Language Selection

English French German Italian Portuguese Spanish

Red Hat

IBM/Red Hat Leftovers

Filed under
Red Hat
  • Why it's time to stop setting SELinux to Permissive or Disabled

    Given the kerfuffle that has been CentOS lately, and the number of inevitable forks that will rise out of the ashes, there will probably be a large percentage of admins migrating to, or finally deploying, a Linux distribution based on Red Hat Enterprise Linux in some form or fashion. It may be Rocky Linux or AlmaLinux. It may be that you stick with CentOS Stream, or even purchase a license for Red Hat Enterprise Linux. If you're a non-profit or another eligible organization, you might qualify for RHEL for Open Source Infrastructure.

    No matter which route you take, you'll be using a solid Linux distribution with serious security systems in place.

    However... It's such a powerful word, "however." It stops all natural flow of the narrative to make you wonder just what comes next.

    You wait, and you wait, and you wait.

    Until the inevitable: SELinux.

  • 13 challenges creating an open, scalable, and secure serverless platform

    Serverless is the natural evolution of cloud computing. In essence, serverless comes down to two main features: (1) you “pay by the drink” for all computing resources and (2) you get more fine-grained scaling than you would from larger workloads. However, taking full advantage of this extended computing model requires developers to restructure apps and services into components that can scale down to zero when not needed.

    Microservices architectures are a step in the correct direction. And Kubernetes (K8s) as a platform for running microservices is a promising and popular concrete implementation of a core infrastructure for managing containers, which are used to run microservices. However, Kubernetes by itself is not sufficient to meet the needs of serverless workloads, and the layers on top of the base platform do not need to be reinvented by all. Enter Knative in 2019 as a common serverless layer on top of K8s.

  • Why developers should centralize their security

    Current security challenges are forcing developers to implement increasing amounts of security measures to provide safe environments for customers on online sites. Adding security measures such as MFA, 2FA, and even reCAPTCHA to increase security can have a negative impact on customer loyalty. How do you ensure fraud is not committed while also making it easy for the customer to use the site or buy a product?

  • Red Hat Adds Common Criteria Certification for Red Hat Enterprise Linux 8
  • rpminspect-1.3.1 released

    rpminspect 1.3.1 is now available. I was actually preparing to release rpminspect 1.3, which I did, but a bug was found by Fedora QA in the 1.3 release after I already made it. So I just did a 1.3.1 followup to fix that issue. You will 1.3.1 in the Fedora and EPEL repos, but 1.3 is posted as a release on the GitHub project page.

    In addition to the usual collection of bug fixes and enhancements, this release also expands the GitHub Actions CI coverage. It builds and runs the test suite on the latest Fedora stable release, Debian testing, Ubuntu, OpenSUSE Leap, CentOS 8, CentOS 7, and Gentoo. Gentoo is the newest one. I have had to disable OpenSUSE Tumbleweed and Arch Linux. I also disabled Fedora rawhide for the moment because I could not get anything to pass there. I plan to check these out again and enable the ones that work. If there are other platforms you would like to see in the CI workflow, let me know.

  • Red Hat Introduces Latest Update to Red Hat Process Automation

    The goal of Red Hat Process Automation has always been to empower enterprise business and IT users to collaborate, successfully document, simulate, manage, automate, and monitor business processes and decisions. We are excited to announce the latest release of Red Hat Process Automation, which delivers new developer tooling, extended support for eventing and streaming for event-driven architectures (EDA) through integration with Apache Kafka, and new monitoring capabilities through heatmap dashboards.

    Red Hat Process Automation is an open source business automation platform that combines business process management (BPM), case management, business rules management, and resource planning. It enables IT organizations to better create, manage, validate, and deploy business processes, cases, and business rules. Red Hat Process Automation also uses a centralized repository where all resources are stored. This allows for consistency, transparency, and the ability to audit across the business. The latest release of the platform introduces and expands on a number of key capabilities.

