Odprtokodni pogled

Opensource view


[$] Soft CPU affinity

LWN.net - Čet, 07/04/2019 - 16:03
On NUMA systems with a lot of CPUs, it is common to assign parts of the workload to different subsets of the available processors. This partitioning can improve performance while reducing the ability of jobs to interfere with each other. The partitioning mechanisms available on current kernels might just do too good a job in some situations, though, leaving some CPUs idle while others are overutilized. The soft affinity patch set from Subhra Mazumdar is an attempt to improve performance by making that partitioning more porous.

Rust 1.36 Brings Offline Support In Cargo, Stable Alloc Crate

Phoronix - Čet, 07/04/2019 - 15:17
The Rust language team is marking this US Independence Day by rolling out Rust 1.36...

Security updates for Thursday

LWN.net - Čet, 07/04/2019 - 14:56
Security updates have been issued by CentOS (libssh2 and qemu-kvm), Debian (lemonldap-ng), Fedora (tomcat), Oracle (kernel), and SUSE (elfutils, kernel, and php5).

Samba 4.11 Aims To Be Scalable To 100,000+ Users

Phoronix - Čet, 07/04/2019 - 14:17
For those using Samba for better Windows interoperability with SMB/CIFS/AD, the forthcoming Samba 4.11 will be a lot more scalable so it can be used within massive organizations...

To Little Surprise, Many Linux Apps Run On The Librem 5 Linux Smartphone

Phoronix - Čet, 07/04/2019 - 14:00
Now being into Q3, we're waiting to see if Purism will be able to deliver the Librem 5 GNU/Linux smartphone this quarter after being pushed back twice from their original January ship date. They haven't released any finished design yet or the finalized specifications (they still haven't finalized on the RAM, battery, cameras, and speaker(s)), but their latest series of blog posts are showing that GNOME/Linux applications can run on their Librem 5 developer kit...

RADV Vulkan Driver Switches To The RTLD Linker

Phoronix - Čet, 07/04/2019 - 12:59
A big set of patches landed this morning in RADV Git for Mesa 19.2...

CentOS 8.0 Completed Its Initial Build Loop

Phoronix - Čet, 07/04/2019 - 12:47
It looks like CentOS 8 as the "community" version of Red Hat Enterprise Linux 8.0 is still a few weeks away, but good progress is being made...

AMDVLK Support For Navi Might Be Slightly Delayed

Phoronix - Čet, 07/04/2019 - 12:27
While there is the open-source OpenGL driver support in RadeonSI now part of Mesa 19.2 for the Radeon RX 5700 series launching on Sunday, for the open-source Vulkan driver support due to timing you might be needing to wait a little bit...

OpenBSD Is Now My Workstation

tuxmachines.org - Čet, 07/04/2019 - 11:34

Why OpenBSD? Simply because it is the best tool for the job for me for my new-to-me Lenovo Thinkpad T420. Additionally, I do care about security and non-bloat in my personal operating systems (business needs can have different priorities, to be clear).

I will try to detail what my reasons are for going with OpenBSD (instead of GNU/Linux, NetBSD, or FreeBSD of which I’m comfortable using without issue), challenges and frustrations I’ve encountered, and what my opinions are along the way.

Disclaimer: in this post, I’m speaking about what is my opinion, and I’m not trying to convince you to use OpenBSD or anything else. I don’t truly care, but wanted to share in case it could be useful to you. I do hope you give OpenBSD a shot as your workstation, especially if it has been a while.

read more

Kako se izogniti nevarnosti SQL vrivanja?

Slo-Tech - Čet, 07/04/2019 - 10:40
Kako se izogniti nevarnosti SQL vrivanja? Slo-Tech - SQL vrivanje (SQL injection) je preprost in žal še vedno razmeroma pogost napad na spletne aplikacije. V osnovi poteka tako, da napadalec v vnosna polja spletne aplikacije vnaša delce programske kode (SQL ukaze). S tem ranljivo aplikacijo prepriča, da mu posreduje podatke iz zaledne baze (npr. gesla, seznam uporabnikov, ipd.), do katerih sicer ne bi smel imeti dostopa. Več na Slo-Techu.

