FOSS Project Spotlight: Pydio Cells, an Enterprise-Focused File-Sharing Solution

Pydio Cells is a brand-new product focused on the needs of enterprises and
large organizations, brought to you from the people who launched the concept
of the open-source
file sharing and synchronization solution in 2008. The concept behind
Pydio Cells is challenging: to be to file sharing what Slack has been to
chats—that is, a revolution in terms of the number of features, power and ease of
use.

In order to reach this objective, Pydio’s development team has switched
from the old-school development stack (Apache and PHP) to Google’s Go
language to overcome the bottleneck represented by legacy technologies.
Today, Pydio Cells offers a faster, more scalable microservice architecture
that is in tune with dynamic modern enterprise environments.

In fact, Pydio’s new “Cells” concept delivers file sharing as a
modern collaborative app. Users are free to create flexible group spaces for
sharing based on their own ways of working with dedicated in-app messaging
for improved collaboration.

In addition, the enterprise data management functionality gives both
companies and administrators reassurance, with controls and reporting that
directly answer corporate requirements around the General Data Protection
Regulation (GDPR) and other tightening data
protection regulations.

Pydio Loves DevOps

In tune with modern enterprise DevOps environments, Pydio Cells now runs as
its own application server (offering a dependency-free binary, with no need for
external libraries or runtime environments). The application is available as
a Docker image, and it offers out-of-the-box connectors for
containerized application orchestrators, such as Kubernetes.

Also, the application has been broken up into a series of logical
microservices. Within this new architecture, each service is allocated its
own storage and persistence, and can be scaled independently. This enables
you to manage and scale Pydio
more efficiently, allocating resources to each
specific service.

The move to Golang has delivered a ten-fold improvement in performance. At
the same time, by breaking the application into logical microservices, larger
users can scale the application by targeting greater resources only to the
services that require it, rather than inefficiently scaling the entire
solution.

Built on Standards

The new Pydio Cells architecture has been built with a renewed focus on the
most popular modern open standards:

Source: Linux Journal

Chrome Browser Launching Mitigation for Spectre Attacks, The Linux Foundation Announces LF Energy Coalition, Kube 0.7.0 Now Available, New Android Apps for Nativ Vita Hi-Res Music Server and More

News briefs for July 13, 2018.

Google’s Chrome browser is launching site isolation, “the most ambitious mitigation for
Spectre attacks”, Ars
Technica
reports
. Site isolation “segregates code and data from each
Internet domain into their own ‘renderer processes’, which are individual
browser tasks that aren’t allowed to interact with each other”. This has been
optional in Chrome for months, but starting with version 67, it will be
enabled by default for 99% of users.

The Linux Foundation yesterday launched LF
Energy
, a new open-source coalition. According to the press release, LF
Energy was formed “with support from RTE, Europe’s biggest transmission
power systems provider, and other organizations, to speed technological
innovation and transform the energy mix across the world.” Visit https://www.lfenergy.org for more
information.

Version
0.7.0 of Kube
,
the “modern communication and collaboration client”, is
now available.
Improvements include “a conversation view that
allows you to read through conversations in chronological order”; “a
conversation list that bundles all messages of a conversation (thread)
together”; “automatic attachment of own public key”; “the account setup can
be fully scripted through the sinksh commandline interface”; and more. See kube.kde.org for more info.

Nativ announced
new iOS and Android apps
for its Nativ Vita Hi-Res Music Server. The new
apps, available from the Google
Play Store
, “give customers convenient control and playback
functionality from their iOS or Android Smartphone or Tablet”.

KDE released
the third stability update for KDE Applications 18.04

yesterday. The release contains translation updates and bug fixes only,
including improvements to Kontact, Ark, Cantor, Dolphin, Gwenview, KMag, among
others. The full list of changes is available here.

NVIDIA announced its Jetson Xavier Developer Kit for the octa-core
AI/robotics-focused Xavier module. According to Linux
Gizmos
, “the kit, which
goes on sale for $1,300 in August, offers the first access to Xavier aside
from the earlier Drive PX Pegasus autonomous car computer board, which
incorporates up to 4x Xavier modules. The kit includes Xavier’s
Linux-based stack and Isaac SDK.”

Mozilla announced
the winners of 2018H1 Mozilla Research grants
. Eight proposals were
selected, “ranging from tools to fight online harassment to systems for
generating speech. All these projects support Mozilla’s mission to make
the Internet safer, more empowering, and more accessible.” See the Research Grants page
for more info on the grants and how to apply.

