Odprtokodni pogled

Opensource view

tuxmachines.org

Syndicate content
Your source for Linux and Open Source news, reviews, and howtos.
Posodobljeno: 11 sec nazaj

Linux IoT Development: Adjusting from a Binary OS to the Yocto Project Workflow

Čet, 07/11/2019 - 13:41

In embedded Linux development, there are two approaches when it comes to what operating system to run on your device. You either build your own distribution (with tools such as Yocto/OpenEmbedded-Core, Buildroot and so on), or you use a binary distribution where Debian and derivatives are common.

It's common to start out with a binary distribution. This is a natural approach, because it's a familiar environment for most people who have used Linux on a PC. All the commodities are in place, and someone else has created the distribution image for you to download. There normally are custom vendor images for specific hardware that contain optimizations to make it easy to get started to utilize your hardware fully.

Any package imaginable is an apt install command away. This, of course, makes it suitable for prototyping and evaluation, giving you a head start in developing your application and your product. In some cases, you even might ship pre-series devices using this setup to evaluate your idea and product further. This is referred to as the "golden image" approach and involves the following steps...

read more

today's leftovers

Čet, 07/11/2019 - 13:23
  • Chrome OS launcher function to search for Linux app installs postponed

    A bug for this functionality was opened back in January, with this description: “Add APT search into Chrome OS App Launcher, so that not installed Linux packages and Apps can be searched for and installed via the App launcher.”

    Essentially if you want to search for a Linux app that you didn’t have installed on your Chromebook, you would be able to do that directly in the Chrome OS launcher.

    Clicking on the appropriate result would then download the Linux app package and presumably start the installation process in a best-case scenario. A worst-case option would be to have the package downloaded and then use the Chrome OS Files app to install it, which is the current process.

  • Cloud-Native CI/CD with OpenShift Pipelines

    With Red Hat OpenShift 4.1, we are proud to release the developer preview of OpenShift Pipelines to enable creation of cloud-native Kubernetes-style continuous integration and continuous delivery (CI/CD) pipelines based on the Tekton project.

    [...]

    OpenShift Pipelines allows teams to build, test and deploy their applications using cloud-native pipelines and take control of their application lifecycle.

    Kubernetes style pipelines: Create pipelines using standard Kubernetes CRDs that are portable across Kubernetes distributions.

    Runs serverless: Create and run pipelines, period. No CI/CD server to manage and maintain.

    Deploy to multiple platforms: Your pipelines run on Kubernetes, but you can deploy to many Kubernetes, VMs and serverless platforms from the pipeline.

    Build images with Kubernetes tools: You can use the build tool of your choice for building images. Source-to-Image (S2I), Buildah and Dockerfiles, Jib, Kaniko and more.

    Developer tools: Command-line tool to interact with the pipelines in addition to integrations with OpenShift developer console and IDE plugins.

  • Will rolling into IBM be the end of Red Hat?

    IBM's acquisition of Red Hat for $34 billion is now a done deal, and statements from the leadership of both companies sound extremely promising. But some in the Linux users have expressed concern.

  • Foliate ePub Reader Now Available Outside of Flathub

    I bring a welcome word to the bookworms amongst you wanting to try the Foliate eBook reader on Linux: it’s now available outside of Flathub.

    Foliate is a terrifically well-designed, well-built and well-featured GTK eBook reader for Linux desktop. The app supports the .epub format exclusively, a focus that enables it to deliver some first-rate user experience.

    But short of building it from source, the only way to install Foliate on Ubuntu has been via the Flatpak build on Flathub. While it’s relatively easy to set-up and install Flatpak on Ubuntu, some folks flatly don’t want to.

  • Samba 4.11.0rc1 Released, Firefox 68.0esr Now Available, SPI Board Elections, Microsoft Admitted to linux-distro List and SoftMaker FreeOffice Now Includes Anniversary Update

    SoftMaker FreeOffice now includes the Anniversary update. This new version has many new features for the TextMaker word processor and spreadsheets, and improved user-friendliness. See the press release for details on the office suite's update, and go here to download.

