Language Selection

English French German Italian Portuguese Spanish

Red Hat

Red Hat Enterprise Linux 6 and CentOS 6 Receive Important Kernel Security Update

Filed under
Red Hat
Security

Marked by the Red Hat Product Security as having a security impact of "Important," the new Linux kernel security patch addresses a buffer overflow flaw (CVE-2019-14835) discovered in Linux kernel's vhost (virtual host) functionality, which apparently could allow a privileged guest user to escalate his/her privileges on the host system by passing descriptors with invalid length during migration.

"A buffer overflow flaw was found in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host," reads Red Hat's security advisory.

Read more

IBM: CodeMirror, James Bottomley, Tom McKay and Paul E. Mc Kenney

Filed under
Red Hat
  • Apache Camel Language support in CodeMirror

    In a previous article, I mentioned the growing set of supported IDEs/editors for the Apache Camel language. I’m happy to announce that this set has grown again. It is now possible to use CodeMirror with Apache Camel. CodeMirror is a lightweight, embeddable editor for web browsers.

  • [IBM's James Bottomley] Retro Engineering: Updating a Nexus One for the modern world

    A few of you who’ve met me know that my current Android phone is an ancient Nexus One. I like it partly because of the small form factor, partly because I’ve re-engineered pieces of the CyanogneMod OS it runs to suit me and can’t be bothered to keep upporting to newer versions and partly because it annoys a lot of people in the Open Source Community who believe everyone should always be using the latest greatest everything. Actually, the last reason is why, although the Nexus One I currently run is the original google gave me way back in 2010, various people have donated a stack of them to me just in case I might need a replacement.

    However, the principle problem with running one of these ancient beasts is that they cannot, due to various flash sizing problems, run anything later than Android 2.3.7 (or CyanogenMod 7.1.0) and since the OpenSSL in that is ancient, it won’t run any TLS protocol beyond 1.0 so with the rush to move to encryption and secure the web, more and more websites are disallowing the old (and, lets admit it, buggy) TLS 1.0 protocol, meaning more and more of the web is steadily going dark to my mobile browser. It’s reached the point where simply to get a boarding card, I have to download the web page from my desktop and transfer it manually to the phone. This started as an annoyance, but it’s becoming a major headache as the last of the websites I still use for mobile service go dark to me. So the task I set myself is to fix this by adding the newer protocols to my phone … I’m an open source developer, I have the source code, it should be easy, right …?

  • Quay V3.1 Release Update with Bill Dettelback and Tom McKay – OpenShift Commons Briefing

    In this briefing, Bill Dettelback, Red Hat’s Quay Engineering Manager and Tom McKay, Engineer Lead for Quay walk through Quay v3.1’s features, give a short demo of the new features and discuss the road map for future Quay releases, including a progress update on the open sourcing of Quay.

  • Paul E. Mc Kenney: Announcement: Change of Venue

    This week of September 30th marks my last week at IBM, and I couldn't be more excited to be moving on to the next phase of my career by joining a great team at Facebook! Yes, yes, I am bringing with me my maintainership of both Linux-kernel RCU and the Linux-kernel memory model, my editing of "Is Parallel Programming Hard, And, If So, What Can You Do About It?", and other similar items, just in case you were wondering. Wink

    Of course, it is only appropriate for me to express my gratitude and appreciation for the many wonderful colleagues at IBM, before that at Sequent, and more recently at Red Hat. Together with others in the various communities, we in our own modest way have changed the world several times over. It was a great honor and privilege to have worked with you, and I expect and hope that our path will cross again. For those in the Linux-kernel and C/C++ standards communities, our paths will continue to run quite closely, and I look forward to continued productive and enjoyable collaborations.

Red Hat Leftovers

Filed under
Red Hat
  • Stephen Smoogen: Attention: Removal of python36 from EPEL-7 on 2019-10-03

    With the release of RHEL-7.7, many of the packages for python36 in EPEL were replicated in the release as python3-3.6 packages. The normal pattern when this is seen is to remove the packages from EPEL so that they do not cause problems. However, this did cause problems for users of CentOS-7 who did not have access to the newer packages. Two weeks ago, CentOS-7.7.1908 was released and should have flowed out to users as needed.

