DOCSLIB.ORG

Linux Journal | May 2016 | Issue

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Linux Journal | May 2016 | Issue A Look at PostgreSQL 9.5’s Most Interesting Features ™ WATCH: ISSUE OVERVIEW V MAY 2016 | ISSUE 265 http://www.linuxjournal.com Since 1994: The Original Magazine of the Linux Community CONFIGURE SECURE TOKEN-BASED YOUR SERVER AUTHENTICATION WITH to Use Your Gmail Account TIPS FOR YubiKey 4 DEVELOPERS to Prevent Compromise at the Source + Build Your Own Tiny Internet HOW TO Install Qubes and Navigate the Desktop LJ265-May2016.indd 1 4/20/16 8:28 PM NEW! Linux on NEW! SSH: a Power Modern Author: Lock for Practical books Ted Schmidt Your Server? Sponsor: Author: HelpSystems Federico Kereki for the most technical Sponsor: people on the planet. Fox Technologies Self-Audit: Agile Checking Product Assumptions Development at the Door Author: GEEK GUIDES Author: Ted Schmidt Greg Bledsoe Sponsor: IBM Sponsor: HelpSystems Improve Finding Your Business Way: Mapping Processes with Your Network an Enterprise to Improve Job Scheduler Manageability Author: Author: Mike Diehl Bill Childers Sponsor: Sponsor: Skybot InterMapper Download books for free with a DIY Combating simple one-time registration. Commerce Site Infrastructure Sprawl Author: Reuven M. Lerner Author: http://geekguide.linuxjournal.com Sponsor: GeoTrust Bill Childers Sponsor: Puppet Labs LJ265-May2016.indd 2 4/20/16 8:28 PM NEW! Linux on NEW! SSH: a Power Modern Author: Lock for Practical books Ted Schmidt Your Server? Sponsor: Author: HelpSystems Federico Kereki for the most technical Sponsor: people on the planet. Fox Technologies Self-Audit: Agile Checking Product Assumptions Development at the Door Author: GEEK GUIDES Author: Ted Schmidt Greg Bledsoe Sponsor: IBM Sponsor: HelpSystems Improve Finding Your Business Way: Mapping Processes with Your Network an Enterprise to Improve Job Scheduler Manageability Author: Author: Mike Diehl Bill Childers Sponsor: Sponsor: Skybot InterMapper Download books for free with a DIY Combating simple one-time registration. Commerce Site Infrastructure Sprawl Author: Reuven M. Lerner Author: http://geekguide.linuxjournal.com Sponsor: GeoTrust Bill Childers Sponsor: Puppet Labs LJ265-May2016.indd 3 4/20/16 8:28 PM MAY 2016 CONTENTS ISSUE 265 FEATURES 82 Secure 104 The Tiny Token-Based Internet Project, Authentication Part I with YubiKey 4 Use KVM to build a fully functioning “Internet” Busy Linux administrators and learn all about Linux often need to use insecure in the process. terminals, such as a co-worker’s desktop, John S. Tonello to get their jobs done. Todd A. Jacobs provides ON THE COVER (3VVRH[7VZ[NYL:83 Z4VZ[0U[LYLZ[PUN-LH[\YLZW a modern look at :LJ\YL;VRLU)HZLK(\[OLU[PJH[PVU^P[O@\IP2L`W token-based authentication )\PSK@V\Y6^U;PU`0U[LYUL[W using YubiKey 4. /V^[V0UZ[HSS8\ILZHUK5H]PNH[L[OL+LZR[VWW *VUMPN\YL@V\Y:LY]LY[V<ZL@V\Y.THPS(JJV\U[W Todd A. Jacobs ;PWZMVY+L]LSVWLYZ[V7YL]LU[*VTWYVTPZLH[[OL:V\YJLW Cover Image: © Can Stock Photo Inc. / coraMax 4 | May 2016 | http://www.linuxjournal.com LJ265-May2016.indd 4 4/20/16 8:28 PM CONTENTS COLUMNS IN EVERY ISSUE 28 Reuven M. Lerner’s 8 Current_Issue.tar.gz At the Forge 10 Letters PostgreSQL 9.5 18 UPFRONT 38 Dave Taylor’s 26 Editors’ Choice Work the Shell 72 New Products The Many Paths to a Solution 129 Advertisers Index 46 Kyle Rankin’s Hack and / Secure Desktops with Qubes: Installation 54 Shawn Powers’ The Open-Source Classroom The Peculiar Case of E-mail in the Cloud 62 Susan Sons’ Under the Sink 26 Securing the Programmer, Part I 124 Doc Searls’ EOF Privacy and the New Math 82 LINUX JOURNAL (ISSN 1075-3583) is published monthly by Belltown Media, Inc., PO Box 980985, Houston, TX 77098 USA. Subscription rate is $29.50/year. Subscriptions start with the next issue. 