  • Cloudera Bucks an Industry Trend, Doubles Down on Open Source

    Hadoop wrangler Cloudera has bucked a trend to tighten control of open source code by protecting it under ever more restrictive licences, today announcing plans to go all-in on AGPL and Apache 2.0 licences, make closed licence components of its products open source, and double-down on its Apache Software Foundation (ASF) activity.

    The commitment by the US-based enterprise data specialist will extend to its forthcoming Cloudera Data Platform (CDP); the company’s much-awaited joint product with Hortonworks following last year’s $5.2 billion merger (which closed in January this year). Cloudera hopes to emulate Red Hat’s support-based commercial success it said.

  • The SUSE Academic Program attracts new partners at the UCISA SSG Conference

    UCISA is the member-led professional body for digital practitioners within higher education in the UK. An open and inclusive network, UCISA uses their collective knowledge and expertise to help transform teaching, learning and research to ensure both operational efficiency and an excellent student experience (https://www.ucisa.ac.uk/about ). Most importantly, UCISA fosters an open community that collaborates and shares thinking, best practices and procedures that everyone in education can learn from.

    Hosted by the Support Services Group, the conference attracted IT support managers, service administrators, support analysts and many others. It was a good place to be for the SUSE Academic Program as the training offered is very interesting to IT staff and students. As a result, the technical training, curriculum and educational materials available through SUSE’ Academic Program were on display and over 20 new institutions enrolled as an academic partner. Our hope, is they will find our program useful in training their IT staff and equip the next generation of professionals with the skills to be highly employable.

read more

Programming Leftovers

Čet, 07/11/2019 - 13:17
  • Frankenstein JVM with flavour - jlink your own JVM with OpenJDK 11

    While you can find a lot of information regarding the Java "Project Jigsaw", I could not really find a good example on "assembling" your own JVM. So I took a few minutes to figure that out. My usecase here is that someone would like to use Instana (non free tracing solution) which requires the java.instrument and jdk.attach module to be available. From an operations perspektive we do not want to ship the whole JDK in our production Docker Images, so we've to ship a modified JVM. Currently we base our images on the builds provided by AdoptOpenJDK.net, so my examples are based on those builds. You can just download and untar them to any directory to follow along.

  • KDE Craft Packager on macOS

    In Craft, to create a package, we can use craft --package after the compiling and the installing of a library or an application with given blueprint name.

    On macOS, MacDMGPackager is the packager used by Craft. The MacDylibBundleris used in MacDMGPackager to handle the dependencies.

    In this article, I’ll give a brief introduction of the two classes and the improvement which I’ve done for my GSoC project.

  • It is coming alive

    After digging for around a month and a half, I can finally do some selections with the Magnetic Lasso tool, which I wrote with utter laziness as I would say. Though it still demands a lot of work to be done, so it will be just polishing the existing code into perfection for the next one and half month.

  • Humble Book Bundle: Programmable Boards by Make Community

    If you are interested in learning more about programmable boards, such as Arduino, and are looking for a crash course, you can pick up much on the topic by not just reading about the topic but also doing some hands-on learning. You can do just that, along with paying very little to do so when you buy the Humble Book Bundle: Programmable Boards by Make Community. You’ll pay as little as $1 for books that explain getting started with IoT, Arduino projects, mBot, and more. You’ll get instruction and hands-on training in several areas. Buy the bundle and receive only the books you really need to learn more about programmable boards.

  • Building a computer - part 1

    Off-hand I think the most complex projects I've built have been complex in terms of software. For example I recently hooked up a 933Mhz radio-receiver to an ESP8266 device, then had to reverse engineer the protocol of the device I wanted to listen for. I recorded a radio-burst using an SDR dongle on my laptop, broke the transmission into 1 and 0 manually, worked out the payload and then ported that code to the ESP8266 device.

    Anyway I've decided I should do something more complex, I should build "a computer". Going old-school I'm going to stick to what I know best the Z80 microprocessor. I started programming as a child with a ZX Spectrum which is built around a Z80.

    Initially I started with BASIC, later I moved on to assembly language mostly because I wanted to hack games for infinite lives. I suspect the reason I don't play video-games so often these days is because I'm just not very good without cheating

    Anyway the Z80 is a reasonably simple processor, available in a 40PIN DIP format. There are the obvious connectors for power, ground, and a clock-source to make the thing tick. After that there are pins for the address-bus, and pins for the data-bus. Wiring up a standalone Z80 seems to be pretty trivial.

