Language Selection

English French German Italian Portuguese Spanish

Red Hat

Richard Hughes: Breaking apart Dell UEFI Firmware CapsuleUpdate packages

Filed under
Red Hat
Hardware
GNOME

When firmware is uploaded to the LVFS we perform online checks on it. For example, one of the tests is looking for known badness like embedded UTF-8/UTF-16 BEGIN RSA PRIVATE KEY strings. As part of this we use CHIPSEC (in the form of chipsec_util -n uefi decode) which searches the binary for a UEFI volume header which is a simple string of _FVH and then decompresses the volumes which we then read back as component shards. This works well on plain EDK2 firmware, and the packages uploaded by Lenovo and HP which use IBVs of AMI and Phoenix. The nice side effect is that we can show the user what binaries have changed, as the vendor might have accidentally forgotten to mention something in the release notes.

Read more

A beginner's guide to Silverblue

Filed under
Red Hat

At Red Hat Summit 2019, I became fascinated with Fedora Silverblue, an immutable (i.e., unchangeable) variant of Fedora Workstation that primarily uses Flatpak to install apps. I've used Fedora for nearly three years (and Linux for about 22 years) and recently upgraded my machines (home and work) to Fedora 30. But I liked the idea of an immutable desktop and resolved to try it out when I got home.

According to the Fedora Silverblue User Guide:

"Fedora Silverblue is an immutable desktop operating system. It aims to be extremely stable and reliable. It also aims to be an excellent platform for developers and for those using container-focused workflows."

The day I returned from Red Hat Summit, I downloaded the latest image of Silverblue from the main Silverblue website. I burned it to a USB drive (do you really "burn" to a USB drive?) and tried to install it. The process failed, but I was jet-lagged, so I headed to bed suspecting that the problem might lie with the USB drive—I've found that about 50% of USB drives have problems when you try to install Linux from them. I woke up early (jet lag still), found a new USB drive, and tried again.

Read more

Also: PHP version 7.1.30, 7.2.19 and 7.3.6

GNOME and Fedora/Red Hat: Translation, Rust, Sysprof and EPEL

Filed under
Red Hat
GNOME
  • Why translation platforms matter

    In my opinion, the GNOME platform offers the best translation platform for the following reasons:

    Its site contains both the team organization and the translation platform. It's easy to see who is responsible and their roles on the team. Everything is concentrated on a few screens.
    It's easy to find what to work on, and you quickly realize you'll have to download files to your computer and send them back once you modify them. It's not very sexy, but the logic is easy to understand.
    Once you send a file back, the platform can send an alert to the mailing list so the team knows the next steps and the translation can be easily discussed at the global level (rather than commenting on specific sentences).
    It has 297 languages.
    It shows clear percentages on progress, both on basic sentences and advanced menus and documentation.
    Coupled with a predictable GNOME release schedule, everything is available for the community to work well because the tool promotes community work.

    If we look at the Debian translation team, which has been doing a good job for years translating an unimaginable amount of content for Fedora (especially news), we see there is a highly codified translation process based exclusively on emails with a manual push in the repositories. This team also puts everything into the process, rather than the tools, and—despite the considerable energy this seems to require—it has worked for many years while being among the leading group of languages.

    My perception is that the primary issue for a successful translation platform is not based on the ability to make the unitary (technical, translation) work, but on how it structures and supports the translation team's processes. This is what gives sustainability.

    The production processes are the most important way to structure a team; by putting them together correctly, it's easy for newcomers to understand how processes work, adopt them, and explain them to the next group of newcomers.

    To build a sustainable community, the first consideration must be on a tool that supports collaborative work, then on its usability.

    This explains my frustration with the Zanata tool, which is efficient from a technical and interface standpoint, but poor when it comes to helping to structure a community. GIven that translation is a community-driven process (possibly one of the most community-driven processes in open source software development), this is a critical problem for me.

  • Federico Mena-Quintero: Bzip2 in Rust - Basic infrastructure and CRC32 computation

    I have started a little experiment in porting bits of the widely-used bzip2/bzlib to Rust. I hope this can serve to refresh bzip2, which had its last release in 2010 and has been nominally unmaintained for years.

    I hope to make several posts detailing how this port is done. In this post, I'll talk about setting up a Rust infrastructure for bzip2 and my experiments in replacing the C code that does CRC32 computations.

