In the final filesystem session at the 2022 Linux Storage, Filesystem, Memory-management and BPF Summit (LSFMM), David Howells led a discussion on a filesystem optimization that is causing various kinds of problems. Extent-based filesystems have data structures that sometimes do not reflect the holes that exist in files. Reads from holes in sparse files (i.e. files with holes) must return zeroes, but filesystems are not obligated to maintain knowledge of the holes beyond that, which leads to the problems.
Howells began by describing the problem, which he first encountered with files cached using FS-Cache, but he has found that it is actually more widespread. When there is a file on an extent-based filesystem (which is ext4, XFS, and Btrfs for Linux) that has a small gap between two extents, the filesystem will sometimes merge the extents, filling in the gap with zeroes. That is done to reduce the extent list for the file, though it increases the amount of storage used on the disk. The opposite can also happen, when the filesystem sees a huge block of zeroes in a file, it can save disk space by creating two extents with a gap between them, though that is seemingly less of a problem for Howells.
I recently had cause to reflect on the changes to the NFS (Network File System) protocol over the years and found that it was a story worth telling. It would be easy for such a story to become swamped by the details, as there are many of those, but one idea does stand out from the rest. The earliest version of NFS has been described as a "stateless" protocol, a term I still hear used occasionally. Much of the story of NFS follows the growth in the acknowledgment of, and support for, state. This article looks at the evolution of NFS (and its handling of state) during the early part of its life; a second installment will bring the story up to the present.
By "state" I mean any information that is remembered by both the client and the server, and that can change on one side, thus necessitating a change on the other. As we will see, there are many elements of state. One simple example is file content when it is cached on the client, either to eliminate read requests or to combine write requests. The client needs to know when cached data must be flushed or purged so that the client and server remain largely synchronized. Another obvious form of state is file locks, for which the server and client must always agree on what locks the client holds at any time. Each side must be able to discover when the other has crashed so that locks can be discarded or recovered.
Vim is a free and open-source, screen-based text editor program. The program is designed for use both from a command-line interface and as a standalone application in a graphical user interface. Vim is released under the Vim license, which includes some charityware clauses that encourage users who enjoy the software to consider donating to children in Uganda.
The Vim license is compatible with the GNU General Public License through a special clause allowing distribution of modified copies under the GNU GPL version 2.0 or later.
Since its release for the Amiga, cross-platform development has made it available on many other systems.
Old school editor fans, rejoice: some two and a half years after version 8.2, Vim 9 is here with a much faster scripting language.
Vim 9 has only a single big new feature: a new scripting language, Vim9script. The goal is to "drastically" improve the performance of Vim scripts, while also bringing the scripting language more into line with widely used languages such as JavaScript, TypeScript, and Java.
The existing scripting language, Vimscript, remains and will still work. Only scripts beginning with the line vim9script will be handled differently. The syntax changes are relatively modest; the important differences are in things like local versus global variables and functions, and that functions defined with :def will be compiled before they are run. This allows many errors to be caught in advance, but more significantly, compiled functions execute from 10Ãâ to 1000Ãâ faster.
Xfce is a lightweight free, open-source desktop environment for UNIX-like operating systems. It is designed to be fast and light on system resources while visually appealing to the default desktop environments that ship with most operating systems. Xfce is very popular with older systems, with hardware as a key feature in its design to conserve memory and CPU cycles. For example, the desktop panel will not hog resources by constantly polling for changes, and the file manager has been designed to use minimal memory and CPU cycles. In addition, Xfce includes several power management features that can help reduce your carbon footprint. Overall, Xfce is an excellent choice for users who want a fast and stable desktop environment without sacrificing visual appeal or functionality.
In the following tutorial, you will learn how to install Xfce on your CentOS 9 Stream desktop using the command line terminal, along with some basic tips on running an update and removing the Xfce desktop environment.
Apache Cassandra is an open-source NoSQL database management system. It is designed to handle large amounts of data across many servers and to survive the loss of any server.
Cassandra’s architectural model is quite different from relational database systems. Cassandra stores non-relational data in row key-value pairs in a distributed set of nodes so that no single point of failure exists and scales linearly by adding more nodes as necessary to meet the demands on capacity, request throughput, and storage capacity for an increasing number of users or client applications.
LEMP is a popular web hosting stack used by developers and web hosting companies to test and host web applications. It comprises 3 components: the Nginx ( pronounced as Engine-X) webserver, MariaDB, and PHP which is a server-side scripting language.