  • SAP HANA 2.0 Certified on RHEL 8.2 and 7.9: Top 5 reasons why you should care

    The shift to using SAP S/4HANA drives standardization towards SAP’s in-memory database (SAP HANA) on Linux. With SAP HANA, both transactional and analytical data workloads are served from the same in-memory database, eliminating the need for separate data systems. However, to deliver the horsepower needed to serve these demanding data workloads, picking the right operating system that can best utilize the underlying hardware resources is essential.

    When deploying mission-critical enterprise workloads on SAP HANA, Red Hat Enterprise Linux (RHEL) is the de-facto standard for many customers. We are excited to announce that SAP HANA 2.0 is certified on RHEL 8.2 and 7.9. Customers may find further details at SAP Note 2235581.

  • IBM's Arranged OpenShift-Power Marriage Eyes Hybrid Cloud Crown | Data Center Knowledge

    New Power-based hardware appliance for IBM cloud on-prem ships with Red Hat's container orchestration platform. Power Systems, IaaS expand OpenShift support.

  • Red Hat's survey results on the state of enterprise open-source software | ZDNet

    After all, as Red Hat president and CEO Paul Cormier, pointed out, "Open source has solidified itself as an innovation engine for the software industry. The technology trends that you see changing how we work and do business were born in open source -- enterprise Linux, cloud computing, edge and Internet of Things (IoT), containers, artificial intelligence, and machine learning, and DevOps." It's all open source, all the time.

    It's not just what we think of as IT. Thanks to the power of open source, which combines collaboration, transparency, and the belief that the best idea can come from anywhere, we've been able to come up with COVID-19 vaccines in mere months instead of years.

    But where exactly is open-source software being used? Infrastructure modernization, which is a fancy way of saying replacing the last proprietary operating systems in servers and data centers, remains at 64%, open-source software's top use.

IBM/Red Hat Leftovers

Filed under
Red Hat

IBM/Red Hat Leftovers

Filed under
Red Hat
  • The State of Enterprise Open Source 2021: Four results that may surprise you

    We’re now in the third year of our The State of Enterprise Open Source report in which we probe the use of and attitudes about enterprise open source. This year we conducted interviews with 1,250 IT leaders worldwide. They weren’t necessarily Red Hat customers and were unaware that Red Hat was the sponsor of this survey, helping us to avoid biased or influenced responses. Most of the questions were repeats from prior years, allowing us to explore trends over time, but we also threw in a few new ones too and got one answer that even we weren’t fully expecting.

  • IBM Begins Adding GCC Support For Z Arch14 - Likely IBM z16 - Phoronix

    GCC compiler patches began appearing this morning for IBM Z "Arch14" as a future architecture extension for their Z mainframe processors. IBM Z Arch14 will likely correlate to IBM z16.

    IBM z15 was introduced at the end of 2019 as "Arch13" while today is the first time we are hearing of IBM Z "Arch14" and the first time seeing any code in the GCC open-source compiler referencing it. Short of some re-branding or change in their numbering scheme at IBM, Arch14 will likely end up being IBM z16.

  • Red Hat's 2021 Open Source Survey: Who's Using the Software and Why | IT Pro

    Red Hat's 2021 State of Enterprise Open Source survey report finds that users trust its security, plan increased use of containers and more.

  • Robin CNS Now Runs On IBM Cloud Satellite

    IBM Cloud Satellite, now generally available, enables clients to run IBM Cloud services in multiple environments—on IBM Cloud, on premises, or at the edge—all delivered as a service. This flexibility will help bring cloud capabilities to where client data resides, in the environment of their choice, while focusing on consistency, user experience, and security.

  • IBM Cloud Satellite Goes GA

    IBM‘s hybrid cloud services are now generally available in any environment — on any cloud, on premises or at the edge — via IBM Cloud Satellite.

    Lumen Technologies and IBM have integrated IBM Cloud Satellite with the Lumen edge platform to enable clients to harness hybrid cloud services in near real-time and build solutions at the edge.