5 | May 2016 | http://www.linuxjournal.com LJ265-May2016.indd 5 4/20/16 8:28 PM Executive Editor Jill Franklin [email protected] Senior Editor Doc Searls [email protected] Associate Editor Shawn Powers [email protected] Art Director Garrick Antikajian [email protected] Products Editor James Gray [email protected] Editor Emeritus Don Marti [email protected] Technical Editor Michael Baxter [email protected] Senior Columnist Reuven Lerner [email protected] Security Editor Mick Bauer [email protected] Hack Editor Kyle Rankin lj@greenfly.net Virtual Editor Bill Childers [email protected] Contributing Editors )BRAHIM (ADDAD s 2OBERT ,OVE s :ACK "ROWN s $AVE 0HILLIPS s -ARCO &IORETTI s ,UDOVIC -ARCOTTE 0AUL "ARRY s 0AUL -C+ENNEY s $AVE 4AYLOR s $IRK %LMENDORF s *USTIN 2YAN s !DAM -ONSEN President Carlie Fairchild [email protected] Publisher Mark Irgang [email protected] Associate Publisher John Grogan [email protected] Director of Digital Experience Katherine Druckman [email protected] Accountant Candy Beauchamp [email protected] Linux Journal is published by, and is a registered trade name of, Belltown Media, Inc. PO Box 980985, Houston, TX 77098 USA Editorial Advisory Panel Nick Baronian Kalyana Krishna Chadalavada "RIAN #ONNER s +EIR $AVIS -ICHAEL %AGER s 6ICTOR 'REGORIO $AVID ! ,ANE s 3TEVE -ARQUEZ $AVE -C!LLISTER s 4HOMAS 1UINLAN #HRIS $ 3TARK s 0ATRICK 3WARTZ Advertising E-MAIL: [email protected] URL: www.linuxjournal.com/advertising PHONE: +1 713-344-1956 ext. 2 Subscriptions E-MAIL: [email protected] URL: www.linuxjournal.com/subscribe MAIL: PO Box 980985, Houston, TX 77098 USA LINUX is a registered trademark of Linus Torvalds. LJ265-May2016.indd 6 4/20/16 8:28 PM ExCel London | 31 May – 3 June 2016 “The Lollapalooza of big data conferences.” — Wired.com Data science meets business. At Strata + Hadoop World, learn the skills and technologies you need to build successful, Save 20% data-driven projects and organizations. Register today. strataconf.com/uk Use code PCLinuxJournal LJ265-May2016.indd 7 4/22/16 1:00 PM Current_Issue.tar.gz The Power of Free SHAWN hen I was a kid, I saved my money for POWERS weeks in order to buy the Aerobie Shawn Powers is the (https://en.wikipedia.org/wiki/Aerobie). I W Associate Editor for lived in a ghetto of Detroit, and during the summer, we often Linux Journal. He’s would play Frisbee in the street for entertainment. I figured if also the Gadget Guy I could buy the Aerobie, we’d be able to play Frisbee across for LinuxJournal.com, and he has an multiple blocks! It would be amazing! So I hunted pop cans interesting collection for weeks (in Michigan, pop can returns are 10 cents each), of vintage Garfield and finally I saved enough money to buy one. I took it home coffee mugs. Don’t let his silly hairdo and tossed it down the street. And it kept going. I suspect fool you, he’s a it’s still going, 30 years later. It flew down the street, over a pretty ordinary guy block of houses and became a tiny dot in the sky. I never saw and can be reached via e-mail at it again. Thankfully, unlike Aerobie buyers, it doesn’t cost [email protected]. anything to start a brand-new project with Linux! We can Or, swing by the install our operating system without worrying about license #linuxjournal IRC channel on fees or saving up pop can money—and that means we aren’t Freenode.net. limited in the cool things we can do! Reuven M. Lerner starts off the issue with an informative article on PostgreSQL 9.5. Relational databases might seem V old-school, but what they do, they do very well. Reuven describes some of the cool new features of 9.5. Next up, Dave VIDEO: Taylor explains how to solve programming problems with the Shawn wegrep tool. Manipulating text via script is both incredibly fun Powers runs and often very frustrating. (That frustration is part of the fun, through if I’m being completely honest.) If you’re a scripter who deals the latest issue. with text, you won’t want to miss Dave’s column. Kyle Rankin continues his Qubes series this month. He 8 | May 2016 | http://www.linuxjournal.com LJ265-May2016.indd 8 4/20/16 8:28 PM Current_Issue.tar.gz described the setup last month, and conceptually how it works, and here he covers the multi-VM model for doing actual computing. The technologies in Qubes aren’t brand new, but the way of using them certainly is. Even if you’re not interested in the level of security Qubes offers, you owe it to yourself to read his series if only to UNDERSTAND THE THOUGHT PROCESS ITSELF )TS PRETTY UNIQUE I started my column this month with a simple problem: e-mail. Now that cloud computing is the norm, it means the servers you spin up aren’t in your network anymore, and