Bonum Certa Men Certa

Links 14/6/2021: Kdenlive 21.04.2 and Raspberry Pi 400 Support in Linux



  • GNU/Linux

    • Kernel Space

      • Raspberry Pi 400 Support Added to Linux Kernel | Tom's Hardware

        Although effectively a Raspberry Pi 4 trapped in a keyboard like a genie in a bottle, there are a few differences between the two SBCs - the CPU of the Raspberry Pi 400 is clocked at 1.8 GHz, 300 MHz more than the Raspberry Pi 4. The speed boost is largely due to better thermals, as we discovered in our review. The Raspberry Pi 400 also features a different Wi-Fi chip, a soft power button (the first Pi to have a power button), and the 400 lacks the Pi 4s activity LED.

        The 4B received mainline kernel support back in 2020 with version 5.7. For Kernel 5.14 no driver changes were required for the Raspberry Pi 400, merely a DeviceTree addition was made to support the CPU speed, Wi-Fi and ACT LED. By adding the Raspberry Pi 400 it means that, should the developer decide to take advantage of it, Pi 400 support will be available on any Linux distro based on the mainline kernel. The current version of Raspberry Pi OS is using the Long Term Support version of kernel 5.10, which brought improved support for the Pi 400, making the upgrade in March this year. Before that, it used version 5.4 LTS.

      • Linux 5.14 Mainline Should Work With The Raspberry Pi 400 - Phoronix

        Launched last November was the Raspberry Pi 400 as a Raspberry Pi Keyboard Computer with effectively a Raspberry Pi 4 SBC embedded within the keyboard and attached to a large aluminum block for cooling. It's a great little device and beginning with Linux 5.14 looks like it should be playing fine with the mainline kernel.

        The Raspberry Pi 400 for $100 USD gets you the keyboard with the Raspberry Pi built-in that offers 4GB of RAM, 1.8GHz quad-core Broadcom processor, 16GB storage, and related peripherals to have a fully-working computer and not needing any extras besides a display.

      • Intel Publishes Latest TDX Support Patches For Linux - Phoronix

        Last year Intel detailed Trust Domain Extensions (TDX) as a new means of better protecting virtual machines with hardware-assisted isolation between VMs as well as from the VMM/hypervisor. Shortly after that Intel began posting TDX enablement patches and that work has continued while is still ongoing.

        Intel landed the new TDX instructions within the open-source code compilers and then still ongoing is the Linux kernel enablement. Intel already had sent out their initial Trust Domain Extensions enablement and various other related patch series. Now though they have posted their latest patches around shared memory management support. With all of these published patch series, at this point it is then enough to get a fully-functional TDX guest when running on unrelated Intel Xeon processors.

      • ACPI Platform Runtime Mechanism Support Is Getting Underway For Linux - Phoronix

        Platform Runtime Mechanism was incorporated into the ACPI 6.4 specification earlier this year and allows moving some system management interrupt (SMI) handlers out of the system management mode (SMM) "black box" and into the OS/VMM execution context. With Linux 5.14 initial work on ACPI Platform Runtime Mechanism is set to land.

        Platform Runtime Mechanism, allows moving of the SMI handlers that do not require SMM privileges to be punted into the OS/VMM context. There are security and performance benefits of PRM and with it now being part of the public ACPI specification, the Linux kernel support is on its way. Microsoft for their part has already offered PRM support as part of Windows Insider Preview builds for months.

      • Graphics Stack

        • Intel Gallium3D Driver Merged Into Mesa 21.2 For Gen4 Through Haswell Graphics - Phoronix

          The independently-developed "Crocus" driver providing a Mesa Gallium3D implementation for Intel Gen4 "i965" through Gen7 "Haswell" graphics has now been merged into Mesa 21.2 for ultimately aiming to improve the open-source OpenGL support for these aging Intel integrated graphics generations.

          Intel has in recent years developed the Iris Gallium3D driver providing great support for Broadwell graphics and newer. The "i965" classic driver meanwhile was left for supporting Intel Haswell graphics and older. The i965 classic driver doesn't see much activity these days and with Mesa developers talking of possibly dropping classic drivers from mainline, David Airlie and Ilia Mirkin along with others developed this driver called Crocus.

        • Panfrost now supports OpenGL ES 3.1 on Midgard (Mali T760 and newer) and Bifrost (Mali G31, G52, G76) GPUs - CNX Software

          OpenGL ES 3.0 experimental support for Panfrost open-source Arm Mali GPU driver was announced in February 2020 and culminate with the release of Mesa 20.3 with Panfrost support last December.