Software: WireGuard and Olivia

tuxmachines.org - Čet, 07/04/2019 - 10:25
  • WireGuard Snapshot `0.0.20190702` Available Hello, A new snapshot, `0.0.20190702`, has been tagged in the git repository. Please note that this snapshot is, like the rest of the project at this point in time, experimental, and does not constitute a real release that would be considered secure and bug-free. WireGuard is generally thought to be fairly stable, and most likely will not crash your computer (though it may). However, as this is a pre-release snapshot, it comes with no guarantees, and its security is not yet to be depended on; it is not applicable for CVEs. With all that said, if you'd like to test this snapshot out, there are a few relevant changes. == Changes == * curve25519: not all linkers support bmi2 and adx This should allow WireGuard to build on older toolchains. * qemu: show signal when failing This was useful in tracking down upstream armeb bugs such as: http://lists.infradead.org/pipermail/linux-arm-kernel/2019-May/655926.html * wg-quick: darwin: support being called from launchd We now ship a sample launchd file, for folks who would like to run WireGuard on macOS servers with some form of automation. Most users are still advised to use the GUI app from the App Store. * compat: some kernels weirdly backport prandom_u32_max * compat: unify custom function prefix/suffix * compat: rhel backported list modifications Usual maintance of our compat layer for existing platforms and kernels. * compat: support RHEL8's skb_mark_not_on_list backport We now support RHEL8/CentOS8's kernel. * global: switch to coarse ktime Our prior use of fast ktime before meant that sometimes, depending on how broken the motherboard was, we'd wind up calling into the HPET slow path. Here we move to coarse ktime which is always super speedy. In the process we had to fix the resolution of the clock, as well as introduce a new interface for it, landing in 5.3. Older kernels fall back to a fast-enough mechanism based on jiffies. https://lore.kernel.org/lkml/tip-e3ff9c3678b4d80e22d2557b68726174578eaf52@git.kernel.org/ https://lore.kernel.org/lkml/20190621203249.3909-3-Jason@zx2c4.com/ * netlink: cast struct over cb->args for type safety This follow recent upstream changes such as: https://lore.kernel.org/lkml/20190628144022.31376-1-Jason@zx2c4.com/ * peer: use LIST_HEAD macro Style nit. * receive: queue dead packets to napi queue instead of empty rx_queue This mitigates a WARN_ON being triggered by the workqueue code. It was quite hard to trigger, except sporadically, or reliably with a PC Engines ALIX, an extremely slow board with an AMD LX800 that Ryan Whelan of Axatrax was kind enough to mail me. This snapshot contains commits from: Jason A. Donenfeld. As always, the source is available at https://git.zx2c4.com/WireGuard/ and information about the project is available at https://www.wireguard.com/ . This snapshot is available in compressed tarball form here: https://git.zx2c4.com/WireGuard/snapshot/WireGuard-0.0.20190702.tar.xz SHA2-256: 1a1311bc71abd47a72c47d918be3bacc486b3de90734661858af75cc990dbaac BLAKE2b-256: 3b8668eed4c11c3d5995f23152c645ee40017ab84c8b15ce5f84015730290c9f A PGP signature of that file decompressed is available here: https://git.zx2c4.com/WireGuard/snapshot/WireGuard-0.0.20190702.tar.asc Signing key: AB9942E6D4A4CFC3412620A749FC7012A5DE03AE If you're a snapshot package maintainer, please bump your package version. If you're a user, the WireGuard team welcomes any and all feedback on this latest snapshot. Finally, WireGuard development thrives on donations. By popular demand, we have a webpage for this: https://www.wireguard.com/donations/ Thank you, Jason Donenfeld
  • WireGuard 0.0.20190702 Released For This Cross-Platform Open-Source VPN Tunnel

    WireGuard 0.0.20190702 has been released as the newest snapshot for this increasingly popular open-source network VPN tunnel that has showed much potential and has now been ported to all major platforms.

    WireGuard 0.0.20190702 is available for those interested. To much dismay, it doesn't look like the kernel module will make it into the upcoming Linux 5.3 merge window. As of writing, the code still hasn't been queued into net-next for merging into the Linux 5.3 merge window in early July. But for that to happen anyhow, WireGuard would likely still need to survive another round of code review on the Linux kernel mailing list along with its Zinc crypto API. We haven't seen that happen yet so long story short the WireGuard Linux support will likely still need to rely upon the DKMS out-of-tree kernel module for another round.