  • Packaging APIs for consumers with Red Hat 3scale API Management

    One of an API management platform’s core functionalities is defining and enforcing policies, business domain rate limits, and pricing rules for securing API endpoints. As an API provider, you sometimes need to make the same backend API available for different consumer segments using these terms. In this article, you will learn about using Red Hat 3scale API Management to package APIs for different consumers, including internal and external developers and strategic partners. See the end of the article for a video tutorial that guides you through using 3scale API Management to create and configure the packages that you will learn about in this article.

    [...]

    The Rate limits policy, shown in Figure 2, enforces call limits on APIs. Limits are defined for each method, and the same package can enforce different limits for each API method. Pricing rules are used to enable metering and chargeback for API calls. Pricing rules are defined for each API method, and the same package can enforce different pricing rules for each API method. Finally, the Features policy lets us define multiple features for each package. 3scale API Management adds metadata tags to each package to uniquely identify and map its available features.

    3scale API Management’s packaging scenario is common, and most API management platforms support something similar. In the following sections, we will look at the different types of plans available from 3scale API Management.

  • Fedora Community Blog: Fedora Code of Conduct Report 2020

    In 2020 we had more than two times the number of CoC reports when compared to 2019. Due to dedicating a lot of time and effort to these situations, we spent a significant amount of time trying to understand why this was happening at these rates. We came up with a couple of theories.

    [...]

    As we look forward to 2021, we hope to introduce an updated Code of Conduct, as well as supporting documentation. Reminder to be kind and considerate to each other as we move into year two of pandemic life, there will surely be new challenges to overcome. We all depend on each other to create a community that is healthy, safe, and happy. Most of all, we love seeing folks self-moderate and stand up for the right thing day to day in our community. Keep it up, and keep being awesome Fedora, we <3 you!

  • Pure Storage teams up with IBM to bring OpenShift hybrid workloads to IBM Cloud Satellite

    Global Kubernetes Data Services Platform, Portworx by Pure Storage, has announced a partnership with IBM to enable OpenShift-based data services to run in hybrid cloud environments with performance, data protection, data security, and mobility on IBM Cloud Satellite.

    IBM Cloud Satellite allows clients to run IBM Cloud services no matter whether it is on a cloud, on-premises, in multi-cloud, or at the edge, which IBM’s research is a growing area with increased proliferation of edge devices. This flexibility brings cloud capabilities to where client data resides, allowing organisations to focus on solving business problems. The product builds on IBM’s deep industry expertise across industries such as telecommunications, healthcare, banking, insurance, travel and transportation.

    The Portworx by Pure Storage partnership fuels hybrid cloud environments by helping Government and enterprises manage and modernise workloads from bare-metal to multi-cloud or anything else in between, with Red Hat OpenShift.

IBM/Red Hat/Fedora Leftovers

Filed under
Red Hat
  • Red Hat Risk Report: A tour of 2020's branded security flaws [Ed: Branding is just hype and marketing for FUD agenda]

    An article from December 2020 reported that 2020 had a record high number of CVEs reported for the fourth year in a row (yet another reason to dislike the year!). Across the technical spectrum more than 176,447 CVEs were reported. Back when we started the Red Hat Risk Report the volume of CVEs across all software vendors numbered in the 4,000-8,000 range. The specific reasons for the increase will be debated for some time to come, but the harsh reality is that the organizations need to address a growing number of vulnerabilities each year.

  • Customer Success Stories: Red Hat solutions found around the world

    We regularly publish customer success stories that highlight how we're helping customers gain efficiency and transform the way they deliver software. Read on to see how we helped Tomago Aluminium, the MGEN Group, and Alliance Bank—three customers in three different continents—find success in application deployment, automation, and more.

  • Ben Williams: F33-20210301 updated Live isos released

    The Fedora Respins SIG is pleased to announce the latest release of Updated F33-20210301-Live ISOs, carrying the 5.10.18-200 kernel.

    This set of updated isos will save considerable amounts of updates after install. ((for new installs.)(New installs of Workstation have about 1.1GB+ of updates savings )).

  • Developers can now use IBM’s cloud services across multiple environments with IBM Cloud Satellite

    Today we announced that IBM Cloud Satellite has designed its cloud services to be available across multiple environments — on IBM Cloud, on premises, or at the edge. This is big news for enterprise developers for several reasons.