          Collabora has now started to work on Panvk, Panfrost Vulkan driver, but that does not mean OpenGL ES work is done, and the company has just published a blog post about OpenGL ES 3.1 support in Panfrost.

    • Applications

      • PDF Mix Tool 1.0 Released With Overhauled Interface, PDF Metadata Editing And Qt6 Support

        PDF Mix Tool, a Qt application used to manipulate PDF files, has reached version 1.0 stable (followed quickly by version 1.0.1). The new version includes an overhauled user interface, support for editing PDF metadata, Qt6 support, and more.

        PDF Mix Tool is a graphical tool for performing some common PDF editing operations. It can extract, delete and rotate PDF document pages, merge multiple PDF files into a single document, add empty pages, change a PDF's page layout (size, orientation, specify the number of rows and columns, margins, etc.), add booklets, and more. Under the hood, it makes use of QPDF for manipulating PDF files.

        With the latest 1.0 release, the application user interface has been overhauled to make it more intuitive. There are no longer tabs for single and multiple files, and the sidebar now includes all available PDF operations, each with an icon, to make it easy to spot the option you're looking for.

      • With Deskreen, You Can Mirror or Stream Your Linux Computer Screen to Any Device

        Screen sharing or screen mirroring apps available out there aren’t that good. Even though most of the dedicated options are only available for Windows/Mac, you may have a tough time finding an open-source solution for Linux.

        With such an app, you can share your screen with any device connected to your network.

        If you have a multi-monitor setup, you realise the advantages of having multiple screens. And, with Deskreen, you can turn any device into your secondary screen, how exciting!

    • Instructionals/Technical

      • Docker command cheat sheet

        Docker is a tool designed to create, deploy and run applications using containers. With a container, developers can package applications with all parts they need such as libraries, dependencies and ship it all out as on. Docker provides a REST API to talk with its daemon which is executed by the command-line interface.

        This article shows you the 25 most useful docker commands with examples of each.

      • How to Monitor System Resources with Glances on Ubuntu 20.04

        Glances is a real-time system monitoring tool written in Python language. It monitors system resources, including CPU, Memory, Load, Disk I/O, Processes, File System space, Network interface, and more. It also offers a web-based interface that allows you to monitor system resources from the remote system over the internet.

      • How to Enable ‘Global Menu’ (App Menus in Top-bar) in Ubuntu 20.04, 21.04 | UbuntuHandbook

        Though it’s not perfect, Global menu is still possible in Ubuntu 20.04, Ubuntu 21.04 with the default Gnome Desktop.

        It used to have a Gnome Global Menu extension to enable focused app menus (e.g., File, Edit, View, Help, etc.) in the top panel. It is however discontinued because GTK+ development is blocking the uniform support for the global menu to the Gtk+ applications.

        Users can still use Fildem global menu to get the function in Ubuntu 20.04, Ubuntu 20.10, and Ubuntu 21.04, though it does not work with most Gnome Apps.

      • Install Steam Locomotive on Ubuntu 20.04

        Steam Locomotive is a fun utility for Linux-based systems to alert users to a very common mistake they make when typing the “ls” command. Yes, you guessed it correctly. Most of us type “sl” instead of “ls” in a hurry and get an unwanted error message. However, we can turn this whole scenario into a good learning experience by using the Steam Locomotive utility. Let’s now see how we can install this utility on an Ubuntu 20.04 system.

      • Ansible Tutorial: Introduction to simple Ansible commands - LinuxTechLab

        In our earlier Ansible tutorial, we discussed the installation & configuration of Ansible. Now in this ansible tutorial, we will learn some simple ansible commands that we will use to manage our infrastructure. Consider this as an Ansible commands cheatsheet.

      • Linux 101: How to hold packages back from getting upgraded with apt - TechRepublic

        You probably have a lot of software installed on your Linux servers. Of course, each of those packages depends on other packages to function properly. You might even have a situation where you've developed a website or application that depends on a very particular version of a package.

        For example, say you've built a web application that uses PHP 7.4 and you know that upgrading to PHP 8 might break the entire system—you certainly don't want that. Although you should probably ensure your web application can run on the latest version of the software, that includes the latest bug fixes and vulnerability patches, we all know that takes some time.

      • 6 ways to increase your Linux sysadmin earning profile and potential | Enable Sysadmin

        It's that time of year—you're in a room, sitting with your manager, and about to discuss your appraisal/performance review. Question is—are you prepared to talk through this opportunity to increase your salary or be a candidate for promotion?