  • Cloud music player Olivia

    Olivia looks like a standard three-panel music player, with links to albums, artists, and playlists on the left, the player queue on the right, and a context-shifting middle pane. But it's not. Rather than helping you manage and maintain your own music collection, Olivia has been designed to simplify access to music that's typically played and discovered online. It's currently in an alpha testing state, and not all the features shown in the user interface (UI) are functional, but it's functional enough to be very useful and shows great promise. Type the name of a track into the search field, for example, and a list of image thumbnails for discovered tracks start to load into the middle pane, complete with details about the performer, release date, duration, and album. It's exactly as if the music is sourced from your local storage. A double-click adds the track to your queue from where it can then be played. The actual source for the music seems to be YouTube, from where the music is streamed stripped of its video content.

    The UI scales and animates smoothly as you navigate through different search and playback modes, and it can even dynamically theme itself according to your currently playing track's artwork. There's a very neat "widget" mode, which reduces the UI to nothing more than the current track thumbnail and playback controls. This is a great way of removing the distraction of choosing music from the infinite possibilities of online resources. As you play tracks, they're added to your "collection," so you can easily play them back or manage them much like you would local files. Local music is supported too, and there's an excellent song recommendation system. Type in the name of a piece of music you like, and Olivia will come back with a recommendation for something it thinks (or the Internet thinks) is similar. It works surprisingly well.

read more

Leftovers: CX at FLOSS Weekly, Automotive Grade Linux (AGL), SystemRescueCd, Fedora and Red Hat OpenShift

tuxmachines.org - Čet, 07/04/2019 - 10:21
  • FLOSS Weekly 536: CX

    CX is an interpreted and compiled, garbage collected, general purpose programming language, which means that it can be used to create any type of program, such as web, desktop, and command-line applications.

  • Candera, IDW Technologies, Reutlingen University, T-Systems, and Wuhan Bluestar Technology join Automotive Grade Linux to Support Shared Technology Development for In-Car Technology

    Automotive Grade Linux (AGL), a collaborative cross-industry effort developing an open source platform for connected car technologies, announces that Wuhan Bluestar Technology has joined as a Silver member, and Candera, IDW Technologies, Reutlingen University, and T-Systems have joined AGL as Bronze members.

    “We are excited to expand our growing, global community with five new members,” said Dan Cauchy, Executive Director of Automotive Grade Linux at the Linux Foundation. “We look forward to working with them as we continue to expand the AGL platform including instrument cluster, telematics and vehicle-to-cloud connectivity.”

  • Install Python on Ubuntu 19.04/18.04 using command terminal
  • How to install a CockroachDB cluster on Ubuntu 18.04
  • SystemRescueCd – a live system that rescues data and systems

    The SystemRescueCd live system contains numerous tools that you can use to recover deleted files or a defective system.

    The SystemRescueCd live system above all offers programs with which you can reanimate defective data carriers and recover data. It includes the Firefox browser, which can also be used to search for solutions to a problem on the Internet if the permanently installed system fails to boot. Finally, SystemRescueCd provides useful tools for everyday work, such as creating or shrinking hard disk partitions. The live system relies on standard tools such as the well-known GParted for partitioning hard disks.

  • F30-20190628 updated isos released

    The Fedora Respins SIG is pleased to announce the latest release of Updated F30-20190605 Live ISOs, carrying the 5.1.15-200 kernel.

    This set of updated isos will save considerable amounts of updates after install. ((for new installs.)(New installs of Workstation have 1.2GB of updates)).

    A huge thank you goes out to irc nicks dowdle, Short-bike,Southern-Gentlem for testing these iso.

  • Simplify Migration from OpenShift 3 to 4

    Now that Red Hat OpenShift 4 has officially been released, it’s time to start thinking about migration from Red Hat OpenShift Container Platform 3 to OpenShift Container Platform 4.

    You can check out the details about the differences between OpenShift 3 and 4 here.