    The first is that increasingly enterprise developers are being asked to build applications across a wide range of environments, and that trend is only accelerating. A recent IBM Institute for Business Value study found that a typical enterprise uses nearly eight clouds from multiple vendors. There has been a surge in the adoption of hybrid clouds — the combination of public clouds, private clouds, and on-premises IT — noting that in the next three years, hybrid cloud adoption is expected to grow by 47%, and the average organization will be using nearly six clouds.

IBM/Red Hat/Fedora: NeuroFedora, Ansible, IBM Power/OpenShift

Filed under
Red Hat
  • 5 ways to ruin a sysadmin's day

    I don't subscribe to the notion that there's a "sysadmin brain," but there are a few things that really get under a sysadmin's skin. Sysadmins are generally very busy people and might appear to be curt, less-than-amused, or even rude at times. If you've ever heard the old saying, "Don't poke the bear," you should take heed. You have been warned.

    [...]

    Linux sysadmins are passionate about Linux. And, why shouldn't they be passionate about it? It is, after all, the best operating system ever created. See what I did there? If you want to ruin a sysadmin's day, say the opposite of that or disparage Linux in any way. Not only will you receive a litany of insults, rants, and passionate movie and song references, but you might also get a plateful of stale pizza bones* thrown at you.

    Linux sysadmins are Linux sysadmins because they love Linux and probably not for any other reason. There are easier, less stressful jobs to have. Air Traffic Controller often comes to mind as one option. Seriously, ruining a sysadmin's day with anti-Linux dialogue is perhaps the best way to end your friendly relationship and to place you at the bottom of the service request queue.

  • The NeuroFedora Blog: Next Open NeuroFedora meeting: 1 March 1300 UTC

    Please join us at the next regular Open NeuroFedora team meeting on Monday 1 March at 1300UTC in #fedora-neuro on IRC (Freenode). The meeting is a public meeting, and open for everyone to attend.

  • 5 tips for choosing an Ansible collection that's right for you | Opensource.com

    In August 2020, Ansible issued its first release since the developers split the core functionality from the vast majority of its modules and plugins. A few basic Ansible modules remain part of core Ansible—modules for templating configuration files, managing services, and installing packages. All the other modules and plugins found their homes in dedicated Ansible collections.

    This article offers a quick look at Ansible collections in general and—especially—how to recognize high-quality ones.

  • IBM brings Red Hat to Power systems | Network World

    IBM already has what it calls Enterprise Linux on Power, but this is bringing Red Hat, which IBM paid $34 billion to acquire, to its big iron. IBM Power systems now feature Red Hat OpenShift on IBM Power Virtual Server leveraging OpenShift's bare metal installer, Red Hat Runtimes, and newly certified Red Hat Ansible Content Collections.

    Red Hat OpenShift on IBM Power Virtual Server is a move to bring the OpenShift container platform to IBM Power Virtual Server. The IBM Power Virtual Server is an enterprise infrastructure-as-a-service offering built around IBM POWER9 and offering access to more than 200 IBM Cloud services. In addition, IBM Power Virtual Server clients can now run business applications like SAP HANA in an IBM POWER9-based cloud.

IBM/Red Hat/Fedora Leftovers

Filed under
Red Hat
  • Red Hat OpenShift 4.7 Streamlines Application Modernization

    Red Hat OpenShift 4.7 includes the latest version of OpenShift Virtualization. First released in July 2020, OpenShift Virtualization is designed to help organizations break down application barriers between traditional and cloud-native infrastructure and extend control over distributed resources.

  • How I became a Kubernetes maintainer in 4 hours a week

    I have heard (and even said) versions of this sentiment many times since Kubernetes started gaining influence. So, over the last year, I've spent time contributing to the project, and I've found it worth every minute.

    I've discovered that Kubernetes is a project with the right scale for anyone to make an impact in whatever time they have available in their schedule. For me, that was just four hours a week. No more, no less.

    After six months at four hours a week, I found myself the leader of a subgroup that's making a significant difference around non-code contributions to the project.

