Git Quick Start Guide

Ditch USBs and start using real version control, and if you follow this guide,
you can start using git in 30 minutes!

If you have any experience with programming or just altering config
files, I’m sure you’ve been dumbstruck by how one change you’ve made along
the line affects the whole project. Identifying and isolating the problem
without a version control system is often time- and energy-intensive,
involving retracing your steps and checking all changes made before the
unwanted behavior first occurred. A version control system is designed
explicitly to make that process easier and provide readable comparisons between
versions of text.

Another great feature that distributed version control systems
such as git provide is the power of lateral movement. Traditionally, a team of
programmers would implement features linearly. This meant pulling the code
from the trusted source (server) and developing a section before pushing
the altered version back upstream to the server. With distributed systems,
every computer maintains a full repository, which means each programmer
has a full history of additions, deletions and contributors as well as the
ability to roll back to a previous version or break away from the trusted
repository and fork the development tree (which I discuss later).

Quick Start Guide

The great thing about git is there’s so little you need to know! Without further ado, let’s begin with the most important commands.

First, I’m working with a previous project of mine located here:

[user@lj src]$ pwd

To create a local repository, simply run:

[user@lj src]$ git init
Initialized empty Git repository in

To add all source files recursively to git’s index, run:

[user@lj src]$ git add .

To push these indexed files to the local repository, run:

[user@lj src]$ git commit

You’ll see a screen containing information about the commit, which allows you to leave a description of the commit:

Source: Linux Journal

Dropbox Ending Sync Support for Uncommon Filesystems, Google Tracks Your Location, NVIDIA Unveils Its First Turing Architecture-Based GPUs, Blackmagic Design Announces DaVinci Resolve 15 and Virtlyst 1.2.0 Released

News briefs for August 14, 2018.

Dropbox recently announced in its forum that it will be supporting only the ext4 filesystem for
Linux starting in November. Here’s the post: “Hi everyone, on Nov. 7, 2018,
we’re ending support for Dropbox syncing to drives with certain uncommon
file systems. The supported file systems are NTFS for Windows, HFS+ or APFS
for Mac, and Ext4 for Linux.” (Source: It’s FOSS.)

The AP
that Google tracks your location history, even if you turn “Location History”
off. On both Android devices and iPhones, Google stores “your location data
even if you’ve used a privacy setting that says it will prevent Google
from doing so.
Computer-science researchers at Princeton confirmed these findings at the
AP’s request.”
Wired post
describes how you actually can disable location tracking.

NVIDIA unveiled its
first Turing architecture-based GPUs
yesterday at SIGGRAPH. The press
release claims the Quadro RTX, “the world’s
first ray-tracing GPU” will revolutionize “the work of 50 million designers
and artists by enabling them to render photorealistic scenes in real time,
add new AI-based capabilities to their workflows, and enjoy fluid
interactivity with complex models and scenes.”

Blackmagic Design yesterday announced
the release of DaVinci Resolve 15
. You can download this “professional
editing, visual effects, motion graphics, color correction and audio post
production software” for free from the Blackmagic Design site. This release
is “a massive update that fully integrates visual
effects and motion graphics, making it the world’s first solution to
combine professional offline and online editing, color correction, audio post
production, multi user collaboration and now visual effects together in one
software tool”.

Virtlyst 1.2.0, a web interface for managing virtual machines built with
Cutelyst/Qt/C++, was released yesterday. According to Dantti’s
, this update includes several bug fixes, including “the ability
to warn users before doing important actions to help avoid making
mistakes”. You can download it from GitHub.

Source: Linux Journal

The Academy of Motion Picture Arts and Sciences and The Linux Foundation Launched the Academy Software Foundation, Linux 4.18 and GNU Linux-libre 4.18-gnu Kernels Are Out, DXVK 0.65 Released and Canonical Live Patch Update

News briefs for August 13, 2018.

The Academy of Motion Picture Arts and Sciences and The Linux Foundation
launched the Academy Software Foundation
late last week. The ASF’s mission is to “increase the quality and
quantity of contributions to the content creation industry’s open source
software base; to provide a neutral forum to coordinate cross-project
efforts; to provide a common build and test infrastructure; and to provide
individuals and organizations a clear path to participation in advancing our
open source ecosystem”. Interested developers can sign up to join the mailing
list here.

The Linux 4.18
kernel is out
. See this Phoronix
for a list of the best features of this new kernel.