  • Python Machine Learning Tutorial: Predicting Airbnb Prices
  • DevOps for introverted people
  • PSF GSoC students blogs: Week 5
  • PSF GSoC students blogs: Week 6
  • PSF GSoC students blogs: Coding week #6
  • Week 6 Check-In
  • Week 5 Check-In

    At the start of this week, I revisited the box-into-capsule test and re-implemented a different algorithm. Instead of representing the capsule as two hemispheres and a cylinder, my mentor suggested to see it as a line segment defined the by its two endpoints. So, the algorithm finds the closest point on the box to the line segment, and then tests for intersections accordingly.

  • `make -j5 kritaflake`

    At the end of June I finished copy-on-write vector layers. From the very beginning, I have been researching into possibilities to make kritaflake implicitly sharable. In that post I mentioned the way Sean Parent uses for Photoshop, and adapted it for the derived d-pointers in Flake.

  • Working With Dictionaries In Python

    Dictionaries in pythons are a collection of key value pairs. They are very similar to JSON data type in JavaScript. Dictionaries are indexed, they can be modified and they are no ordered. This makes it very flexible and useful. Since dictionary items can be accessed with keys instead of indexes, dictionaries are widely used in external data-driven programs and apps.

  • What is a golden image?

    If you’re in quality assurance, system administration, or (believe it or not) media production, you might have heard some variation of the term gold master, golden image, or master image, and so on. It’s a term that has made its way into the collective consciousness of anyone involved in creating one perfect model and then producing many duplicates from that mold. That’s what a gold master, or golden image, is: The virtual mold from which you cast your distributable models.

    In media production, the theory is that a crew works toward the gold master. This final product is one of a kind. It looks and sounds the best a movie or an album (or whatever it is) can possibly look and sound. Copies of this master image are made, compressed, and sent out to the eager public.

    In software, a similar idea is associated with the term. Once software has been compiled and tested and re-tested, the perfect build is declared gold. No further changes are allowed, and all distributable copies are generated from this master image (this used to actually mean something, back when software was distributed on CDs or DVDs).

read more

GNU/Linux Devices: Raspberry Pi, AAEON and Librem 5

Čet, 07/11/2019 - 13:06
  • Raspberry Pi 4 B+ - PCI Express

    Without much exaggeration, the new Raspberry Pi is likely the largest single-step improvement on the Pi family since the early changes of the form factor. Although Pi3 introduced 64bit capability, it's been pretty limited in practice due to lack of memory. Pi4 introduces 4GB RAM, USB 3.0 and Gigabit Ethernet.

    Most importantly for our purposes, the USB 3.0 (and 2.0) chip is attached via the PCI Express interface - that means, if we were to remove it, we can gain access to the underlying bus. So, without further ado, the sacrificial goat.. uhm, chip.

  • Modder Connects External PCIe To Raspberry Pi 4

    Raspberry Pi is a low-cost computer designed for tech enthusiasts, students, and engineers who wish to make extreme use of limited hardware. Just two weeks ago, the Raspberry Pi 4 was unveiled, which caught the attention of technology enthusiasts.

    The latest version of Raspberry Pi is a big improvement over the previous version despite its faulty USB-C port design. It relies on PCI Express for USB chips. However, there isn’t any provision to connect external devices on the Raspberry Pi 4.

  • AAEON Launches BOXER-8150AI Compact Embedded Box PC Features 8 USB 3.0 Ports

    The BOXER-8150AI is able to support up to eight USB connected cameras or devices, each operating independently of one another.

  • Runs on the Librem 5 Smartphone – Week 3

    We’ve been showcasing a different piece of software running on the Librem 5 Smartphone Development Kit every day for the last twenty days.  Twenty.  In a row.

    And we’re not done.  Because, holy smokes, do we have a lot more to show.  And, let’s be honest, these are just plain fun.  Daily videos kick back off tomorrow (July 11th) with video number 21.

    You can enjoy Days 15 through 20 below — and Days 1 through 14 in the Week 1 and 2 posts.