    I'll share some of what I've learned about contributing to Kubernetes. I hope it helps you find the focus and time to join in.

  • Fedora Community Blog: Friday’s Fedora Facts: 2021-08

    Here’s your weekly Fedora report. Read what happened this week and what’s coming up. Your contributions are welcome (see the end of the post)! The Beta freeze is underway.

    I have weekly office hours on Wednesdays in the morning and afternoon (US/Eastern time) in #fedora-meeting-1. Drop by if you have any questions or comments about the schedule, Changes, elections, or anything else. See the upcoming meetings for more information.

  • Advancing the organization towards hyper versatility and perpetual innovation

    Digital innovation has rarely been more important than it became in 2020, when COVID-19 moved much of the world virtual. In our previous two posts, we discussed what shapes digital innovation and how critical it is in underpinning the business. In this post, we'll discuss the building blocks for digital innovation.

  • 2021 is the year that open source overcomes its diversity problems [Ed: Racist and sexist company has decided to pose or pretend to be the opposite of what it really is.]

    As the 2020 StackOverflow survey pointed out, technology companies — and many open source communities — have a diversity problem. While the majority of developers currently come from a white, male background, the momentum is shifting to create more inclusive, diverse communities.

    Research shows that diverse open source projects are more productive and make better decisions. This starts with creating teams that have a greater representation of gender, race, socioeconomic standings, ethnic backgrounds, and the like.

    Many open source communities are recognizing the need for new initiatives and a cohesive focus to tackle the lack of diversity in their projects. I predict that in 2021, building off the momentum of this past year’s focus on social inequality and steps made by open source-minded companies and foundations, open source communities will continue to increase the diversity of their communities so that it becomes the rule and not the exception.

    [...]

    As noted, communities need to actively work to remove barriers to increasing diversity. Here are a few examples of such efforts. Some of these are by IBM — which I of course have the most insight into — but this goes far beyond us. I believe we need to see more of these everywhere!

Rocky Linux, The CentOS Alternative, is now Using Gitlab

Filed under
GNU
Linux
Red Hat

This is a good example, that, Rocky Linux is now using GitLab, not GitHub, for its public development (software packaging) that everyone can join. We see in February 2021 it proudly presents its own serve we can see it here https://git.rockylinux.org. Rocky is a continuation of CentOS GNU/Linux which is now in rapid development with its rapidly growing (despite new) community. This means Rocky is following Debian, Trisquel OS and the other big OS projects to use the Free Software code hosting GitLab (and alike). This is certainly a good news to see more libre software forge being used in real life by big projects. To contribute to Rocky, especially when you are sysadmins and in server businesses, you can click here to Get Involved. Finally, I wish the best for Rocky and its development.

Read more

Red Hat/Fedora Leftovers

Filed under
Red Hat
  • Red Hat Refines Kubernetes for Both Traditional and Cloud-Native Applications with Latest Version of Red Hat OpenShift

    Red Hat, Inc., the world's leading provider of open source solutions, today announced Red Hat OpenShift 4.7, the latest version of the industry’s leading enterprise Kubernetes platform. Designed to simplify and accelerate application modernization, the latest version of Red Hat OpenShift is based on Kubernetes 1.20 and helps remove the strain on IT teams as they seek to unite traditional applications with cloud-native. All of these new capabilities are built on the consistent platform that Red Hat OpenShift provides across the open hybrid cloud.

  • Contribute at the Fedora Audio, Kernel 5.11 and i18n test days

    Fedora test days are events where anyone can help make sure changes in Fedora work well in an upcoming release. Fedora community members often participate, and the public is welcome at these events. If you’ve never contributed to Fedora before, this is a perfect way to get started.

  • Red Hat opens the door for both VMs and containers in its latest OpenShift release | ZDNet

    Kubernetes is great for managing containers. But, as popular as containers are, we're still running a lot of applications on virtual machines (VM). Wouldn't it be nice if you could use Kubernetes to orchestrate both your containers and VMs? Red Hat certainly thinks so, and with the release of Red Hat OpenShift 4.7, you can use their Kubernetes distribution to manage both your older mission-critical and newer cloud-native applications.