    One of the biggest differences between OpenShift 3 and 4 is how OpenShift 4 clusters operate using immutable and automated infrastructure enabled by RHEL CoreOS and automation. We’re going to show you one way to migrate to this new platform with as few bumps as possible.

read more

OSS: OSI, Mozilla, Crunchy Data, LibreOffice, NexDock

tuxmachines.org - Čet, 07/04/2019 - 10:11
  • On Why OpenStack Foundation Joined the OSI

    Over the past year, the definition of open source has been challenged, as some companies wanted to change the licensing of their software while continuing to reap the benefits of calling it open source, or at least the benefits of being potentially confused with open source.

    That makes the work of the Open Source Initiative more important than ever. For more than 20 years, the OSI has been a steadfast guardian of the Open Source Definition. They’ve kept it focused on user freedoms, evaluating new proposed software licenses against that definition, while discouraging further license proliferation. They’ve also been instrumental to the success of open source through their tireless advocacy and education work.

    These objectives resonate with the work we do at the OpenStack Foundation (OSF). Today open source is necessary, but not sufficient: users of open-source licensed software are sometimes denied some of the original free and open source software benefits. We need to go beyond how the software is licensed and drive new standards on how open source should be built. Users should be able to tell easily the difference between a truly open collaboration guaranteeing all of open source benefits and single-vendor or open core projects.

  • 8 Years of Reps Program, Celebrating Community Successes!

    The Reps program idea was started in 2010 by William Quiviger and Pierros Papadeas, until officially launched and welcoming volunteers onboard as Mozilla Reps in 2011. The Mozilla Reps program aims to empower and support volunteer Mozillians who want to be official representatives of Mozilla in their region/locale/country. The program provides a framework and a specific set of tools to help Mozillians to organize and/or attend events, recruit and mentor new contributors, document and share activities, and support their local communities better. The Reps program was created to help communities around the world. Community is the backbone of the Mozilla project. As the Mozilla project grows in scope and scale, community needs to be strengthened and empowered accordingly. This is the central aim of the Mozilla Reps program: to empower and to help push responsibility to the edges, in order to help the Mozilla contributor base grow. Nowadays, the Reps are taking a stronger point by becoming the Community Coordinators.

  • Will Kahn-Greene: Crash pings (Telemetry) and crash reports (Socorro/Crash Stats)

    I keep getting asked questions that stem from confusion about crash pings and crash reports, the details of where they come from, differences between the two data sets, what each is currently good for, and possible future directions for work on both. I figured I'd write it all down.

    This is a brain dump and sort of a blog post and possibly not a good version of either. I desperately wished it was more formal and mind-blowing like something written by Chutten or Alessio.

    It's likely that this is 90% true today but as time goes on, things will change and it may be horribly wrong depending on how far in the future you're reading this. As I find out things are wrong, I'll keep notes. Any errors are my own.

  • CIS Benchmark for PostgreSQL 11 Enhances PostgreSQL Security for Enterprises
  • Crunchy Data releases an update to the CIS Benchmark for PostgreSQL 11

    Crunchy Data, the leading provider of trusted open source PostgreSQL technology and support, in collaboration with the Center for Internet Security, announces the publication of a PostgreSQL CIS Benchmark for PostgreSQL 11.

    Crunchy Data again collaborated with CIS by evaluating open source PostgreSQL 11 against CIS’s security requirements and developed the guide defining how open source PostgreSQL can be configured and deployed to meet security requirements for enterprise systems.

    The PostgreSQL CIS Benchmark offers security-conscious enterprises a comprehensive guide for open source PostgreSQL configuration and usage. Enterprises can refer to the CIS Benchmark as they consider open source PostgreSQL as an alternative to proprietary and other database systems.

  • Annual Report 2018: LibreOffice events and activities around the world

    Zdeněk Crhonek and Stanislav Horáček attended the two biggest Czech FOSS events, LinuxDays in Prague and OpenAlt in Brno. There was generally positive feedback from users, interest in new features and what is going on. Also, there was discussion with someone from the National Technical Library in Prague (who enthusiastic about FOSS, migrated client computers to Linux and LibreOffice, and encouraging us to spread the word about it) and a representative of an organization trying to coordinate using FOSS in Czech municipalities (two towns running LibreOffice, with the intention to pay for some bug fixing).