  • Purism and the Linux 5.2 Kernel

    Hello again. Following up on our report for the Linux 5.1 kernel, here’s a list of contributions for the Linux 5.2 kernel cycle, for which our team recently contributed with 14 patches–including a new driver for the Librem 5 devkit’s panel...

read more

Tumbleweed’s July Snapshots Are Trending Strong

Čet, 07/11/2019 - 13:03

There have been a total of five openSUSE Tumbleweed snapshots since the beginning of July and all the snapshots have a strong, stable rating.

The rolling release had the most updates arrive in the 20190702 snapshot. The packages update in that snapshot included Mesa 19.1.1 and Mesa-drivers 19.1.1 that had fixes for Intel ANV and AMD RADV driver as well as Nouveau and R300 Gallium3D drivers. The bzip2 file compression application fixed undefined behavior in the macros in version 1.0.7 and fixed a low impact Common Vulnerabilities and Exposures (CVE). The programing language package guilef was updated to version 2.2.5 and provided bootstrap optimization. Portability improvements were made in the library for encryption, decryption, signatures and password hashing with libsodium 1.0.18. A major release of the PulseAudio’s Volume Control package pavucontrol 4.0 was made; the new version dropped support for Gtk+ 2 and added more than a handful of new language translations.

The most recent snapshot, 20190708, didn’t offer a changelog due to the server that the web app uses to produce the changelogs being upgraded to Leap 15.1. The changelog is expected to be included in the next snapshot that is released.

read more

OpenSUSE Leap 15.1 - A dream come untrue

Čet, 07/11/2019 - 12:45

OpenSUSE Leap 15.1 is significantly better than the first edition. It fixes tons of the problems that the previous version had. But then, it still retains lots of problems and introduces some new ones. You get decent media and phone support, but it's not a perfect record. Network support is average, and overall, the hardware compatibility with the 2010 Pavilion machine is meh.

The installer is no longer as awesome as it used to be, the package management is quite broken, and the system wasn't stable enough to be fun and enjoyable, before or after my tweaks. The Plasma desktop is sweet, and while SUSE does have tricks most other distros don't have, like YaST, BTRFS, Snapper and such, it feels raw and jumbled and hastily put together. There were too many rough edges and errors and application crashes for me to consider this for serious work. Alas, my dream of using openSUSE in my production setup was dashed once again. All in all, Leap 15.1 deserves something like 4/10, a far cry from the legend it used to be. Maybe, maybe one day. But hey, at the current rate, 15.2 might be quite all right. We shall see.

Openwashing by SUSE: Can You Have Open Source without True Partnership?

read more

Linux 5.3 Features and the Linux Foundation's (Openwashing) Work for Surveillance Giants

Čet, 07/11/2019 - 12:42
  • Linux 5.3 Picks Up Utilization Clamping - Ensuring GUI Threads Get Maximum Frequency

    The scheduler changes for the Linux 5.3 kernel are as busy as ever.

    One of the most interesting scheduler changes for Linux 5.3 was made by Arm's Patrick Bellasi. The addition is introducing utilization clamping support as an extension of their work on the Energy Aware Scheduling framework in order to boost some workloads while capping background workloads. Energy Aware Scheduling factors in the CPU topology of modern hardware -- particularly Arm big.LITTLE designs -- with differing power and performance characteristics in order to better schedule what CPU cores should be used for a given workload.

  • Linux 5.3 Continues Advancing Intel's Sound Open Firmware

    Linux sound subsystem maintainer Takashi Iwai sent in the big set of audio driver changes for Linux 5.3.

    Linux 5.3 is continuing where Linux 5.2 left off when it added a lot of their Sound Open Firmware kernel code that has been in development for over one year as the Intel-led effort for having open-source audio DSP firmware and SDK. Sound Open Firmware is used by the newest and future Google Chromebooks among other use-cases to come about.

  • The Linux Foundation Breathes New Life into Osquery

    Anyone who has been tasked with monitoring the security of server instances in a data center or cloud knows how laborious and time-consuming it can be. Osquery, a project started by Facebook, aims to lessen this burden by reframing how developers engage with their infrastructures. DevOps professionals can use Osquery to expose an operating system as a high-performance relational database, making it possible to use SQL commands to access data about a system, just as they would for a database. 