And, the GNU
Linux-libre 4.18-gnu deblobbed version
, which removes all non-free
components from Linux, is now available as well. You can find dources and tarballs

DXVK 0.65, a Vulkan-based library for running Direct3D 11 games in Wine, has been released.
According to GamingOnLinux,
the new version provides “better configuration for various games out of the
box”, along with several other fixes.

Canonical recently released a new Linux kernel live patch for all of its supported
Ubuntu Linux operating system releases to address various security
vulnerabilities, including the recent TCP flaw (CVE-2018-5390)
and a few others (CVE-2018-13405,
and CVE-2018-11506).
Update now if you haven’t already. (Source: Softpedia

Source: Linux Journal

Encrypting NFSv4 with Stunnel TLS

NFS clients and servers push file traffic over clear-text connections in the default configuration, which is incompatible with
sensitive data. TLS can wrap this traffic, finally bringing protocol security. Before you use your cloud provider’s NFS tools, review
all of your NFS usage and secure it where necessary.

The Network File System (NFS) is the most popular file-sharing protocol in UNIX. Decades old and predating Linux, the most modern v4
releases are easily firewalled and offer nearly everything required for seamless manipulation of remote files as if they were local.

The most obvious feature missing from NFSv4 is native, standalone encryption. Absent Kerberos, the protocol operates only in
clear text, and this presents an unacceptable security risk in modern settings. NFS is hardly alone in this shortcoming, as I have
already covered clear-text
SMB in a previous article
. Compared to SMB, NFS over stunnel offers better encryption (likely AES-GCM if
used with a modern OpenSSL) on a wider array of OS versions, with no pressure in the protocol to purchase paid updates or newer OS

NFS is an extremely common NAS protocol, and extensive support is available for it in cloud storage. Although Amazon EC2 supports
clear-text and encrypted NFS, Google Cloud makes no mention
of data security in its documented procedures, and major initiatives for
the protocol recently have been launched by Microsoft Azure and Oracle Cloud that raise suspicion. When using these features over
untrusted networks (even within the hosting provider), it must be assumed that vulnerable traffic will be captured, stored and
reconstituted by hostile parties should they have the slightest interest in the content. Fortunately, wrapping TCP-based NFS with TLS
encryption via stunnel, while not obvious, is straightforward.

The performance penalty for tunneling NFS over stunnel is surprisingly small—transferring an Oracle Linux Installation ISO over an
encrypted NFSv4.2 connection is well within 5% of the speed of clear text. Even more stunning is the performance of
fuse-sshfs, which
appears to beat even clear-text NFSv4.2 in transfer speed. NFS remains superior to sshfs in reliability, dynamic
idmap and
resilience, but FUSE and OpenSSH delivered far greater performance than expected.

Source: Linux Journal

Weekend Reading: All Things Bash

Bash shell

Bash is a shell and command language. It is distributed widely as the default login shell for most Linux distributions. We’ve rounded up some of the most popular Bash-related articles for your weekend reading.

Create Dynamic Wallpaper with a Bash Script
By Patrick Wheelan
Harness the power of bash and learn how to scrape websites for exciting new images every morning.

Developing Console Applications with Bash
By Andy Carlson
Bring the power of the Linux command line into your application development process.

Parsing an RSS News Feed with a Bash Script
By Jim Hall
I can automate an hourly job to retrieve a copy of an RSS feed, parse it, and save the news items to a local file that the website can incorporate. That reduces complexity on the website, with only a little extra work by parsing the RSS news feed with a Bash script.

Hacking a Safe with Bash
By Adam Kosmin
Being a minimalist, I have little interest in dealing with GUI applications that slow down my work flow or application-specific solutions (such as browser password vaults) that are applicable only toward a subset of my sensitive data. Working with text files affords greater flexibility over how my data is structured and provides the ability to leverage standard tools I can expect to find most anywhere.

Graph Any Data with Cacti!
By Shawn Powers
Cacti is not a new program. It’s been around for a long time, and in its own way, it’s a complicated beast itself. I finally really took the time to figure it out, however, and I realized that it’s not too difficult to use. The cool part is that Cacti makes RRDtool manipulation incredibly convenient. It did take me the better part of a day to understand Cacti fully, so hopefully this article will save you some time.