    Other meetups took place at these events: a meeting with the Slovak community (Miloš Šrámek and Andrej Kapuš) in Brno, a meeting with the Czech localization community (Mozilla, Linux distributions), discussing mainly the possibility of a new Czech dictionary, and a discussion with a marketing specialist who suggested ways to simplify the LibreOffice web page.

    Apart from events, the Czech community worked continuous localization of LibreOffice’s user interface, website, help and marketing materials (press releases, video subtitles). There was also user support and moderation on the Czech “Ask LibreOffice” site.

  • LibreOffice QA Report: June 2019
  • NexDock 2 Hands-On Video

    The NexDock 2 crowdfunding swiftly met its goal earlier this year (no major shock as there’s little else like it out there to my knowledge).

    A 13.3-inch laptop shell that lets you use smartphones and single-board PCs as fully-fledged computers. The NexDock provides the screen, keyboard and trackpad, and your phone or Raspberry Pi provides the brain.

    Every time I see the dock in action I want one. And that want goes double since the launch of the Raspberry Pi 4 and its touted desktop-class performance…

    Anyway, if you want one you can have one.

  • A worldwide, open source model for solar performance

    As solar’s share in the global energy mix continues to grow, managing the intermittencies inherent to the technology and ensuring its reliable integration into grids is an ever more important question.

    By collecting 38 years’ of irradiation, temperature and weather data and combining it with the historical output of European solar installations, scientists at Denmark’s Aarhus University have developed a model they say can predict the output of PV projects anywhere in the world.

    “We can look at not only a single installation but energy production in entire countries or continents from PV installations,” said Marta Victoria, an assistant professor at Aarhus University. “This is extremely important for the way in which the energy systems of the future can be combined to function optimally.”

read more

GameShell is a portable and modular DIY retro game console

tuxmachines.org - Čet, 07/04/2019 - 09:48

It’s the “world’s first modular, portable game console” running a GNU/Linux operating system. You can easily play retro games from Atari, GameBoy, GameBoy Advance, Nintendo Entertainment System, and more on the GameShell. Or, create your own game entirely with Preset C, Python, Lua, Javascript, or LISP.

Also: Google's Fuschia operating system has been in works for years now.

read more

Miscellaneous New Articles From Linux Magazine (Partial Paywalls)

tuxmachines.org - Čet, 07/04/2019 - 09:41
  • Linux Voice – Introduction

    For many of us mortals, the two greatest challenges are managing money and managing time. We tackle both these pressing issues in this month's edition of LinuxVoice. You'll find out how to keep your bank account balanced with the classic banking tool GnuCash. We also show you Fanurio, a time-tracking tool oriented for the professional user with advanced features for reports, invoicing, and other tasks pertinent to the enterprising freelancer.

  • openSUSE Leap 15.1 and SystemRescueCd

    OpenSUSE is a community-based Linux project sponsored by SUSE. The openSUSE Leap edition is a regular release version with tools and new technologies that will one day appear in SUSE Enterprise Linux.

    According to the openSUSE developers, the latest release offers "continuity and stability." OpenSUSE 15.1 comes with a major update to the graphics stack and better support for GPU virtualization. The YaST configuration tool offers an improved partition utility and a new interface for firewall configuration.

  • Borg Reorg

    Microsoft just announced that its built-in Linux kernel is available for testing. The Linux kernel that will be integrated with Windows 10 is tuned to work with the Windows Subsystem for Linux compatibility suite. Predictably, a new round of alarms went up around the Linux community ? just as they did when Microsoft announced that they would soon be shipping this new Linux back in May. Microsoft distributing Linux? Is this a trick or some kind of nefarious subterfuge? Weren't they the ones who said Linux is a cancer?

  • Stay punctual with chrony
  • Scheduling Commands and Scripts
  • Preparing an object for 3D printing
  • Making your scripts interactive
  • Integrated client/server solution
  • Innovative time management with Fanurio
  • Go program finds photos with nearby GPS coordinates
  • In the news

read more

Linux Mint 20 will ditch 32-bit architecture following Canonical's recent announcement

tuxmachines.org - Čet, 07/04/2019 - 09:32

Clem Lefebvre, head of the Linux Mint project, has announced that Linux Mint 20 and beyond will drop support for 32-bit systems. The news comes on the heels of a decision made by Canonical to drop support for the 32-bit architecture in Ubuntu 19.10 and Ubuntu 20.04 LTS, the latter of which Linux Mint 20 will be based on.