    Osquery works on Mac, Linux and Windows systems and is provided as an open source download via GitHub. Although Osquery was developed by Facebook to monitor and safeguard the security of its own platform, the social media giant quickly realized the utility of the platform would extend to other enterprises that depend upon insight into the low-level behavior of operating systems. 

read more

AMD Defects, Linux Affected Also

Čet, 07/11/2019 - 12:40
  • AMD's SEV tech that protects cloud VMs from rogue servers may as well stand for... Still Extremely Vulnerable

    Five boffins from four US universities have explored AMD's Secure Encrypted Virtualization (SEV) technology – and found its defenses can be, in certain circumstances, bypassed with a bit of effort.

    In a paper [PDF] presented Tuesday at the ACM Asia Conference on Computer and Communications Security in Auckland, New Zealand, computer scientists Jan Werner (UNC Chapel Hill), Joshua Mason (University of Illinois), Manos Antonakakis (Georgia Tech), Michalis Polychronakis (Stony Brook University), and Fabian Monrose (UNC Chapel Hill) detail two novel attacks that can undo the privacy of protected processor enclaves.

    The paper, "The SEVerESt Of Them All: Inference Attacks Against Secure Virtual Enclaves," describes techniques that can be exploited by rogue cloud server administrators, or hypervisors hijacked by hackers, to figure out what applications are running within an SEV-protected guest virtual machine, even when its RAM is encrypted, and also extract or even inject data within those VMs.

  • AMD Ryzen 3000 is experiencing problems with some Linux distributions

    Ryzen 3000 seems to have boot problems with the most modern Linux distributions. The problem affects all operating systems using a 2019 Linux distribution with Linux 5.0/5.1/5.2 kernels.

    This problem is now known to be related to the RdRand command. Remember that the previous Ryzen processors were also not friendly when they used the RNG hardware command, which caused problems on the platform. However, now with Zen2, this is even worse supported, and AMD has not yet officially detected the problem.

  • AMD Posts New CPUFreq Driver For CPPC Support With Zen 2 CPUs

    AMD Zen 2 CPUs support ACPI's Collaborative Processor Performance Control (CPPC) for tuning the system to energy and/or performance requirements. AMD has now published a new CPUfreq driver for handling their CPPC implementation and the new controls found with their new processors.

    The AMD CPPC support with Zen 2 desktop/server/mobile CPUs can be optionally enabled and allows setting min/maximum performance along with desired performance and other knobs for tuning via sysfs.

read more

The 10 Top GUI Tools for Linux System Administrators

Čet, 07/11/2019 - 12:32

A Linux administrators task is to typically install, upgrade, and monitor a company’s software and hardware while maintaining the essential applications and functions which include security tools, emails, LANs, WANs, web servers, etc.

Read Also: Top 26 Tools for VMware Administrators

Linux is undoubtedly a force to reckon with in computing technology and most system administrators work on Linux machines. You might think you are damned to using the command-line to complete administrative tasks but that is far from the truth.

Here are the 10 best GUI tools for Linux System Administrators.

read more

Mozilla Firefox: Firefox 68, Charsets and Grizzly Browser Fuzzing Framework

Čet, 07/11/2019 - 12:30
  • Mike Hommey: Reproducing the Linux builds of Firefox 68

    Starting with Firefox 68, the Linux builds shipped by Mozilla should be reproducible (it is not currently automatically validated that it definitely is, but 68.0 is). These builds are optimized with Profile Guided Optimization, and the profile data was not kept and published until recently, which is why they weren’t reproducible until now.

    The following instructions require running Docker on a Linux host (this may or may not work on a non-Linux host, I don’t know what e.g. Docker for Mac does, and if the docker support in the mach command works with it). I’ll try to make them generic enough that they may apply to any subsequent release of Firefox.

  • Mozilla Releases Firefox 68 as the Next ESR Series with Cryptomining Protection

    Mozilla officially released today the Firefox 68 web browser for all supported platforms, including Linux, Mac, and Windows, making it an ESR (Extended Support Release) version.
    The popular open-source and cross-platform Firefox web browser from Mozilla has been updated to version 68.0, a major release that expands the dark mode in the reader view to make the controls, toolbars, and sidebars on windows dark too. Additionally, Firefox 68 introduces new cryptomining and fingerprinting protections to strict content blocking settings.