  • QElectroTech version 0.80 - Remi's RPM repository - Blog

    RPM of QElectroTech version 0.80, an application to design electric diagrams, are available in remi for Fedora and Enterprise Linux ≥ 8.

    A bit more than 1 year after the version 0.70 release, the project have just released a new major version of their electric diagrams editor.

IBM/Red Hat Leftovers

Filed under
Red Hat
  • 3 solid self-review tips for sysadmins | Enable Sysadmin

    At every job I’ve held, the general opinion about self-reviews tends to fall into one of two categories. Either employees view them as arduous and frustrating or they simply don’t care about them. However, I believe that a well-written self-review can help you accelerate your career, whether your goal is a raise, a promotion, or merely some well-deserved recognition for your efforts. In this article, I’ll discuss my approach to performance reviews. While there is no one-size-fits-all strategy, this approach has served me well through several organizations and positions.

  • Red Hat OpenShift drives a strong 5G open RAN ecosystem

    As the telecommunications industry ramps up its evolution towards cloud-native architectures and containers, communications service providers (CSPs) are working to scale their networks to support increased demand. In this effort, open radio access network (RAN) solutions offer standardized disaggregation of the RAN, decoupling hardware and software, to give CSPs more freedom of choice. Many organizations are looking to implement a container platform like Red Hat OpenShift that is ready to take on the intensive demands of this evolution for their RAN and for new 5G use cases, such as network slicing, IoT and industrial IoT. Moving to a cloud-native platform creates the opportunity for many of them to work with new suppliers, boost innovation and better differentiate using new operating models.

    Red Hat is excited to play a key role in this transformation. Last year, we shared the news of our expanded collaboration with Altiostar to develop an infrastructure and workload automation framework for a container-based RAN reference architecture that allows a consistent approach to a disaggregated RAN for both our customer and partner ecosystem. We’re now excited to build on this momentum by extending our architecture in collaboration with Mavenir, to transform mobile network infrastructures.

  • AIOps vs. MLOps: What's the difference?

    In late 2019, O'Reilly hosted a survey on artificial intelligence (AI) adoption in the enterprise. The survey broke respondents into two stages of adoption: Mature and Evaluation.

    When asked what's holding back their AI adoption, those in the latter category most often cited company culture. Trouble identifying good use cases for AI wasn't far behind.

  • Debuginfod project update: New clients and metrics - Red Hat Developer

    It’s been about a year since our last update about debuginfod, an HTTP file server that serves debugging resources to debugger-like tools. Since then, we’ve been busy integrating clients across a range of developer tools and improving the server’s available metrics. This article covers the features and improvements we’ve added to debuginfod since our last update.

    [...]

    Debuginfod is a part of the elfutils project. Tools that already use elfutils to find or analyze debugging resources automatically inherit debuginfod support. Tools like Systemtap, Libabigail, and dwgrep all inherit debuginfod this way. In Systemtap, for example, debuginfod offers new ways to specify which processes to probe. Previously, if you wanted to explore a running user process, you would have to provide either a process identifier (PID) or the executable path. With debuginfod, Systemtap can probe processes according to build-id, as well. So, it is possible to investigate specific versions of a binary independently from the location of the corresponding executable file.

    Debuginfod includes a client library (libdebuginfod) that lets other tools easily query debuginfod servers for source files, executables, and of course, debuginfo—generally, DWARF (debugging with attributed record format) debuginfo. Since last year, a variety of developer tools have integrated debuginfod clients. As of version 2.34, Binutils includes debuginfod support for its components that use separate debuginfo (readelf and objdump). Starting in version 9.03, the Annobin project contains debuginfod support for fetching separate debuginfo files, and support for Dyninst is planned in version 10.3.

  • Fedora Community Blog: A sneak peek at Fedora Zine

    So my Outreachy internship is winding to a close, as is the creation of the first-ever edition of our very own Fedora Zine!