  • Red Hat Announces CentOS Stream

    Red Hat has announced a new Linux distribution called CentOS Stream for better synergy among RHEL (Red Hat Enterprise Linux), Fedora and CentOS.

    Those who don’t know, CentOS is a clone of RHEL (minus Red Hat branding) which is compiled from the source code that Red Hat releases publicly. CentOS is funded by Red Hat but is a purely community driven project, thought most lead developers of CentOS are employed by Red Hat.

    CentOS Stream will sit somewhere between Fedora and RHEL to offer a bride to developers who want to get their packages in RHEL. So far Fedora was used as a fast moving upstream project for RHEL. Red Hat forks code from Fedora to build the next version of RHEL.

  • Behind the artwork and Easter eggs of Command Line Heroes third season

    Command Line Heroes is more than a podcast—we have developed a broad creative ecosystem to support and enhance the audio experience. One of these branches of production is the artwork that accompanies the show. We produce episodic artwork to help Command Line Heroes stand out on podcast platforms, and to promote the podcast online and at events. It’s taken a creative team with diverse skill sets to build the Command Line Heroes web and event experiences—and we think it gets better every season.

    In this series, we’re going to take you behind the curtain with Red Hat’s Open Studio to learn more about our process, how this program comes to life—and point out some easter eggs you might have missed.

  • The Business Benefits of Red Hat OpenShift Dedicated: A 3x return on investment

    Red Hat commissioned Forrester Consulting to conduct a Total Economic Impact (TEI) study1 to examine the value that customers could achieve by deploying Red Hat OpenShift Dedicated. Forrester interviewed OpenShift Dedicated customers about the benefits, costs, risks, and flexibility they experienced using the platform. The companies interviewed had annual revenues of over $1 billion and used Red Hat for over three years.

    A composite organization representative of these real-world customers experienced a 343% return on investment (ROI), realized benefits with a net present value (NPV) of $3.4 million, and recouped its initial investment in fewer than six months.

Fedora Join is trying a new people focused workflow for newcomers

Filed under
Red Hat

When a newcomer, let’s call her “Jen”, comes to Fedora and looks for where to begin, the general workflow she is introduced to is quite task-oriented. “Find something to do, get started, learn along the way, ask if you have a question” we say. We have easyfix and What Can I do for Fedora (wcidff) designed to quickly help Jen find something to do, for example. The idea, of course, is that Jen will familiarise herself with the tools, the processes, and the people while she works on this task. This works sometimes. Sometimes it doesn’t. It depends on what Jen has picked to do. Sometimes the learning curve is too steep—there are too many tools and processes to learn. Sometimes Jen works on her task in isolation and is too scared to ask questions they think are “silly”. Sometimes Jen just gets too busy to keep working on it.

Read more

Also: Reto Gantenbein: My free software activities (2019-09)

Fedora IoT Edition Test Day and Red Hat News

Filed under
Red Hat
  • Contribute at the Fedora IoT Edition Test Day

    Fedora test days are events where anyone can help make sure changes in Fedora work well in an upcoming release. Fedora community members often participate, and the public is welcome at these events. If you’ve never contributed to Fedora before, this is a perfect way to get started. On Wednesday, October 2, we’ll test Fedora IoT.

  • Contribute at the kernel and IoT edition Fedora test days

    Fedora test days are events where anyone can help make sure changes in Fedora work well in an upcoming release. Fedora community members often participate, and the public is welcome at these events. If you’ve never contributed to Fedora before, this is a perfect way to get started.

    There are two upcoming test days in the upcoming week. The first, starts on Monday 30 September through Monday 07 October, is to test the Kernel 5.3. Wednesday October 02, the test day is focusing on Fedora 31 IoT Edition. Come and test with us to make the upcoming Fedora 31 even better.

  • Sending a telegram with Apache Camel K and Visual Studio Code [Ed: Red Hat is promoting Microsoft yet again today]
  • Keeping DevOps cool in a heated environment

    Cloud platforms are somewhat a staple component to enterprises’ IT environments today, helping to achieve objectives and drive better business operations, but more often than not we don’t see the outcomes or rewards reaped from the use of such platforms.