        The best-case scenario is that you don't have to do much talking—your achievements and the value you've added to your organization speaks for themselves—your manager ends up thanking you for making their life easier justifying any level-up gains. This is just one way you increase your earning potential as sysadmins—by growing within your organization.

        When other opportunities come from outside your workplace, are you prepared with your success stories to convince potential employers and get them to buy your pitch during the interview? The best case is that you effortlessly share your initiatives and successes, and they listen in awe and want to hear more—then end up hiring you with a good offer. Better yet, your profile and brand in the local community are so outstanding that different companies battle it out to win you.

    • Games

      • Hellpoint is being given away by GOG for 48 hours during their Summer Sale | GamingOnLinux

        Free Game Monday! You can now claim a fully free copy to keep of Hellpoint, the souls-like action RPG during the GOG.com Summer Sale but the giveaway doesn't last long. Blurring the lines between sci-fi and fantasy, Hellpoint is a thorough challenge with some exceptionally beautiful scenes spread throughout the space station you're running through.

        "Once a pinnacle of human achievement, the Irid Novo space station has fallen. Its ruins are now overrun by cruel interdimensional entities acting as puppets of the malevolent Cosmic Gods.

        You have been created by the Author, organically printed on Irid Novo and sent on a mission to find out the unholy series of events that led to the catastrophic incident known as the Merge."

      • Modern Wolf announces Mechajammer, a tactical cyberpunk turn-based RPG | GamingOnLinux

        Time to get your cyberpunk back on as Mechajammer from publisher Modern Wolf and developer Whalenought Studios has just been announced with confirmed Linux support.

        "Mechajammer is a CRPG with strong tabletop roots but with a precise, peculiar take on the genre. The foundation of the game is an immersive sim (like an isometric Deus Ex) on which the players will freely choose how to face different tactical situations. Stealth is always an option, as party-based combat is."

      • Workers & Resources: Soviet Republic - The minimalism guide

        Behold, the fourth guide showing how to set up a fun and profitable industry in Workers & Resources: Soviet Republic, an economy and transport tycoon game, with focus on minimal viable self-sustainable model, including more centralized industry, steel mill bottlenecks, oil industry optimization, improved transportation with private cars, and more. Comrades.

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • Kdenlive 21.04.2 released

          The second maintenance release of the 21.04 series is out bringing missing keyframing support to effects (like glitch0r. scratchlines and charcoal) as well as the usual batch of bug fixes and usability improvements.

        • digiKam: GSoC 2021 Week 1

          So, the first week of coding period has ended. It was exciting and full of challenges. I am happy that I am on the right track and making progress as I’ve promised. This is a small summary of the work done this week.

          Getting rid of compiler warnings

          digiKam has a really huge codebase. It is actively developed but a lot of code is old which contains deprecated Qt code which must be fixed before introducing Qt6. These are the classes which had issues in digiKam which are now fixed :-

    • Distributions

      • BSD

      • IBM/Red Hat/Fedora

        • Inacta: Scaling Up with Kubernetes

          Inacta briefly considered Red Hat OpenShift, but realized that the monocluster architecture makes scaling (and multi-cluster management) difficult and would also cause costs to soar. In April 2019, the DevOps team concluded SUSE Rancher was the right choice.

        • Red Hat and Nokia collaborate to accelerate 5G RAN technology innovation

          The digital transformation of mobile networks is accelerating and cloudification is increasing. Following the core network, radio access network (RAN) solutions are now taking advantage of the benefits of cloud computing. Cloud-based solutions bring more flexibility and efficiency to mobile networks and allow digital service providers (DSPs) to adapt to customer demands with greater agility.

          As a continuation of RAN innovation, Red Hat and Nokia have successfully demonstrated an end-to-end 5G data call, using Nokia’s 5G Cloud RAN virtualized distributed unit (vDU) as a containerized application running on Red Hat OpenShift.

          RANs connect mobile and internet-of-things (IoT) devices to global networks. Traditionally, they have been proprietary, closed designs, and vertically integrated implementations by a single vendor.

        • Convert2RHEL adds official support for Oracle Linux conversions [Ed: IBM's Red Hat conversions go only in one direction, and one might call this vendor lock-in]

          Due to interest from Red Hat customers, we are pleased to announce that our Convert2RHEL utility officially supports conversions of Oracle Linux systems to fully supported Red Hat Enterprise Linux (RHEL).

