Bonum Certa Men Certa

Links 03/02/2023: WINE 8.1 and RapidDisk 9.0.0



  • GNU/Linux

    • Server

      • Kubernetes BlogKubernetes Blog: Spotlight on SIG Instrumentation

        Observability requires the right data at the right time for the right consumer (human or piece of software) to make the right decision. In the context of Kubernetes, having best practices for cluster observability across all Kubernetes components is crucial.

      • Container JournalIs Kubernetes Fit For Purpose?

        Are Kubernetes clusters fit to run many of the applications being deployed on them? That question became the focal point of a panel discussion yesterday in Seattle, Washington, hosted by Tetrate, a provider of an instance of the Istio service mesh. Kelsey Hightower, principal engineer for Google Cloud, said one

    • Kernel Space

      • LWNNolibc: a minimal C-library replacement shipped with the kernel [LWN.net]

        The kernel project does not host much user-space code in its repository, but there are exceptions. One of those, currently found in the tools/include/nolibc directory, has only been present since the 5.1 release. The nolibc project aims to provide minimal C-library emulation for small, low-level workloads. Read on for an overview of nolibc, its history, and future direction written by its principal contributor.

        The nolibc component actually made a discreet entry into the 5.0 kernel as part of the RCU torture-test suite ("rcutorture"), via commit 66b6f755ad45 ("rcutorture: Import a copy of nolibc"). This happened after Paul McKenney asked: "Does anyone do kernel-only deployments, for example, setting up an embedded device having a Linux kernel and absolutely no userspace whatsoever?"

      • LWNHiding a process's executable from itself [LWN.net]

        Back in 2019, a high-profile container vulnerability led to the adoption of some complex workarounds and a frenzy of patching. The immediate problem was fixed, but the incident was severe enough that security-conscious developers have continued to look for ways to prevent similar vulnerabilities in the future. This patch set from Giuseppe Scrivano takes a rather simpler approach to the problem.

        The 2019 incident, which came to be known as CVE-2019-5736, involved a sequence of steps that culminated in the overwriting of the runc container-runtime binary from within a container. That binary should not have even been visible within the container, much less writable, but such obstacles look like challenges to a determined attacker. In this case, the attack was able to gain access to this binary via /proc/self/exe, which always refers to the binary executable for the current process.

        Specifically, the attack opens the runc process's /proc/self/exe file, creating a read-only file descriptor — inside the container — for the target binary, which lives outside that container. Once runc exits, the attacker is able to reopen that file descriptor for write access; that descriptor can subsequently be used to overwrite the runc binary. Since runc is run with privilege outside of the container runtime, this becomes a compromise of the host as a whole; see the above-linked article for details.

        This vulnerability was closed by having runc copy its binary image into a memfd area and sealing it; control is then be passed to that image before entering the container. Sealing prevents modifying the image, but even if that protection fails, the container is running from an independent copy of the binary that will never be used again, so overwriting it is no longer useful. It is a bit of an elaborate workaround, but it plugged the hole at the time.

      • LWNKernel code on the chopping block [LWN.net]

        Code that is added to the kernel can stay there for a long time; there is code in current kernels that has been present for over 30 years. Nothing is forever, though. The kernel development community is currently discussing the removal of two architectures and one filesystem, all of which seem to have mostly fallen out of use. But, as we will see, removal of code from the kernel is not easy and is subject to reconsideration even after it happens.

    • Graphics Stack

      • LWNX clients and byte swapping [LWN.net]

        While there are still systems with both byte orders, little-endian has largely "won" the battle at this point since the vast majority of today's systems store data with the least-significant byte first (at the lowest address). But when the X11 protocol was developed in the 1980s, there were lots of systems of each byte order, so the X protocol allowed either order and the server (display side) would swap the bytes to its byte order as needed. Over time, the code for swapping data in the messages, which was written in a more-trusting era, has bit-rotted so that it is now a largely untested attack surface that is nearly always unused. Peter Hutterer has been doing some work to stop using that code by default, both in upstream X.org code and in downstream Fedora.

        A Fedora 38 change proposal to disable support for byte-swapped clients by default in the X server was posted in mid-December. It is owned by Hutterer, who proposed adopting the work he was doing for the X.org server into Fedora. At the time, it was unclear whether the upstream changes would land in time, so the Fedora proposal was contingent on that happening. It turns out that Hutterer merged the changes on January 5, so that would not be an impediment to Fedora being an early adopter of the feature.