In this walkthrough, you will learn how to install the LEMP stack on AlmaLinux and Rocky Linux 8.4.
While you may think of Chromebooks as devices for accessing the web, they're increasingly capable of managing local files. Chromebooks with Chrome OS versions 101 and higher can now open several common Linux file formats: ISO, TAR, and ZIP.
Here's how you can open and use such files on your Chromebook.
UNRAR is a powerful tool for extracting compressed files, and it is widely used amongst Windows users. RAR files are much smaller archives and compress better than ZIP for most files by compressing files “together,” saving more space. UNRAR does not come pre-installed natively on CentOS Stream and is not featured in its repositories, but it can be easily installed from a third-party repository. Once installed, UNRAR can be used to extract RAR files with a simple command. In addition, UNRAR offers a number of features for manipulating archives, such as the ability to list the contents of an archive or extract only certain files. As a result, UNRAR is a valuable tool for anyone who needs to work with compressed files.
The following tutorial will show you how to install UNRAR on CentOS 9 Stream workstation or server with EPEL, along with the most commonly used commands.
REMI is a third-party repository that provides us with the latest PHP versions on RHEL-derived systems. However, it is not only limited to PHP but also many of its modules. If you are an active PHP developer, you must enable this repository almost mandatory. An excellent aspect of the repository and its creator is that it is very well documented, so even a newbie can set it up and update their system in a matter of minutes following the repository documentation.
Another significant advantage of using REMI over other third-party repositories or compiling PHP from the source is that it keeps the RPM packaging consistent with the official repositories. As a result, you will not have any issues when trying to install other software that has dependencies on PHP from the official repositories. All in all, REMI is an essential repository for anyone running an RHEL-derived distribution who wants to stay up-to-date with the latest version of PHP.
In the following tutorial, you will learn how to import the Remi Repository on CentOS 9 Stream for users who would prefer to install the latest version of the PHP branch they have installed on their system using the command line terminal.
Linux provides you with options to limit hardware resources as per users and groups to manage optimal performance all around users, and it is common to find limitations in shared hosting to prevent heavy usage by other tenants.
In almost every shared hosting situation, you will see the resources available to the account (bandwidth, disk space, CPU power) getting capped off by an application that was installed on the account.
A similar kind of incident happened to me a few days back when I was downloading the AlmaLinux 8.6 DVD release using the wget command. All of a sudden, files got stopped, and when I checked the reason for stopping, I found “File size limit exceeded.” Then I remembered I had added a limit for file sizes that should not exceed more than 4GB to save some space on my 250 GB SSD. If your system also has a file size limit that you want to remove or want to extend, then this article is enough for you.
After installing any Linux distribution, such as Ubuntu, there are basic things that you need to do: one of them is to change the value of Swappiness. But what is Swappiness, why should you change it, and how do you do it? Your time is precious (isn't it?), so I will try to make it simple and short.
We have a few months to go before the GNOME 43 release, but the development activity for GNOME applications is in full swing.
For instance, the support for extensions in GNOME Web 43 alpha version.
Similarly, there are a few exciting changes coming to GNOME Files (Nautilus), especially for the list view.
Five openSUSE Tumbleweed snapshots have been released since last Friday.
The snapshots had a small amount of packages in each release.
The 20220629 snapshot updated OpenSSL to version 1.1.1p. This newer version fixed CVE-2022-2068 affecting the c_rehash script, which was not properly sanitizing the shell metacharacters to prevent command injection. The script, which is distributed by some operating systems in a manner where it is automatically executed, could give an attacker execute arbitrary commands with the privileges of the script. Another package updated in the snapshot was perl-JSON 4.07, which provided some backport updates from 4.10 version. New memory device types, processor upgrades, slot types, processor characteristics and more came in the update of dmidecode 3.4. There were also several table engine updates in the snapshot like ibus-table 1.16.9, ibus-table-chinese 1.8.8 and more.
A single package was updated in snapshot 20220628. The update of mpg123 1.30.0 has a new network backend using external tools/libraries to support HTTPS and the terminal control keys are now case-sensitive.
The Covid-19 pandemic has been a catalyst for many organizations in their digital transformations, leading companies to expedite technology initiatives, design dramatic changes to processes and reexamine culture and the role it plays in today’s new business world. As some organizations find success in their digital transformation strategies, they are able to provide additional bandwidth to their teams to focus on improving customer experience through the collection and analysis of data.
Last week, the Linux Foundation held its North America Open Source Summit in Austin. The week-long summit included a large number of breakout sessions as well as several keynotes. Open Source Summit Europe will take place in Dublin in September and Open Source Summit Japan in Yokohama in December.