          In our Convert2RHEL announcement in April of this year we announced support for CentOS Linux to RHEL conversions. Convert2RHEL is a powerful tool that minimizes the need for costly redeployment projects and reduces administrative burden by maintaining existing OS customizations, configurations, and preferences during the conversion.

          Over the last several years, the Convert2RHEL utility has been used with great success by Red Hat Consulting, partners, and customers to convert thousands of Oracle Linux systems to Red Hat Enterprise Linux. Convert2RHEL has been historically popular with large customers in the retail, financial, and digital service provider industries. The recent enhancements and official Red Hat support makes it a valuable tool for customers of all sizes and industries. More details on using Convert2RHEL as a self-service tool are provided in the Red Hat Customer support policy.

      • Canonical/Ubuntu Family

        • Introducing Ubuntu Pro for Google Cloud | Ubuntu

          Canonical and Google Cloud today announce Ubuntu Pro on Google Cloud, a new Ubuntu offering available to all Google Cloud users. Ubuntu Pro on Google Cloud allows instant access to security patching covering thousands of open source applications for up to 10 years and critical compliance features essential to running workloads in regulated environments.

          Google Cloud has long partnered with Canonical to offer innovative developer solutions, from desktop to Kubernetes and AI/ML. In the vein of this collaboration, Google Cloud and Canonical have created a more secure, hardened, and cost-effective devops environment: Ubuntu Pro on Google Cloud for all enterprises to accelerate their cloud adoption.

        • Ubuntu Pro launches for Google Cloud - TechRepublic

          Canonical's Ubuntu Pro is making its debut on another cloud-based service. On Monday, Canonical and Google announced the availability of Ubuntu Pro for all Google Cloud users. A premium version of Ubuntu geared for developers and administrators at enterprises, Ubuntu Pro offers a secure DevOps environment with instant security patching, 10-year support, and compliance for regulated applications and workloads.

        • Google + Canonical Bring Ubuntu Pro To Google Cloud - Phoronix

          At the end of 2019 "Ubuntu Pro" was announced as Ubuntu for Amazon's EC2 cloud with ten years of package updates/security, kernel livepatching, Canonical Landscape integration, and more. Google and Canonical are announcing today that Ubuntu Pro is now coming to Google Cloud.

          Ubuntu Pro is now available with Google Cloud as their premium version of Ubuntu over the standard Ubuntu Linux distribution that has always been available via Google's public cloud.

        • Review: Bodhi Linux 6.0.0

          Bodhi Linux is a member of the Ubuntu family which features the Moksha desktop environment. Moksha is a fork of the popular Enlightenment window manager which has been customized to better fit with the Bodhi Linux project. The latest release of Bodhi is version 6.0.0 which is based on Ubuntu 20.04 LTS. Bodhi is available in several flavours, including one regular, fairly minimal edition; a hardware enablement (HWE) edition which features a newer kernel; and an AppPack edition with extra applications installed. A Legacy edition is planned which offers support for older, 32-bit machines with no PAE support, though at the time of writing the download link for the Legacy edition is not working.

          I decided to download the default edition for 64-bit computers. The ISO I downloaded was 832MB in size. Booting from this media brings up a menu where we are invited to Try or Install Bodhi. There is also an option to try the live desktop environment in safe graphics mode.

          Taking the Try option brings up a graphical environment. A window appears and shows us a list of languages accompanied with country flags. We are asked to pick one. Then we are shown another list of country flags and languages and asked to pick one that matches our keyboard's layout. After our selection is made the Moksha desktop loads.

          The default theme uses a lot of flat, green icons on a charcoal background while text is mostly white on charcoal. I typically don't like flat icons, but Bodhi tends to make icons rather large and typically matches icons with text or tool tips which make the interface easier to navigate.

    • Devices/Embedded

      • Open Hardware/Modding

        • Toward a Respectful Hardware Production – Purism

          Coming from a family of farmers and growing up in the country side, I have always been close to nature and have a lot of respect for it. Even if I also have a great interest in technology, I believe that done the right way it is not incompatible with respect for the environment. Unfortunately this is currently not often the case and “Big Tech” companies tend to ignore the ecological impact of their business models. Limiting obsolescence, and favoring a supply chain that respects the environment can easily be in conflict with the wish to favor financial profits.

        • This Arduino project is counting to a billion | Arduino Blog

          Designer Che-Wei Wang built a simple Arduino project that’s counting to a billion, and has been doing so for over 10 years. Could this be the longest continually running Arduino project in the world?

