Bonum Certa Men Certa

Links 03/02/2023: WINE 8.1 and RapidDisk 9.0.0



  • GNU/Linux

    • Server

      • Kubernetes BlogKubernetes Blog: Spotlight on SIG Instrumentation

        Observability requires the right data at the right time for the right consumer (human or piece of software) to make the right decision. In the context of Kubernetes, having best practices for cluster observability across all Kubernetes components is crucial.

      • Container JournalIs Kubernetes Fit For Purpose?

        Are Kubernetes clusters fit to run many of the applications being deployed on them? That question became the focal point of a panel discussion yesterday in Seattle, Washington, hosted by Tetrate, a provider of an instance of the Istio service mesh. Kelsey Hightower, principal engineer for Google Cloud, said one

    • Kernel Space

      • LWNNolibc: a minimal C-library replacement shipped with the kernel [LWN.net]

        The kernel project does not host much user-space code in its repository, but there are exceptions. One of those, currently found in the tools/include/nolibc directory, has only been present since the 5.1 release. The nolibc project aims to provide minimal C-library emulation for small, low-level workloads. Read on for an overview of nolibc, its history, and future direction written by its principal contributor.

        The nolibc component actually made a discreet entry into the 5.0 kernel as part of the RCU torture-test suite ("rcutorture"), via commit 66b6f755ad45 ("rcutorture: Import a copy of nolibc"). This happened after Paul McKenney asked: "Does anyone do kernel-only deployments, for example, setting up an embedded device having a Linux kernel and absolutely no userspace whatsoever?"

      • LWNHiding a process's executable from itself [LWN.net]

        Back in 2019, a high-profile container vulnerability led to the adoption of some complex workarounds and a frenzy of patching. The immediate problem was fixed, but the incident was severe enough that security-conscious developers have continued to look for ways to prevent similar vulnerabilities in the future. This patch set from Giuseppe Scrivano takes a rather simpler approach to the problem.

        The 2019 incident, which came to be known as CVE-2019-5736, involved a sequence of steps that culminated in the overwriting of the runc container-runtime binary from within a container. That binary should not have even been visible within the container, much less writable, but such obstacles look like challenges to a determined attacker. In this case, the attack was able to gain access to this binary via /proc/self/exe, which always refers to the binary executable for the current process.

        Specifically, the attack opens the runc process's /proc/self/exe file, creating a read-only file descriptor — inside the container — for the target binary, which lives outside that container. Once runc exits, the attacker is able to reopen that file descriptor for write access; that descriptor can subsequently be used to overwrite the runc binary. Since runc is run with privilege outside of the container runtime, this becomes a compromise of the host as a whole; see the above-linked article for details.

        This vulnerability was closed by having runc copy its binary image into a memfd area and sealing it; control is then be passed to that image before entering the container. Sealing prevents modifying the image, but even if that protection fails, the container is running from an independent copy of the binary that will never be used again, so overwriting it is no longer useful. It is a bit of an elaborate workaround, but it plugged the hole at the time.

      • LWNKernel code on the chopping block [LWN.net]

        Code that is added to the kernel can stay there for a long time; there is code in current kernels that has been present for over 30 years. Nothing is forever, though. The kernel development community is currently discussing the removal of two architectures and one filesystem, all of which seem to have mostly fallen out of use. But, as we will see, removal of code from the kernel is not easy and is subject to reconsideration even after it happens.

    • Graphics Stack

      • LWNX clients and byte swapping [LWN.net]

        While there are still systems with both byte orders, little-endian has largely "won" the battle at this point since the vast majority of today's systems store data with the least-significant byte first (at the lowest address). But when the X11 protocol was developed in the 1980s, there were lots of systems of each byte order, so the X protocol allowed either order and the server (display side) would swap the bytes to its byte order as needed. Over time, the code for swapping data in the messages, which was written in a more-trusting era, has bit-rotted so that it is now a largely untested attack surface that is nearly always unused. Peter Hutterer has been doing some work to stop using that code by default, both in upstream X.org code and in downstream Fedora.

        A Fedora 38 change proposal to disable support for byte-swapped clients by default in the X server was posted in mid-December. It is owned by Hutterer, who proposed adopting the work he was doing for the X.org server into Fedora. At the time, it was unclear whether the upstream changes would land in time, so the Fedora proposal was contingent on that happening. It turns out that Hutterer merged the changes on January 5, so that would not be an impediment to Fedora being an early adopter of the feature.

    • Applications

      • Petros KoutoupisRapidDisk 9.0.0 now available

        RapidDisk is an advanced Linux RAM Disk which consists of a collection of modules and an administration tool.

    • Instructionals/Technical

      • ID RootHow To Install Brave Browser on Rocky Linux 9

        In this tutorial, we will show you how to install Brave Browser on Rocky Linux 9. For those of you who didn’t know, Brave is a free and open-source web browser developed by Brave Software, Inc.