    Red Hat OpenShift has demonstrated this in the last year.

    In November 2018, millions of residents in Southern California turned to their computers and devices to learn as much as possible about the encroaching Woolsey Fire. As the footprint of the fire increased, officials scrambled to make sure certain information was flowing to the community. They also used traditional media outlets to direct people to the county website for the latest updates and resources.

  • How Dynatrace and OpenShift Served Vital Information During the Woolsey Fire [Ed: Red Hat uses wildfires for marketing of its products]

    Our partners, Dynatrace, have written a blog and a case study covering our joint customer, the largest county in the United States. Normally, case studies and joint customer stories are strictly about business affairs, discussing ROI, OpEx and developer agility; tantalizing topics for IT folks, but not exactly the stuff of drama and danger. This particular case study, however, is about the county’s usage of Red Hat OpenShift and Dynatrace’s Davis AI during the Woolsey Fire in November of 2018.

    Normally, you wouldn’t think of access to a website as being a life or death situation but when the evacuation of more than 295,000 people depends upon the information being distributed on that website, SLAs and service guarantees can be tied almost directly to the saving of human lives.

Events: Red Hat Forum APAC, ATO and X2Go at LinuxHotel

Filed under
Red Hat
OSS

New systemd views, Crunchy and Red Hat/IBM Interview

Filed under
Red Hat
  • systemd is really well designed

    One of the things I think has generally worked well about “Linux” and the ecosystem on top of it has been the variety of userspace. There’s obviously some pointless things, but also some genuine innovation. It works well when upstream projects are structured in a way that they can be mixed and matched.

    For Fedora CoreOS we are combining two technologies; Ignition and rpm-ostree. Previously they were used independently (Ignition with a ChomeOS style A/B updater) and rpm-ostree with the traditional Fedora-and-derivatives setup of Kickstart for bare metal, and cloud-init for clouds.

    Putting the two together has been working well so far, but I’ve recently been working on support for root filesystem reprovisioning which is where the two projects intersect strongly. This has meant a lot of time writing code in the initramfs.

  • Write a Letter to Redhat About systemd

    Red Hat Enterprise Linux (RHEL) incorporated systemd as their default and only init system in 2014. Soon after, perhaps with some persuasion from Red Hat and its allies, Debian adopted systemd as its default init system, and many Debian Derived distros, including all the Ubuntus, followed suit. Starting in 2014, this caused extensive protest from many in the Linux community, for reasons such as: [...]

    I'll be glad to serve as a central information point for this letter writing campaign. If you find other contacts, please feel free to write to them and please email me with those contacts and contact information.

  • Crunchy High Availability PostgreSQL Certified as a Database Backend Solution for Red Hat Ansible Tower
  • Top Gun 51 Profile: Red Hat's Scott Musson on IBM, Channel Strategy, More

Red Hat: New RPM Release and Fedora Program Management

Filed under
Red Hat
  • RPM 4.15.0 released

    After "more than two years in development and half a year in testing", version 4.15.0 of the RPM package manager has been released. It has a wide range of new features, including faster parallel builds; support for %elif, %elifos, and %elifarch statements in RPM spec files; new %patchlist and %sourcelist sections; experimental support for non-privileged operation in a chroot() environment; and, of course, plenty of bug fixes and such.

  • RPM 4.15.0 Release Notes

    General bugfixes and enhancements

    - Add support for rootless chroot-operations on Linux (experimental)
    - Add dummy database backend to better support systems without rpmdb (Debian)
    - Improve ARM detection, add armv8 support
    - Add architecture compatibility mapping between aarch64 and arm64
    - Documentation updates

  • FPgM report: 2019-39

    Here’s your report of what has happened in Fedora Program Management this week.

    I have weekly office hours in #fedora-meeting-1. Drop by if you have any questions or comments about the schedule, Changes, elections, or anything else.