          Che-Wei has a background in art, architecture and industrial design. He now runs a boutique design studio with is wife Taylor, called CW&T. But it was during his time at university that he first discovered his love for Arduino.

          “I first started using Arduino when I went to [the Interactive Telecommunications Program] at NYU in 2007,” he explains. “I got hooked the moment I got an LED to blink and went on to build a fuzzy GPS robot that guides you to places around the city.”

          Even now there’s a clear technological slant to his design work. As you look through the products CW&T has created, more than a few have embedded electronics at their core. He also has a rare eye for the beauty of minimalism, both in terms of design and function. Which is probably why one of his first Arduino projects is both simple, and stunning.

          “As a kid, I would challenge myself to count to as high of a number as possible,” he laughs. “I don’t remember how high I got. Probably not past a few hundred. So I built this device as a way to fulfil my childhood dream of counting to an insanely high number!”

        • Upgrading Precursor’s TRNG

          It was pointed out that we’re missing a step-by-step guide on how to go from an idea, to hardware, to a fully implemented feature in Xous for Precursor. So, here it is.

          Because Precursor uses an FPGA for its SoC, we can add new features to the hardware “on the fly”. In this case, we’re going to add some improvements to our basic managed TRNG block. To review, the existing TRNG consists of an avalanche noise source and a ring oscillator noise source as hardware-based sources of “true” entropy.

        • Monitoring the Health of Precursor’s TRNGs

          This post is an abridged version of a longer-form narrative on implementing health monitoring for Precursor/Betrusted’s TRNGs. It’s the first of a series of two posts; the second, on implementing a CSPRNG conditioner for the TRNG, will go up later.

          Background

          Online health monitors are simple statistical tests that give users an indication of the quality of the entropy being produced. On-line health tests are like a tachometer on an engine: they give an indication of overall health, and can detect when something fails spectacularly; but they can’t tell you if an engine is designed correctly. Thus, they are complimentary to longer-running, rigorous diagnostic tests. We cover some of these tests at our wiki, plus we have a CI bench which generates gigabytes of raw entropy, over runtimes measured in months, that is run through a series of proofing tools, such as the Dieharder test suite and the NIST STS test suite.

          It’s important that the health monitoring happens before any conditioning or mixing of the raw data happens, and significantly, there is no one-size-fits-all health monitor for a TRNG: it’s even advised by the (NIST SP 800-90B sec 4.4) specification to have tests that are tailored to the noise source.

      • Mobile Systems/Mobile Applications

    • Free, Libre, and Open Source Software

      • Hardware

        • Another Intel Sandy/Ivy Bridge Motherboard Now Works For Coreboot (ASUS P8Z77-V) - Phoronix

          While Intel engineers have been working on Alder Lake support for Coreboot as with other recent CPU generations that open-source firmware/BIOS support remains focused on their reference boards with a particular focus on meeting necessary requirements for Google Chromebook devices. Sadly, there is not much or any in the way of consumer retail motherboard support at this point. For those looking for retail desktop motherboard support for Coreboot, aside from the open-source POWER9 systems out of Raptor Computing, on the x86_64 front it largely means using aging Intel and AMD platforms.

        • IoThree’s Company Microconference Accepted into 2021 Linux Plumbers Conference

          We are pleased to announce that the IoThree’s Company Microconference has been accepted into the 2021 Linux Plumbers Conference. As everyday devices start to become more connected to the internet, the infrastructure around it constantly needs to be developed. Linux is showing up more in products that are not normally considered to be computers, but now need to interact with a central location (cloud). This brings new challenges that need to be addressed.

        • Extended Platform for IoT Linux Devices

          Toradex is extending its Torizon operating system for use as a full IoT development and operations (DevOps) platform for Linux devices. The operating system will now include free remotely hosted updates, device monitoring features, and a fleet management solution.

          Torizon enables modern, iterative product development by seamlessly integrating hardware, a Linux OS, development tools, remote updates and fleet operations. The result is a scalable solution for devices requiring high reliability and security

      • Productivity Software/LibreOffice/Calligra

        • LibreOffice Sidebar converted to „native” HTML controls

          In the past I’ve converted sidebar into contextual menus for mobile version of Collabora Online. Since that time I was waiting for a moment when it will be possible to do similar thing for the desktop version of Collabora Online, the one that you use in the browser on your laptop. It is a good step to make UI unified and more convenient for a user.

