Ampere eMAG for Hyperscale Cloud Computing Now Available, LLVM 7.0.0 Released, AsparaDB RDS for MariaDB TX Announced, New Xbash Malware Discovered and Kong 1.0 Launched

News briefs for September 19, 2018.

Ampere,
in partnership with Lenovo, announced availability of the Ampere eMAG for
hyperscale cloud computing. The first-generation Armv8-A 64-bit processors
provide “high-performance compute, high memory capacity, and rich I/O to
address cloud workloads including big data, web tier and in-memory
databases”. Pricing is 32 cores at up to 3.3GHz Turbo for $850 or
16 cores at up to 3.3GHz Turbo for $550.

LLVM 7.0.0 is out. This release is the result of six months of work by the
community and includes “function multiversioning in Clang
with the ‘target’ attribute for ELF-based x86/x86_64 targets, improved
PCH support in clang-cl, preliminary DWARF v5 support, basic support
for OpenMP 4.5 offloading to NVPTX, OpenCL C++ support, MSan, X-Ray
and libFuzzer support for FreeBSD, early UBSan, X-Ray and libFuzzer
support for OpenBSD, UBSan checks for implicit conversions, many
long-tail compatibility issues fixed in lld which is now production
ready for ELF, COFF and MinGW, new tools llvm-exegesis, llvm-mca and
diagtool.” See the release
notes
for details, and go here to
download.

Alibaba Cloud and MariaDB announce AsparaDB RDS for MariaDB TX, which is “the
first public cloud to incorporate the enterprise version of MariaDB
and provide customer support directly from the two companies. ApsaraDB RDS
for MariaDB TX provides Alibaba Cloud customers the latest database
innovations and most secure enterprise solution for mission-critical
transactional workloads.” See the press
release
for more information.

Unit 42 researchers have discovered a new malware family called
Xbash, which they have connected to the Iron Group, that targets Linux and
Microsoft Windows severs. Besides ransomware and coin-mining capabilities, “Xbash also has
self-propagating capabilities (meaning it has worm-like characteristics
similar to WannaCry or Petya/NotPetya). It also has capabilities not
currently implemented that, when implemented, could enable it to spread very
quickly within an organizations’ network (again, much like WannaCry or
Petya/NotPetya).” See the Palo
Alto Networks post
for more details on the attack and how to protect your
servers.

Kong Inc. yesterday announced the launch of Kong 1.0, the “only open-source
API purpose built for microservices, cloud native and server less
architectures”.
According to the
press
release
, Kong 1.0 is feature-complete: “it combines sub-millisecond low latency, linear scalability and unparalleled
flexibility with a robust feature set, support for service mesh patterns,
Kubernetes Ingress controller and backward compatibility between versions.”
See also the Kong
GitHub page
.

Source: Linux Journal

Moving Compiler Dependency Checks to Kconfig

The Linux kernel config system, Kconfig, uses a macro language very similar
to the make build tool’s macro language. There are a few
differences, however. And
of course, make is designed as a general-purpose build tool while Kconfig is
Linux-kernel-specific. But, why would the kernel developers create a whole new
macro language so closely resembling that of an existing general-purpose
tool?

One reason became clear recently when Linus Torvalds asked developers to add
an entirely new system of dependency checks to the Kconfig language,
specifically testing the capabilities of the GCC compiler.

It’s actually an important issue. The Linux kernel wants to support as many
versions of GCC as possible—so long as doing so would not require too much
insanity in the kernel code itself—but different versions of GCC support
different features. The GCC developers always are tweaking and adjusting, and
GCC releases also sometimes have bugs that need to be worked around. Some
Linux kernel features can only be built using one version of the compiler or
another. And, some features build better or faster if they can take advantage
of various GCC features that exist only in certain versions.

Up until this year, the kernel build system has had to check all those
compiler features by hand, using many hacky methods. The art of probing a
tool to find out if it supports a given feature dates back decades and is
filled with insanity. Imagine giving a command that you know will fail, but
giving it anyway because the specific manner of failure will tell you what
you need to know for a future command to work. Now imagine hundreds of hacks
like that in the Linux kernel build system.

Part of the problem with having those hacky checks in the build system is
that you find out about them only during the build—not during
configuration. But since some kernel features require certain GCC versions,
the proper place to learn about the GCC version is at config time. If the
user’s compiler doesn’t support a given feature, there’s no reason to show
that feature in the config system. It should just silently not exist.