Fedora Wants Help

Filed under
Red Hat

Red Hat: Ansible Automation Platform, Command Line Heroes and Red Hat’s CEO Jim Whitehurst

Filed under
Red Hat
  • Red Hat Elevates Enterprise Automation with New Red Hat Ansible Automation Platform

    Red Hat, Inc., the world's leading provider of open source solutions, today announced Red Hat Ansible Automation Platform, an expansive, enterprise-grade solution for building and operating automation at scale. With Red Hat Ansible Automation Platform, organizations can accelerate collaboration between teams for improved operational efficiencies, reduced risk and a consistent user experience across infrastructure and technology domains.

    Recently named a Leader by Forrester Research in the Forrester Wave™: Infrastructure Automation Platforms, Q3 2019, Red Hat Ansible Automation Platform integrates Red Hat’s powerful automation suite consisting of Red Hat Ansible Tower, Red Hat Ansible Engine and Red Hat Network Automation along with new Software-as-a-Service (SaaS)-based capabilities and features designed for organization-wide effectiveness. Regardless of whether an organization is just beginning its digital transformation journey through automation or is working to expand automation across more use-cases and domains, Red Hat Ansible Automation Platform provides the tools needed to more quickly implement automation without starting from scratch.

  • Command Line Heroes season 3, episode 7: Talking to Machines: LISP and the Origins of AI
  • Red Hat’s CEO Jim Whitehurst: ‘We’re optimized for innovation, not efficiency’

    Red Hat CEO Jim Whitehurst isn’t about to change his management style anytime soon – even with a new boss in charge.

    At least, that was the impression he gave when he appeared as the keynote speaker at the Raleigh Chamber’s annual meeting on Friday.

    A little more than two months after the open source firm merged with IBM in a $34 billion deal, he hinted at an existing clash of culture between the two tech giants, albeit in jest.=

    “Not to pick on my new employer, but it’s funny. I’ll say we should start to do this in front of someone from IBM, and they’re off doing it. And then I’ll say it at Red Hat, and [they’ll say] he was just off his rocker that day,” he told the 700-strong crowd gathered in the main ballroom of the Raleigh Convention Center.

Syndicate content

More in Tux Machines

Orange Pi 4 has an RK3399 and an optional NPU

Shenzhen Xunlong has posted preliminary specs for a Rockchip RK3399 based “Orange Pi 4” SBC that is smaller and more affordable than the Orange Pi RK3399 and faster and more feature rich than the Orange Pi 3. A 4B variant adds a Lightspeeur 2801S AI chip. New Orange Pi boards usually just show up unannounced on AliExpress, but for the fourth iteration of its flagship Orange Pi board, Shenzhen Xunlong teased some detail views on Twitter. The Orange Pi 4 and an AI-enhanced Orange Pi 4B will ship in two weeks. Pricing is undisclosed, but the boards will be “cheaper” than the previous Rockchip RK3399-based Orange Pi, the Orange Pi RK3399. That larger SBC debuted at $109 and now sells for $89 with 2GB DDR3 and 16GB eMMC compared to 4GB LPDDR4 and 16GB eMMC for the Orange Pi 4. Read more

RedisInsight Revealed and WordPress 5.2.4 Released

  • Redis Labs eases database management with RedisInsight

    The robust market of tools to help users of the Redis database manage their systems just got a new entrant. Redis Labs disclosed the availability of its RedisInsight tool, a graphical user interface (GUI) for database management and operations. Redis is a popular open source NoSQL database that is also increasingly being used in cloud-native Kubernetes deployments as users move workloads to the cloud. Open source database use is growing quickly according to recent reports as the need for flexible, open systems to meet different needs has become a common requirement. Among the challenges often associated with databases of any type is ease of management, which Redis is trying to address with RedisInsight.

  • WordPress 5.2.4 Update

    Late-breaking news on the 5.2.4 short-cycle security release that landed October 14. When we released the news post, I inadvertently missed giving props to Simon Scannell of RIPS Technologies for finding and disclosing an issue where path traversal can lead to remote code execution. Simon has done a great deal of work on the WordPress project, and failing to mention his contributions is a huge oversight on our end. Thank you to all of the reporters for privately disclosing vulnerabilities, which gave us time to fix them before WordPress sites could be attacked.