          In the new approach we use HTML controls with „native” listboxes and spinfields instead of pictures generated by the server. The data transfer from the server to the browser for fields invalidation should be reduced as we don’t have to send images. Widgets can be now styled using the same CSS like other UI components what will improve look of the sidebar. Thanks to the conversion for a desktop I also improved the mobile menus and did few optimizations.

      • FSF

        • GNU Projects

          • GCC 11 Compiler Performance Benchmarks With Various Optimization Levels, LTO

            Given the recent forum discussion stemming from the -O3 optimization level still too unsafe for the Linux kernel (in part due to older, buggy compilers) and some users wondering about the current -O2 versus -O3 compiler optimization level impact, here is a fresh round of reference benchmarks using GCC 11.1 on Fedora Workstation 33 looking at various optimization levels and optimizations tested on dozens of different application benchmarks to see the overall impact on performance.

            With the recent optimization level discussions and not having done any thorough optimization level comparison tests and link-time optimization (LTO) testing of the recently released GCC 11, here is this Monday article for those interested in compiler optimizations.

      • Programming/Development

        • François Marier: Self-hosting an Ikiwiki blog

          8.5 years ago, I moved my blog to Ikiwiki and Branchable. It's now time for me to take the next step and host my blog on my own server. This is how I migrated from Branchable to my own Apache server.

        • An incomplete list of skills senior engineers need, beyond coding
        • Tagebuch eines Interplanetaren Botschafters: Can memcpy be implemented in LLVM IR?

          This question probably seems absurd. An unoptimized memcpy is a simple loop that copies bytes. How hard can that be? Well...

          There's a fascinating thread on llvm-dev started by George Mitenkov proposing a new family of "byte" types. I found the proposal and discussion difficult to follow. In my humble opinion, this is because the proposal touches some rather subtle and underspecified aspects of LLVM IR semantics, and rather than address those fundamentals systematically, it jumps right into the minutiae of the instruction set. I look forward to seeing how the proposal evolves. In the meantime, this article is a byproduct of me attempting to digest the problem space.

        • Daniel Stenberg: Bye bye Travis CI

          In the afternoon of October 17, 2013 we merged the first config file ever that would use Travis CI for the curl project using the nifty integration at GitHub. This was the actual introduction of the entire concept of building and testing the project on every commit and pull request for the curl project. Before this merge happened, we only had our autobuilds. They are systems run by volunteers that update the code from git maybe once per day, build and run the tests and then upload all the logs.

          Don’t take this wrong: the autobuilds are awesome and have helped us make curl what it is. But they rely on individuals to host and admin the machines and to setup the specific configs that are tested.

          With the introduction of “proper” CI, the configs that are tested are now also hosted in git and allows the project members to better control and adjust the tests and configs, plus that we can run them on already on pull-requests so that we can verify code before merge instead of having to first merge the code to master before the changes can get verified.

          [...]

          Friends from both Zuul CI and Circle CI stepped up and helped us started to get CI jobs transitioned over from Travis over to their new homes.

        • What is a CI/CD pipeline? | Opensource.com

          A continuous integration/continuous deployment (CI/CD) pipeline is an anchor for every DevOps initiative. The CI/CD pipeline breaks down traditional silos and enables development and operations teams to collaborate throughout the entire software development lifecycle.

          Better yet, moving to DevOps and a CI/CD pipeline can help your organization deliver software more securely at a higher velocity.

          [...]

          The CI/CD pipeline is foundational to DevOps. And open source makes it adaptable and flexible to new requirements resulting from operational changes you implement during your DevOps journey.

          I hope to see an open source response to the unified DevOps platform trend, in which organizations seek an end-to-end CI/CD solution. The makings of such a solution are out there. After all, GitLab and GitHub trace their platforms back to open source roots.

          Lastly, don't forget the education and outreach underlying every successful CI/CD toolchain. Documenting your toolchains and accompanying processes will improve developer onboarding and ongoing DevOps team training.

        • Ubuntu Blog: The State of Robotics – May 2021

          May was another fantastic month for robotics developments. In a continuously growing field, where the opportunities are many and the challenges require innovative solutions, researchers keep leading the way. Here at Canonical, we understand the value of open knowledge and collaboration. So this monthly blog brings some great research, available to you and me.

        • Ansible

          • Enrico Zini: Pipelining

            This is part of a series of posts on ideas for an ansible-like provisioning system, implemented in Transilience.

            Running actions on a server is nice, but a network round trip for each action is not very efficient. If I need to run a linear sequence of actions, I can stream them all to the server, and then read replies streamed from the server as they get executed.

