Skip to main content

Where There's No Distance or Gravity

Linux Journal - il y a 12 heures 13 minutes
by Doc Searls

The more digital we become, the less human we remain.

I had been in Los Angeles only a few times in my life before the October day in 1987 when I drove down from our home in the Bay Area with my teenage son to visit family. The air was unusually clear as we started our drive back north, and soon the San Gabriel Mountains—Los Angeles' own Alps (you can ski there!)—loomed over the region like a crenelated battlement, as if protecting its inhabitants from cultures and climates that might invade from the north. So, on impulse, I decided to drive up to Mount Wilson, the only crest in the range with a paved road to the top.

I could see from the maps I had already studied that the drive was an easy one. Our destination also was easily spotted from below: a long, almost flat ridge topped by the white domes of Mount Wilson Observatory (where Hubble observed the universe expanding) and a bristle of towers radiating nearly all the area's FM and TV signals. The site was legendary among broadcast engineering geeks, and I had longed to visit it ever since I was a ham radio operator as a boy in New Jersey.

After checking out the observatory and the towers, my son and I stood on a promontory next to a parking lot and surveyed the vast spread of civilization below. Soon four visiting golfers from New York came over and started asking me questions about what was where.

I answered like a veteran docent, pointing out the Rose Bowl, Palos Verdes Peninsula, Santa Catalina and other Channel Islands, the Hollywood Hills, the San Fernando Valley, the Jet Propulsion Laboratory, Santa Anita Park and more. When they asked where the Whittier Narrows earthquake had happened a few days before, I pointed at the Puente Hills, off to the southeast, and filled them in on what I knew about the geology there as well.

After a few minutes of this, they asked me how long I had lived there. I said all this stuff was almost as new to me as it was to them. "Then how do you know so much about it?", they asked. I told them I had studied maps of the area and refreshed my knowledge over lunch just before driving up there. They were flabbergasted. "Really?", one guy said. "You study maps?"

Indeed, I did. I had maps of all kinds and sizes at home, and the door pockets of my car bulged with AAA maps of everywhere I might drive in California. I also added local and regional Southern California maps to my mobile inventory before driving down.

Go to Full Article
Catégories: Linux News

Participate in Fedora Test Day Today, Netrunner Announces Netrunner 19.01 Blackbird, Security Patch for GNOME Bluetooth Tools in Ubuntu 18.04, New Giant Board SBC from Groboard and Linspire Posts Development Roadmap for 2019-2020

Linux Journal - il y a 12 heures 43 minutes

News briefs for January 15, 2019.

Today is Fedora Test Day for kernel 4.20. To participate, you just need to be able to download the test materials (which include some large files) and read and follow directions. See the wiki page for more information on how to participate.

Netrunner yesterday announced the release of Netrunner 19.01 Blackbird. This desktop distro is based on Debian Testing, and updates with this version include KDE Plasma 5.14.3, KDE Frameworks 5.51, KDE Applications 18.08, Qt 5.11.3 and many more. It also sports a new look and feel called "Netrunner Black" among other changes. You can get the Netrunner 19.01 ISO from here.

Canonical yesterday released a security patch for the GNOME Bluetooth tools to address a security vulnerability with Ubuntu 18.04. Softpedia News reports that security researcher Chris Marchesi discovered the vulnerability in the BlueZ Linux Bluetooth stack, "which made it incorrectly handle disabling Bluetooth visibility, allowing a remote attacker to possibly pair to Bluetooth devices." All Ubuntu 18.04 LTS users should update immediately to the gnome-bluetooth 3.28.0-2ubuntu0.1 and libgnome-bluetooth13 3.28.0-2ubuntu0.1 packages from the official repos. See the wiki for detailed instructions.

Groboards has launched a new "tiny, Adafruit Feather form-factor 'Giant Board' SBC that runs Linux on Microchip's SiP implementation of its Cortex-A5-based SAMA5D SoC and offers 128MB RAM, micro-USB, microSD and I/O including ADC and PWM", Linux Gizmos reports. There's no pricing or availability information yet, but see the OSH Park blog and the Groboards site for specs and more info.

Linspire recently posted its development roadmap for Linspire and Freespire releases for 2019 and 2020. The Linspire CE 8.0 Office 365 Edition is planned for February 21, 2019, with Linspire Server on April 14, 2019. Freespire 4.5 is planned for May 5, 2019 and Freespire 5.0 is scheduled for November 15, 2019.

News Fedora Netrunner Distributions Canonical Security GNOME Ubuntu SBCs Linspire Freespire
Catégories: Linux News

Linux Thursday - Jan 13, 2019 - Lingering Cough Edition

Linux Journal - lun, 01/14/2019 - 14:26

Please support Linux Journal by subscribing or becoming a patron.