      • UNIX CopDolphin Emulator on Centos

        It is easily the most popular and best-supported emulator for the console on Linux.

      • UNIX CopHow To Install Kodi Media Server on CentOS 9/ Rocky Linux 9/ AlmaLinux 9

        In this guide, we will show you how to install Kodi Media Server in AlmaLinux, CentOS and RockyLinux servers. Kodi€ (formerly€ XBMC) is a€ free and open-source media player€ software application developed by the XBMC Foundation, a€ non-profit€ technology€ consortium. Kodi is available for multiple operating systems and hardware platforms, with a software€ 10-foot user interface€ for use with televisions and€ remote controls.

      • UNIX CopHow To Install Mattermost Desktop onCentOS 9/ Rocky Linux 9/ AlmaLinux 9

        In this guide, we will show you how to install Mattermost Desktop on CentOS/AlmaLinux and RockyLinux systems.

      • UNIX CopHow do you install a pacemaker with Apache on RHEL 8?

        A pacemaker with apache high-availability€ cluster management tool in Red Hat Enterprise Linux 8 that monitors and manages services running on Apache servers. It provides failover capabilities for system failures. Pacemaker combines with httpd using a resource agent.

      • ZDNetWhat are VirtualBox guest snapshots and how do you take them?

        VirtualBox makes it easy to run multiple operating system guests on a single host. One feature you should be regularly using is snapshots. Here's what they are and how to use them.

    • WINE or Emulation

      • WINE Project (Official)WineHQ - Wine Announcement - The Wine development release 8.1 is now available.
        The Wine development release 8.1 is now available.
        
        

        What's new in this release: - Windows version set to Windows 10 for new prefixes. - Many code cleanups that were deferred during code freeze. - Various bug fixes.

        The source is available at:

        https://dl.winehq.org/wine/source/8.x/wine-8.1.tar.xz

        Binary packages for various distributions will be available from:

        https://www.winehq.org/download

        You will find documentation on https://www.winehq.org/documentation

        You can also get the current source directly from the git repository. Check https://www.winehq.org/git for details.

        Wine is available thanks to the work of many people. See the file AUTHORS in the distribution for the complete list.
  • Distributions and Operating Systems

  • Free, Libre, and Open Source Software

    • Events

      • Linux Plumbers Conference (LPC)Linux Plumbers Conference: Preliminary Dates and Location for LPC2023

        The 2023 LPC PC is pleased to announce that we’ve begun exclusive negotiations with the Omni Hotel in Richmond, VA to host Plumbers 2023 from 13-15 November. Note: These dates arenot yet final(nor is the location; we have had one failure at this stage of negotiations from all the Plumbers venues we’ve chosen). We will let you know when this preliminary location gets finalized (please don’t book irrevocable travel until then).

    • Programming/Development

      • ButtondownImprove your debugging by asking broad questions

        I recently had to help a friend debug a Word issue where fonts would randomly change to Greek symbols. It got me thinking about theories of debugging in general. At my last job, I was the Debugging Guy.

      • Python

        • LWNPython packaging, visions, and unification [LWN.net]

          The Python community is currently struggling with a longtime difficulty in its ecosystem: how to develop, package, distribute, and maintain libraries and applications. The current situation is sub-optimal in several dimensions due, at least in part, to the existence of multiple, non-interoperable mechanisms and tools to handle some of those needs. Last week, we had an overview of Python packaging as a prelude to starting to dig into the discussions. In this installment, we start to look at the kinds of problems that exist—and the barriers to solving them.

          Our overview just scratched the surface of the Python packaging world, so we will pick up some of the other pieces as we go along. The recent discussions seem to largely stem from Brett Cannon's mid-November post to renominate himself to the steering council (SC) for the 2023 term; that thread also served to highlight the role of the Python Packaging Authority (PyPA) and its relationship to the Python core developers. Up until relatively recently, the PyPA was an informal organization with a membership that was not well-defined; it had an ad hoc style of governance. That changed in 2019 with the advent of PEP 609 ("Python Packaging Authority (PyPA) Governance"); the PEP formalized the governance of the PyPA.

  • Leftovers

    • James GHappy Groundhog Day

      As of my starting to write this post, there are 25 minutes left until midnight here in the UK. This is the first year that I have actively thought about Groundhog Day throughout the day.

    • ⬆⬆⬆⬆⬆⬆⬆ Alert

      The history of everyone’s favorite attempt to keep the suspense going for just a little bit longer, the spoiler alert. People who spoil things are obviously evil. Obviously.


* Gemini (Primer) links can be opened using Gemini software. It's like the World Wide Web but a lot lighter.



Recent Techrights' Posts

Brett Wilson LLP Sent Over 5 Kilograms (or Over 12 Pounds) of Legal Papers! Because Writing About Microsoft Abuses is 'Illegal'.
How do you guys sleep at night? On a big pile of Microsoft money?
Extremism as a Weapon Against GNU/Linux (Microsoft Lunduke)
He ought to know the Halloween Documents. Wasn't he a Microsoft employee when these came out?
 
