Language Selection

English French German Italian Portuguese Spanish

Linux

Automatically Change Wallpapers in Linux with Little Simple Wallpaper Changer

Filed under
Linux

Here is a tiny script that automatically changes wallpaper at regular intervals in your Linux desktop.
Read more

Linux Kernel and Security: LVM2, Containers, AMD

Filed under
Linux
Security
  • LVM2 Begins Work On Major Changes To Logical Volume Management

    LVM2 as the user-space tools for Logical Volume Management (LVM) on Linux is in the process of going through a big re-work.

  • Containers and Cloud Security

    The idea behind this blog post is to take a new look at how cloud security is measured and what its impact is on the various actors in the cloud ecosystem. From the measurement point of view, we look at the vertical stack: all code that is traversed to provide a service all the way from input web request to database update to output response potentially contains bugs; the bug density is variable for the different components but the more code you traverse the higher your chance of exposure to exploitable vulnerabilities. We’ll call this the Vertical Attack Profile (VAP) of the stack. However, even this axis is too narrow because the primary actors are the cloud tenant and the cloud service provider (CSP). In an IaaS cloud, part of the vertical profile belongs to the tenant (The guest kernel, guest OS and application) and part (the hypervisor and host OS) belong to the CSP. However, the CSP vertical has the additional problem that any exploit in this piece of the stack can be used to jump into either the host itself or any of the other tenant virtual machines running on the host. We’ll call this exploit causing a failure of containment the Horizontal Attack Profile (HAP). We should also note that any Horizontal Security failure is a potentially business destroying event for the CSP, so they care deeply about preventing them. Conversely any exploit occurring in the VAP owned by the Tenant can be seen by the CSP as a tenant only problem and one which the Tenant is responsible for locating and fixing. We correlate size of profile with attack risk, so the large the profile the greater the probability of being exploited.

  • Canonical Releases AMD Microcode Updates for All Ubuntu Users to Fix Spectre V2

    Canonical released a microcode update for all Ubuntu users with AMD processors to address the well-known Spectre security vulnerability.

    The Spectre microprocessor side-channel vulnerabilities were publicly disclosed earlier this year and discovered to affect billions of devices made in the past two decades. Unearthed by Jann Horn of Google Project Zero, the second variant (CVE-2017-5715) of the Spectre vulnerability is described as a branch target injection attack.

Linux Foundation: Heather Kirksey and the New LF Report

Filed under
Linux
  • Heather Kirksey on Integrating Networking and Cloud Native

    As highlighted in the recent Open Source Jobs Report, cloud and networking skills are in high demand. And, if you want to hear about the latest networking developments, there is no one better to talk with than Heather Kirksey, VP, Community and Ecosystem Development, Networking at The Linux Foundation. Kirksey was the Director of OPNFV before the recent consolidation of several networking-related projects under the new LF Networking umbrella, and I spoke with her to learn more about LF Networking (LFN) and how the initiative is working closely with cloud native technologies.

    Kirksey explained the reasoning behind the move and expansion of her role. “At OPNFV, we were focused on integration and end-to-end testing across the LFN projects. We had interaction with all of those communities. At the same time, we were separate legal entities, and things like that created more barriers to collaboration. Now, it’s easy to look at them more strategically as a portfolio to facilitate member engagement and deliver solutions to service providers.”

  • Linux Skills Most Wanted: Open Source Jobs Report

    The 2018 Open Source Technology Jobs Report shows rapid growth in the demand for open source technical talent, with Linux skills a must-have requirement for entry-level positions.

    The seventh annual report from The Linux Foundation and Dice, released Wednesday, identifies Linux coding as the most sought-after open source skill. Linux-based container technology is a close second.

    The report provides an overview of open source career trends, factors motivating professionals in the industry, and ways employers attract and retain qualified talent. As with the last two open source jobs reports, the focus this year is on all aspects of open source software and is not limited to Linux.

Fanless Skylake embedded PC loads up on PCIe

Filed under
Linux

Teguar’s fanless, Linux-friendly “TB-5045” embedded PC features a 6th Gen Core CPU, up to 32GB DDR4, triple display support, 4x GbE, 6x USB, 4x serial, 2x external SATA bays, 3x mini-PCIe, and optional dual PCIe slots.