    Firefox 68 also improves add-on security and discovery by introducing a Recommended Extensions program in about:addons to help users easily find high quality and secure add-ons and themes, a new reporting feature in about:addons to let users quickly report security and performance issues with add-ons, and revamp the extensions dashboard in about:addons.

  • Dave Townsend: Please watch your character encodings

    I started writing this as a newsgroup post for one of Mozilla’s mailing lists, but it turned out to be too long and since this part was mainly aimed at folks who either didn’t know about or wanted a quick refresher on character encodings I decided to blog it instead. Please let me know if there are errors in here, I am by no means an expert on this stuff either and I do get caught out sometimes!

    Text is tricky. Unicode supports the notion of 1,114,112 distinct characters, slightly more than a byte of memory can hold. So to store a character we have to use a way of encoding its value into bytes in memory. A straightforward encoding would just use three bytes per character. But (roughly) the larger the character value the less often it is used, and memory is precious, so often variable length encodings are used. These will use fewer bytes in memory for characters earlier in the range at the cost of using a little more memory for the rarer characters. Common encodings include UTF-8 (one byte for ASCII characters, up to four bytes for other characters) and UTF-16 (two bytes for most characters, four bytes for less used ones).

    What does this mean?

  • Grizzly Browser Fuzzing Framework

    At Mozilla, we rely heavily on automation to increase our ability to fuzz Firefox and the components from which it is built. Our fuzzing team is constantly developing tools to help integrate new and existing capabilities into our workflow with a heavy emphasis on scaling. Today we would like to share Grizzly – a browser fuzzing framework that has enabled us to quickly and effectively deploy fuzzers at scale.

    Grizzly was designed to allow fuzzer developers to focus solely on writing fuzzers and not worry about the overhead of creating tools and scripts to run them. It was created as a platform for our team to run internal and external fuzzers in a common way using shared tools. It is cross-platform and supports running multiple instances in parallel.

read more

Games: OpenRCT2, Eagle Island, Damsel and Last Epoch

Čet, 07/11/2019 - 12:23
  • FOSS game engine "OpenRCT2" for RollerCoaster Tycoon 2 has a fresh release out

    Ready to build some fantastic rides again? FOSS game engine OpenRCT2 has a brand new release available for playing RollerCoaster Tycoon 2 on Linux.

    Release v0.2.3 code-named "Tim the Enchanter" went live yesterday and it's not just a bug-fix release adding in a bunch of new features.

  • Throw your Owl at everything in "Eagle Island", out now with Linux support

    Few games have a demo that capture my interest so intensely as Eagle Island, thankfully my enjoyment of the demo translated well into the full game. Featuring a level of polish I don't often see from a brand new release, Eagle Island is an absolute joy.

  • Fast-paced action platformer "Damsel" now has Episode 3 released

    While Linux support for Episode 3 of Damsel has come a little later, it's now available as of the latest update to this challenging action platformer.

  • Action-RPG "Last Epoch" getting a demo later this year, next update due in August

    After a successful crowdfunding campaign in 2018, the action-RPG "Last Epoch" released into Early Access back in April. It sounds like development is going well, with a number of things announced recently.

    In their update post, they went over some of their current plans. Firstly, the next update is now due in "early" August although there's no details yet in what it will bring. However, they also mentioned that the update after will be including "additional Chapter content, Time Rifts, new enemies, new skills - and more" which all sounds good.

read more

Clear Linux with Gnome 3.32

Čet, 07/11/2019 - 12:06

Today we are looking at a newish distro that is quickly improving and according to many podcasts and blogs it might become one of the major Linux distros soon as it has many interesting features, but it isn't perfect yet.

There are many pros to look at, firstly it is Intel's Linux distro, so it has great financial backing and support. Ikey Doherty, the guy who started Solus OS is part of the developing team of Clear Linux, as we all know he is no longer part of Solus, but he is a great developer for Clear Linux.