  • Sysprof Developments

    Earlier this month, Matthias and I teamed up to push through some of our profiling tooling for GTK and GNOME. We took the occasional work I had done on Sysprof over the past few years and integrated that into the GTK-4.x tree.

    Sysprof uses a binary log file to store information about execution in a matter that is easy to write-buffer and read-back using positioned reads. It helps keep the sampling overhead of sysprof low. But it’s too detail oriented for each application supporting the format to write. To make this stuff reusable I created a libsysprof-capture-3.a static library we embed from various layers of the platform.

    GTK-4.x is now using this. Builder itself uses it to log internal statistics, tracing data, and counters for troubleshooting. I’ve also put forward patches for GJS to integrate with it. Georges revamped and pushed forward a prototype by Jonas to integrate with Mutter/Shell and get us frame timings and Cogl pipeline data. With some work we can finish off the i915 data sources that Eric Anholt did to correlate GPU commands too.

    What this means for developers is that soon we’ll be able to capture system information from various layers in the stack and correlate them using similar clocks. We’re only scratching the surface right now, but it’s definitely promising. It’s already useful to quantify the true performance improvements of merge-requests in Mutter and Shell.

  • Sysprof Making Progress For Improved GNOME Profiling

    Christian Hergert of GNOME Builder IDE fame has been working on a round of improvements recently to the Sysprof tool he also leads development on for system profiling in determining the hot functions of a program and related profiling mostly around GNOME components.

    One of the main additions has been adding support to GTK4 for Sysprof's new engine and he is planning on plumbing that new engine support through to at least Mutter and GJS while potentially back-porting it to the likes of GTK3.

  • EPEL Proposal: EPEL Wagontrain (aka Steve Gallagher's EPEL 8 Branch Strategy)

What's new with Red Hat Enterprise Linux 8 and Red Hat Virtualization

Filed under
Red Hat

Red Hat Enterprise Linux (RHEL) 8 is based upon the principles of "operational consistency, security, and cloud foundation." Utilizing kernel 4.18x, RHEL 8 is based on Fedora 28 and will run on Intel/AMD 64-bit processors as well as IBM Power LE, IBM z Systems, and ARM 64-bit.

Red Hat has sought to reduce complexity in RHEL 8, which comes with ten guaranteed years of enterprise support. Their model involves repositories for the base operating system as well as application streams for flexible lifecycle options, which offer multiple versions of databases, languages, various compilers, and other tools to help facilitate the use of RHEL for business models.
Build-in defaults in RHEL 8 include tuned profiles for database options (ready-to-go options out of the box) and ansible system roles to provide a common configuration interface (ensuring standardization and reliability)
The RHEL 8 YUM package manager is now based on the Dandified Yum (DNF) technology, which supports modular content, better performance, and a stable API for integration with tooling. User feedback indicated that "yum is a lot faster than it used to be, and all the commands work well."
Red Hat Insights (tools to provide system administrators with analytics, machine learning, and automation controls) are now included in RHEL 8 along with a session recording feature, which can record and playback user terminal sessions for better security and training capabilities.

Read more

HPC Chips, IBM and Red Hat on Servers

Filed under
Red Hat
Server
Hardware
  • Tachyum Boots Linux on Universal Processor Chip

    Today Tachyum announced it has successfully deployed the Linux OS on its Prodigy Universal Processor architecture, a foundation for 64-core, ultra-low power, high-performance processor. Running an OS directly and natively on its chip, without the need for host processors or other expensive components, reduces the cost of at-scale data centers and enables nearly unlimited flexibility in use.

  • Powering the Future of HPC & AI with OpenPOWER

    It is coming up on one year that the Summit supercomputer based on IBM POWER9 at Oak Ridge National Lab claimed the number one spot on the Top500 ranking. This system represents the culmination of a significant collaboration between OpenPOWER foundation members IBM, Nvidia, Mellanox and Red Hat with the goal of producing well a balanced computing platform for not only traditional HPC workloads such as modelling and simulation, but also AI workloads. With this milestone approaching, we took the opportunity to catch-up with Hugh Blemings, Executive Director at the OpenPOWER Foundation to chat about the foundation, and what lies ahead.