Linus requested that developers migrate those checks into the Kconfig system
and regularize them into the macro language itself. This way, kernel features
with particular GCC dependencies could identify those dependencies and then
show up or not show up at config time, according to whether those
dependencies had been met.

That’s the reason simply using make wouldn’t work. The config language had
to represent the results of all those ugly hacks in a friendly way that
developers could make use of.

Source: Linux Journal

Linux Community to Adopt New Code of Conduct, Firefox Reality Browser Now Available, Lamplight City Game Released, openSUSE Summit Nashville Announced and It’s Now Easier to Run Ubuntu VMs on Windows 10

News briefs for September 18, 2018.

Following Linus Torvalds’ apology for his behavior, the Linux Community
has announced it will adopt a “Code
of Conduct”
, which pledges to make “participation in our project and
our community a harassment-free experience for everyone, regardless of age,
body size, disability, ethnicity, sex characteristics, gender identity and expression, level of experience, education, socio-economic status,
nationality, personal appearance, race, religion, or sexual identity and orientation.”

Mozilla announced this morning that its new Firefox Reality browser,
“designed from the ground up to work on stand-alone virtual and augmented
reality (or mixed reality) headsets”, is now available in the Viveport,
Oculus and Daydream app stores. See the Mozilla
blog
for more information, how to participate and download links.

The new game Lamplight City, “a steampunk-ish detective
adventure” was released recently for Linux, Windows and macOS. See
the Steam
store
for more info and
to purchase.

openSUSE
announces
it will hold its openSUSE SUmmit in Nashville,
Tennessee
, next year, April 5-6, 2019. Registration is now open for the
event and the call for papers is open until January 15, 2019.

It’s now much easier to run Ubuntu VMs on Windows 10 via Hyper-V Quick
Create. According to ZDNet,
Canonical and Microsoft partnered to release “an optimized Ubuntu Desktop
image that’s available through Microsoft’s Hyper-V Gallery”.

Source: Linux Journal

Writing More Compact Bash Code

In any programming language, idioms may be used
that may not seem obvious from reading the manual.
Often these usages of the language represent ways to make your
code more compact (as in requiring fewer lines of code).
Of course, some will eschew these idioms believing they represent bad style.
Style, of course, is in the eyes of beholder, and this article is not intended
as an exercise in defining good or bad style.
So for those who may be tempted to comment on the grounds of style
I would (re)direct your attention to /dev/null.

Source: Linux Journal

Linus Torvalds Taking a Break, Help Krita Squash the Bugs, Vulnerability in Alpine Linux, Flatpak Now Works on Windows Subsystem for Linux and AnsibleFest 2018 Announced

News briefs for September 17, 2018.

Linus Torvalds is taking a break. In his rc4
email update
over the weekend, he
writes about his scheduling mix-up with the kernel summit and having a
“look yourself in the mirror moment”, and then (to summarize), he writes:
“hey, I need to change some of my
behavior, and I want to apologize to the people that my personal
behavior hurt and possibly drove away from kernel development
entirely.
I am going to take time off and get some assistance on how to
understand people’s emotions and respond appropriately.”

Krita announced its developer fundraiser “let’s squash the bugs”! The
goal this year for the open-source graphics editor is to “fix bugs, make
Krita more stable and bring more polish and shine to all the features we
have made possible together”. Visit here
to learn how you can help.

A vulnerability, has been discovered in Alpine Linux, which is commonly used in
Docker images. Worst-case scenario, according to The
Register
, an “attacker could intercept apk’s package requests during
Docker image building, inject them with malicious code, and pass them along
to the target machines that would unpack and run the code within their
Docker container.” Update apk and images now.

Alexander Larsson, lead developer and creator of the Flatpak package
system, announced via Twitter that it now works on Windows Subsystem for
Linux. See the post
on Neowin
for more on the story, and the “hacky workarounds” required.

Red Hat
announces AnsibleFest 2018
, which will be held October 2-3, in Austin,
Texas and will cover many aspects of IT automation. See the AnsibleFest website for all
the details.

Source: Linux Journal

Globbing and Regex: So Similar, So Different

Grepping is awesome, as long as you don’t glob it up! This article covers some grep
and regex basics.

There are generally two types of coffee drinkers. The first type buys a can
of pre-ground beans and uses the included scoop to make their automatic
drip coffee in the morning. The second type picks single-origin beans from
various parts of the world, accepts only beans that have been roasted
within the past week and grinds those beans with a conical burr grinder
moments before brewing in any number of complicated methods. Text searching
is a bit like that.