Reading Web Comics via Bash Script
By Jim Hall
I follow several Web comics. I used to open my Web browser and check out each comic’s Web site. That method was fine when I read only a few Web comics, but it became a pain to stay current when I followed more than about ten comics. These days, I read around 20 Web comics. It takes a lot of time to open each Web site separately just to read a Web comic. I could bookmark the Web comics, but I figured there had to be a better way—a simpler way for me to read all of my Web comics at once.

Source: Linux Journal

Ring-KDE 3.0.0 Released, Intel Debuts 32TB Ruler-Shaped SSDs, OpenEMR Security Issues, PostgreSQL Updates and New Version of Unigine

News briefs for August 10, 2018.

3.0.0, a GNU client, has been released
. GNU Ring is a secure,
distributed communication platform based on open industry-standard technologies for audio calls,
video conferences, chat, screen-sharing and peer-to-peer file transfer. This
new version of Ring-KDE is a full rewrite of the app “to use more modern
technologies such as touch support, QtQuick2 and KDE Kirigami adaptive widget
framework”. When you join GNU Ring, “no servers or centralized
accounts are needed. Beside an optional blockchain-based way to reserve your
username against takeover, nothing leaves your device”, and Ring-KDE “provides
a simple wizard to help you create credentials or import your personal
information from other devices.” For more info, also visit here.

debuts a totally silent ruler-shaped solid state drive
, the Intel SSD DC
P4500. This SSD is can store 32
terabytes—”equivalent to triple the entire printed collection of
the U.S. Library of Congress”. In addition, “the no-moving-parts ruler-shaped
SSDs can be lined up 32 side-by-side, to hold up to a petabyte in a single
server slot. Compared with a traditional SSD, the ‘ruler’ requires
half the airflow to keep cool. And compared with hard disk storage, the new
3D NAND SSD sips one-tenth the power and requires just one-twentieth the

Several security vulnerabilities were discovered recently in OpenEMR, developer of open-source electronic health records and practice
management tools, possibly affecting the data of more than 90 million
patients. Info
Security Magazine
reports that the issues “included nine separate SQL
injection vulnerabilities, four remote code execution flaws and several
arbitrary file read, write and delete bugs. Others included a portal
authentication bypass, unauthenticated information disclosure, and cross-site
request forgery”. Info Security notes that OpenEMR team has since
patched “most” of the

PostgreSQL announces
a slew of new releases
: 10.5, 9.6.10, 9.5.14, 9.4.19, 9.3.24 and
11 beta 3. The third beta release of PostgreSQL 11 “contains previews of all
features that will be available in the final release of PostgreSQL 11”. Two
security issues and more than 40 bugs are also fixed in these updates.

Unigine, the Linux-friendly commercial game and professional graphics engine has released version
2.7.2. According to Phoronix, this release “has better importing support for CAD models,
optimized texture streaming, physically-based cameras and lights, an improved
particle system, multi-channel rendering improvements, and various other
optimizations and polishing. Unfortunately, no word on Vulkan support yet for
Unigine 2.” For more info, see also the Unigine

Source: Linux Journal

Julia 1.0 Released, 2018 State of Rust Survey, Samsung Galaxy Note 9 Launches Today, Margaret Dawson of Red Hat Named Business Role Model of the Year in Women in IT Awards and Creative Commons Awarded $800,000 from Arcadia

News briefs for August 9, 2018.

Julia 1.0 made
its debut
yesterday—the “culmination of nearly a decade of
work to build a language for greedy programmers”. The language’s
goal: “We want a language that’s open source, with a liberal license. We
want the speed of C with the dynamism of Ruby. We want a language that’s
homoiconic, with true macros like Lisp, but with obvious, familiar
mathematical notation like Matlab. We want something as usable for general
programming as Python, as easy for statistics as R, as natural for string
processing as Perl, as powerful for linear algebra as Matlab, as good at
gluing programs together as the shell. Something that is dirt simple to
learn, yet keeps the most serious hackers happy. We want it interactive and
we want it compiled.” You can download it here.

The Rust Community announced the 2018 State
of Rust Survey
, and they want your opinions to help them
establish future development priorities. The survey should take 10–15 minutes
to complete, and is available here.
And, you can see last year’s results here.

Samsung Galaxy Note 9 launches today at 11am ET. You can watch the
spectacle via Android
, which will be streaming the live event.