so might be blocked from using your ISP’s SMTP server. There are certainly ways to set up an e-mail server that you can use for proper E MAIL ROUTING BUT ) JUST NEED A WAY TO SEND QUICK AND DIRTY SERVER NOTIFICATION messages to myself when something goes wrong. I use Postfix and Gmail to accomplish that task, and I figured I’d share my experience. Susan Sons is back this month with a brilliant article on securing your source code, at the source! It’s great to have your revision control system secured and reliable, but what if the computer you actually use to develop gets compromised? That’s a bigger concern than you might realize, and Susan walks through dealing with the often overlooked problem. We follow Susan’s column with Todd A. Jacobs’ tutorial on how to implement YubiKey 4 for USB token-based authentication.
Load more

Recommended publications
  • IBM Multi-Factor Authentication for Z/OS
    Multi Factor Authentication for Linux on IBM Z using a centralized z/OS LDAP infrastructure Dr. Manfred Gnirss Thomas Wienert Z ATS IBM Systems IBM Germany R & D Boeblingen, 18.7.2018 © 2018 IBM Corporation 2 Trademarks The following are trademarks of the International Business Machines Corporation in the United States, other countries, or both. Not all common law marks used by IBM are listed on this page. Failure of a mark to appear does not mean that IBM does not use the mark nor does it mean that the product is not actively marketed or is not significant within its relevant market. Those trademarks followed by ® are registered trademarks of IBM in the United States; all others are trademarks or common law marks of IBM in the United States. For a complete list of IBM Trademarks, see www.ibm.com/legal/copytrade.shtml: *BladeCenter®, DB2®, e business(logo)®, DataPower®, ESCON, eServer, FICON, IBM®, IBM (logo)®, MVS, OS/390®, POWER6®, POWER6+, POWER7®, Power Architecture®, PowerVM®, S/390®, System p®, System p5, System x®, System z®, System z9®, System z10®, WebSphere®, X-Architecture®, zEnterprise, z9®, z10, z/Architecture®, z/OS®, z/VM®, z/VSE®, zSeries® The following are trademearks or registered trademarks of other companies. Adobe, the Adobe logo, PostScript, and the PostScript logo are either registered trademarks or trademarks of Adobe Systems Incorporated in the United States, and/or other countries. Cell Broadband Engine is a trademark of Sony Computer Entertainment, Inc. in the United States, other countries, or both and is used under license therefrom. Java and all Java-based trademarks are trademarks of Sun Microsystems, Inc.
    [Show full text]
  • Can We Trust Cryptographic Software? Cryptographic Flaws in GNU Privacy Guard V1.2.3
    Can We Trust Cryptographic Software? Cryptographic Flaws in GNU Privacy Guard v1.2.3 Phong Q. Nguyen CNRS/Ecole´ normale sup´erieure D´epartement d’informatique 45 rue d’Ulm, 75230 Paris Cedex 05, France. [email protected] http://www.di.ens.fr/˜pnguyen Abstract. More and more software use cryptography. But how can one know if what is implemented is good cryptography? For proprietary soft- ware, one cannot say much unless one proceeds to reverse-engineering, and history tends to show that bad cryptography is much more frequent than good cryptography there. Open source software thus sounds like a good solution, but the fact that a source code can be read does not imply that it is actually read, especially by cryptography experts. In this paper, we illustrate this point by examining the case of a basic In- ternet application of cryptography: secure email. We analyze parts of thesourcecodeofthelatestversionofGNUPrivacyGuard(GnuPGor GPG), a free open source alternative to the famous PGP software, com- pliant with the OpenPGP standard, and included in most GNU/Linux distributions such as Debian, MandrakeSoft, Red Hat and SuSE. We ob- serve several cryptographic flaws in GPG v1.2.3. The most serious flaw has been present in GPG for almost four years: we show that as soon as one (GPG-generated) ElGamal signature of an arbitrary message is released, one can recover the signer’s private key in less than a second on a PC. As a consequence, ElGamal signatures and the so-called ElGamal sign+encrypt keys have recently been removed from GPG.