Catégories: Linux News

Purism Announces Version 4 of Its Laptops, KDE Frameworks 5.54.0 Now Available, Debian 10 Default Theme Chosen, Linux Kernel 5.0-rc2 Is Out and Mozilla to Disable Flash in Firefox 69

Linux Journal - lun, 01/14/2019 - 10:53

News briefs for January 14, 2019.

Purism announced the fourth version of its Librem laptops today. The Librem 13 and 15 will be "now be upgraded with a 7th Gen Intel Core i7-7500U Processor with integrated HD Graphics that still works with coreboot. In addition, the Librem 15 display will be upgraded to 4K resolution. Upgraded models are available now for purchase whether you pick Librem 13: the road warrior or Librem 15: the desktop replacement." Note that the base cost will remain the same despite these updates (the Librem 15 is $1599, and the Librem 13 is $1399).

KDE announced the release of KDE Frameworks 5.54.0. This release is part of a series of planned releases for the 80 addon libraries for Qt that make up KDE Frameworks. See the announcement for the full list of changes/fixes and download links.

The Debian team announced that "futurePrototype" by Alex Makas will be the default theme for Debian 10 "Buster". The theme was selected via survey from 11 submitted themes; 3,646 people participated in the voting.

Linux kernel 5.0-rc2 is out. Linus wrote, "Were there some missing commits that missed the merge window? Yes. But no more than usual. Things look pretty normal." For the full message, see the LKML.

Mozilla plans to disable Adobe Flash Player in Firefox 69, which should launch in September 2019. According to Softpedia, "The next step for Mozilla is then to remove support for Flash Player entirely, so starting with early 2020, consumer versions of Firefox would no longer work with Adobe's plugin."

News Purism Librem Laptops KDE KDE Frameworks Debian kernel Mozilla Firefox Flash
Catégories: Linux News

Python Testing with pytest: Fixtures and Coverage

Linux Journal - lun, 01/14/2019 - 07:30
by Reuven M. Lerner

Improve your Python testing even more.

In my last two articles, I introduced pytest, a library for testing Python code (see "Testing Your Code with Python's pytest" Part I and Part II). pytest has become quite popular, in no small part because it's so easy to write tests and integrate those tests into your software development process. I've become a big fan, mostly because after years of saying I should get better about testing my software, pytest finally has made it possible.

So in this article, I review two features of pytest that I haven't had a chance to cover yet: fixtures and code coverage, which will (I hope) convince you that pytest is worth exploring and incorporating into your work.

Fixtures

When you're writing tests, you're rarely going to write just one or two. Rather, you're going to write an entire "test suite", with each test aiming to check a different path through your code. In many cases, this means you'll have a few tests with similar characteristics, something that pytest handles with "parametrized tests".

But in other cases, things are a bit more complex. You'll want to have some objects available to all of your tests. Those objects might contain data you want to share across tests, or they might involve the network or filesystem. These are often known as "fixtures" in the testing world, and they take a variety of different forms.

In pytest, you define fixtures using a combination of the pytest.fixture decorator, along with a function definition. For example, say you have a file that returns a list of lines from a file, in which each line is reversed:

def reverse_lines(f): return [one_line.rstrip()[::-1] + '\n' for one_line in f]

Note that in order to avoid the newline character from being placed at the start of the line, you remove it from the string before reversing and then add a '\n' in each returned string. Also note that although it probably would be a good idea to use a generator expression rather than a list comprehension, I'm trying to keep things relatively simple here.

If you're going to test this function, you'll need to pass it a file-like object. In my last article, I showed how you could use a StringIO object for such a thing, and that remains the case. But rather than defining global variables in your test file, you can create a fixture that'll provide your test with the appropriate object at the right time.

Here's how that looks in pytest:

Go to Full Article
Catégories: Linux News

Weekend Reading: All Things Bash

Linux Journal - sam, 01/12/2019 - 08:45
by Carlie Fairchild

Bash is a shell and command language. It is distributed widely as the default login shell for most Linux distributions. We've rounded up some of the most popular Bash-related articles for your weekend reading.

 

Writing More Compact Bash Code

By Mitch Frazier

In most programming languages, non-scripting ones at least, you want to avoid uninitialized variables. In bash, using uninitialized variables can often simplify your code.

 

Normalizing Filenames and Data with Bash

By Dave Taylor

URLify: convert letter sequences into safe URLs with hex equivalents.

 

Roman Numerals and Bash

By Dave Taylor

Fun with retro-coding a Roman numeral converter—Dave heads back to his college years and solves homework anew! 

Also read Dave's followup article, More Roman Numerals and Bash.