Margaret Dawson, Vice President, Portfolio Product Marketing
at Red Hat, was named Business Role Model of the Year at the inaugural Women
in IT Awards USA
. The awards were organized by Information Age
to “redress the gender imbalance by showcasing the achievements of women in
the sector and identifying new role models”.

Commons was awarded $800,000
from Arcadia (a charitable fund of
Lisbet Rausing and Peter Baldwin) to support CC Search, which is “a Creative Commons
technology project designed to maximize discovery and use of openly licensed
content in the Commons”. CC Search, along with Commons Metadata Library and
the Commons API, plans to form the Commons Collaborative Archive and Library,
a suite of tools that will “make the global commons of openly licensed content
more searchable, usable, and resilient, and to provide essential
infrastructure for collaborative online communities”.

Source: Linux Journal

Astronomy on KDE

I recently switched to KDE and Plasma as my main desktop environment, so I
thought I’d start digging into some of the scientific software available on KDE.
First up is KStars, the desktop astronomy program.

KStars probably
won’t be installed with the standard KDE desktop, so you may need to install it. If
you’re using a Debian-based distribution, you can install KStars with the following

sudo apt-get install kstars

When you first start it, KStars asks for your current location, and then it
gives you the option of installing several extra information files to add to
the list of objects that KStars knows about and can display. Once those steps are
KStars begins with the current sky at the location you entered earlier.

Figure 1. On startup, KStars shows you the current layout of the sky in your

So, what can you do with KStars? If you’ve used programs like Stellarium before, you’ll
find that you can do the same types of tasks with KStars. You can use your
mouse to click and drag the display to change the direction you’re facing. The
cardinal directions are labeled along the outside of the circle of the sky, and you can
zoom in and out to change the field of view. If you see an object you want to examine
further, you can
double-click it to center it on the display and tag it as the current object of

Depending on what catalogs of data you installed, some of the objects
may have more or less information available. For example, selecting the planet
Uranus and zooming all the way in shows a reasonably detailed image of the planet,
including the ring orientation.

Figure 2. You can easily select and zoom in to objects of interest in KStars.

Quite a few options are available for
controlling what’s shown in the main window. The toolbar across the top of the window
allows you to toggle the following items: stars, deep sky objects, solar system objects,
supernovae, satellites, constellation lines, constellation names, constellation art,
constellation boundaries, Milky Way, equatorial coordinate grid, horizontal coordinate
grid and opaque ground. This allows you to customize the display so that it shows
only what you’re interested in at the time. The last display option is to toggle the “What’s
Interesting” pane.

Source: Linux Journal

LibreOffice 6.1 Now Available, Facebook Open-Sourcing Fizz, Firefox Advance Is Latest Test Pilot Experiment, Dart 2.0 Stable Released and KDE Neon Bionic Preview Images Available for Testing

News briefs for August 8, 2018.

Document Foundation announced
this morning that LibreOffice 6.1 is now
available. This is the second major release of the 6 family, and it has many
new features, such as Colibre (a new icon theme for Windows), a reworked
image handling feature, an improved EPUB export filter, improvements in all
modules of LibreOffice Online and much more. See this video for more on all
the new features. You can download LibreOffice 6.1 from here.

it is open-sourcing Fizz, a “robust, highly performant TLS
library written in C++ 14”. In addition, Facebook says that “Fizz now handles
millions of TLS 1.3 handshakes every second. We believe this makes it the
largest deployment of TLS 1.3—and early (0-RTT) data—on the
internet.” Fizz is now available on GitHub, and Facebook
hopes that open-sourcing it will “help speed up deployment of TLS 1.3 across the internet and help
others make their apps and services faster and more secure”.

Firefox’s latest Test
Pilot Experiment called Advance
is now available. Mozilla writes that
with Advance, “you can explore more of the web efficiently, with real-time
recommendations based on your current page and your most recent web history.”
Advance is a Web Extension that “works by analyzing content
you’re into right now in order to provide recommendations based on what
you may want to ‘Read Next’ through a sidebar in the browser.” You can
download it from here.

Google announced the release
of Dart 2 stable
yesterday, including a rewrite of the Dart web platform.
According to Google, “Dart 2 marks the rebirth of Dart as a mainstream
programming language focused on enabling a fast development and great user
experiences for mobile and web applications.” See the GitHub

for all the changes.

neon Bionic Preview images are now available
for testing. You can
download the ISO images from here and provide
feedback in the forum.

Source: Linux Journal