In the blog post, Lefebvre said he believes most people are happy with the decision to drop 32-bit versions and that it makes sense in 2020. Computers with a 64-bit processor have been on the market since 2003, and most of the computers that have shipped in this decade are 64-bit ready (except several infernal netbooks).

read more

Security: Updates/Patches and Chinese Mawlare on Top of US Malware (iOS/Android)

tuxmachines.org - Čet, 07/04/2019 - 09:26
  • Security updates for Wednesday

    Security updates have been issued by Debian (pdns), Fedora (kernel and kernel-headers), Mageia (cgit and firefox), Oracle (libssh2 and qemu-kvm), Red Hat (openstack-ironic-inspector, openstack-tripleo-common, and qemu-kvm-rhev), Scientific Linux (libssh2 and qemu-kvm), SUSE (bzip2, cronie, libtasn1, nmap, php7, php72, python-Twisted, and taglib), and Ubuntu (thunderbird and znc).

  • Google Releases July 2019's Android Security Patch to Fix over 30 Security Flaws

    Google has released today the Android Security Patch for July 2019 for all supported Pixel devices to address the latest security issues, fix bugs, and add various improvements.


    Apart from all the security fixes, the Android Security Patch for July 2019 also fixes various bugs for supported Pixel devices. As such, it improves the "OK Google" hotword and music detection on Pixel 2, Pixel 2 XL, Pixel 3, Pixel 3 XL, Pixel 3a, Pixel 3a XL devices, and addresses an issue for some Pixel 3 and Pixel 3 XL devices getting stuck during boot.

    Moreover, Google fixed an issue on Pixel 3, Pixel 3, XL, Pixel 3a, and Pixel 3a XL devices getting stuck in EDL mode with a blank screen, improves Unicode Japanese language support for Pixel, Pixel XL, Pixel 2, Pixel 2 XL, Pixel 3, Pixel 3 XL, Pixel 3a, and Pixel 3a XL devices, and improves the performance of the Titan M module on the Pixel 3, Pixel 3 XL, Pixel 3a, and Pixel 3a XL.

    The Android Security Patch for July 2019 is now rolling out to all supported Pixel devices, including the Pixel 2, Pixel 2 XL, Pixel 3, Pixel 3 XL, Pixel 3a, and Pixel 3a XL, and it should also be available shortly for other Android devices from major manufacturers like Essential, Sony, and others. The rollout will take a few days to arrive to all users, so make sure you update as soon as possible.

  • Chinese Border Agents Now Installing Malware On Foreigners' Cellphones

    It's a pretty open intrusion. The malware makes no attempt to hide itself. It even places an icon on the device's application screen. The app has been uploaded by Motherboard and analysis shows this may possibly be for the convenience of the person scanning the phone. The app is sideloaded by border agents, who run a scan and search for the targeted content. Once this is done, those files can be viewed/exfiltrated and the app uninstalled. Also, soon after the article was published, most of the major anti-malware providers started flagging this software.

    It's all part of the surveillance regime the Chinese government has directed towards the Uighur population in Xinjiang. Only now it's spread past the historically-oppressed population to visitors to the region. Pretty much anyone travelling into the region via certain checkpoints is subject to device seizures and malware installation.

  • VMware begins patching process for Linux SACK vulnerabilities

    The two flaws, SACK Panic (CVE-2019-11477) and SACK Excess Resource Usage (CVE-2019-11478), were originally found and disclosed by Netflix researchers, along with two Linux bugs.

    “These issues may allow a malicious entity to execute a denial of service attack against affected products, warns a July 2 company security advisory that collectively rates the vulnerabilities as important in severity. (SACK Panic has a CVSSv3 base score of 7.5, while SACK Excess Resource Usage has a score of 5.3.)

    As of July 3, 11:30 a.m. ET, patches were available for SD-WAN Edge by VeloCloud, SD-WAN Gateway by VeloCloud, SD-WAN Orchestrator by VeloCloud, Unified Access Gateway and vCenter Server Appliance, and workarounds were available for Unified Access Gateway and vCloud Director for Service Providers.

read more

Syndicate content