 

Create Dynamic Wallpaper with a Bash Script

By Patrick Wheelan

Harness the power of bash and learn how to scrape websites for exciting new images every morning.

 

Developing Console Applications with Bash

By Andy Carlson

Bring the power of the Linux command line into your application development process.

 

Parsing an RSS News Feed with a Bash Script

By Jim Hall

I can automate an hourly job to retrieve a copy of an RSS feed, parse it, and save the news items to a local file that the website can incorporate. That reduces complexity on the website, with only a little extra work by parsing the RSS news feed with a Bash script.

 

Hacking a Safe with Bash

By Adam Kosmin

Being a minimalist, I have little interest in dealing with GUI applications that slow down my work flow or application-specific solutions (such as browser password vaults) that are applicable only toward a subset of my sensitive data. Working with text files affords greater flexibility over how my data is structured and provides the ability to leverage standard tools I can expect to find most anywhere.

 

Graph Any Data with Cacti!

By Shawn Powers

Go to Full Article
Catégories: Linux News

Episode 12: Vendor Lock-in

Linux Journal - ven, 01/11/2019 - 12:05
Your browser does not support the audio element. Reality 2.0 - Episode 12: Vendor Lock-in

Katherine Druckman and Doc Searls talk to Linux Journal's Technical Editor, Kyle Rankin, about vendor lock-in.

Links mentioned:

Lessons in Vendor Lock-in: Shaving

Lessons in Vendor Lock-in: Messaging

Catégories: Linux News

Keeping Your Episodic Contributors to Open-Source Projects Happy

Linux Journal - ven, 01/11/2019 - 09:08
by Ann Barcomb

Community managers have long been advised to nurture top contributors, but it is also important to consider infrequent and casual (episodic) contributors. There are more potential episodic contributors than habitual ones, and getting the most out of your episodic contributors can require reconsidering your strategies for retaining and incorporating contributors.

There are several reasons you should care about episodic contributors, other than just numbers. Getting more people involved can help more people learn about a project, and new people also bring new ideas. Furthermore, many tasks can be done effectively by episodic contributors, freeing habitual contributors to perform other work. Smaller communities might benefit from contributions to documentation or translations, while communities of all sizes can use extra temporary help when running an event.

Greater benefits are realized when the contributors know something about the community and the work because of their previous engagement, and thus require less time to understand their role. An upcoming scientific study looked at what factors are associated with episodic contributors continuing to return to a community to participate (the article will be available starting in February 2019; see the Resources section at the end of this article). This article describes the key findings of the research.

The Design

Five factors were expected to positively influence an episodic contributor's intention to continue participating, as shown in Figure 1.

Figure 1. Proposed Model of Factors Associated with Retention

Contributor Benefit Motivations

Contributor benefit motivations describes contributor motives that benefit the contributor, such as learning new skills, having fun and improving job prospects. In free and open-source software, these motivations are generally linked to retention.

Social Norms

Social norms describes how the people the participant interacts with on a daily basis—friends, family, co-workers and neighbors—view contributing to free software and open-source software projects. Earlier work found this factor to be relevant for people volunteering for a number of non-profit organizations.

Psychological Sense of Community

Psychological sense of community describes the motivation stemming from the affinity a person experiences when meeting and engaging with a group. Previous research has shown that this factor is relevant for both habitual and episodic participants.

Satisfaction

Go to Full Article
Catégories: Linux News

Systemd Security Holes Discovered, GNOME 3.31.4 Released, Mozilla Launches Flexbox Inspector, Timesys Announces New Version of TimeStorm IDE and Clonezilla Live (2.6.0-37) Now Available

Linux Journal - ven, 01/11/2019 - 08:00

News briefs for January 11, 2019.

Three new security holes recently were discovered in Systemd by the Qualys security company. From ZDNet: "With any of these a local user can gain root privileges. Worse still, Qualys reports that 'To the best of our knowledge, all systemd-based Linux distributions are vulnerable.' Actually, that's not quite true, even Qualys admits. 'SUSE Linux Enterprise 15, openSUSE Leap 15.0, and Fedora 28 and 29 are not exploitable because their user space is compiled with GCC's -fstack-clash-protection.'" Red Hat has already released patches for 16864 and 16865.

GNOME 3.31.4 was released this week. This release marks the first development release of 2019, so folks are encouraged to try it and test it. You can get the official BuildStream snapshot here and the source packages here. For the list of updates and changes, go here.

Mozilla announces the launch of Flexbox Inspector: "The new Flexbox Inspector, created by Firefox DevTools, helps developers understand the sizing, positioning, and nesting of Flexbox elements. You can try it out now in Firefox DevEdition or join us for its official launch in Firefox 65 on January 29th."