I’ve been closely involved with open, collaborative innovation and open source communities since the 1990s. In particular, I was asked to lead a new Linux initiative that IBM launched in January of 2000 to embrace Linux across all the company’s products and services.
At the time, Linux had already been embraced by the research, internet, and supercomputing communities, but many in the commercial marketplace were perplexed by IBM’s decision. Over the next few years, we spent quite a bit of effort explaining to the business community why we were supporting Linux, which included a number of Linux commercials like this one with Muhammad Ali that ran in the 2006 Super Bowl. IBM also had to fight off a multi-billion dollar lawsuit for alleged intellectual property violations in its contributions to the development of Linux. Nevertheless, by the late 2000s, Linux had crossed the chasm to mainstream adoption, having been embraced by a large number of companies around the world.
Fedora's objective to become the desktop Linux distribution of choice has long been hampered by Red Hat's risk-averse legal department, which strictly limits the type of software that Fedora can ship. Specifically, anything that might be encumbered by patents is off-limits, with the result that much of the media that users might find on the net is unplayable. This situation has improved over the years as the result of a lot of work within the Fedora project, but it still puts Fedora at a disadvantage relative to some other distributions. A recent discussion on video support, though, shines a light on how some surprising legal reasoning may be providing a way out of this problem; that way may not be pleasing to all involved, however.
As the pace of innovation quickens, companies of all sizes are racing to adopt the latest emerging technologies. IT teams are the technical trailblazers within most firms, making them the first to leverage new technologies. However, we face an ongoing and potentially prolonged talent shortage, both in IT and beyond, which threatens to leave our technical teams depleted for years to come.
Already, we only have 23 unemployed workers for every 100 job openings in the United States, according to Lightcast, and some of the most severe talent shortages are in emerging technical fields. This lack of human capital spills over to technological capital, hindering the adoption of emerging technologies and limiting the ability of organizations to extract value out of new innovations.
Here are five key challenges associated with emerging technologies that companies are facing due to the talent shortage.
Holding people accountable is one of the most important – and sometimes one of the most challenging – aspects of a leader’s job. For CIOs, the success of a project intended to propel a company forward often depends on how well they hold their IT teams accountable.
Open-source cross-platform email and messaging client Thunderbird has hit version 102, with a new look and improved functionality, including Matrix chat support.
The latest release is the first major upgrade since version 91, which The Reg looked at last August. This is normal for the app – it follows the same approximately annual release cycle as Firefox's Extended Support Releases, the most recent of which was also version 91. From now until the next major release, Thunderbird 102 will get a regular stream of minor updates and bug fixes.
102 has a modernized look and feel. There's a new "Spaces" toolbar, which appears vertically on the left of the app window and lets users quickly flip between inbox, address book, calendar, task list, and chat tabs. All of these are built-in features – the former Lightning calendar add-on is now an integral part of the app, as is PGP support, which used to be an add-on called Enigmail. Thunderbird can talk to various groupware calendar and contact servers, including both private and corporate Google Mail accounts, Microsoft Exchange and Office 365, and others.
Thunderbird 102 is here! Our annual release is full of highly-requested features, beautiful new visuals, and quality-of-life upgrades. We’re also working hard to ensure that your favorite Thunderbird add-ons are compatible. In fact, we expect the majority of add-ons to be updated within a few weeks of Thunderbird 102’s release.
We understand that certain add-ons are invaluable to your workflow. So, to help you decide the best time to update your version of Thunderbird, here’s a simple way to discover if the extensions you currently have installed are compatible with Thunderbird 102.
The PostgreSQL Global Development Group announces that the second beta release of PostgreSQL 15 is now available for download. This release contains previews of all features that will be available when PostgreSQL 15 is made generally available, though some details of the release can change during the beta period.
Join the FSF and friends Friday, July 1, from 12:00 to 15:00 EDT (16:00 to 19:00 UTC) to help improve the Free Software Directory.
Those who forget history often inadvertently repeat it. Some of us recall that twenty-one years ago, the most popular code hosting site, a fully Free and Open Source (FOSS) site called SourceForge, proprietarized all their code — never to make it FOSS again. Major FOSS projects slowly left SourceForge since it was now, itself, a proprietary system, and antithetical to FOSS. FOSS communities learned that it was a mistake to allow a for-profit, proprietary software company to become the dominant FOSS collaborative development site. SourceForge slowly collapsed after the DotCom crash, and today, SourceForge is more advertising link-bait than it is code hosting. We learned a valuable lesson that was a bit too easy to forget — especially when corporate involvement manipulates FOSS communities to its own ends. We now must learn the SourceForge lesson again with Microsoft's GitHub.