    [Show full text]
  • AMNESIA 33: How TCP/IP Stacks Breed Critical Vulnerabilities in Iot
    AMNESIA:33 | RESEARCH REPORT How TCP/IP Stacks Breed Critical Vulnerabilities in IoT, OT and IT Devices Published by Forescout Research Labs Written by Daniel dos Santos, Stanislav Dashevskyi, Jos Wetzels and Amine Amri RESEARCH REPORT | AMNESIA:33 Contents 1. Executive summary 4 2. About Project Memoria 5 3. AMNESIA:33 – a security analysis of open source TCP/IP stacks 7 3.1. Why focus on open source TCP/IP stacks? 7 3.2. Which open source stacks, exactly? 7 3.3. 33 new findings 9 4. A comparison with similar studies 14 4.1. Which components are typically flawed? 16 4.2. What are the most common vulnerability types? 17 4.3. Common anti-patterns 22 4.4. What about exploitability? 29 4.5. What is the actual danger? 32 5. Estimating the reach of AMNESIA:33 34 5.1. Where you can see AMNESIA:33 – the modern supply chain 34 5.2. The challenge – identifying and patching affected devices 36 5.3. Facing the challenge – estimating numbers 37 5.3.1. How many vendors 39 5.3.2. What device types 39 5.3.3. How many device units 40 6. An attack scenario 41 6.1. Other possible attack scenarios 44 7. Effective IoT risk mitigation 45 8. Conclusion 46 FORESCOUT RESEARCH LABS RESEARCH REPORT | AMNESIA:33 A note on vulnerability disclosure We would like to thank the CERT Coordination Center, the ICS-CERT, the German Federal Office for Information Security (BSI) and the JPCERT Coordination Center for their help in coordinating the disclosure of the AMNESIA:33 vulnerabilities.
    [Show full text]
  • List of Applications Updated in ARL #2530
    List of Applications Updated in ARL #2530 Application Name Publisher .NET Core SDK 2 Microsoft Acrobat Elements Adobe Acrobat Elements 10 Adobe Acrobat Elements 11.0 Adobe Acrobat Elements 15.1 Adobe Acrobat Elements 15.7 Adobe Acrobat Elements 15.9 Adobe Acrobat Elements 6.0 Adobe Acrobat Elements 7.0 Adobe Application Name Acrobat Elements 8 Adobe Acrobat Elements 9 Adobe Acrobat Reader DC Adobe Acrobat.com 1 Adobe Alchemy OpenText Alchemy 9.0 OpenText Amazon Drive 4.0 Amazon Amazon WorkSpaces 1.1 Amazon Amazon WorkSpaces 2.1 Amazon Amazon WorkSpaces 2.2 Amazon Amazon WorkSpaces 2.3 Amazon Ansys Ansys Archive Server 10.1 OpenText AutoIt 2.6 AutoIt Team AutoIt 3.0 AutoIt Team AutoIt 3.2 AutoIt Team Azure Data Studio 1.9 Microsoft Azure Information Protection 1.0 Microsoft Captiva Cloud Toolkit 3.0 OpenText Capture Document Extraction OpenText CloneDVD 2 Elaborate Bytes Cognos Business Intelligence Cube Designer 10.2 IBM Cognos Business Intelligence Cube Designer 11.0 IBM Cognos Business Intelligence Cube Designer for Non-Production environment 10.2 IBM Commons Daemon 1.0 Apache Software Foundation Crystal Reports 11.0 SAP Data Explorer 8.6 Informatica DemoCreator 3.5 Wondershare Software Deployment Wizard 9.3 SAS Institute Deployment Wizard 9.4 SAS Institute Desktop Link 9.7 OpenText Desktop Viewer Unspecified OpenText Document Pipeline DocTools 10.5 OpenText Dropbox 1 Dropbox Dropbox 73.4 Dropbox Dropbox 74.4 Dropbox Dropbox 75.4 Dropbox Dropbox 76.4 Dropbox Dropbox 77.4 Dropbox Dropbox 78.4 Dropbox Dropbox 79.4 Dropbox Dropbox 81.4
    [Show full text]
  • A History of End-To-End Encryption and the Death of PGP
    25/05/2020 A history of end-to-end encryption and the death of PGP Hey! I'm David, a security engineer at the Blockchain team of Facebook (https://facebook.com/), previously a security consultant for the Cryptography Services of NCC Group (https://www.nccgroup.com). I'm also the author of the Real World Cryptography book (https://www.manning.com/books/real-world- cryptography?a_aid=Realworldcrypto&a_bid=ad500e09). This is my blog about cryptography and security and other related topics that I Ûnd interesting. A history of end-to-end encryption and If you don't know where to start, you might want to check these popular the death of PGP articles: posted January 2020 - How did length extension attacks made it 1981 - RFC 788 - Simple Mail Transfer Protocol into