Timesys Corporation recently announced a new release of TimeStorm Integrated Development Environment. Timesys TimeStorm 5.3.2 IDE "is designed to streamline, simplify, and accelerate the creation of secure Internet of Things (IoT) and embedded Linux applications." According to the announcement, the new IDE also features "support for Windows 10 and a Timesys-built Windows installer. The Eclipse-based TimeStorm IDE provides Windows 10 OS users with an already familiar development environment, making it easy to create embedded Linux products within a Windows environment."

Clonezilla live (2.6.0-37) is now available. This new release for the partition and disk imaging/cloning program features major enhancements and bug fixes. The underlying GNU/Linux OS is now updated and based on Debian Sid and the kernel updated to 4.19.13-1. See the announcement for details.

News Security systemd GNOME Mozilla Timesys Clonezilla Embedded Linux
Catégories: Linux News

Minim Debuted the Minim Labs Free Router Security Platform, AWS Launched DocumentDB, Firefox CTO Eric Rescorla Awarded Levchin Prize, Red Hat Ansible Tower 3.4 Now Available and IoT DevCon 2019 Call for Papers

Linux Journal - jeu, 01/10/2019 - 09:23

News briefs for January 10, 2019.

Minim debuted Minim Labs at CES this week. This free version of the Minim router security platform has an open-source Linux-based "Unum" agent for protecting home automation devices, and it runs on Raspbian and OpenWrt Linux devices. See this LinuxGizmos post and the Minim Labs website for more information.

AWS launched DocumentDB yesterday, a "fast, scalable, and highly available document database that is designed to be compatible with your existing MongoDB applications and tools". TechCrunch reports that AWS felt customers found MongoDB difficult to use, so the company built "its own document database, but made it compatible with theApache 2.0 open source MongoDB 3.6 API".

Firefox CTO Eric Rescorla was awarded the Levchin Prize for "significant contributions to solving global, real-world cryptography issues that make the internet safer at scale" yesterday, which was announced at the 2019 Real-World Crypto Conference. According to the Mozilla Blog, Rescorla was chosen for his "involvement in spearheading the latest version of Transport Layer Security (TLS). TLS 1.3 incorporates significant improvements in both security and speed, and was completed in August and already secures 10% of sites."

Red Hat yesterday announced the availability of Red Hat Ansible Tower 3.4. This new release features "workflow enhancements including nested workflows and workflow convergence, designed to simplify challenges inherent in managing complex hybrid cloud infrastructure". In addition this version boasts increased scalability and enhanced security. The press release quotes Vice President, Management at Red Hat, Joe Fitzgerald: "With the new features available in Red Hat Ansible Tower 3.4 organizations are able to increase the scale and scope of their automation activities together with increased control and visibility."

IoT DevCon 2019's call for papers is now open. If you're interested in presenting at the Internet of Things Developers Conference, submission of titles and abstracts deadline is February 28, 2019. The conference will "focus on technologies ranging from ultra-low power microcontrollers to multicore-enabled aggregation hubs and from software strategies to security solutions as well as techniques required to monitor and manage the enormous loads of device-generated data. We are looking for experts to address the audience of managers, developers, engineers and makers". The conference will be held in Santa Clara, California, June 5–6, 2019.

News Minim Labs Security IOT AWS MongoDB Firefox
Catégories: Linux News

Non-Child Process Exit Notification Support

Linux Journal - jeu, 01/10/2019 - 07:30
by Zack Brown

Daniel Colascione submitted some code to support processes knowing when others have terminated. Normally a process can tell when its own child processes have ended, but not unrelated processes, or at least not trivially. Daniel's patch created a new file in the /proc directory entry for each process—a file called "exithand" that is readable by any other process. If the target process is still running, attempts to read() its exithand file will simply block, forcing the querying process to wait. When the target process ends, the read() operation will complete, and the querying process will thereby know that the target process has ended.

It may not be immediately obvious why such a thing would be useful. After all, non-child processes are by definition unrelated. Why would the kernel want to support them keeping tabs on each other? Daniel gave a concrete example, saying:

Android's lmkd kills processes in order to free memory in response to various memory pressure signals. It's desirable to wait until a killed process actually exits before moving on (if needed) to killing the next process. Since the processes that lmkd kills are not lmkd's children, lmkd currently lacks a way to wait for a process to actually die after being sent SIGKILL.

Daniel explained that on Android, the lmkd process currently would simply keep checking the proc directory for the existence of each process it tried to kill. By implementing this new interface, instead of continually polling the process, lmkd could simply wait until the read() operation completed, thus saving the CPU cycles needed for continuous polling.