Charlotte, North Carolina based Teguar Computers, which is new to the pages of LinuxGizmos, makes a variety of medical PCs, touch-panel computers, and other embedded gear, including a line of Waterproof PCs. The new, fanless TB-5045 box PC prefers to be high and dry, but it should fit in well in many rugged industrial environments. It offers 0 to 50°C support and a rugged steel housing with aluminum heatsink that is said to be resistant against shock and vibration. It also features a wide-range 9-36V DC via a 3-wire input.

Read more

Flatpak 1.0 Linux Application Sandboxing & Distribution Framework Is Almost Here

Filed under
Linux

While it's becoming very popular among Linux users as it is more and more adopted by Linux OS vendors, Flatpak is still considered an "under development" technology, and so it's not yet promoted on a mass scale as its rival Snap is by Ubuntu's mother company Canonical.

However, Flatpak as it is right now, it's very usable, but it is yet to achieve the 1.0 version milestone, which usually marks a project as mature and ready for mass deployment. And it's now more closer than ever as the development team announced today the availability of the first Flatpak 1.0 pre-release version.

Read more

Also: Flatpak 1.0 Nears With Today's 0.99.1 Release

Skylake module aces OSADL’s real-time Linux tests

Filed under
Linux

Congatec has joined the Open Source Automation Development Lab, which has certified that the real-time Linux stack for the Skylake Xeon-E3 based Conga-TS170 COM Express module offers “excellent response times.”

The Open Source Automation Development Lab (OSADL) has certified Congatec’s implementation of real-time Linux (RTL), and has accepted Congatec as a member. Congatec will continued to collaborate with OSADL to optimize board support for RTL and showcase it in the OSADL test racks, says the company.

Read more

Automotive Grade Linux joins the Van Life with Mercedes-Benz Vans deal

Filed under
Linux

Mercedes-Benz Vans has tapped the Linux-based AGL infotainment stack for next-gen vehicles equipped with cutting-edge connectivity and robotics technology.

The Linux Foundation’s Automotive Grade Linux (AGL) project announced that Mercedes-Benz Vans is using the open source AGL platform as a foundation for a new onboard OS for its commercial vehicles. The Daimler business unit will debut a new AGL-based OS on various Mercedes-Benz Vans prototype projects later this year, and AGL will play a key role in Mercedes-Benz Vans “adVANce” initiative for providing “holistic transport solutions.”

Read more

Intel Affairs

Filed under
Linux
Hardware
  • Congatec teams up with OSADL for real-time Linux

    In a first step, OSADL qualified congatec’s latest real-time Linux implementation that uses Linux kernel 4.9.47-rt37 on conga-TS170 Server-on-Modules equipped with the embedded server-class Intel Xeon processor (E3-1578L v5 at 2.00GHz). The challenge when implementing hard real-time Linux behaviour lies in mastering all processing layers from BIOS to Linux kernel to user space, since the overall real-time capabilities are only as good as the weakest link in the chain. In addition, modern processors such as Intel’s Skylake family offer a wide range of energy saving features that must be balanced to the requirements of real-time computing. Executed in standardized racks, the OSADL quality assurance testifies that conga-TS170 Server-on-Modules are perfect for any real-time application. The boards support all major real-time capable OS from both x86 and ARM technologies. These include first and foremost real-time Linux but also further RTOS such as VxWorks or QNX, as well as deterministic hypervisor and virtualization technologies from vendors such as Real-Time Systems.

  • Ubuntu 16.04 LTS certified for Intel NUC for IoT device development

    The pairing of Ubuntu with Intel® NUC provides benefits to device manufacturers at every stage of their development journey and accelerates time to market. Once in the field, the Intel® NUC is built to ensure deployment is easily manageable and runs seamlessly with little operational support needed.

  • Intel CEO Brian Krzanich quits biz after fling with coworker rumbled

    Intel chief exec Brian Krzanich has quit after his “past consensual relationship” with an employee came to light.

    Staff flings are frowned upon in US corporate tech world, and against Intel company policy, which bans bosses from having relationships with people who report to them, directly or indirectly.

  • Intel CEO Brian Krzanich Resigns

    While Intel's second quarter revenue and non-GAAP EPS is exceeding their prior guidance, Intel CEO Brian Krzanich has resigned effective immediately.

