to support the DesignWare ARC hardware on Linux while now the mainline support is in good shape with glibc for the ARCv2 ISA having been mainlined. Though do note it's ARCv2 and not the latest ARCv3 ISA.

  • A FIXIT-dive into an old CPAN module

    Let’s have a thought experiment. Assume there is an Open Source-licensed Perl module published on CPAN that you care about, and that hasn’t had any updates in a very long time - what are your options? In this blog post, I’ll take a dive into this problem, and use the Geo::Postcodes::NO module as an example. As of this writing, the module version is 0.31, and it’s most recent release was in September 2006. [...] Contribution information for the module is missing (or at least, less than expected). The author ARNE has offered his email address, and after a quick search one can find his Github page. He hasn’t published this module there, though. If we are going to contribute with this, then just adding a CONTRIBUTING.md file is a probably a good place to start. If the module you are looking for has the same problem, then check out it’s “How to contribute” page on MetaCPAN (you can find a link to it in the menu there). There’s another issue though – we can’t offer a pull-request! At best we can send a patch(1) file attached to an email. While this is a bit old-school and should still work (assuming the author accepts those), there might be better options available.

  • Chapter 3 - Google Correlate example update

    In Chapter 3 on Page 87, the book refers to the Google Correlate service. However, as of December 2019, the service has been shutdown. Since the chapter requires you to download a CSV formatted data, it is no longer possible. However, you can instead download a version of the data that I had used 5 years back when writing the book from here.

  • A Hundred Days of Code, Day 004 - Class Attributes and Inheritance

    Learnt about Class Attributes and Inheritance, today.

  • Weekly Python StackOverflow Report: (ccxxxv) stackoverflow python report

May/June in KDE PIM

Following Dan here’s the summary of what happened around KDE PIM in the last two months. While the focus was mainly on the 20.04.x maintenance releases and KDE’s source code hosting and review systems migrated to a Gitlab instance during that time, development continued at full steam with more than 1,800 changes by 34 contributors. Read more More KDE: 20.08 releases branches created

Learn NixOS by turning a Raspberry Pi into a Wireless Router

A lot of the Nix documentation seems to be aimed at a very particular kind of desktop user: someone who already has Nix installed! Such users represent an important use case, and the nix build configurations are easy enough to read. However, I definitely think there is on-boarding improvement work to be done in the Nix ecosystem. So, will I ever go back? I don't think so! This router was so cheap (~$40) and the Raspberry Pi 3B+ is so powerful that I get amazing performance throughout my entire apartment. If it ever breaks, the Pi will be trivial to replace. I am really happy with what I created. Even if this little project isn't original, it solves a real problem in my day-to-day life. In terms of NixOS as a Linux distribution, I think I now am totally on board. Nix has so many incredible advantages that (as a control freak who builds his own WiFi router) I just can't ignore or give up. The feature of Ubuntu that was keeping me on that distribution for so long was that "it just works" © ®. But Nix "just works" too. The only catch is that you need to know what "it" is that you want working ahead of time. I am also comfortable with responsibly using environments, so I think that increases my willingness to jump into a new OS framework. I am a little worried about moving from Ubuntu to Nix on an existing machine, but that is what external hard drive backups are for! Read more