Source: Linux Journal

Empowering Linux Developers for the New Wave of Innovation

snapcraft logo

New businesses with software at their core are being created every day. Developers are the lifeblood of so much of what is being built and of technological innovation, and they are ever more vital to operations across the entire business. So why wouldn’t we empower them?

Machine learning and IoT in particular offer huge opportunities for developers, especially those facing the crowded markets of other platforms, to engage with a sizeable untapped audience.

That Linux is open source makes it an amazing breeding ground for innovation. Developers aren’t constrained by closed ecosystems, meaning that Linux has long been the operating system of choice for developers. So by engaging with Linux, businesses can attract the best available developer skills. 

The Linux ecosystem has always strived for a high degree of quality. Historically it was the Linux community taking sole responsibility for packaging software, gating each application update with careful review to ensure it worked as advertised on each distribution of Linux. This proved difficult for all sides.

Broad access to the code was needed, and open-source software could be offered through the app store. User support requests and bugs were channelled through the Linux distributions, and there was such a volume of reporting, it became difficult to feed information back to the appropriate software authors.

As the number of applications and Linux distributions grew, it became increasingly clear this model would not scale much further. Software authors took matters into their own hands, often picking a single Linux distribution to support and skipping the app store entirely. Because of this, they lost app discoverability and gained the complexity of running duplicative infrastructure.

This placed increased responsibility on developers at a time when the expectations of their role was already expanding. They are no longer just makers, they now bear the risk of breaking robotic arms with their code or bringing down MRI machines with a patch.

As an industry we acknowledge this problem—you can potentially have a bad update and software isn’t an exact science—but we then ask these developers to roll the dice. Do you risk compromise or self-inflicted harm?

Meanwhile the surface area increases. The industry continues a steady march of automation, creating ever more software components to plug together and layer solutions on. Not only do developers face the update question for their own code, they also must trust all developers facing that same decision in all the code beneath their own.

Source: Linux Journal

Guido van Rossum Stepping Down from Role as Python’s Benevolent Dictator For Life

Python’s Benevolent Dictator For Life (BDFL) Guido van Rossum today announced he’s stepping down from the role.

On the Python mailing list today, van Rossum said, “I would like to remove myself entirely from the decision process. I’ll still be there for a while as an ordinary core dev, and I’ll still be available to mentor people—possibly more available. But I’m basically giving myself a permanent vacation from being BDFL, and you all will be on your own.”

He credits his decision to step down as partly due to his experience with the turmoil over PEP 572: “Now that PEP 572 is done, I don’t ever want to have to fight so hard for a PEP and find that so many people despise my decisions.”

van Rossum says he will not appoint a successor and leave that to the development team to decide upon.

For old-time’s sake, see Linux Journal‘s interview with Guido van Rossum from 1998.

Source: Linux Journal

Road to RHCA–Preparation Meets Opportunity

This article is the second in my series “Road to RHCA”, where I’m
charting my journey to the Red Hat Certified Architect designation—a
designation that’s difficult to come by.
As an advocate and enthusiast of Linux and open
source, and more important, as someone who works as a Linux professional, I am eager to change the current state of affairs around the number of
women and people of color who know Linux and open source, study Linux and
work in the Linux and/or open-source space.

Things haven’t changed much in general when it comes to the
numbers of women and people of color who enter the IT field, but those
numbers drop significantly when it comes to Linux and open source.
It’s my goal to convince other women and people of color to
study Linux and pursue open-source projects, because diversity of thought is
invaluable in the world and in the enterprise. This world is not
homogeneous; nothing else ever
should be either.
So I’d like to see
more professionals who look like me in Linux and the Open Source community,
and I’m starting
to see a few, but there’s still more work to be done.

Joining the RHCA ranks requires significant time and effort. Nothing
worth anything comes easy, nor should it, but I can say with work, family,
mentoring and now writing a book for Packt publishing, finding time
to study will be more and more difficult for me, but it’s my highest priority.
At the time of this
writing, I am five exams away.

You can choose from five areas of concentration, or you can
select any combination of eligible Red Hat certifications to create a custom
concentration. Those five concentrations are:

  • Data Center
  • DevOps
  • Application Platform
  • Cloud
  • Application Development

I decided the best route to my RHCA is for me to customize my
concentration to include these five certifications in the order I plan to
take them:

  1. Red Hat-Certified Specialist in Ansible Automation
  2. Red Hat-Certified Specialist in High Availability Clustering
  3. Red Hat-Certified Specialist in Red Hat OpenStack
  4. Red Hat-Certified Specialist in Linux Diagnostics and Troubleshooting
  5. Red Hat-Certified Specialist in OpenShift Administration

If you ask Red Hat the company, it obviously would recommend paying for
and using one of its subscription options. The
standard option costs $5,500, and the basic option costs $7,000.
Having
the subscription definitely would be beneficial, especially if you are working toward an
RHCA, but it’s not something that everyone can afford.
You
might be able to get your employer to cover the costs, but that’s not always
possible. So how does one without such resources become an RHCA? True grit, determination and a little creativity.

