Canonical Announces Extended Security Maintenance for Ubuntu 14.04 LTS, Mozilla to Discuss the Future of Advertising at ICDPPC, Newegg Attacked, MetaCase Launches MetaEdit+ 5.5 and MariaDB Acquires Clustrix

News briefs for September 20, 2018.

Canonical
yesterday announced the Extended Security Maintenance for Ubuntu
14.04 LTS “Trusty Tahr”
, which means critical and important security patches
will be available beyond the Ubuntu 14.04 end-of-life date (April 2019).

Mozilla to hold a high-level panel discussion on “the future of advertising in
an open and sustainable internet ecosystem”
at the 40th annual International Conference of Data
Protection and Privacy Conference
in Brussels,
Belgium October 22–26, 2018. The discussion is titled “Online
advertising is broken: Can ethics fix it?”, and it’s scheduled for October
23, 2018.

Attackers stole credit-card information from Newegg by injecting 15 lines
of skimming code on the online payments page, which remained undetected from
August 14th to September 18, 2018, TechCrunch
reports
. Yonathan Klijnsma, threat researcher at RiskIQ, told TechCrunch
that “These attacks are not confined to certain geolocations or specific
industries—any organization that processes payments online is a
target.” If you entered your credit-card data during that period, contact
your bank immediately.

MetaCase this morning announced the launch of MetaEdit+ 5.5 for Linux, which brings
collaborated models to Git and other version control systems. It’s
“aimed at expert developers looking to gain productivity and quality by
generating tight code directly from domain-specific models”.
You can
download a free trial from here.

MariaDB has acquired Clustrix, the
“pioneer in distributed database technology”. According to the press release,
this acquisition gives “MariaDB’s open source
database the scalability and high-availability that rivals or exceeds Oracle
and Amazon while foregoing the need for expensive computing platforms or high
licensing fees.”

Source: Linux Journal

Ampere eMAG for Hyperscale Cloud Computing Now Available, LLVM 7.0.0 Released, AsparaDB RDS for MariaDB TX Announced, New Xbash Malware Discovered and Kong 1.0 Launched

News briefs for September 19, 2018.

Ampere,
in partnership with Lenovo, announced availability of the Ampere eMAG for
hyperscale cloud computing. The first-generation Armv8-A 64-bit processors
provide “high-performance compute, high memory capacity, and rich I/O to
address cloud workloads including big data, web tier and in-memory
databases”. Pricing is 32 cores at up to 3.3GHz Turbo for $850 or
16 cores at up to 3.3GHz Turbo for $550.

LLVM 7.0.0 is out. This release is the result of six months of work by the
community and includes “function multiversioning in Clang
with the ‘target’ attribute for ELF-based x86/x86_64 targets, improved
PCH support in clang-cl, preliminary DWARF v5 support, basic support
for OpenMP 4.5 offloading to NVPTX, OpenCL C++ support, MSan, X-Ray
and libFuzzer support for FreeBSD, early UBSan, X-Ray and libFuzzer
support for OpenBSD, UBSan checks for implicit conversions, many
long-tail compatibility issues fixed in lld which is now production
ready for ELF, COFF and MinGW, new tools llvm-exegesis, llvm-mca and
diagtool.” See the release
notes
for details, and go here to
download.

Alibaba Cloud and MariaDB announce AsparaDB RDS for MariaDB TX, which is “the
first public cloud to incorporate the enterprise version of MariaDB
and provide customer support directly from the two companies. ApsaraDB RDS
for MariaDB TX provides Alibaba Cloud customers the latest database
innovations and most secure enterprise solution for mission-critical
transactional workloads.” See the press
release
for more information.

Unit 42 researchers have discovered a new malware family called
Xbash, which they have connected to the Iron Group, that targets Linux and
Microsoft Windows severs. Besides ransomware and coin-mining capabilities, “Xbash also has
self-propagating capabilities (meaning it has worm-like characteristics
similar to WannaCry or Petya/NotPetya). It also has capabilities not
currently implemented that, when implemented, could enable it to spread very
quickly within an organizations’ network (again, much like WannaCry or
Petya/NotPetya).” See the Palo
Alto Networks post
for more details on the attack and how to protect your
servers.