And more generally, Daniel said in a later email:

I want to get polling loops out of the system. Polling loops are bad for wakeup attribution, bad for power, bad for priority inheritance, and bad for latency. There's no right answer to the question "How long should I wait before checking $CONDITION again?". If we can have an explicit waitqueue interface to something, we should. Besides, PID polling is vulnerable to PID reuse, whereas this mechanism (just like anything based on struct pid) is immune to it.

Joel Fernandes suggested, as an alternative, using ptrace() to get the process exit notifications, instead of creating a whole new file under /proc. Daniel explained:

Go to Full Article
Catégories: Linux News

Qubes OS 4.0.1 Released, Plasma 5.14.15 Is Out, Software Freedom Conservancy Fundraiser, ClearCube Launches C3xPi Thin Client for RPi 3 Model B+ and Ubuntu Touch Announces OTA-7

Linux Journal - mer, 01/09/2019 - 09:02

News briefs for January 9, 2019.

Qubes OS 4.0.1 was released today, marking the first stable point release in the 4.0 series. Updates include all 4.0 dom0 updates, Fedora 29 TemplateVM, Debian 9 Template VM, Whonix 14 Gateway and Workstation TemplateVMs, and Linux kernel 4.14. You can get Qubes 4.0.1 from the Downloads Page.

KDE yesterday announced Plasma 5.14.5, the fifth and final point release to the Plasma 5.14 desktop environment series. According to Softpedia News, besides some small but important bug fixes, this release "contains a total of 61 changes across various components like Plasma Workspace, Plasma NetworkManager, Breeze GTK, Plasma Discover, and Plasma Desktop". Plasma 5.15, the start of the next major series, is scheduled to be released on February 12, 2019.

The Software Freedom Conservancy has six more days to collect the remaining $13,369 of the fundraiser that will be matched by Private Internet Access and a group of generous donors. Go here to become an official supporter.

ClearCube recently launched a C3xPi Thin Client for the Raspberry Pi 3 Model B+, LinuxGizmos reports. The C3xPi is $179.95, and ClearCube says it's the "only low-cost, virus-proof, single-case dual monitor thin client in the market". Go to the product page for all the details.

Ubuntu Touch announced its OTA-7 release yesterday. With this release, users now can change the keyboard color scheme; a keyboard layout for Lithuanian was added; the Morph browser received many improvements; and more. See the post for the full changelog and instructions on how to get OTA-7.

News Qubes Security KDE Plasma Software Freedom Conservancy Raspberry Pi ClearCube Ubuntu Touch
Catégories: Linux News

If Your Privacy Is in the Hands of Others Alone, You Don’t Have Any

Linux Journal - mer, 01/09/2019 - 08:00
by Doc Searls

If you think regulations are going to protect your privacy, you’re wrong. In fact they can make things worse, especially if they start with the assumption that your privacy is provided only by other parties, most of whom are incentivized to violate it.

Exhibit A for how much worse things can get is the EU’s GDPR (General Data Protection Regulation). As soon as the GDPR went into full effect last May, damn near every corporate entity on the Web put up a “cookie notice” requiring acceptance of terms and privacy policies that allow them to continue with business as usual, harvesting and sharing your personal data, and data about you.

For websites and services in that harvesting business (a population that rounds to the whole commercial web), these notices provide a one-click way to adhere to the letter of the GDPR while violating its spirit.

There’s also big business in the friction that produces. To see how big, look up GDPR+compliance on Google. You’ll get 190 million results (give or take a few dozen million).

None of those results are for you, even though you are who the GDPR is supposed to protect. See, to the GDPR, you are a mere “data subject” and not an independent and fully functional participant in the technical, social and economic ecosystem the internet supports by design. All privacy protections around your data are the burden of other parties.

Or at least that’s the interpretation that nearly every lawmaker, regulatory bureaucrat, lawyer and service provider goes by. (One exception is Elizabeth Renieris @hackylawyer. Her collection of Medium postings are required reading on the GDPR and much else.)  Same goes for those selling GDPR compliance services, comprising most of those 190 million GDPR+compliance search results.

The clients of those services include nearly every website and service on Earth that harvests personal data. These entities have no economic incentive to stop harvesting, sharing and selling personal data the usual ways, beyond fear that the GDPR might actually be enforced, which so far (with few exceptions), it hasn’t been. (See Without enforcement, the GDPR is a fail.)

Go to Full Article
Catégories: Linux News

GitHub Announces that Free Accounts Now Can Create Private Repositories, Bash-5.0 Released, iPhone Apps Linked to Golduck Malware, Godot Game Engine Reaches 3.1 Beta, NSA to Open-Source Its GHIDRA Reverse-Engineering Tool

Linux Journal - mar, 01/08/2019 - 09:35

News briefs for January 8, 2019.

