cron.weekly issue #13: Tails, Ruby, OpenSSL, Rundeck, Bash Concurrency, Namespaces & many more!January 31, 2016 - Mattias Geniar
This is cron.weekly edition #13 for Sunday January 31st, 2016.
I realise it’s a bit last minute, but if you’re free today and interested in an open source conference in Brussels, Belgium, come by at FOSDEM. I’ll be speaking in the PHP & friends room about HTTP/2!
A bug/security issue on systemd, but more interesting is the discussion around it: the difficult trade-off between convenience and ease-of-use of a software project vs. secure & safe defaults. One decision attracts a wider audience, the other makes it a very focussed , secure, project that requires everyone who actually wants to use it, to change those default parameters. Interesting point-of-views.
Now that Debian has moved (mostly) to systemd, the sysvinit packages are no longer maintained. The project is looking for someone to step up and maintain the legacy sysvinit packages.
An opinionated view on replacing Puppet as a long-time user with Ansible.
The networking area is typically a very closed, vendor-driven market. Open Networking tries to change that by introducing SDN (Software Defined Networking), automation, open source firmware/OS’s, … This post dives further into that concept of Open Networking.
Tails, the privacy focussed live Operating System, has reached a stable 2.0 release.
If you’re a sysadmin, chances are you’re managing multiple environments that should all be as equal to each other as possible. This post introduces Docker and how they moved away from Terraform to accomplish this.
If you run RoR projects, have a look at the latest security notices that went out last week and patch where appropriate.
Last Friday, the OpenSSL team announced a high severity patch that fixes a Diffie-Hellman key exchange vulnerability.
An interesting write-up on Open Source vs. Free Software: “open source is a development methodology; free software is a social movement“.
Tools & projects
This project aims to recreate the commits and history of the Unix project, going back to 1972. Each important milestone gets its own branch you can browse.
If you’ve ever enjoyed text-based games, you might like this: a ‘game’ in the form of a story you have to unravel, entirely played via the CLI. Uncover clues and mysteries by following the CLI instructions.
If you’ve ever done ‘curl | sh’ style commands, you may like this: a shorter version of getting content from the web and executing it. While that’s still as dangerous as ‘curl | sh’, pipethis has options to inspect the content first or verify a signature.
Schedule a set of jobs and have them execute at your convenience, on local or remote nodes. Rundeck allows you to turn operations procedures into self-service jobs, giving access to others (like your devteam) in the process.
This project aims to simplify PXE booting: a single binary that acts as a DHCP and TFTP server for simple PXE booting needs.
While not so much Linux, it is Open Source. A Red Hat sponsored free, open source, web font that looks to be very clean and readable.
A Bash function to run tasks in parallel and display pretty output as they complete.
Easily download files in the fastest speed possible by using Multi-Threaded Downloads. A very simple CLI interface, too.
“The simplest way to use Docker on OS X”. This introductory post describes the dlite project, which aims to making Docker easier to run on OSX by improving Host<->VM data sharing.
Not a typo, the project is actually named ‘s’: you can start a Google, Amazon, … search straight from your terminal. ‘s’ supports multiple search providers and could even be plugged into your company search if you want.
This is an open source Slack alternative.
What if you could query the state of your infrastructure by writing actual SQL queries? Osquery gives you the ability to query and log things like running processes, logged in users, password changes, usb devices, firewall exceptions, listening ports, and more. You can perform ad-hoc queries or schedule them.
Guides & Tutorials
One of the most common system calls in Linux explained: sendfile. Very low-level: you won’t encounter sendfile at the CLI, but you’ll see it in straces or other low-level debugging tools.
What happens when a program SEGFAULTs? Besides the obvious crash, there are quite a lot of details going on in process management. This stackoverflow answer does a really good job at explaining them.
A step-by-step instruction on taking a running, live, Debian server and have it reinstalled with Arch Linux. Some interesting partition trickery involved, too.
“How complicated can a message queue be”, right? This github repo explains the details of queues, priorities, pub/sub methods, authentication, interceptors, … for RabbitMQ.
A collection of resources for managing, working with and configuring SSH (both client- and server side).
This post covers several ways and tools to execute bash commands in parallel, which is especially useful for blocking, long-running tasks and effectively using the multiple cores on a single server.
A well-written overview on the concept of Network Namespaces for different and separate instances of network interfaces and routing tables that operate independent of each other.
An introduction to microcaching on both open source and commercial Nginx, comparing the performance results along the way.