    • Applications

      • Petros KoutoupisRapidDisk 9.0.0 now available

        RapidDisk is an advanced Linux RAM Disk which consists of a collection of modules and an administration tool.

    • Instructionals/Technical

      • ID RootHow To Install Brave Browser on Rocky Linux 9

        In this tutorial, we will show you how to install Brave Browser on Rocky Linux 9. For those of you who didn’t know, Brave is a free and open-source web browser developed by Brave Software, Inc.

      • UNIX CopDolphin Emulator on Centos

        It is easily the most popular and best-supported emulator for the console on Linux.

      • UNIX CopHow To Install Kodi Media Server on CentOS 9/ Rocky Linux 9/ AlmaLinux 9

        In this guide, we will show you how to install Kodi Media Server in AlmaLinux, CentOS and RockyLinux servers. Kodi€ (formerly€ XBMC) is a€ free and open-source media player€ software application developed by the XBMC Foundation, a€ non-profit€ technology€ consortium. Kodi is available for multiple operating systems and hardware platforms, with a software€ 10-foot user interface€ for use with televisions and€ remote controls.

      • UNIX CopHow To Install Mattermost Desktop onCentOS 9/ Rocky Linux 9/ AlmaLinux 9

        In this guide, we will show you how to install Mattermost Desktop on CentOS/AlmaLinux and RockyLinux systems.

      • UNIX CopHow do you install a pacemaker with Apache on RHEL 8?

        A pacemaker with apache high-availability€ cluster management tool in Red Hat Enterprise Linux 8 that monitors and manages services running on Apache servers. It provides failover capabilities for system failures. Pacemaker combines with httpd using a resource agent.

      • ZDNetWhat are VirtualBox guest snapshots and how do you take them?

        VirtualBox makes it easy to run multiple operating system guests on a single host. One feature you should be regularly using is snapshots. Here's what they are and how to use them.

    • WINE or Emulation

      • WINE Project (Official)WineHQ - Wine Announcement - The Wine development release 8.1 is now available.
        The Wine development release 8.1 is now available.
        
        

        What's new in this release: - Windows version set to Windows 10 for new prefixes. - Many code cleanups that were deferred during code freeze. - Various bug fixes.

        The source is available at:

        https://dl.winehq.org/wine/source/8.x/wine-8.1.tar.xz

        Binary packages for various distributions will be available from:

        https://www.winehq.org/download

        You will find documentation on https://www.winehq.org/documentation

        You can also get the current source directly from the git repository. Check https://www.winehq.org/git for details.

        Wine is available thanks to the work of many people. See the file AUTHORS in the distribution for the complete list.
  • Distributions and Operating Systems

  • Free, Libre, and Open Source Software

    • Events

      • Linux Plumbers Conference (LPC)Linux Plumbers Conference: Preliminary Dates and Location for LPC2023

        The 2023 LPC PC is pleased to announce that we’ve begun exclusive negotiations with the Omni Hotel in Richmond, VA to host Plumbers 2023 from 13-15 November. Note: These dates arenot yet final(nor is the location; we have had one failure at this stage of negotiations from all the Plumbers venues we’ve chosen). We will let you know when this preliminary location gets finalized (please don’t book irrevocable travel until then).

    • Programming/Development

      • ButtondownImprove your debugging by asking broad questions

        I recently had to help a friend debug a Word issue where fonts would randomly change to Greek symbols. It got me thinking about theories of debugging in general. At my last job, I was the Debugging Guy.

      • Python

        • LWNPython packaging, visions, and unification [LWN.net]

          The Python community is currently struggling with a longtime difficulty in its ecosystem: how to develop, package, distribute, and maintain libraries and applications. The current situation is sub-optimal in several dimensions due, at least in part, to the existence of multiple, non-interoperable mechanisms and tools to handle some of those needs. Last week, we had an overview of Python packaging as a prelude to starting to dig into the discussions. In this installment, we start to look at the kinds of problems that exist—and the barriers to solving them.