For most things on the command line, people think of *.* or
*.txt and are happy to use file globbing to select the files they want. When
it comes to grepping a log file, however, you need to get a little fancier.
The confusing part is when the syntax of globbing and regex overlap.
Thankfully, it’s not hard to figure out when to use which construct.

Globbing

The command shell uses globbing for filename completion. If you type
something like ls *.txt, you’ll get a list of all the files that end in
.txt in the current directory. If you do ls R*.txt, you’ll get all the
files that start with capital R and have the .txt extension. The asterisk
is a wild card that lets you quickly filter which files you mean.

You also can use a question mark in globbing if you want to specify a
single character. So, typing ls read??.txt will list readme.txt, but not
read.txt. That’s different from ls read*.txt, which will match both
readme.txt and read.txt, because the asterisk means “zero or more
characters” in the file glob.

Here’s the easy way to remember if you’re using globbing (which is very
simple) vs. regular expressions: globbing is done to filenames by the
shell, and regex is used for searching text. The only frustrating exception
to this is that sometimes the shell is too smart and conveniently does
globbing when you don’t want it to—for example:


grep file* README.TXT

In most cases, this will search the file README.TXT looking for the regular
expression file*, which is what you normally want. But if there happens to
be a file in the current folder that matches the file* glob (let’s say
filename.txt), the shell will assume you meant to pass that to
grep, and so
grep actually will see:


grep filename.txt README.TXT

Gee, thank you so much Mr. Shell, but that’s not what I wanted to do. For
that reason, I recommend always using quotation marks when using
grep. 99%
of the time you won’t get an accidental glob match, but that 1% can be
infuriating. So when using grep, this is much safer:


grep "file*" README.TXT

Because even if there is a filename.txt, the shell won’t
substitute it automatically.

Source: Linux Journal

Lights, Camera, Open Source: Hollywood Turns to Linux for New Code Sharing Initiative

Software has permeated all industries, bringing us technologies to help create fantastic products and even works of art.No longer confined to sectors whose products are software-focused, everyone from the automotive to the medical industries are writing their own code to meet their needs, some of which may surprise you.

In looking to code smarter, faster and more efficiently, developers across the globe and industries are turning to open-source components that allow them to add powerful features to their work without having to write everything from scratch themselves. One of the latest groups to embrace the Open Source movement is the entertainment industry.

Similar to many other initiatives that have come together in recent years to support the sharing of code between companies, a number of key players under the umbrella of the Academy of Motion Picture Arts and Sciences (AMPAS) have teamed up with The Linux Foundation to establish the Academy Software Foundation (ASWF). Members include companies like Disney, Google, Dreamworks, Epic Games and Intel, just to name a few.

Facing the Reality of Open Source

The drive for these entertainment industry players to team up with The Linux Foundation comes after a two-year study by the AMPAS’ Science and Technology Council into how the sector was using open source. Their survey found that some 84% were using open source in their work, specifically in the fields of animation and visual effects.

However, even as these actors understood the benefits of using open-source projects that were being developed by others, maintaining an ecosystem of sharing software between often competing interests proved to be a challenge. Issues of governance, licensing, multiple versions of libraries and siloed development by individual companies proved to be significant pain points.

According to information available from the ASWF, they are providing much of the infrastructure for the projects, including running their CI server on Jenkins where code can go through the build, test and eventually release for use by the members. Using a centralized system, developers at the various member companies can upload their code to the ASWF repository and CI where it is then available to the other teams.

They note that along with support for Linux, their CI infrastructure will offer service for Windows and Mac desktops and servers, an important requirement in an industry with a high level of Apple usage.

Source: Linux Journal

Fedora Silverblue Test Day Next Week, Nextcloud 14 Released, Plasma 5.4 Beta Now Available, openSUSE’s Recent Snapshots and Ansible Tower 3.3 Is Out

News briefs for September 14, 2018.

The Fedora Workstation Team is holding a test day next week for Fedora
Silverblue, a new variant of Fedora that has rpm-ostree at its core and
provides fully atomic upgrades. The test day is Thursday, September 20,
2018. For more information on how to participate, visit the Silverblue
Test Day Wiki page
.

Nextcloud announced
the release of version 14
this week. This new version introduces two
big security improvements: video verification and signal/telegram/SMS 2FA
support. Version 14 also includes many collaboration improvements as well as
a Data Protection Confirmation app in compliance with the GDPR. Go here to install.