Kernel Coverage at LWN (Outside Paywall Now)

Filed under
Linux
  • XArray and the mainline

    The XArray data structure was the topic of the final filesystem track session at the 2018 Linux Storage, Filesystem, and Memory-Management Summit (LSFMM). XArray is a new API for the kernel's radix-tree data structure; the session was led by Matthew Wilcox, who created XArray. When asked by Dave Chinner if the session was intended to be a live review of the patches, Wilcox admitted with a grin that it might be "the only way to get a review on this damn patch set".

    In fact, the session was about the status of the patch set and its progress toward the mainline. Andrew Morton has taken the first eight cleanup patches, Wilcox said, which is great because there was a lot of churn there. The next set has a lot of churn as well, mostly due to renaming. The 15 patches after that actually implement XArray and apply it to the page cache. Those could be buggy, but they pass the radix-tree tests so, if they are, more tests are needed, he said.

  • Filesystem test suites

    While the 2018 Linux Storage, Filesystem, and Memory-Management Summit (LSFMM) filesystem track session was advertised as being a filesystem test suite "bakeoff", it actually focused on how to make the existing test suites more accessible. Kent Overstreet said that he has learned over the years that various filesystem developers have their own scripts for testing using QEMU and other tools. He and Ted Ts'o put the session together to try to share some of that information (and code) more widely.

    Most of the scripts and other code has not been polished or turned into a project, Overstreet continued. Bringing new people up to speed on the tests and how they are run takes time, but developers want to know how to run the tests before they send code to the maintainer.

  • Messiness in removing directories

    In the filesystem track at the 2018 Linux Storage, Filesystem, and Memory-Management Summit (LSFMM), Al Viro discussed some problems he has recently spotted in the implementation of rmdir(). He covered some of the history of that implementation and how things got to where they are now. He also described areas that needed to be checked because the problem may be present in different places in multiple filesystems.

    The fundamental problem is a race condition where operations can end up being performed on directories that have already been removed, which can lead to some rather "unpleasant" outcomes, Viro said. One warning, however: it was a difficult session to follow, with lots of gory details from deep inside the VFS, so it is quite possible that I have some (many?) of the details wrong here. Since LSFMM there has been no real discussion of the problem and its solution on the mailing lists that I have found.

  • Handling I/O errors in the kernel

    The kernel's handling of I/O errors was the topic of a discussion led by Matthew Wilcox at the 2018 Linux Storage, Filesystem, and Memory-Management Summit (LSFMM) in a combined storage and filesystem track session. At the start, he asked: "how is our error handling and what do we plan to do about it?" That led to a discussion between the developers present on the kinds of errors that can occur and on ways to handle them.

    Jeff Layton said that one basic problem occurs when there is an error during writeback; an application can read the block where the error occurred and get the old data without any kind of error. If the error was transient, data is lost. And if it is a permanent error, different filesystems handle it differently, which he thinks is a problem. Dave Chinner said that in order to have consistent behavior across filesystems, there needs to be a definition of what that behavior should be. There is a need to distinguish between transient and permanent failures and to create a taxonomy of how to deal with each type.

  • 4.18 Merge window, part 1

    As of this writing, 7,515 non-merge changesets have been pulled into the mainline repository for the 4.18 merge window. Things are clearly off to a strong start. The changes pulled this time around include more than the usual number of interesting new features; read on for the details.

  • Year-2038 work in 4.18

    We now have less than 20 years to wait until the time_t value used on 32-bit systems will overflow and create time-related mayhem across the planet. The grand plan for solving this problem was posted over three years ago now; progress since then has seemed slow. But quite a bit of work has happened deep inside the kernel and, in 4.18, some of the first work that will be visible to user space has been merged. The year-2038 problem is not yet solved, but things are moving in that direction.

    If 32-bit systems are to be able to handle times after January 2038, they will need to switch to a 64-bit version of the time_t type; the kernel will obviously need to support applications using that new type. Doing so in a way that doesn't break existing applications is going to require some careful work, though. In particular, the kernel must be able to successfully run a system where applications have been rebuilt to use a 64-bit time_t, but ancient binaries stuck on 32-bit time_t still exist; both applications should continue to work (though the old code may fail to handle times correctly).