Desktop GNU/Linux: Rick and Morty, Georges Basile Stavracas Neto on GNOME and Linux Format on Eoan Ermine

  • We know where Rick (from Rick and Morty) stands on Intel vs AMD debate

    For one, it appears Rick is running a version of Debian with a very old Linux kernel (3.2.0) — one dating back to 2012. He badly needs to install some frickin’ updates. “Also his partitions are real weird. It’s all Microsoft based partitions,” a Redditor says. “A Linux user would never do [this] unless they were insane since NTFS/Exfat drivers on Linux are not great.”

  • Georges Basile Stavracas Neto: Every shell has a story

    … a wise someone once muttered while walking on a beach, as they picked up a shell lying on the sand. Indeed, every shell began somewhere, crossed a unique path with different goals and driven by different motivations. Some shells were created to optimize for mobility; some, for lightness; some, for speed; some were created to just fit whoever is using it and do their jobs efficiently. It’s statistically close to impossible to not find a suitable shell, one could argue. So, is this a blog about muttered shell wisdom? In some way, it actually is. It is, indeed, about Shell, and about Mutter. And even though “wisdom” is perhaps a bit of an overstatement, it is expected that whoever reads this blog doesn’t leave it less wise, so the word applies to a certain degree. Evidently, the Shell in question is composed of bits and bytes; its protection is more about the complexities of a kernel and command lines than sea predators, and the Mutter is actually more about compositing the desktop than barely audible uttering.

  • Adieu, 32

    The tenth month of the year arrives and so does a new Ubuntu 19.10 (Eoan Ermine) update. Is it a portent that this is the 31st release of Ubuntu and with the 32nd release next year, 32-bit x86 Ubuntu builds will end?

Linux Kernel and Linux Foundation

  • Linux's Crypto API Is Adopting Some Aspects Of Zinc, Opening Door To Mainline WireGuard

    Mainlining of the WireGuard secure VPN tunnel was being held up by its use of the new "Zinc" crypto API developed in conjunction with this network tech. But with obstacles in getting Zinc merged, WireGuard was going to be resorting to targeting the existing kernel crypto interfaces. Instead, however, it turns out the upstream Linux crypto developers were interested and willing to incorporate some elements of Zinc into the existing kernel crypto implementation. Back in September is when Jason Donenfeld decided porting WireGuard to the existing Linux crypto API was the best path forward for getting this secure networking functionality into the mainline kernel in a timely manner. But since then other upstream kernel developers working on the crypto subsystem ended up with patches incorporating some elements of Zinc's design.

  • zswap: use B-tree for search
    The current zswap implementation uses red-black trees to store
    entries and to perform lookups. Although this algorithm obviously
    has complexity of O(log N) it still takes a while to complete
    lookup (or, even more for replacement) of an entry, when the amount
    of entries is huge (100K+).
    
    B-trees are known to handle such cases more efficiently (i. e. also
    with O(log N) complexity but with way lower coefficient) so trying
    zswap with B-trees was worth a shot.
    
    The implementation of B-trees that is currently present in Linux
    kernel isn't really doing things in the best possible way (i. e. it
    has recursion) but the testing I've run still shows a very
    significant performance increase.
    
    The usage pattern of B-tree here is not exactly following the
    guidelines but it is due to the fact that pgoff_t may be both 32
    and 64 bits long.
    
    
  • Zswap Could See Better Performance Thanks To A B-Tree Search Implementation

    For those using Zswap as a compressed RAM cache for swapping on Linux systems, the performance could soon see a measurable improvement. Developer Vitaly Wool has posted a patch that switches the Zswap code from using red-black trees to a B-tree for searching. Particularly for when having to search a large number of entries, the B-trees implementation should do so much more efficiently.

  • AT&T Finally Opens Up dNOS "DANOS" Network Operating System Code

    One and a half years late, the "DANOS" (known formerly as "dNOS") network operating system is now open-source under the Linux Foundation. AT&T and the Linux Foundation originally announced their plan in early 2018 wish pushing for this network operating system to be used on more mobile infrastructure. At the time they expected it to happen in H2'2018, but finally on 15 November 2019 the goal came to fruition.