Source: Linux Journal

freenode Launches New Job Board, Two More Spectre Security Holes Discovered, Debian Joins KDE’s Advisory Board, Android Malware Found in the Google Play Store and Stable Kernels Released

News briefs for July 12, 2018.

freenode has a new job board.
jobs.freenode.net “aims to connect
those looking to hire with the immense talent that can be found within the
wider freenode communities”. The job board is free to use, but companies that
use it successfully are encouraged to make a donation to help support the
freenode network, jobs.freenode.net and the annual freenode #live conference.

Two new Spectre-type security holes have been discovered. ZDNet reports
that this affects any operating system running on AMD, ARM and Intel
processors. Vladimir Kiriansky, PhD candidate at MIT, and independent
researcher Carl Waldspurger found the new vulnerabilities and published a
paper. ZDNet
also notes that so far, no
known attacks have occurred making use of these bugs, but that likely will
change soon.

Debian
has joined KDE’s advisory board
. Chris Lamb, Debian Project Leader,
commented that
“The KDE Plasma desktop environment is fully-supported within Debian and thus
the Debian Project is extremely excited to be formally recognising the
relationship between itself and KDE, especially how that will greatlyincrease and facilitate our communication and collaboration.”

Yesterday Greg Kroah-Hartman released stable kernels 4.17.6, 4.14.55,
4.9.112, 4.4.140 and 3.18.115. Users should update right away. (Source: LWN.net.)

Android malware called Anubis has been found the Google Play Store. According
to ZDNet, “a cyber crime group has sneaked apps onto the official Google Play
Store which then serve up Trojan banking malware to Android users”. In
addition, “developers of the malware are regularly altering the capabilities
of the malware and will slightly alter the code to ensure that it isn’t
detected by Google Play’s security controls”.

Source: Linux Journal

Cooking with Linux (without a Net): Remote Linux System Administration Using Webmin and Virtualmin

Please support Linux Journal by subscribing or becoming a patron.

It’s time for the “Cooking with Linux (without a Net)” show where I do cool Linux and open-source stuff, live, on camera, and without the benefit of post video editing, therefore providing a high probability of falling flat on my face. On today’s show, we cover remote Linux system administration using Webmin, a web-based, do-it-all admin tool. As a bonus, we explore Virtualmin, a Webmin extension that can turn you into an ISP by making it easy to manage accounts, multiple users, domains, permissions and everything else you need. It’s a completely free alternative to pricey products like cPanel. Finally, I take a shot at yet another never-before-tried Linux distribution: Trinity PCLinuxOS. Also, in case you don’t already know, this is a prerecorded show of a live YouTube broadcast.

Show links:

Source: Linux Journal

Xen Hypervisor 4.11 Released, New Browsh Text-Based Browser, Finney Cryptocurrency Phone, GNOME Hiring and More

News briefs for July 11, 2018.

The Xen
Hypervisor 4.11 was released
yesterday. In this release “PVH Dom0
support is now available as experimental feature and support for running
unmodified PV guests in a PVH Container has been added. In addition,
significant chunks of the ARM port have been rewritten.” Xen 4.11
also contains mitigations for Meltdown and Spectre vulnerabilities. For
detailed download and build instructions, go here.

There’s a new text-based browser called Browsh, Phoronix
reports
. Browsh can render anything a modern browser can, and you can use
it from a terminal or within a normal browser to reduce bandwidth and
increase browser speed. For more info and to download, see the Browsh project website.

Facebook to be fined the maximum (500k euros),
and the UK’s privacy watchdog, the Information Commissioner’s Office (ICO), has published a report called
“Democracy
Disrupted? Personal information and political influence”
that
outlines policy recommendations for how personal information is used in
connection with political campaigns. According
to the TechCrunch article
, the report
“calls directly for an ‘ethical pause’ around the use of
microtargeting ad tools for political campaigning” and specifically “flags a
number of specific concerns attached to Facebook’s platform and its
impact upon people’s rights and democratic processes…”

Sirin Labs to launch the $1,000 Finney cryptocurrency smartphone this fall, Engadget
reports
. The Finney (named after Bitcoin pioneer Hal Finney) is a “state
of the art mobile device for the blockchain era” and runs on a forked version
of Android. It has a slider on the back where “you’ll find a secondary
display, called the Safe Screen, that’s only used for crypto
transactions….The slider also activates the cold storage wallet that is
designed to hold a significant number of different cryptocurrencies.”