    The first step is to recognize that most architectures already have support for applications running in both 64-bit and 32-bit modes in the form of the compatibility code used to run 32-bit applications on 64-bit systems. At some point, all systems will be 64-bit systems when it comes to time handling, so it makes sense to use the compatibility calls for older applications even on 32-bit systems. To that end, with 4.18, work has been done to allow both 32-bit and 64-bit versions of the time-related system calls to be built on all architectures. The CONFIG_64BIT_TIME configuration symbol controls the building of the 64-bit versions on 32-bit systems, while CONFIG_COMPAT_32BIT_TIME controls the 32-bit versions.

Kernel (Linux) Systems Boot, Linux Foundation (AGL and ONAP), GNU/Linux Jobs, and ONF

Filed under
Linux
OSS
  • A broad overview of how modern Linux systems boot

     

    For reasons beyond the scope of this entry, today I feel like writing down a broad and simplified overview of how modern Linux systems boot. Due to being a sysadmin who has stubbed his toe here repeatedly, I'm going to especially focus on points of failure.

  • Separation Architecture Supports Automotive Grade Linux

    Green Hills Software now offers INTEGRITY Multivisor secure virtualization and advanced development tools for Automotive Grade Linux (AGL) on 64-bit automotive grade SoCs. For the first time, AGL applications can be added to automotive systems meeting the highest ISO 26262 safety levels through the INTEGRITY real-time operating system (RTOS). As a result, OEMs can confidently run AGL-based infotainment and connected car applications in secure partitions alongside safety-critical and security-critical functions including instrument clusters, rear-view camera, ADAS, OTA, gateway and V2X. The results are lower system costs, more scalable platforms, shorter development times and lower ASIL certification costs.

  • Second ONAP Open Source Network Automation Release Ships

    The Linux Foundation announced the second software release from the Open Network Automation Platform (ONAP) project, a unified platform for end-to-end, closed-loop network automation

    Announced last week, ONAP Beijing stems from the melding of two different open source networking automation projects under the direction of The Linux Foundation in March 2017. ONAP focuses on automating virtual network functions in software-defined networking (SDN) and network functions virtualization (NFV) implementations.

  • Linux Projects Driving Demand for IT Pros With Open Source Skills
  • ONF Announces New Reference Designs

    Driving Formation of a New Supply Chain To support operators’ impending deployment of these Reference Designs, a number of tier-1 vendors have joined the efforts as ONF partners to contribute their skills, expertise and technologies to help realize the RDs. Adtran, Dell/EMC, Edgecore Networks and Juniper Networks are actively participating as supply chain partners in this reference design process. Each brings unique skills and complementary competencies, and by working together the partnership will be able to expedite the production readiness of the various solutions.

  • ADTRAN Partners with Open Networking Foundation (ONF) in Reimagined Strategic Plan
Syndicate content

More in Tux Machines

Android Leftovers

Canonical Releases AMD Microcode Updates for All Ubuntu Users to Fix Spectre V2

The Spectre microprocessor side-channel vulnerabilities were publicly disclosed earlier this year and discovered to affect billions of devices made in the past two decades. Unearthed by Jann Horn of Google Project Zero, the second variant (CVE-2017-5715) of the Spectre vulnerability is described as a branch target injection attack. The security vulnerability affects all microprocessors that use branch prediction and speculative execution function, and it can allow unauthorized memory reads via side-channel attacks if the system isn't patched. For example, a local attacker could use it to expose sensitive information, including kernel memory. Read more

PulseAudio 12 Open-Source Sound System Released with AirPlay, A2DP Improvements

Highlights of PulseAudio 12.0 include better latency reporting with the A2DP Bluetooth profile, which also improves A/V sync, more accurate latency reporting on AirPlay devices, the ability to prioritize HDMI output over S/PDIF output, HSP support for more Bluetooth headsets, and the ability to disable input and output on macOS. PulseAudio 12.0 also adds support for Steelseries Arctis 7 USB headset stereo output and Dell's Thunderbolt Dock TB16 speaker jack, a new "dereverb" option that can be used for the Speex echo canceller, a new module-always-source module, better detection of Native Instruments Traktor Audio 6, and improved digital input support for various USB sound cards. Read more

Automatically Change Wallpapers in Linux with Little Simple Wallpaper Changer

Here is a tiny script that automatically changes wallpaper at regular intervals in your Linux desktop. Read more