GitHub's CEO Nat Friedman yesterday announced that free accounts now can create private repositories (previously only paid accounts could have private repositories). Ars Technica reports that "Now every GitHub account can create an unlimited number of private repositories. These are still restricted—only three people can collaborate on these repositories—but a great many of those projects that once had no option but to be opened up might now be marked as private." The Ars Technica article also expresses concern that one possibility with this change is that "programs that would previously have been published as open source will now be closed up forever".

Bash-5.0 was released yesterday. This release fixes several bugs and introduces many new features. From the release announcement: "The most notable new features are several new shell variables: BASH_ARGV0, EPOCHSECONDS, and EPOCHREALTIME. The `history' builtin can remove ranges of history entries and understands negative arguments as offsets from the end of the history list. There is an option to allow local variables to inherit the value of a variable with the same name at a preceding scope. There is a new shell option that, when enabled, causes the shell to attempt to expand associative array subscripts only once (this is an issue when they are used in arithmetic expressions). The `globasciiranges' shell option is now enabled by default; it can be set to off by default at configuration time."

Security researchers at Wandera recently discovered "more than a dozen iPhone apps covertly communicating with a server associated with Golduck, a historically Android-focused malware that infects popular classic game apps." According to TechCrunch, the malware was discovered more than a year ago and affected retro-style games on Google Play "by embedding backdoor code that allowed malicious payloads to be silently pushed to the device". See the post for more details.

Godot, the open-source, cross-platform game engine, announced it has entered the beta phase for Godot 3.1. New features include the OpenGL ES 2.0 renderer, visual shader editor, improved animation editor, WebSockets support and much more. See the Changelog for the full list. Note that this is a beta build and not intended for use in production.

The NSA plans to open-source its GHIDRA reverse-engineering tool. It's FOSS reports that senior NSA advisor Robert Joyce wrote in his session description for the March RSA Conference 2019, "NSA has developed a software reverse engineering framework known as GHIDRA, which will be demonstrated for the first time at RSAC 2019. An interactive GUI capability enables reverse engineers to leverage an integrated set of features that run on a variety of platforms including Windows, Mac OS, and Linux and supports a variety of processor instruction sets. The GHISDRA platform includes all the features expected in high-end commercial tools, with new and expanded functionality NSA uniquely developed. and will be released for free public use at RSA."

News GitHub Bash Programming Security Android Mobile gaming NSA open source
Catégories: Linux News

Back to Basics: Sort and Uniq

Linux Journal - mar, 01/08/2019 - 08:00
by Kyle Rankin

Learn the fundamentals of sorting and de-duplicating text on the command line.

If you've been using the command line for a long time, it's easy to take the commands you use every day for granted. But, if you're new to the Linux command line, there are several commands that make your life easier that you may not stumble upon automatically. In this article, I cover the basics of two commands that are essential in anyone's arsenal: sort and uniq.

The sort command does exactly what it says: it takes text data as input and outputs sorted data. There are many scenarios on the command line when you may need to sort output, such as the output from a command that doesn't offer sorting options of its own (or the sort arguments are obscure enough that you just use the sort command instead). In other cases, you may have a text file full of data (perhaps generated with some other script), and you need a quick way to view it in a sorted form.

Let's start with a file named "test" that contains three lines:

Foo Bar Baz

sort can operate either on STDIN redirection, the input from a pipe, or, in the case of a file, you also can just specify the file on the command. So, the three following commands all accomplish the same thing:

cat test | sort sort < test sort test

And the output that you get from all of these commands is:

Bar Baz Foo Sorting Numerical Output

Now, let's complicate the file by adding three more lines:

Foo Bar Baz 1. ZZZ 2. YYY 11. XXX

If you run one of the above sort commands again, this time, you'll see different output:

11. XXX 1. ZZZ 2. YYY Bar Baz Foo

This is likely not the output you wanted, but it points out an important fact about sort. By default, it sorts alphabetically, not numerically. This means that a line that starts with "11." is sorted above a line that starts with "1.", and all of the lines that start with numbers are sorted above lines that start with letters.

To sort numerically, pass sort the -n option:

sort -n test Bar Baz Foo 1. ZZZ 2. YYY 11. XXX Find the Largest Directories on a Filesystem

Numerical sorting comes in handy for a lot of command-line output—in particular, when your command contains a tally of some kind, and you want to see the largest or smallest in the tally. For instance, if you want to find out what files are using the most space in a particular directory and you want to dig down recursively, you would run a command like this:

Go to Full Article
Catégories: Linux News

Linux Thursday - Jan 4, 2019 - New Year Edition

Linux Journal - lun, 01/07/2019 - 14:00

Please support Linux Journal by subscribing or becoming a patron.