Kong Inc. yesterday announced the launch of Kong 1.0, the “only open-source
API purpose built for microservices, cloud native and server less
architectures”.
According to the
press
release
, Kong 1.0 is feature-complete: “it combines sub-millisecond low latency, linear scalability and unparalleled
flexibility with a robust feature set, support for service mesh patterns,
Kubernetes Ingress controller and backward compatibility between versions.”
See also the Kong
GitHub page
.

Source: Linux Journal

Moving Compiler Dependency Checks to Kconfig

The Linux kernel config system, Kconfig, uses a macro language very similar
to the make build tool’s macro language. There are a few
differences, however. And
of course, make is designed as a general-purpose build tool while Kconfig is
Linux-kernel-specific. But, why would the kernel developers create a whole new
macro language so closely resembling that of an existing general-purpose
tool?

One reason became clear recently when Linus Torvalds asked developers to add
an entirely new system of dependency checks to the Kconfig language,
specifically testing the capabilities of the GCC compiler.

It’s actually an important issue. The Linux kernel wants to support as many
versions of GCC as possible—so long as doing so would not require too much
insanity in the kernel code itself—but different versions of GCC support
different features. The GCC developers always are tweaking and adjusting, and
GCC releases also sometimes have bugs that need to be worked around. Some
Linux kernel features can only be built using one version of the compiler or
another. And, some features build better or faster if they can take advantage
of various GCC features that exist only in certain versions.

Up until this year, the kernel build system has had to check all those
compiler features by hand, using many hacky methods. The art of probing a
tool to find out if it supports a given feature dates back decades and is
filled with insanity. Imagine giving a command that you know will fail, but
giving it anyway because the specific manner of failure will tell you what
you need to know for a future command to work. Now imagine hundreds of hacks
like that in the Linux kernel build system.

Part of the problem with having those hacky checks in the build system is
that you find out about them only during the build—not during
configuration. But since some kernel features require certain GCC versions,
the proper place to learn about the GCC version is at config time. If the
user’s compiler doesn’t support a given feature, there’s no reason to show
that feature in the config system. It should just silently not exist.

Linus requested that developers migrate those checks into the Kconfig system
and regularize them into the macro language itself. This way, kernel features
with particular GCC dependencies could identify those dependencies and then
show up or not show up at config time, according to whether those
dependencies had been met.

That’s the reason simply using make wouldn’t work. The config language had
to represent the results of all those ugly hacks in a friendly way that
developers could make use of.

Source: Linux Journal

Linux Community to Adopt New Code of Conduct, Firefox Reality Browser Now Available, Lamplight City Game Released, openSUSE Summit Nashville Announced and It’s Now Easier to Run Ubuntu VMs on Windows 10

News briefs for September 18, 2018.

Following Linus Torvalds’ apology for his behavior, the Linux Community
has announced it will adopt a “Code
of Conduct”
, which pledges to make “participation in our project and
our community a harassment-free experience for everyone, regardless of age,
body size, disability, ethnicity, sex characteristics, gender identity and expression, level of experience, education, socio-economic status,
nationality, personal appearance, race, religion, or sexual identity and orientation.”

Mozilla announced this morning that its new Firefox Reality browser,
“designed from the ground up to work on stand-alone virtual and augmented
reality (or mixed reality) headsets”, is now available in the Viveport,
Oculus and Daydream app stores. See the Mozilla
blog
for more information, how to participate and download links.

The new game Lamplight City, “a steampunk-ish detective
adventure” was released recently for Linux, Windows and macOS. See
the Steam
store
for more info and
to purchase.

openSUSE
announces
it will hold its openSUSE SUmmit in Nashville,
Tennessee
, next year, April 5-6, 2019. Registration is now open for the
event and the call for papers is open until January 15, 2019.

