CRON.WEEKLY

I respect your privacy and you won't get spam. Ever.
Just a weekly newsletter about Linux and open source.

issue #44: Docker, SELinux, Xen, Teeproxy, zstandard & more!

September 4, 2016 - Mattias Geniar

Welcome to cron.weekly issue #44 for Sunday, September 4th, 2016.

A slightly shorter edition as I’m traveling – which is also true for next week. If I missed important Linux/Open Source news, let me know – I’ll be needing help filling next weeks’ issue too.

News

A Docker Fork: Talk of a Split Is Now on the Table

There’s more and more talk of a Docker fork being needed, one run by the community without enterprise backing. This articles goes more in to the why that may be needed.

An Ode to Boring: Creating Open and Stable Container World

A slightly shorter by related article to the one above: Docker needs to stop moving so fast and keep containers simple and boring: let orchestration, management and all other functions be handled by higher level tools (like Kubernetes, Mesos, …).

Multiple vulnerabilities in RPM – and a rant

This researcher discovered several vulnerabilities in RPM. That in and of itself is interesting, but the backstory to how it got reported to Red Hat and the act of filing the bug/security issue are more interesting pieces.

State of SELinux (PDF)

This presentation (PDF) gives a nice overview of SELinux’s new features and the current stance of the project: there’s Docker/rkt & overlayfs support, in the 4.8 kernel there will be labeled networking and new userspace tools.

Xen security vulnerabilities to be announced

It’s a bit of a teaser as there aren’t any details yet, but the Xen project has reserved several CVE’s critical enough to have major cloud providers scramble to patch their hosts: on September 8th, we’re probably looking at a guest-to-hv exploit. Be prepared.

Suspect Arrested for 5-Year-Old Linux Kernel Organization Breach

Back in 2011, some kernel.org servers got hacked. It looks like someone got arrested as the culprit. The article also shares some details on the exploits and backdoors he used to get it.

Tools & Projects

Vizceral

This tool can visualise your infrastructure or traffic flows in a WebGL canvas (or, in more common words, your browser).

Teeproxy

A reverse HTTP proxy that duplicates requests: this is a good tool to test-run a new environment or a PHP/Ruby/NodeJS version upgrade, by having teeproxy send incoming requests to a “real” backend and a “dummy” backend, discarding the response from the dummy backend.

zstandard

This new compression standard by Facebook aims to rival with deflate (gzip, zip, zlib). Perhaps not a bad move, as our current compression standards are a few decades old.

restic

Restic is a program that does backups right: easy, fast, verifiable, secure & efficient.

rclone

Rclone is a command line program to sync files and directories to and from cloud services like S3, Google Drive, Dropbox, …

codervault

Think of covervault as your self-hosted Github Gists, or simple, self-hosted, snippets. They can be private/public, so free to share any way you like.

OpenBSD 6.0 released

Right on schedule: the OpenBSD team announces their 6.0 release.

fwd

fwd is a network port forwarder written in golang. It’s cross platform, supports multiple architectures and it’s dead simple to use.

Guides & Tutorials

Two weeks with Terraform

A good opinionated write-up on using the terraform tool to define your infrastructure as code. Terraform gives you an abstract language to describe your Amazon EC2 (or other) instances so you can easily reproduce that environment.

Debugging a kernel crash

A really nice low-level write-up of what it takes to diagnose and interpret the kernel stacktraces whenever your server does a kernel panic. Lots of C code in there, so this probably isn’t for everyone.

File system features we encountered developing the Mail.Ru Cloud synchronization mechanism

Another low-level post, this time about file operations: some insights in how inotify works and some good info on working with inodes identifiers.

10 tips to improve MariaDB performance

Some good starting points with regards to InnoDB buffers & sizes, caches, swap usage & some other neat tricks for tuning your MariaDB instance.

Advancing in the Bash shell

Not your average Bash tips & tricks: good pointers on using the history in Bash with new modifiers, fixing typo’s in commands, easily move around words with your cursor & more. I learned quite a few new tricks here!


I respect your privacy and you won't get spam. Ever.
Just a weekly newsletter about Linux and open source.

Share this post

Did you like this post? Will you help me share it on social media? Thanks!