          Our overview just scratched the surface of the Python packaging world, so we will pick up some of the other pieces as we go along. The recent discussions seem to largely stem from Brett Cannon's mid-November post to renominate himself to the steering council (SC) for the 2023 term; that thread also served to highlight the role of the Python Packaging Authority (PyPA) and its relationship to the Python core developers. Up until relatively recently, the PyPA was an informal organization with a membership that was not well-defined; it had an ad hoc style of governance. That changed in 2019 with the advent of PEP 609 ("Python Packaging Authority (PyPA) Governance"); the PEP formalized the governance of the PyPA.

  • Leftovers

    • James GHappy Groundhog Day

      As of my starting to write this post, there are 25 minutes left until midnight here in the UK. This is the first year that I have actively thought about Groundhog Day throughout the day.

    • ⬆⬆⬆⬆⬆⬆⬆ Alert

      The history of everyone’s favorite attempt to keep the suspense going for just a little bit longer, the spoiler alert. People who spoil things are obviously evil. Obviously.


* Gemini (Primer) links can be opened using Gemini software. It's like the World Wide Web but a lot lighter.



Recent Techrights' Posts

Slopwatch: A Cause for Hope, the Hype is Dying
For about a month we showed that becoming a slopfarm - for several weeks - resulted in utter failure and ruin for BetaNews
The EFF Sided With the Team That Strangles Women and Tells Women to Kill Themselves
They say that apathy and inaction are a form of a "stance"
Exemplary List of Things That Are Not Artificial Intelligence or Even Intelligence
The "age of AI" or "era of AI" or "AI revolution" mostly boils down to rebranding, just like "the cloud"
GitHub Copilot Can Cause the Bankruptcy of GitHub to Come Sooner and GitHub to be Shut Down Just Like Skype
Some publicly available information suggests that even for each paid subscriber for plagiarism (LLM 'coding') GitHub Copilot still loses more money than it makes
 