Catégories: Linux News

Linux 5.0-rc1 Released, Scratch 3 and Raspberry Pi, Phoronix Test Suite 8.6-Spydeberg Milestone 1 Is Now Available, Elteria Adventures Coming to Linux and Chromium Now Supports VAAPI in Fedora

Linux Journal - lun, 01/07/2019 - 09:27

News briefs for January 7, 2019.

Linux 5.0-rc1 was released yesterday. Linus Torvalds wrote: "The numbering change is not indicative of anything special. If you want to have an official reason, it's that I ran out of fingers and toes to count on, so 4.21 became 5.0. There's no nice git object numerology this time (we're _about_ 6.5M objects in the git repo), and there isn't any major particular feature that made for the release numbering either. Of course, depending on your particular interests, some people might well find a feature _they_ like so much that they think it can do as a reason for incrementing the major number. So go wild. Make up your own reason for why it's 5.0."

MIT recently released Scratch 3, the latest version of its visual programming language. The Raspberry Pi blog announced it has upgraded to make this a smooth transition for those who use its free project resources, "whether that be at a Code Club, CoderDojo, Raspberry Jam, or at home, so we've been busy upgrading our resources to work with Scratch 3". In addition, "Scratch 3 versions of all projects in the Code Club Scratch Modules 1–3 and the CoderDojo Scratch Sushi Cards are already live!" See the post for more details related to Scratch 3 on RPi.

Phoronix Test Suite 8.6-Spydeberg Milestone 1 is out. This is the first development snapshot for the "open-source, cross-platform benchmarking software release due out later in Q1". New features for the Phoronix Test Suite include updates for Microsoft Windows Server 2019 (and it'll be a fully supported platform as well), a new "new phoronix-test-suite compare-results-to-baseline sub-command for comparing two result files with treating the first argument as the performance baseline and providing various statistics off that", a "new ShowPostRunStatistics user configuration" and more. You can get the first development snapshot of Phoronix Test Suite 8.6 at GitHub.

Elteria Adventures is "an open-world RPG MMO with world-building features and it's coming to Linux". GamingOnLinux reports that the developer confirmed it will run on Linux, simply saying ""Yes it will. Also on Mac :)" Evidently the Steam page doesn't give many details on what the game will be like, but GamingOnLinux says "it sounds a bit like Minecraft mixed with an RPG and it has a bunch of platforming as the world is built across many floating islands".

The Chromium web browser in Fedora now has Video Acceleration API (VAAPI) support, making "video playback much smoother while using significantly less resources". Fedora is now the second distribution to include the VAAPI patch in its official Chromium package. See the Fedora Magazine post for more info.

News kernel Programming Scratch Raspberry Pi Phoronix gaming Chromium Fedora
Catégories: Linux News

IBM Began Buying Red Hat 20 Years Ago

Linux Journal - lun, 01/07/2019 - 07:30
by Glyn Moody

How Big Blue became an open-source company.

News that IBM is buying Red Hat is, of course, a significant moment for the world of free software. It's further proof, as if any were needed, that open source has won, and that even the mighty Big Blue must make its obeisance. Admittedly, the company is not quite the behemoth it was back in the 20th century, when "nobody ever got fired for buying IBM". But it remains a benchmark for serious, mainstream—and yes, slightly boring—computing. Its acquisition of Red Hat for the not inconsiderable sum of $34 billion, therefore, proves that selling free stuff is now regarded as a completely normal business model, acknowledged by even the most conservative corporations.

Many interesting analyses have been and will be written about why IBM bought Red Hat, and what it means for open source, Red Hat, Ubuntu, cloud computing, IBM, Microsoft and Amazon, amongst other things. But one aspect of the deal people may have missed is that in an important sense, IBM actually began buying Red Hat 20 years ago. After all, $34 billion acquisitions do not spring fully formed out of nowhere. Reaching the point where IBM's management agreed it was the right thing to do required a journey. And, it was a particularly drawn-out and difficult journey, given IBM's starting point not just as the embodiment of traditional proprietary computing, but its very inventor.

Even the longest journey begins with a single step, and for IBM, it was taken on June 22, 1998. On that day, IBM announced it would ship the Apache web server with the IBM WebSphere Application Server, a key component of its WebSphere product family. Moreover, in an unprecedented move for the company, it would offer "commercial, enterprise-level support" for that free software.

When I was writing my book Rebel Code: inside Linux and the open source revolution in 2000, I had the good fortune to interview the key IBM employees who made that happen. The events of two years before still were fresh in their minds, and they explained to me why they decided to push IBM toward the bold strategy of adopting free software, which ultimately led to the company buying Red Hat 20 years later.