It is an independently based distro, so not build on one of the major distros like Debian or Arch. It uses the Gnome Desktop Environment and it uses Gnome Software Center 3.30 as Software Store. It uses Gnome 3.32 and Linux Kernel 5.1 and uses about 1.1GB of ram when idling.

The only downside of it is, that the installer is still a work in progress and a person can only install it on real hardware, not in Virtual Machines, that is the desktop version, so I made this video by using the live session, rest assured that my host system is Linux as well, so I would really like to see that they will enable us to install it on VirtualBox as well. The ISO comes in a compressed package which a person needs to extract to use the ISO.

Video/direct: Clear Linux OS with Gnome 3.32 Run Throughclear os lms

read more

Events: Akademy 2019, GUADEC 2019, SUSE, Linux Plumbers Conference

Čet, 07/11/2019 - 12:00
  • Akademy 2019: Talk Schedule is out!

    On day one (Saturday, September 7), the teams that have been working on the community goals over the last two years will discuss how things worked out and what has been achieved (spoiler: a lot). As many of the procedures and processes developed for the goals have now been worked into the everyday ways the KDE community operates and builds things, it is time to look for new goals. That is precisely what will be happening next, when the panel unveils what the community has decided to work on in the next two years.

    Apart from goals, there will also be time for the bleeding-edge tech KDE is so well-known for. You will find out from Aleix Pol how developers managed to make a complex graphical environment like the Plasma desktop start up faster, and Marco Martin and Bhushan Shah will show us how Plasma can work everywhere, including on embedded devices. Taking things a step further still, Aditya Mehra will demonstrate how the open source Mycroft AI assistant can be the next great thing to assist you while you drive your car.

  • Felipe Borges: Newcomers workshop @ GUADEC 2019

    This year’s GUADEC is approaching and I can already feel people’s excitement while talking about our annual conference. It is important that we benefit from having so many GNOMies together in the same location to help the next generation to get started in our project. For this reason, we are planning a workshop during the first day of the BoFs (check our wiki page for more info).

    The Newcomers Workshop aims at helping newcomers solve their first Gitlab issue. Historically, Carlos Soriano has championed the initiative (thank Carlos when you see him) and I have participated, guiding dozens of people in the universities here in Brno. In the past, other community members were organizing the workshop all over the world. We plan to expand the initiative by having even more GNOME contributors organizing similar events at a local level.

  • Webinar – Multimodal OS: SUSE Linux Enterprise 15 Service Pack 1
  • Customize your Cloud Foundry UI through Stratos extension framework

    At the recent Cloud Foundry Summit in Philadephia, Troy Topnik of SUSE and Bo Yang of IBM discussed how to use the open source Stratos UI’s extension framework to add new features such as autoscaling policies, allowing users to view and query application metrics and scaling events in the Stratos application dashboard with a consistent user experience. This is a great opportunity to learn about how Stratos and how it can be easily customized for Cloud Foundry deployments.

  • Linux Plumbers Conference: Power Management and Thermal Control Microconference Accepted into 2019 Linux Plumbers Conference

    We are pleased to announce that the Power Management and Thermal Control Microconference has been accepted into the 2019 Linux Plumbers Conference! Power management and thermal control are important areas in the Linux ecosystem to help improve the environment of the planet. In recent years, computer systems have been becoming more and more complex and thermally challenged at the same time and the energy efficiency expectations regarding them have been growing. This trend is likely to continue in the foreseeable future and despite the progress made in the power-management and thermal-control problem space since the Linux Plumbers Conference last year. That progress includes, but is not limited to, the merging of the energy-aware scheduling patch series and CPU idle-time management improvements; there will be more work to do in those areas. This gathering will focus on continuing to have Linux meet the power-management and thermal-control challenge.

read more

Audiocasts/Shows: Choose Linux 13, TechSNAP 407, TLLTS 816 and FLOSS Weekly 537

Čet, 07/11/2019 - 11:46

read more

Wind River Linux offers containers and cloud-native approaches for embedded computing software development

Čet, 07/11/2019 - 11:33

Wind River Systems in Alameda, Calif., is introducing enhancements to the Wind River Linux software to ease adoption of containers in embedded computing systems.

Enhancements provide resources such as pre-built containers, tools, and documentation, and support for frameworks such as Docker and Kubernetes.