    It has been a crazy journey so far and I have thoroughly enjoyed working on this awesome project, especially getting to see and work with all of these great submissions from the community. I have learned so much; from how to balance my design visually, how to pair fonts and use other typographic effects, how to use guides for a perfectly aligned design and also that you should read your printing specs very, very carefully before getting to work on a project.

Extending no-cost Red Hat Enterprise Linux to open source organizations

Filed under
Linux
Red Hat
OSS

Today, we’re announcing a new, no-cost program tailored for the needs and requirements of projects, foundations and more: Red Hat Enterprise Linux (RHEL) for Open Source Infrastructure. Joining a growing set of no-cost and low-cost programs, RHEL for Open Source Infrastructure provides a simpler, clearer and documented process for projects, communities, standards bodies and other not-for-profit software groups engaged with open source to gain access to RHEL subscriptions. While we plan to continue to refine this latest program, we wanted to outline what is available now for interested parties.

Read more

Also: Red Hat Announces Free "RHEL For Open-Source Infrastructure"

Syndicate content

More in Tux Machines

Python: Security and NumPy 1.20 Release

  • Python Package Index nukes 3,653 malicious libraries uploaded soon after security shortcoming highlighted

    The Python Package Index, also known as PyPI, has removed 3,653 malicious packages uploaded days after a security weakness in the use of private and public registries was highlighted. Python developers use PyPI to add software libraries written by other developers in their own projects. Other programming languages implement similar package management systems, all of which demand some level of trust. Developers are often advised to review any code they import from an external library though that advice isn't always followed. Package management systems like npm, PyPI, and RubyGems have all had to remove subverted packages in recent years. Malware authors have found that if they can get their code included in popular libraries or applications, they get free distribution and trust they haven't earned. Last month, security researcher Alex Birsan demonstrated how easy it is to take advantage of these systems through a form of typosquatting that exploited the interplay between public and private package registries.

  • A pair of Python vulnerabilities [LWN.net]

    Two separate vulnerabilities led to the fast-tracked release of Python 3.9.2 and 3.8.8 on February 19, though source-only releases of 3.7.10 and 3.6.13 came a few days earlier. The vulnerabilities may be problematic for some Python users and workloads; one could potentially lead to remote code execution. The other is, arguably, not exactly a flaw in the Python standard library—it simply also follows an older standard—but it can lead to web cache poisoning attacks. [...] [Update: As pointed out in an email from Moritz Muehlenhoff, Python 2.7 actually is affected by this bug. He notes that python2 on Debian 10 ("Buster") is affected and has been updated. Also, Fedora has a fix in progress for its python2.7 package.]

  • NumPy 1.20 has been released

    NumPy is a Python library that adds an array data type to the language, along with providing operators appropriate to working on arrays and matrices. By wrapping fast Fortran and C numerical routines, NumPy allows Python programmers to write performant code in what is normally a relatively slow language. NumPy 1.20.0 was announced on January 30, in what its developers describe as the largest release in the history of the project. That makes for a good opportunity to show a little bit about what NumPy is, how to use it, and to describe what's new in the release. [...] NumPy adds a new data type to Python: the multidimensional ndarray. This a container, like a Python list, but with some crucial differences. A NumPy array is usually homogeneous; while the elements of a list can be of various types, an ndarray will, typically, only contain a single, simple type, such as integers, strings, or floats. However, these arrays can instead contain arbitrary Python objects (i.e. descendants of object). This means that the elements will, for simple data types, all occupy the same amount of space in memory. The elements of an ndarray are laid out contiguously in memory, whereas there is no such guarantee for a list. In this way, they are similar to Fortran arrays. These properties of NumPy arrays are essential for efficiency because the location of each element can be directly calculated. Beyond just adding efficient arrays, NumPy also overloads arithmetic operators to act element-wise on the arrays. This allows the Python programmer to express computations concisely, operating on arrays as units, in many cases avoiding the need to use loops. This does not turn Python into a full-blown array language such as APL, but adds to it a syntax similar to that incorporated into Fortran 90 for array operations.