KDE
released Plasma 5.14 beta
yesterday. New to this version are
improvements to Plasma’s Discover software manager and the addition of a
Firmware Update feature, among other things. The final release should be
available in three weeks.

openSUSE has released three new snapshots, and the latest brought new
major versions of Flatpak and qemu. Flatpak version 1.0 came with snapshot
20180911, and Mozilla Thunderbird received a major update in snapshot
20180910. See the announcement
for more details on all the recent snapshot updates.

Ansible
Tower 3.3 is now available
. New enhancements include added
functionality with Red Hat OpenShift, more granular permissions,
improvements to the scheduler, support for multiple Ansible environments
and more. Visit here for a free
trial of Ansible
Tower.

Source: Linux Journal

A Look at KDE’s KAlgebra

KAlgebra logo

Many of the programs I’ve covered in the past have have been
desktop-environment-agnostic—all they required was some sort of
graphical display running. This article looks at one of the programs
available in the KDE desktop environment, KAlgebra.

You can use your distribution’s
package management system to install it, or you can use Discover,
KDE’s package manager. After it’s installed, you can start it
from the command line or the launch menu.

When you first start KAlgebra, you get a blank slate to start doing
calculations.

Figure 1. When you start KAlgebra, you get a blank canvas for doing
calculations.

The screen layout is a large main pane
where all of the calculations and their results are displayed. At the
top of this pane are four tabs: Calculator, 2D
Graph, 3D Graph and Dictionary.
There’s also a
smaller pane on the right-hand side used for different purposes
for each tab.

In the calculator tab, the side pane gives a list of
variables, including predefined variables for things like pi
or euler, available when you start your new session. You can add new
variables with the following syntax:


a := 3

This creates a new variable named a with an initial value of
3. This new variable also will be visible in the list on the right-hand
side. Using these variables is as easy as executing them. For example,
you can double it with the following:


a * 2

There is a special variable called ans that you can use to get the
result from your most recent calculation. All of the standard mathematical
operators are available for doing calculations.


Figure 2. KAlgebra lets you create your own variables and functions for
even more complex calculations.

There’s also a complete set of functions for doing more
complex calculations, such as trigonometric
functions, mathematical functions like absolute value or floor, and even
calculus functions like finding the derivative. For instance, the following
lets you find the sine of 45 degrees:


sin(45)

You also can define your own functions using the
lambda operator ->. If you want to create a function that
calculates cubes, you could do this:


x -> x^3

This is pretty hard to use, so you may want to assign it to a variable
name:


cube := x -> x^3

You then can use it just like any other function, and it also shows up in
the list of variables on the right-hand side pane.

Source: Linux Journal

Support for a LoRaWAN Subsystem

Sometimes kernel developers find themselves competing with each other to get
their version of a particular feature into the kernel. But sometimes
developers discover they’ve been working along very similar lines, and the
only reason they hadn’t been working together was that they just didn’t know
each other existed.

Recently, Jian-Hong Pan asked if there was any interest in a
LoRaWAN subsystem
he’d been working on. LoRaWAN is a commercial networking protocol
implementing a low-power wide-area network (LPWAN) allowing relatively slow
communications between things, generally phone sensors and other internet of
things devices. Jian-Hong posted a link to the work he’d done so far:
https://github.com/starnight/LoRa/tree/lorawan-ndo/LoRaWAN.

He specifically wanted to know “should we add the definitions into
corresponding kernel header files now, if LoRaWAN will be accepted as a
subsystem in Linux?” The reason he was asking was that each definition had
its own number. Adding them into the kernel would mean the numbers associated
with any future LoRaWAN subsystem would stay the same during development.

However, Marcel Holtmann explained the process:

When you submit your LoRaWAN
subsystem to netdev for review, include a patch that adds these new address
family definitions. Just pick the next one available. There will be no
pre-allocation of numbers until your work has been accepted upstream.
Meaning, that the number might change if other address families get merged
before yours. So you have to keep updating. glibc will eventually follow the
number assigned by the kernel.

Meanwhile, Andreas Färber said he’d been working on supporting the same
protocol himself and gave a link to his own proof-of-concept repository:
https://github.com/afaerber/lora-modules.

On learning about Andreas’ work, Jian-Hong’s response was, “Wow! Great! I
get new friends :)”

That’s where the public conversation ended. The two of them undoubtedly
have pooled their energies and will produce a new patch, better than either of
them might have done separately.

Source: Linux Journal