Microsoft-Sponsored Propaganda Site Has Removed False 'Hit Piece' About Dr. Stallman (With Fake and Misrepresented Imagery) But Only After 4 Years
So they only removed that page some time around 2025, i.e. about 4 years after it had been published
Always Check Your Inputs
Garbage in, garbage out. Or wrong assumptions, wrong corollary.
Dan Neidle Said That Tax Evasion Facilitator Mr Zahawi (Working to Silence Bloggers Through Brett Wilson LLP) Targeted Not Only Him (But The Others Kept Quiet)
"Mr Neidle said after repelling Mr Zahawi he was contacted by bloggers and tweeters who had received similar threats. They deleted their work “and in most cases never commented publicly on anything again”."
SLAPP Funding Transparency Urgently Needed in the UK and Elsewhere (in Practice, Not Just in Theory)
Writing about crime - including Microsoft crime - is not a crime
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, July 09, 2025
IRC logs for Wednesday, July 09, 2025
Elodie Bergot Still Doing Illegal Things at the EPO, Based on the Local Staff Committee Munich
They keep taking away from the staff while compelling the staff to do illegal things
Gemini Links 09/07/2025: Extreme Testing and Golang Documentation in Geminispace
Links for the day
Vice President of the European Patent Office (EPO) Complains That Techrights Gives Visibility to Legal and Technical Issues at the EPO
"Follow-up on enquiries relating to Dir. 1218 and 1001"
Slopwatch: linuxsecurity.com and Various Slopfarms That Lie About "Linux" and Are Promoted by Google News
Google does not seem interested in tackling this problem
Links 09/07/2025: War Updates and Microsoft Moving to India to Cut Costs
Links for the day
GNU/Linux Was Always a 'Movement' of Inclusion of Tolerance
Even the licences themselves remove access barriers
Links 09/07/2025: "Subprime AI Crisis" and "OpenAI May Be in Major Trouble Financially"
Links for the day
Huge Piles of Legal Papers ('Paper DDoS') Do Not Impress Judges and Regulators
they just make judges and regulators even more suspicious of the eagerness to resort to 'paper DDoS'
Lunduke Isn't Even Hiding His Anti-Linux Agenda (From "Linux Sucks" to "Linux is Pedophiles")
just trying to make a lot of trouble
Some People Use Computers to Get Actual Work Done
Tolerance and inclusion must extend to acceptance that some people don't agree with you, might never agree with you, and imposing what allegedly works for you on them is unreasonable
Example of "Old" Things That Still Work
The notion that something being "old" implies it must be discarded is typically advanced by those looking to sell more of something
Some Scheduled Maintenance Later Today
Typically the most vulnerable service during short interruptions is IRC
Computers Are Just a Tool
People don't get married because they love weddings, folks don't join the army because they love war, and most drivers don't drive to work because they love cars
Apple Way Past Its Prime
Apple deserves a decline
The FSF's SysOps Team Recovered From Serious Hardware Issue Within Hours
About half a day ago I noticed that all/most GNU/FSF sites were not reachable and thus reached out to a contact for any details
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, July 08, 2025
IRC logs for Tuesday, July 08, 2025
Slopwatch: Turning Bugs Into FUD About "Linux", Getting Basic Facts Wrong
all the screenshots are of fake articles; we don't want to link to any
Technical Reasons, Not Politics: With Wayland "it feels a lot like Linux from 20-25 years ago, which is horrendously frustrating, because it feels like we wasted one or two decades of progress and stability"
Lately, quite a few benchmarks were published to show Wayland compares poorly compared to what we had
PCLinuxOS Recovering From Fire
It looks like a nightmare scenario, where even backups onsite get destroyed
Links 09/07/2025: More Heatwaves, Officials Culled in Russia
Links for the day
Gemini Links 09/07/2025: XScreensaver and Resurrection
Links for the day
Links 08/07/2025: "Cyberattack Deals Blow to Russian Firmware" and "Cash Remains King"
Links for the day
FSF40 T-shirt message
by Alex Oliva
Gemini Links 08/07/2025: Creativity, Gotify with NUT Server, and Sudo Bugs
Links for the day
More on "Lunduke is Actually Sending His Audience to Attack People"
"pepe the frogs"
Links 08/07/2025: Sabotage of Networking Infrastructure, Microsoft XBox Game Pass Deemed “Unsustainable”
Links for the day
Dalai Lama Succession as Evidence That Determined, Motivated People Can Reach Their Nineties
And we need to quit talking about their death all the time
Many Lawyers (for Microsoft) and 1,316 Pages to Pick on a Litigant in Person Who Exposed Serious Microsoft Abuses
Answers must be given
Gemini Links 08/07/2025: Ancillary Justice and Small Web July
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, July 07, 2025
IRC logs for Monday, July 07, 2025