  • The limits of compatibility and supportability with containers

    Many folks who do container development have run Alpine container images. You might have run Fedora, Red Hat Enterprise Linux (RHEL), CentOS, Debian, and Ubuntu images as well. If you are adventurous, you may have even run Arch, Gentoo, or dare I say, really old container images - like, RHEL 5 old.

    If you have some experience running container images, you might be led to believe that anything will just work, all the time, because containers are often thought to be completely portable across time and space. And a lot of the time, they do work! (Until they don't.)

    It’s easy to assume that there is nothing to worry about when mixing and matching the container image userspace and host operating system. This post intends to give a realistic explanation on the limits of compatibility with container images, and demonstrate why bring your own images (BYI) isn't a workable enterprise solution..

  • Unlocking new levels of operational efficiency in financial services

    The financial services industry is changing. While the fundamental principles that the industry is built on remain the same—such as trust, value and customer service—the way financial organizations deliver on these values is far different from what it once was. We are now in an always-on, ever-connected world where banking customers expect to have access to accounts, information and services whenever and wherever they want, and the way organizations handle these operations can make or break the overall customer experience - and the bottom line.

    Financial services institutions need to find a balance between driving new innovations and keeping costs in check—all while meeting regulatory requirements. This culture of real-time engagement and access to information is leading organizations to not only reexamine business operational processes but also to think critically about the capabilities their core back-end banking systems provide, making changes and modernizing systems to keep pace.

  • Multi-architecture OpenShift containers

    Following the initial release of RHEL8-based OpenJDK OpenShift container images, we have now pushed PPC64LE and Aarch64 architecture variants to the Red Hat Container Registry. This is the first time I've pushed Aarch64 images in particular, and I'm excited to work on Aarch64-related issues, should any crop up!

Red Hat and Fedora Miscellany

Filed under
Red Hat
  • AND…now comes digital transformation…

    Hope you all got home safely after a great Red Hat Summit 2019 in Boston. AND was the theme, and it was all about scaling your technology and culture to meet the specific challenges you face – especially in the area of digital transformation for your business.

    One thing that we took away from all the presentations and demos was that hybrid cloud is the infrastructure of choice for enterprises today. We see that enterprises continue to invest in both private and public cloud options for improved operations and greater productivity. Hybrid cloud allows IT managers to control costs and increase security through optimized workload placement.

  • Firefox & Wayland HiDPI screens

    When comes to HiDPI screens and resolutions Firefox has always had some technical debts there. Wayland slightly improved it but we still miss clean user experience.

    We tried hard to improve it and the last piece – hi-res widget rendering – landed in upcoming Firefox 68 (recently Beta). That means Firefox should be fully compatible with HiDPI screens and you shouldn’t see any glitches there.

  • Announcing Alberto Rodríguez Sánchez as next CommOps team lead

    The CommOps team is happy to announce Alberto Rodríguez Sánchez (bt0dotninja) as the next CommOps team lead. Alberto contributes to the CommOps team since July 2016 as a leading member. Starting in the Fedora 30 release cycle, he will succeed leadership from Justin W. Flory.

    Fedora CommOps started in 2015 from a vision. The vision was to enable a new kind of contributor: contributors who worked within Fedora to support sustainable community management practices among other teams of Fedora contributors.

  • Plymouth Adds New Firmware Upgrade Mode For Better Fwupd Integration

    Plymouth, the Linux graphical boot splash screen system/interface used by most Linux distributions out there, now has a "firmware upgrade mode" for offering a tighter level of integration with Fwupd when performing system BIOS/firmware updates.

    The firmware upgrade mode for Plymouth was written by Fwupd/LVFS lead developer Richard Hughes. Richard is employed by Red Hat along with the Plymouth and Fwupd development all being started by and driven by Red Hat developers. This firmware upgrade mode allows for providing localized text string translations for during the firmware update process and also for displaying the vendor BIOS logo (on supported systems) during the firmware update process.

Red Hat and Fedora: Red Hat Satellite, CRI-O and Podman, EPEL Proposal, Outreachy, NeuroFedora and Cockpit

Filed under
Red Hat
  • Red Hat Satellite Ask Me Anything Q&A from April 2019

    For anyone not familiar, the Satellite AMAs are an ask me anything-style event where we invite Red Hat customers to bring all of their questions about Red Hat Satellite, drop them in the chat, and members of the Satellite product team will answer as many of them live as we can during the AMA and we then follow up with a blog post detailing the questions and answers.