EPO Staff Committee on Harassment in the Workplace
slides
Adding the Voice of Writers to UK SLAPP Reform
The journey to repair antiquated (monarchy era) laws will likely be long
EPO Takes More Money From Staff for Speculation (Pensions), Actuarial Study Explains the Impact
"The key change in this year’s Actuarial Study, due to cascading the new “risk appetite” from the financial study, is a significant increase of the total pension contribution rate of 5.7 percentage points, up to a total of 37.8%. This is driven by an unprecedented decrease in the discount rate of 105 bps down to 2.2%."
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, July 11, 2025
IRC logs for Friday, July 11, 2025
Microsoft - Like IBM - Does the "Relocation" Tricks (Start Over Elsewhere, Then Get Sacked by Microsoft)
It is a "low blow" or a "dick move"
After the Free Software Foundation's Campaign to Raise Money Let's See Campaigns to Finish Off Microsoft (Vista 11, GitHub etc.)
Microsoft is in effect collapsing
Your Publications Have No Major Impact Unless or Until You "Get Some Heat"
we're on the right track
Links 11/07/2025: Censorship Worsening, 3D Printing Success Stories, UK and France Unite Around Nukes
Links for the day
Gemini Links 11/07/2025: Zorin OS and Scriptonite Updates
Links for the day
Links 11/07/2025: Hardware, Russia, and China
Links for the day
Links 11/07/2025: Intel Collapsing and Microsoft Resorts to Bribery to Push Slop Via Obligatory Education
Links for the day
"Nat [Friedman] and [the Serial Strangler From Microsoft] Were Always Exceptionally Close," Says Former Housemate and Colleague
Now Alex (hiding behind another name when that suits him) not only attacks women but also people who merely report what he did to women
New Letter From the European Patent Office Explains How the Office Plots to Grant Many Illegal Patents, a Self-Fulfilling Prophecy of 'Growth'
Open letter to Mr Rowan (VP1) and Mr Aledo Lopez (COO)
Abuse of Process
5RB is employing people who help violent men
What Microsoft's Nat Friedman and Microsoft Lunduke Have in Common
"Get in da car; No time to explain, loser"
Microsoft and IBM Don't Have Much of a Future (They Mostly Pretend at This Point)
IBM and Microsoft are in some ways alike but in many ways different
It's Not Just Twitter (or X.com) That's Dying, Microsoft's Equivalent is Dying Also
Unable to find a business model
Wayland is Bad for the Planet
If you use Wayland, it'll take you longer to accomplish tasks and you will consume more energy (or battery life)
Legitimising Those Who Sabotage You
Microsoft is a very malicious company
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, July 10, 2025
IRC logs for Thursday, July 10, 2025
On Microsoft Layoffs
we might be looking at about 60,000 Microsoft layoffs since 2023
EPO Management Already Breaks Its Own Promise (Lie) on "Bringing Teams Together"
This gut-punching move happened just 2 days ago
Gemini Links 11/07/2025: Occupation of 2025 and "Old Man Yells At Soundcloud"
Links for the day
Our Lawsuits Against the 'Cancel Mob' (Ringleaders) Helped Reduce Anti-Free Software Online Abuse
That's not to say that lawsuits are the best way to handle terrible people. But that can help.
Tomorrow is the Last Day of the Fund-Raising Campaign of the Free Software Foundation (FSF)
They will probably extend the date, as usual
Fixing Patents in Europe, Little by Little (by Transparency and Reporting of Suppressed Facts)
Tomorrow and throughout the weekend we shall focus some more on the EPO
The Two Lies Microsoft is Telling in "the News" This Week (to Distract From Layoffs and Decreased Interest in Slop/Chaff)
Microsoft is run by liars and frauds who SLAPP critics
Tux Machines Already Destroyed SLAPPs
Attacks on the mere publication of GNU/Linux news won't be tolerated
PCLinuxOS is Available for Download Again
PCLinuxOS is important to us also because its founder, back then the partner of Susan, helped create Tux Machines more than 21 years ago
Links 10/07/2025: Microsoft E-mail 'Services' Collapse Again, "Yet Another Strava Privacy Leak"
Links for the day
Gemini Links 10/07/2025: Automating Git Repo Updates and Small Web 'Zine'
Links for the day
GNU/Linux Leftovers
mostly Linux stuff
Audiocasts/Shows: Going Linux, FLOSS Weekly, and RHEL Clones
3 new picks
We Are Already Fighting - With Considerable Success - SLAPPs in the UK
we intend to tell the full story
Bullies With Pens and Papers (or Apple Macs With Templates)
Not all barristers are evil, but there are perhaps "rotten apples"
Slopwatch: webpronews.com, linuxsecurity.com, linuxjournal.com
a pile of trash disguised as 'articles'
Links 10/07/2025: Linda Yaccarino Divorces MElonazi Site, Wildfires Hit Syria
Links for the day
The History and the Policy of the EPO's Stance on Breastfeeding (Corporate Monopolies Versus Babies' Health)
"The Case for Introducing a Breastfeeding Policy at the EPO"
Gemini Links 10/07/2025: Inventing Chords and "Nightmare Boss"
Links for the day
Igor Ljubuncic Once Again Shows That for Technical Reasons Wayland Still Sucks, Performs Considerably Worse Than What Existed for Decades
That is aside from compatibility factors and other crucial factors
Links 10/07/2025: "Apple Vs The Law" and Twitter Became Full Nazi Bar
Links for the day
Unable to Find Anyone to Work as Their Media Lawyer, Brett Wilson LLP Will Continue Losing Female Staff
What sort of sick person would wish to join Brett Wilson LLP to carry this baton?
Microsoft-Sponsored Propaganda Site Has Removed False 'Hit Piece' About Dr. Stallman (With Fake and Misrepresented Imagery) But Only After 4 Years
So they only removed that page some time around 2025, i.e. about 4 years after it had been published
Always Check Your Inputs
Garbage in, garbage out. Or wrong assumptions, wrong corollary.
Dan Neidle Said That Tax Evasion Facilitator Mr Zahawi (Working to Silence Bloggers Through Brett Wilson LLP) Targeted Not Only Him (But The Others Kept Quiet)
"Mr Neidle said after repelling Mr Zahawi he was contacted by bloggers and tweeters who had received similar threats. They deleted their work “and in most cases never commented publicly on anything again”."
SLAPP Funding Transparency Urgently Needed in the UK and Elsewhere (in Practice, Not Just in Theory)
Writing about crime - including Microsoft crime - is not a crime
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, July 09, 2025
IRC logs for Wednesday, July 09, 2025
Elodie Bergot Still Doing Illegal Things at the EPO, Based on the Local Staff Committee Munich
They keep taking away from the staff while compelling the staff to do illegal things