Considering picking up some programming skills? Great idea!
Programming is a popular and rewarding career path, especially when you get the fundamentals right. Whether you’re considering picking it up as a hobby, or you’re eyeing up a potential job, it pays to understand the basics. Find out a bit more about what programming involves, and whether it might be for you.
A variable declaration is simply telling the computer that a variable exists and what value it should start with. Similar to other programming languages JavaScript also allows for the declaration of variables.
There are three keywords in JavaScript that can be used to declare variables: let, var, and const. Each keyword has different rules and implications for how the variables they create can be used.
Security, code tracing, SaaS, and more: Get the Red Hat Developer highlights for the month.
In the finance department, they say compounding interest is the eighth wonder of the world because your money makes money. In software, IT, and open source, composability is the first wonder of the world because it allows innovation to build on innovation. This is what we mean when we say we are standing on the shoulders of giants.
The "dunfell" icon runs a full isolated desktop, and Pup-Advert-Blocker should work there. I have fixed so that /etc/hosts gets copied into every container at startup.That will be in the next release. But, as I mentioned in the forum, replying to Tenoch's post, The "Mvps.org" choice in Pup-Advert-Blocker doesn't work. Pup-Advert-Blocker is a very old application, created by sc0ttman, found it in the old forum: https://oldforum.puppylinux.com/viewtopic.php?t=59290 I will need to fix the PET, either take out "Mvps.org" or find a replacement.
Some kernel features last longer than others. Support for forward-edge control-flow integrity (CFI) for kernels compiled with LLVM was added to the 5.13 kernel, but now there is already a replacement knocking on the door. Control-flow integrity will remain, but the new implementation will be significantly different — and seemingly better in a number of ways.
The kernel makes extensive use of indirect function calls; they are at the heart of its internal object model. Every one of those calls is a potential entry point for an attacker; if the target of the call can be somehow changed to an address of the attacker's choosing, the game is usually over. Forward-edge CFI works to thwart such attacks by ensuring that every indirect function call sends control to a code location that was actually intended to be a target of that call. Specifically, an indirect function call should only go to a known function entry point, and the prototype of the function should match what is expected at the call site.
The CFI implementation merged for 5.13 works by creating "jump tables" containing all of the legitimate targets of indirect function calls in the kernel; there is one jump table for each observed function prototype. Actual indirect calls are replaced with a jump-table lookup to ensure that the intended target meets the criteria; the target should be found in the jump table corresponding to the intended function prototype. If that test fails, a kernel panic results. See this article for a more detailed description of how this mechanism works.
In Python, there are a few ways to accept user input. In this blog post, we will explore three different ways to do so. We will start with the simplest way and work our way up to the more complex methods. By the end of this post, you should have a good understanding of how to accept user input in Python. Let’s get started!
Python 3 provides a built-in function called input() that allows you to take user input. Where Python 2.x uses the raw_input() function is used to accept user input. Python 2.7 also has a function called input(). However, this function takes only one argument: the prompt string.
When you install an application, you're usually installing a package that contains the executable code for an application and important files such as documentation, icons, and so on. On Linux, applications are commonly packaged as RPM or DEB files, and users install them with the dnf or apt commands, depending on the Linux distribution. However, new Python modules are released virtually every day, so you could easily encounter a module that hasn't yet been packaged. And that's exactly why the pyp2rpm command exists.
In a keynote at PyCon 2022 in Salt Lake City, Utah, Peter Wang introduced another entrant in the field of in-browser Python interpreters. The Python community has long sought a way to be able to write Python—instead of JavaScript—to run in web browsers, and there have been various efforts to do so over the years. Wang announced PyScript as a new framework, built atop one of those earlier projects, to allow Python scripting directly within the browser; those programs have access to much of the existing Python ecosystem as well as being able to interact with the browser document object model (DOM) directly. In addition, he gave some rather eye-opening demonstrations as part of the talk.
Wang began by introducing himself and the company that he runs, Anaconda, which he co-founded with Travis Oliphant ten years ago. Oliphant was the creator of NumPy and one of the founders of SciPy, both of which are cornerstones of the Python scientific-computing ecosystem. Anaconda has created a number of different tools that are used widely in the community, as well as founding the NumFOCUS non-profit and the PyData conferences.