  • Why Red Hat is investing in CRI-O and Podman

    As an engineering organization, Red Hat is investing in CRI-O and Podman, participating in the Open Containers Initiative standards body, testing performance and security, as well as driving architectural changes in a number of container projects because the underlying shared components help drive innovation in its products like Red Hat OpenShift and Red Hat Enterprise Linux. These investments are closely related to the operating system itself and provide our customers with the best products we can produce.

  • EPEL Proposal: EPEL Master branch AKA Rawhide

    In order to allow for the ability for faster availability of packages, add rawhide branches for EPEL-7 and EPEL-8. These branches would allow developers to build new packages they aren't sure are ready for either EPEL-N or EPEL-N-testing, and would allow for faster rebuilds of newer features when RHEL has a large feature change. 

  • FHP: Outreachy! Is it that hard to crack?

    Getting into one of the reputed internship programs might seem scary and unachievable especially when you don’t consider yourself an expert in that field, but trust me it’s not that hard to get into. How can I say this with so much certainty? Well, I got into Outreachy, one of the prestigious internships as a Fedora intern and through this article, I want to share my journey with you all.

  • Fedora science/research get together at Flock

    This year, Flock will be held in Budapest from August 8--11. As part of NeuroFedora, we've already proposed a talk to discuss how Free/Open source software links very very well with Free/Open science. Please see the proposal here, and give feedback: https://pagure.io/flock/issue/112.

    Apart from that, given that a large number of community members congregate at Flock, it may be a good chance to get together those of us that work in science/research and related areas. So, if you are planning to attend Flock and work in, or are interested in science/research, please drop a note at this tracker ticket: https://pagure.io/neuro-sig/NeuroFedora/issue/242

  • Cockpit Project: Cockpit 195

    It’s now easier to configure Cockpit’s web server cockpit-ws to run behind a TLS termination proxy. If the proxy runs on the same machine, then cockpit-ws can be run with the new --for-tls-proxy option, which will adjust the allowed Origins and Content-Security-Policy to https:// URLs. With this option, it’s no longer necessary to explicitly configure cockpit.conf.

Fedora 28 End of Life

Filed under
Red Hat

With the recent release of Fedora 30, Fedora 28 officially enters End Of Life (EOL) status effective May 28, 2019. This impacts any systems still on Fedora 28. If you’re not sure what that means to you, read more below.

At this point, packages in the Fedora 28 repositories no longer receive security, bugfix, or enhancement updates. Furthermore, the community adds no new packages to the Fedora 28 collection starting at End of Life. Essentially, the Fedora 28 release will not change again, meaning users no longer receive the normal benefits of this leading-edge operating system.

There’s an easy, free way to keep those benefits. If you’re still running an End of Life version such as Fedora 28, now is the perfect time to upgrade to Fedora 29 or to Fedora 30. Upgrading gives you access to all the community-provided software in Fedora.

Read more

Fedora: Flatpak, NeuroFedora and More

Filed under
Red Hat

When the future isn't clear, don't make a plan

Filed under
Red Hat
OSS

For the past two years at Red Hat Summit, I've argued that traditional planning is dead. The increasing speed of technological innovation, as well as the shift to more open styles of production and organization, are forcing everyone to rethink how we go about setting, executing on, and measuring performance against goals.

Those who've heard me talk about this have been sympathetic—but also skeptical. "I see your point," executives tell me, "but I still need to do something to prepare my organization for the future. And isn't that planning?"

Read more

Syndicate content

More in Tux Machines

Software: NetworkManager, Browsers, Microsoft Powerpoint Alternatives and Guix Substitutes