Embedded devices in industrial, medical equipment, and automotive systems, can require lightweight, reliable software with long life cycles. Existing container technologies like those in enterprise Linux, are often bloated or require updates too frequently to run effectively on these embedded systems.

read more

A Merge Proposal to ‘Drop Snap Support’ from GNOME Software Hints at Deeper Divisions

Čet, 07/11/2019 - 11:00

As you probably know, Ubuntu Software, the default software app Ubuntu ship with, is based on GNOME Software. It’s mostly the same app save for a few Snap-specific tweaks (which we’ve mentioned before) and shipping with the Snap plugin by default.

In short, the “Snap” support it offers isn’t particularly egregious or wide-reaching.

But word on the street is that Ubuntu is prepping a brand new app store exclusively tailored to Snap apps for use in a future release (but separate from the Snap’d Snap Store snap)

This has made some devs who work on GNOME Software a little …twitchy.

Kalev Lember, the dev behind the merge request to nuke the 4000 or so lines of Snap support in GNOME Software, explains:-

“Ubuntu is switching to a new snap-store app for installing and removing snaps. This commit drops the snap backend from gnome-software to avoid maintenance overhead.”

Reasonable. Why should they shoulder the burden of working around Snap-specific code if Ubuntu, the only distro making use of it, don’t plan to use it longterm?

read more

Security: Patches, CVSS, DANE OPENPGPKEY for debian.org, and Windows Voting Machines

Čet, 07/11/2019 - 10:47
  • Security updates for Wednesday

    Security updates have been issued by Debian (redis), Fedora (expat), Mageia (dosbox, irssi, microcode, and postgresql11), Red Hat (bind, dbus, openstack-ironic-inspector, openstack-tripleo-common, python-novajoin, and qemu-kvm-rhev), Scientific Linux (kernel), SUSE (kernel-firmware, libdlm, libqb, and libqb), and Ubuntu (apport).

  • Why CVSS does not equal risk: How to think about risk in your environment

    I’m going to come right out and say it: CVSS does NOT equal Risk (CVSS!=Risk). Anyone who thinks otherwise is mistaken and setting themselves up for more work, pain, and stress than they realistically should have to go through. A risk is a potential for loss or damage if a threat exploits a vulnerability (which is a weakness in hardware or software). We’ll talk more about all that momentarily.

    Common Vulnerability Scoring System (CVSS) is a toolset and methodology used by many of us in the industry (hardware/software manufacturers, maintainers, etc.) and security researchers to describe the relative severity of security vulnerabilities in a consistent, quantitative way. This data being represented results in a score ranging from lowest 0, to the highest of 10.

    Recently the FIRST CVSS SIG updated the released version 3.1 of the framework which is the point of reference for this post. I'd strongly encourage anyone that uses the framework, or is impacted by security flaws (typically documented with a Common Vulnerabilities and Exposures (CVE) entry) to read the updated procedures and guidance.

  • DANE OPENPGPKEY for debian.org

    I recently announced the publication of Web Key Directory for @debian.org e-mail addresses. This blog post announces another way to fetch OpenPGP certificates for @debian.org e-mail addresses, this time using only the DNS. These two mechanisms are complementary, not in competition. We want to make sure that whatever certificate lookup scheme your OpenPGP client supports, you will be able to find the appropriate certificate.

    The additional mechanism we're now supporting (since a few days ago) is DANE OPENPGPKEY, specified in RFC 7929.

  • Voting Machine Makers Claim The Names Of The Entities That Own Them Are Trade Secrets

    This seems like very basic information -- information the Board should know and should be able to pass on to the general public. After all, these are the makers of devices used by the public while electing their representatives. They should know who's running these companies and who their majority stakeholders are. If something goes wrong (and something always does), they should know who's ultimately responsible for the latest debacle.

    It's not like the state was asking the manufacturers to cough up code and machine schematics. All it wanted to know is the people behind the company nameplates. But the responses the board received indicate voting system manufacturers believe releasing any info about their companies' compositions will somehow compromise their market advantage.

    Hart Intercivic said letting the public know that the company is owned by H.I.G. Hart, LLC and Gregg L. Burt is a fact that would devalue the company if it were made public.

read more

sfy39587f05