The GNOME
Foundation is hiring
. After receiving a generous grant in May of this
year, The Foundation is recruiting for four posts: Development Coordinator,
Program Coordinator, Devops/Sysadmin and GTK+ Core Developer. See the Positions available page
for information on how to apply.

Source: Linux Journal

Minimum GCC Version Likely to Jump from 3.2 to 4.8

The question of the earliest GCC compiler version to support for building the
Linux kernel comes up periodically. The ideal would be for Linux to compile
under all GCC versions, because you never know what kind of system someone is
running. Maybe their company’s security team has to approve all software
upgrades for their highly sensitive devices, and GCC is low on that list.
Maybe they need to save as much space as possible, and recent versions of GCC
are too big. There are all sorts of reasons why someone might be stuck with
old software. But, they may need the latest Linux kernel because it’s the
foundation of their entire product, so they’re stuck trying to compile it
with an old compiler.

However, Linux can’t really support every single GCC version. Sometimes the GCC
people and the kernel people have disagreed on the manner in which GCC should
produce code. Sometimes this means that the kernel really doesn’t compile
well on a particular version of GCC. So, there are the occasional project wars
emerging from those conflicts. The GCC people will say the compiler is doing
the best thing possible, and the kernel people will say the compiler is messing up
their code. Sometimes the GCC people change the behavior in a later release,
but that still leaves a particular GCC version that makes bad Linux code.

So, the kernel people will decide programmatically to exclude a particular
version of GCC from being used to compile the kernel. Any attempt to use that
compiler on kernel code will produce an error.

But, sometimes the GCC people will add a new language feature that is so
useful, the kernel will people decide to rely heavily on it in their source code.
In that case, there may be a period of time where the kernel people maintain
one branch of code for the newer, better compiler, and a separate, less-fast
or more-complex branch of code for the older, worse compiler. In that case,
the kernel people—or really Linus
Torvalds
—eventually may decide to
stop supporting compilers older than a certain version, so they can rip out
all those less-fast and more-complex branches of code.

For similar reasons, it’s also just an easier maintenance task for the kernel
folks to drop support for older compilers; so this is something they would
always prefer to do, if possible.

But, it’s a big decision, typically weighed against the estimated number of
users that are unable to upgrade their compilers. Linus really does not want
even one regular (that is, non-kernel-developer) user to be unable
to build Linux because of this sort of decision. He’s willing to let the
kernel carry a lot of fairly dead and/or hard-to-maintain code in order to
keep that from happening.

Source: Linux Journal

Canonical Releases Minimal Ubuntu, Mozilla Launches Two Mobile Test Pilot Experiments, Google Announces Jib for Java Developers, New Ubuntu Bug Discovered and Wine 3.12 Now Available

News briefs for July 10, 2018.

Canonical released its new Minimal Ubuntu yesterday. According to the
Ubuntu
blog
, Minimal Ubuntu is “optimized
for automated use at scale, with a tiny package set and minimal security
cross-section. Speed, performance and stability are primary concerns for
cloud developers and ops.” The images are 50% smaller than the standard
Ubuntu server images and they boot up to 40% faster. Minimal Ubuntu also is
fully compatible with standard Ubuntu operations. You can download it here.

Mozilla launches two new Mobile
Test Pilot Experiments
: Firefox Lockbox for
iOS and Notes by Firefox for Android. Firefox
Lockbox
allows iOS users to
access Firefox-saved passwords saved in the browser to log in to any online
account or app. With Notes by Firefox, users can “sync notes from any Firefox
browser on any Android smartphone or tablet”, and the notes are end-to-end
encrypted as well. These projects are experimental, and Mozilla welcomes
feedback here.

An Ubuntu bug that allows anyone with physical access to the computer to
bypass the lockscreen by removing the hard drive has just been made public.
According to the Neowin
post
, the bug was tested on Ubuntu 16.04.4, and it’s not certain whether
it affects other Ubuntu versions or distributions.

Google announced
the release of Jib
yesterday, an open-source Java tool that allows
developers to build containers. Jib is “a fast and simple container image
builder that handles all the steps of packaging your application into a
container image”, and you don’t need to write a Dockerfile or have docker
installed to use it.

Wine 3.12 is now
available
. This release contains many bug fixes, and other new features
include Unicode data upgraded
to Unicode 11.0.0, proxy configuration dialog in internet control panel, more
glyphs in the Wingdings font and more.

Source: Linux Journal