            This technique is called pipelining and one can see it used, for example, in Redis, or Mitogen.

          • Enrico Zini: My gripes with Ansible

            Unfortunately, Ansible is slow. Running the playbook on my VPS takes about 3 whole minutes even if I'm just changing a line in a configuration file.

            This means that most of the time, instead of changing that line in the playbook and running it, to then figure out after 3 minutes that it was the wrong line, or I made a spelling mistake in the playbook, I end up logging into the server and editing in place.

            That defeats the whole purpose, but that level of latency between iterations is just unacceptable to me.

            The ugly

            I also think that Ansible has outgrown its original design, and the supposedly declarative, idempotent YAML has become a full declarative scripting language in disguise, whose syntax is extremely awkward and verbose.

            If I'm writing declarative descriptions, YAML is great. If I'm writing loops and conditionals, I want to write code, not templated YAML.

          • Enrico Zini: Use ansible actions in a script

            This is part of a series of posts on ideas for an ansible-like provisioning system, implemented in Transilience.

            I like many of the modules provided with Ansible: they are convenient, platform-independent implementations of common provisioning steps. They'd be fantastic to have in a library that I could use in normal programs.

            This doesn't look easy to do with Ansible code as it is. Also, the code quality of various Ansible modules doesn't fit something I'd want in a standard library of cross-platform provisioning functions.

  • Leftovers

    • Integrity/Availability

      • Proprietary

        • Security

          • Security updates for Monday

            Security updates have been issued by Arch Linux (apache, gitlab, inetutils, isync, kube-apiserver, nettle, polkit, python-urllib3, python-websockets, thunderbird, and wireshark-cli), Debian (squid3), Fedora (glibc, libxml2, mingw-openjpeg2, and openjpeg2), Mageia (djvulibre, docker-containerd, exif, gnuchess, irssi, jasper, kernel, kernel-linus, microcode, python-lxml, python-pygments, rust, slurm, and wpa_supplicant, hostapd), openSUSE (389-ds and pam_radius), Oracle (.NET Core 3.1, container-tools:3.0, container-tools:ol8, krb5, microcode_ctl, postgresql:12, postgresql:13, and runc), Red Hat (dhcp, postgresql, postgresql:10, postgresql:12, postgresql:9.6, rh-postgresql10-postgresql, rh-postgresql12-postgresql, and rh-postgresql13-postgresql), Scientific Linux (dhcp and microcode_ctl), SUSE (ardana-neutron, ardana-swift, cassandra, crowbar-openstack, grafana, kibana, openstack-dashboard, openstack-ironic, openstack-neutron, openstack-neutron-gbp, openstack-nova, python-Django1, python-py, python-pysaml2, python-xmlschema, rubygem-activerecord-session_store, venv-openstack-keystone, crowbar-openstack, grafana, kibana, monasca-installer, python-Django, python-py, rubygem-activerecord-session_store, freeradius-server, libjpeg-turbo, spice, and squid), and Ubuntu (rpcbind).

          • Breaking SSL Locks: App Developers Behaving Badly

            The padlock icon indicates a secure communication channel between the browser and the server. When the lock is closed and green, the connection is encrypted using HTTPS and an SSL certificate signed by a trusted authority. Your private data, from the browser to the server, is secure. When the lock is broken, the communication channel is broken, insecure, and cannot be trusted. Any data sent to the server is easily visible, can be intercepted, and even compromised by an attacker.

            Often mobile apps use the same HTTPS communication channels to back-end services as the web browser. That may make you wonder, where is the little lock being shown? How do you know your private data is being sent securely?

          • SSL Security Deliberately Broken in Many Mobile Apps

            Recent findings from Symantec show that some mobile app developers are deliberately breaking the secure communication channel between the browser and the server, allowing potentially private data to be sent via insecure SSL connections.

            As Symantec explains, the little padlock shown in your browser indicates a secure communication channel between the browser and the server, meaning the connection is encrypted and your data is safe. When the lock is broken, however, any data sent to the server is easily visible and can be intercepted or compromised.

          • Do We Even Need the Computer Fraud & Abuse Act (CFAA)?-Van Buren v. US - Technology & Marketing Law Blog
    • Monopolies

      • Legislation to Break Up Tech Monopolies Inching Closer - Make Tech Easier [Ed: Why on Earth is Microsoft not even mentioned here? Lobbying? Bribery? 'Campaigning'? Microsoft loves to pretend that it's everywhere and in everything, except when it comes to regulation, antitrust, and break-up. Then Microsoft pretends it does not even exist! You know you're being lied to when companies like Facebook and Apple are accused of being too big or monopolies, whereas Microsoft is somehow magically 'benign' and barely exists...]