It’s now much easier to run Ubuntu VMs on Windows 10 via Hyper-V Quick
Create. According to ZDNet,
Canonical and Microsoft partnered to release “an optimized Ubuntu Desktop
image that’s available through Microsoft’s Hyper-V Gallery”.

Source: Linux Journal

Writing More Compact Bash Code

In any programming language, idioms may be used
that may not seem obvious from reading the manual.
Often these usages of the language represent ways to make your
code more compact (as in requiring fewer lines of code).
Of course, some will eschew these idioms believing they represent bad style.
Style, of course, is in the eyes of beholder, and this article is not intended
as an exercise in defining good or bad style.
So for those who may be tempted to comment on the grounds of style
I would (re)direct your attention to /dev/null.

Source: Linux Journal

Linus Torvalds Taking a Break, Help Krita Squash the Bugs, Vulnerability in Alpine Linux, Flatpak Now Works on Windows Subsystem for Linux and AnsibleFest 2018 Announced

News briefs for September 17, 2018.

Linus Torvalds is taking a break. In his rc4
email update
over the weekend, he
writes about his scheduling mix-up with the kernel summit and having a
“look yourself in the mirror moment”, and then (to summarize), he writes:
“hey, I need to change some of my
behavior, and I want to apologize to the people that my personal
behavior hurt and possibly drove away from kernel development
entirely.
I am going to take time off and get some assistance on how to
understand people’s emotions and respond appropriately.”

Krita announced its developer fundraiser “let’s squash the bugs”! The
goal this year for the open-source graphics editor is to “fix bugs, make
Krita more stable and bring more polish and shine to all the features we
have made possible together”. Visit here
to learn how you can help.

A vulnerability, has been discovered in Alpine Linux, which is commonly used in
Docker images. Worst-case scenario, according to The
Register
, an “attacker could intercept apk’s package requests during
Docker image building, inject them with malicious code, and pass them along
to the target machines that would unpack and run the code within their
Docker container.” Update apk and images now.

Alexander Larsson, lead developer and creator of the Flatpak package
system, announced via Twitter that it now works on Windows Subsystem for
Linux. See the post
on Neowin
for more on the story, and the “hacky workarounds” required.

Red Hat
announces AnsibleFest 2018
, which will be held October 2-3, in Austin,
Texas and will cover many aspects of IT automation. See the AnsibleFest website for all
the details.

Source: Linux Journal

Globbing and Regex: So Similar, So Different

Grepping is awesome, as long as you don’t glob it up! This article covers some grep
and regex basics.

There are generally two types of coffee drinkers. The first type buys a can
of pre-ground beans and uses the included scoop to make their automatic
drip coffee in the morning. The second type picks single-origin beans from
various parts of the world, accepts only beans that have been roasted
within the past week and grinds those beans with a conical burr grinder
moments before brewing in any number of complicated methods. Text searching
is a bit like that.

For most things on the command line, people think of *.* or
*.txt and are happy to use file globbing to select the files they want. When
it comes to grepping a log file, however, you need to get a little fancier.
The confusing part is when the syntax of globbing and regex overlap.
Thankfully, it’s not hard to figure out when to use which construct.

Globbing

The command shell uses globbing for filename completion. If you type
something like ls *.txt, you’ll get a list of all the files that end in
.txt in the current directory. If you do ls R*.txt, you’ll get all the
files that start with capital R and have the .txt extension. The asterisk
is a wild card that lets you quickly filter which files you mean.

You also can use a question mark in globbing if you want to specify a
single character. So, typing ls read??.txt will list readme.txt, but not
read.txt. That’s different from ls read*.txt, which will match both
readme.txt and read.txt, because the asterisk means “zero or more
characters” in the file glob.