There were a number of reasons why he and Oliphant chose to focus their efforts around Python, including that the language is approachable, even by those who lack a computer-science background. Another point in its favor is that the Python community is generally welcoming and pleasant to work in. That is a "really big deal if you want to keep growing the user base".
But there is another aspect of the language that makes it so desirable from his standpoint: it can be extended with binary extensions that use an API that is written in C, but can be accessed from other languages. He likens Python to "a Honda Civic with mounting bolts for a warp drive". So the language can be picked up by kids who can then pop open the trunk "and bolt on warp nacelles" that allows the code to run faster than C or C++ in some cases, Wang said.
That aspect is sometimes overlooked, but it means that Python can be used in ways that other, similar languages cannot. "It's not just like Node, it's not just an alternative to Ruby". The reason Python was picked up by Wall Street firms ten or 15 years ago was because of this warp-drive capability, he said.
Vecow presented their new line of System on Module devices (SoM) at Embedded World 2022. The latest SoMs integrate MediaTek’s Genio 1200, Genio 500 and Genio 350 processors. Additionally, the company has developed carrier boards for quick product development.
Security updates have been issued by Debian (firefox-esr, firejail, and ublock-origin), Fedora (chromium, firefox, thunderbird, and vim), Mageia (kernel and kernel-linus), Oracle (389-ds-base and python-virtualenv), SUSE (chromium), and Ubuntu (cloud-init).
This blog post is an overview of a talk, “ 0-day In-the-Wild Exploitation in 2022…so far”, that I gave at the FIRST conference in June 2022. The slides are available here. For the last three years, we’ve published annual year-in-review reports of 0-days found exploited in the wild. The most recent of these reports is the 2021 Year in Review report, which we published just a few months ago in April. While we plan to stick with that annual cadence, we’re publishing a little bonus report today looking at the in-the-wild 0-days detected and disclosed in the first half of 2022. As of June 15, 2022, there have been 18 0-days detected and disclosed as exploited in-the-wild in 2022. When we analyzed those 0-days, we found that at least nine of the 0-days are variants of previously patched vulnerabilities. At least half of the 0-days we’ve seen in the first six months of 2022 could have been prevented with more comprehensive patching and regression tests. On top of that, four of the 2022 0-days are variants of 2021 in-the-wild 0-days. Just 12 months from the original in-the-wild 0-day being patched, attackers came back with a variant of the original bug.
So much for that touching goodbye post to Sheryl Sandberg that Mark Zuckerberg posted just 9 days ago, when after a 14-year run at Facebook — now Meta Platforms — Sandberg said she was resigning from her post as COO. At the time, Zuckerberg called Sandberg’s planned departure the “the end of an era” and spoke glowingly of her as an “amazing person, leader, partner, and friend.”
While it’s much beloved by its users, TikTok has been much maligned by U.S. government officials since it picked up popularity during the pandemic. The latest hit is from the Federal Communications Commission. The FCC commissioner sent a letter to Apple and Google, asking them to ban TikTok, believing the social app is a “national security threat.”
In November 2020, we filed an RTI application requesting the Ministry of Electronics and Information Technology to provide copies of all public consultation responses received by the Committee constituted for deliberation on a Non-Personal Data Governance Framework. This information was refused on the ground that the Ministry was not the custodian of any information relating to internal functioning of the Committee. When the first appeal filed against this response was also rejected, we filed a second appeal with the Central Information Commission. The matter was heard on June 23, 2022 where the CIC directed MeitY to respond to the RTI application afresh after taking certain corrective steps.
[...]
We found that the Committee’s revised report did not contain any information on the suggestions and public feedback received by them during the first round of consultation. So, we filed an RTI application on November 2, 2020 requesting MeitY to provide copies of all responses received by the Committee during the public consultation process.
When MeitY refused to provide us with this information by stating that it was “not the custodian of any information relating to internal functioning of the Committee,” despite the fact that the Committee was constituted and funded by MeitY, we filed a first appeal before the First Appellate Authority (‘FAA’). When the FAA found that the CPIO, MeitY’s response was “appropriate,” and called for no interference, we filed a Second Appeal before the Central Information Commission (‘CIC’) on February 6, 2021.
I wholeheartedly agree, before starting to learn something a general overview of what it is, what it can do, what it's useful for, is needed. One great example of this is in my opinion "The AWK Programming Language" (1988) by A. V. Aho, B. W. Kernighan and P. J. Weinberger.
* Gemini (Primer) links can be opened using Gemini software. It's like the World Wide Web but a lot lighter.