        A frequent complaint in the tech world is that the big four are too big and too controlling in the industry. There is current U.S. legislation inching closer to break up these tech monopolies. Should Amazon, Apple, Facebook, and Google be worried? Should we be worried?

        [...]

        Two bills in particular – the American Choice and Innovation Online Act sponsored by the House Judiciary subcommittee on antitrust chair Rep. David Cicilline and Ending Platform Monopolies Act sponsored by Vice-Chair Pramila Jayapal – appear as though they could be most harmful to Amazon and Apple, as both head up online storefronts of some sort.



Recent Techrights' Posts

EPO Education: Workers Resort to Legal Actions (Many Cases) Against the Administration
At the moment the casualties of EPO corruption include the EPO's own staff
 
Microsofters Try to Defund the Free Software Foundation (by Attacking Its Founder This Week) and They Tell People to Instead Give Money to Microsoft Front Groups
Microsoft people try to outspend their critics and harass them
[Meme] EPO for the Kids' Future (or Lack of It)
Patents can last two decades and grow with (or catch up with) the kids
Topics We Lacked Time to Cover
Due to a Microsoft event (an annual malware fest for lobbying and marketing purposes) there was also a lot of Microsoft propaganda
Gemini Links 22/11/2024: ChromeOS, Search Engines, Regular Expressions
Links for the day
This Month is the 11th Month of This Year With Mass Layoffs at Microsoft (So Far It's Happening Every Month This Year, More Announced Hours Ago)
Now they even admit it
Links 22/11/2024: Software Patents Squashed, Russia Starts Using ICBMs
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, November 21, 2024
IRC logs for Thursday, November 21, 2024
Gemini Links 21/11/2024: Alphabetising 400 Books and Giving the Internet up
Links for the day
Links 21/11/2024: TikTok Fighting Bans, Bluesky Failing Users
Links for the day
Links 21/11/2024: SpaceX Repeatedly Failing (Taxpayers Fund Failure), Russian Disinformation Spreading
Links for the day
Richard Stallman Earned Two More Honorary Doctorates Last Month
Two more doctorate degrees
KillerStartups.com is an LLM Spam Site That Sometimes Covers 'Linux' (Spams the Term)
It only serves to distract from real articles
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, November 20, 2024
IRC logs for Wednesday, November 20, 2024
Gemini Links 20/11/2024: Game Recommendations, Schizo Language
Links for the day
Growing Older and Signs of the Site's Maturity
The EPO material remains our top priority
Did Microsoft 'Buy' Red Hat Without Paying for It? Does It Tell Canonical What to Do Now?
This is what Linus Torvalds once dubbed a "dick-sucking" competition or contest (alluding to Red Hat's promotion of UEFI 'secure boot')
Links 20/11/2024: Politics, Toolkits, and Gemini Journals
Links for the day
Links 20/11/2024: 'The Open Source Definition' and Further Escalations in Ukraine/Russia Battles
Links for the day
[Meme] Many Old Gemini Capsules Go Offline, But So Do Entire Web Sites
Problems cannot be addressed and resolved if merely talking about these problems isn't allowed
Links 20/11/2024: Standing Desks, Broken Cables, and Journalists Attacked Some More
Links for the day
Links 20/11/2024: Debt Issues and Fentanylware (TikTok) Ban
Links for the day
Jérémy Bobbio (Lunar), Magna Carta and Debian Freedoms: RIP
Reprinted with permission from Daniel Pocock
Jérémy Bobbio (Lunar) & Debian: from Frans Pop to Euthanasia
Reprinted with permission from Daniel Pocock
This Article About "AI-Powered" is Itself LLM-Generated Junk
Trying to meet quotas by making fake 'articles' that are - in effect - based on plagiarism?
Recognizing invalid legal judgments: rogue Debianists sought to deceive one of Europe's most neglected regions, Midlands-North-West
Reprinted with permission from Daniel Pocock
Google-funded group distributed invalid Swiss judgment to deceive Midlands-North-West
Reprinted with permission from Daniel Pocock
Gemini Links 20/11/2024: BeagleBone Black and Suicide Rates in Switzerland
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, November 19, 2024
IRC logs for Tuesday, November 19, 2024