Here’s the easy way to remember if you’re using globbing (which is very
simple) vs. regular expressions: globbing is done to filenames by the
shell, and regex is used for searching text. The only frustrating exception
to this is that sometimes the shell is too smart and conveniently does
globbing when you don’t want it to—for example:


grep file* README.TXT

In most cases, this will search the file README.TXT looking for the regular
expression file*, which is what you normally want. But if there happens to
be a file in the current folder that matches the file* glob (let’s say
filename.txt), the shell will assume you meant to pass that to
grep, and so
grep actually will see:


grep filename.txt README.TXT

Gee, thank you so much Mr. Shell, but that’s not what I wanted to do. For
that reason, I recommend always using quotation marks when using
grep. 99%
of the time you won’t get an accidental glob match, but that 1% can be
infuriating. So when using grep, this is much safer:


grep "file*" README.TXT

Because even if there is a filename.txt, the shell won’t
substitute it automatically.

Source: Linux Journal

Lights, Camera, Open Source: Hollywood Turns to Linux for New Code Sharing Initiative

Software has permeated all industries, bringing us technologies to help create fantastic products and even works of art.No longer confined to sectors whose products are software-focused, everyone from the automotive to the medical industries are writing their own code to meet their needs, some of which may surprise you.

In looking to code smarter, faster and more efficiently, developers across the globe and industries are turning to open-source components that allow them to add powerful features to their work without having to write everything from scratch themselves. One of the latest groups to embrace the Open Source movement is the entertainment industry.

Similar to many other initiatives that have come together in recent years to support the sharing of code between companies, a number of key players under the umbrella of the Academy of Motion Picture Arts and Sciences (AMPAS) have teamed up with The Linux Foundation to establish the Academy Software Foundation (ASWF). Members include companies like Disney, Google, Dreamworks, Epic Games and Intel, just to name a few.

Facing the Reality of Open Source

The drive for these entertainment industry players to team up with The Linux Foundation comes after a two-year study by the AMPAS’ Science and Technology Council into how the sector was using open source. Their survey found that some 84% were using open source in their work, specifically in the fields of animation and visual effects.

However, even as these actors understood the benefits of using open-source projects that were being developed by others, maintaining an ecosystem of sharing software between often competing interests proved to be a challenge. Issues of governance, licensing, multiple versions of libraries and siloed development by individual companies proved to be significant pain points.

According to information available from the ASWF, they are providing much of the infrastructure for the projects, including running their CI server on Jenkins where code can go through the build, test and eventually release for use by the members. Using a centralized system, developers at the various member companies can upload their code to the ASWF repository and CI where it is then available to the other teams.

They note that along with support for Linux, their CI infrastructure will offer service for Windows and Mac desktops and servers, an important requirement in an industry with a high level of Apple usage.

Source: Linux Journal

Fedora Silverblue Test Day Next Week, Nextcloud 14 Released, Plasma 5.4 Beta Now Available, openSUSE’s Recent Snapshots and Ansible Tower 3.3 Is Out

News briefs for September 14, 2018.

The Fedora Workstation Team is holding a test day next week for Fedora
Silverblue, a new variant of Fedora that has rpm-ostree at its core and
provides fully atomic upgrades. The test day is Thursday, September 20,
2018. For more information on how to participate, visit the Silverblue
Test Day Wiki page
.

Nextcloud announced
the release of version 14
this week. This new version introduces two
big security improvements: video verification and signal/telegram/SMS 2FA
support. Version 14 also includes many collaboration improvements as well as
a Data Protection Confirmation app in compliance with the GDPR. Go here to install.

KDE
released Plasma 5.14 beta
yesterday. New to this version are
improvements to Plasma’s Discover software manager and the addition of a
Firmware Update feature, among other things. The final release should be
available in three weeks.

openSUSE has released three new snapshots, and the latest brought new
major versions of Flatpak and qemu. Flatpak version 1.0 came with snapshot
20180911, and Mozilla Thunderbird received a major update in snapshot
20180910. See the announcement
for more details on all the recent snapshot updates.

Ansible
Tower 3.3 is now available
. New enhancements include added
functionality with Red Hat OpenShift, more granular permissions,
improvements to the scheduler, support for multiple Ansible environments
and more. Visit here for a free
trial of Ansible
Tower.

Source: Linux Journal