Go to Full Article
Catégories: Linux News

Weekend Reading: Ansible

Linux Journal - sam, 01/05/2019 - 07:30
by Shawn Powers

I've written about and trained folks on various DevOps tools through the years, and although they're awesome, it's obvious that most of them are designed from the mind of a developer. There's nothing wrong with that, because approaching configuration management programmatically is the whole point. Still, it wasn't until I started playing with Ansible that I felt like it was something a sysadmin quickly would appreciate.

Part of that appreciation comes from the way Ansible communicates with its client computers—namely, via SSH. As sysadmins, you're all very familiar with connecting to computers via SSH, so right from the word "go", you have a better understanding of Ansible than the other alternatives.

With that in mind, I've written a few articles exploring how to take advantage of Ansible. It's a great system, but when I was first exposed to it, it wasn't clear how to start. It's not that the learning curve is steep. In fact, if anything, the problem was that I didn't really have that much to learn before starting to use Ansible, and that made it confusing. For example, if you don't have to install an agent program (Ansible doesn't have any software installed on the client computers), how do you start?

Ansible, Part I: the Automation Framework That Thinks Like a Sysadmin

How to get started with Ansible. Shawn tells us the reason Ansible was so difficult for him at first was because it's so flexible with how to configure the server/client relationship, he didn't know what he was supposed to do. The truth is that Ansible doesn't really care how you set up the SSH system; it will utilize whatever configuration you have. This article will get you set up.  

Ansible, Part II: Making Things Happen

Finally, an automation framework that thinks like a sysadmin. Ansible, you're hired.

Ansible is supposed to make your job easier, so the first thing you need to learn is how to do familiar tasks. For most sysadmins, that means some simple command-line work. Ansible has a few quirks when it comes to command-line utilities, but it's worth learning the nuances, because it makes for a powerful system.

Ansible, Part III: Playbooks

Playbooks make Ansible even more powerful than before.

Go to Full Article
Catégories: Linux News

Google's Fuchsia OS to Support Android Apps, Linux Servers with Poorly Configured IPMI Cards Prone to Attack, LinuxGizmos' 2019 SBC Catalog Is Out, USB Type-C Becoming More Secure and Epic Games Not Planning to Provide a Linux Version of Its Store

Linux Journal - ven, 01/04/2019 - 09:10

News briefs for January 4, 2019.

Google's Fuchsia OS will have Android app support via Android Runtime. According to 9To5Google, it was expected that Fuchsia would support Android apps, and now "that suspicion has been confirmed by a new change found in the Android Open Source Project, and we can say with confidence that Fuchsia will be capable of running Android apps using the Android Runtime." The article also notes that "How exactly Fuchsia will use the Android Runtime from there is still unclear. This is includes whether the Android Runtime is able to work as expected to replace Linux kernel calls with equivalents from Fuchsia's Zircon kernel or if ART will run inside of a Linux virtual machine using Machina, Fuchsia's virtual machine system."

Linux servers equipped with poorly configured IPMI (Intelligent Platform Management Interface) cards are prone to attack. ITPro Today reports that "since November, black hat hackers have been using the cards to gain access in order to install JungleSec ransomware that encrypts data and demands a 0.3 bitcoin payment (about $1,100 at the current rate) for the unlock key". The post recommends that to secure against these attacks, make sure the IPMI password isn't the default and "access control lists (ACLs) should be configured to specify the IP addresses that have access the IPMI interface, and to also configure IPMI to only listen on internal IP addresses, which would limit access to admins inside the organization's system."

LinuxGizmos has published its 2019 catalog of open-spec Linux hacker boards. These are all "hacker-friendly, open-spec SBCs that run Linux or Android", and LinuxGizmos provides "recently updated descriptions, specs, pricing, and links to details for all 122 SBCs."

USB Type-C is becoming more secure with the launch of the USB Type-C Authentication Program. eWeek reports that the USB-IF (USB-Implementers Forum) is "taking a cryptographic approach to helping protect USB users and devices against potential risks". In addition, "With the authentication specification, compliance with USB specifications is validated in an effort to prevent potentially dangerous devices and chargers from connecting to a system. The specification can also limit the risk of malicious software that might be embedded within a USB device from attacking a system. According to the USB-IF, the authentication specification enables implementors of the standard to authenticate certified USB Type-C chargers, devices, cables and power sources."

Epic Games says it doesn't currently plan to provide a Linux version of its store. GamingOnLinux, quoted this tweet from Sergey Galyonkin, Director of Publishing Strategy for Epic Games, in response to a question on Reddit: "It really isn't on the roadmap right now. Doesn't mean this won't change in the future, it's just we have so many features to implement."

News Google Fuchsia Android Mobile Servers Security SBCs USB gaming
Catégories: Linux News
Syndiquer le contenu