  • NetworkManager Now Supports Making OVS DPDK Interfaces, Other Work For 1.20
    NetworkManager 1.19.4 is the newest snapshot of this widely used Linux networking library on its road to version 1.20. NetworkManager 1.19.4 was tagged last week as the latest stepping stone towards the NetworkManager 1.20 stable release. A new feature also making it into NM this past week was support for creating OVS DPDK interfaces -- that's the Open vSwitch Data Plane Development Kit. Open vSwitch's DPDK path allows for lower-latency and higher-performance connectivity between OpenStack compute node instances and now with NetworkManager 1.20 is this better OVS-DPDK integration.
  • 4 best browsers that don't save your history and personal data [Ed: Microsoft Windows advocacy sites cannot recommend Microsoft anything for privacy]
    Tor is another great browser heavily focused on user privacy and security. It’s available for Windows, MacOS, and GNU/Linux in 32-bit and 64-bit versions that are constantly updated. Its main focus is on anonymity. Based on a modified Firefox ESR, it contains things like NoScript and HTTPS-Everywhere. The browser works in a network that promises to protect a user‘s browsing history, location, messages, and any online personal data from people or bots that perform network traffic analysis. Tor network is a web of servers operated by volunteers. Their aim is to keep browsing data as secure as it can be. With Tor, you don’t have to worry about browsing history, saved passwords or auto-completion data. Also, it’s worth mentioning that Tor is the only browser that uses onion services. This means that users can publish websites and other services without revealing the location.
  • Microsoft Powerpoint Alternatives For Linux
    This post is for you if you are looking for the best alternative to Microsoft powerpoint alternatives for Linux operating systems. Microsoft’s office suite is one of the most popular software after Microsoft Windows and there won’t be any objection if we say that Windows is popular because of the MS office suite.
  • Substitutes are now available as lzip
    For a long time, our build farm at ci.guix.gnu.org has been delivering substitutes (pre-built binaries) compressed with gzip. Gzip was never the best choice in terms of compression ratio, but it was a reasonable and convenient choice: it’s rock-solid, and zlib made it easy for us to have Guile bindings to perform in-process compression in our multi-threaded guix publish server. With the exception of building software from source, downloads take the most time of Guix package upgrades. If users can download less, upgrades become faster, and happiness ensues. Time has come to improve on this, and starting from early June, Guix can publish and fetch lzip-compressed substitutes, in addition to gzip.

Red Hat's OpenShift and Fedora's Latest

  • Enhanced OpenShift Red Hat AMQ Broker container image for monitoring
    Previously, I blogged about how to enhance your JBoss AMQ 6 container image for production: I explained how to externalise configuration and add Prometheus monitoring. While I already covered the topic well, I had to deal with this topic for version 7.2 of Red Hat AMQ Broker recently, and as things have slightly changed for this new release, I think it deserves an updated blog post! This post is a walk-through on how to enhance the base Red Hat AMQ Broker container image to add monitoring. This time we’ll see how much easier it is to provide customizations, even without writing a new Dockerfile. We will even go a step further by providing a Grafana dashboard sample for visualising the broker metrics.
  • Event Report - Fedora Meetup 15th June 2019, Pune, India
    We started planning for this one month back. Since we are doing this meetup regularly now, most of the things were known, only execution was required.
  • Outreachy with Fedora Happiness Packets: Phase 1
    It’s been around 20 days that I have been working on an Outreachy internship project with The Fedora Project. I have been working on some of the pending issues, miscellaneous bugs and cleaning up code in Fedora Happiness Packets. This month has been quite fun, which includes great learning through the entire process

today's howtos

SUSE: SLE 12 Service Pack 5 Beta 1 and More

  • SUSE Linux Enterprise 12 Service Pack 5 Beta 1
  • A demo based introduction to SUSE Cloud Application Platform
    At the recent SUSECON conference in Nashville, Peter Andersson and Peter Lunderbye from SUSE demonstrated SUSE Cloud Application Platform, including pushing your first app, buildpacks: what are they and how they can be utilised, scaling and how easy the platform makes it, and how to improve resiliency and availability of your app. SUSE has posted all recorded talks from SUSECON on YouTube. Check them out if you want to learn more about what SUSE has to offer. We’re not just Linux anymore! I’ll be posting more SUSE Cloud Application Platform talks here over the coming days.
  • Enabling Discoveries with AI and HPC (and the Rise of Helium)
    This week I am attending the International Supercomputing conference in Frankfurt, and I am in awe of the scientists and researchers that are here and their ability to dig in and understand super complex problems in very specialized areas.  While I am humbled by the world-changing work represented at a conference like this, I am also honored to be playing a small part in their success.  With the next iteration of SUSE Linux Enterprise High Performance Computing 15 SP1, we’ve expanded and refreshed our bundle of popular HPC tools and libraries that we make available along with every subscription to our SLE HPC operating system.