4 Best Free and Open Source Graphical MPD Clients

MPD is a powerful server-side application for playing music. In a home environment, you can connect an MPD server to a Hi-Fi system, and control the server using a notebook or smartphone. You can, of course, play audio files on remote clients. MPD can be started system-wide or on a per-user basis. MPD runs in the background playing music from its playlist. Client programs communicate with MPD to manipulate playback, the playlist, and the database. The client–server model provides advantages over all-inclusive music players. Clients can communicate with the server remotely over an intranet or over the Internet. The server can be a headless computer located anywhere on a network. There’s graphical clients, console clients and web-based clients. To provide an insight into the quality of software that is available, we have compiled a list of 4 best graphical MPD clients. Hopefully, there will be something of interest here for anyone who wants to listen to their music collection via MPD. Here’s our recommendations. They are all free and open source goodness. Read more

LWN on Kernel: 5.12 Merge, Lockless Algorithms, and opy_file_range()

  • 5.12 Merge window, part 1 [LWN.net]

    The beginning of the 5.12 merge window was delayed as the result of severe weather in the US Pacific Northwest. Once Linus Torvalds got going, though, he wasted little time; as of this writing, just over 8,600 non-merge changesets have been pulled into the mainline repository for the 5.12 release — over a period of about two days. As one might imagine, that work contains a long list of significant changes.

  • An introduction to lockless algorithms [LWN.net]

    Low-level knowledge of the memory model is universally recognized as advanced material that can scare even the most seasoned kernel hackers; our editor wrote (in the July article) that "it takes a special kind of mind to really understand the memory model". It's been said that the Linux kernel memory model (and in particular Documentation/memory-barriers.txt) can be used to frighten small children, and the same is probably true of just the words "acquire" and "release". At the same time, mechanisms like RCU and seqlocks are in such widespread use in the kernel that almost every developer will sooner or later encounter fundamentally lockless programming interfaces. For this reason, it is a good idea to equip yourself with at least a basic understanding of lockless primitives. Throughout this series I will describe what acquire and release semantics are really about, and present five relatively simple patterns that alone can cover most uses of the primitives.

  • How useful should copy_file_range() be? [LWN.net]

    Its job is to copy len bytes of data from the file represented by fd_in to fd_out, observing the requested offsets at both ends. The flags argument must be zero. This call first appeared in the 4.5 release. Over time it turned out to have a number of unpleasant bugs, leading to a long series of fixes and some significant grumbling along the way. In 2019 Amir Goldstein fixed more issues and, in the process, removed a significant limitation: until then, copy_file_range() refused to copy between files that were not located on the same filesystem. After this patch was merged (for 5.3), it could copy between any two files, falling back on splice() for the cross-filesystem case. It appeared that copy_file_range() was finally settling into a solid and useful system call. Indeed, it seemed useful enough that the Go developers decided to use it for the io.Copy() function in their standard library. Then they ran into a problem: copy_file_range() will, when given a kernel-generated file as input, copy zero bytes of data and claim success. These files, which include files in /proc, tracefs, and a large range of other virtual filesystems, generally indicate a length of zero when queried with a system call like stat(). copy_file_range(), seeing that zero length, concludes that there is no data to copy and the job is already done; it then returns success. But there is actually data to be read from this kind of file, it just doesn't show in the advertised length of the file; the real length often cannot be known before the file is actually read. Before 5.3, the prohibition on cross-filesystem copies would have caused most such attempts to return an error code; afterward, they fail but appear to work. The kernel is happy, but some users can be surprisingly stubborn about actually wanting to copy the data they asked to be copied; they were rather less happy.

Banana Pi BPI-M2 Pro is a compact Amlogic S905X3 SBC

Banana Pi has already designed an Amlogic S905X3 SBC with Banana Pi BPI-M5 that closely follows Raspberry Pi 3 Model B form factor, but they’ve now unveiled a more compact model with Banana Pi BPI-M2 Pro that follow the design of the company’ earlier BPI-MP2+ SBC powered by the good old Allwinner H3 processor. BPI-M2 Pro comes with 2GB RAM, 16GB eMMC storage, HDMI video output, Gigabit Ethernet, Wifi & Bluetooth connectivity, as well as two USB 3.0 ports. Read more