SHA-2? (/article/417/how-did-length- extension-attacks-made-it-into-sha-2/) (https://tools.ietf.org/html/rfc788) (SMTP) is published, - Speed and Cryptography the standard for email is born. (/article/468/speed-and-cryptography/) - What is the BLS signature scheme? (/article/472/what-is-the-bls-signature- This is were everything starts, we now have an open peer-to-peer scheme/) protocol that everyone on the internet can use to communicate. - Zero'ing memory, compiler optimizations and memset_s (/article/419/zeroing-memory- compiler-optimizations-and-memset_s/) 1991 - The 9 Lives of Bleichenbacher's CAT: New Cache ATtacks on TLS Implementations The US government introduces the 1991 Senate Bill 266, (/article/461/the-9-lives-of-bleichenbachers- which attempts to allow "the Government to obtain the cat-new-cache-attacks-on-tls- plain text contents of voice, data, and other implementations/) - How to Backdoor Di¸e-Hellman: quick communications when appropriately authorized by law" explanation (/article/360/how-to-backdoor- from "providers of electronic communications services di¸e-hellman-quick-explanation/) and manufacturers of electronic communications - Tamarin Prover Introduction (/article/404/tamarin-prover-introduction/) service equipment".
    [Show full text]
  • Open Source Projects As Incubators of Innovation
    RESEARCH CONTRIBUTIONS TO ORGANIZATIONAL SOCIOLOGY AND INNOVATION STUDIES / STUTTGARTER BEITRÄGE ZUR ORGANISATIONS- UND INNOVATIONSSOZIOLOGIE SOI Discussion Paper 2017-03 Open Source Projects as Incubators of Innovation From Niche Phenomenon to Integral Part of the Software Industry Jan-Felix Schrape Institute for Social Sciences Organizational Sociology and Innovation Studies Jan-Felix Schrape Open Source Projects as Incubators of Innovation. From Niche Phenomenon to Integral Part of the Software Industry. SOI Discussion Paper 2017-03 University of Stuttgart Institute for Social Sciences Department of Organizational Sociology and Innovation Studies Seidenstr. 36 D-70174 Stuttgart Editor Prof. Dr. Ulrich Dolata Tel.: +49 711 / 685-81001 [email protected] Managing Editor Dr. Jan-Felix Schrape Tel.: +49 711 / 685-81004 [email protected] Research Contributions to Organizational Sociology and Innovation Studies Discussion Paper 2017-03 (May 2017) ISSN 2191-4990 © 2017 by the author(s) Jan-Felix Schrape is senior researcher at the Department of Organizational Sociology and Innovation Studies, University of Stuttgart (Germany). [email protected] Additional downloads from the Department of Organizational Sociology and Innovation Studies at the Institute for Social Sciences (University of Stuttgart) are filed under: http://www.uni-stuttgart.de/soz/oi/publikationen/ Abstract Over the last 20 years, open source development has become an integral part of the software industry and a key component of the innovation strategies of all major IT providers. Against this backdrop, this paper seeks to develop a systematic overview of open source communities and their socio-economic contexts. I begin with a recon- struction of the genesis of open source software projects and their changing relation- ships to established IT companies.
    [Show full text]
  • KDE Free Qt Foundation Strengthens Qt
    How the KDE Free Qt Foundation strengthens Qt by Olaf Schmidt-Wischhöfer (board member of the foundation)1, December 2019 Executive summary The development framework Qt is available both as Open Source and under paid license terms. Two decades ago, when Qt 2.0 was first released as Open Source, this was excep- tional. Today, most popular developing frameworks are Free/Open Source Software2. Without the dual licensing approach, Qt would not exist today as a popular high-quality framework. There is another aspect of Qt licensing which is still very exceptional today, and which is not as well-known as it ought to be. The Open Source availability of Qt is legally protected through the by-laws and contracts of a foundation. 1 I thank Eike Hein, board member of KDE e.V., for contributing. 2 I use the terms “Open Source” and “Free Software” interchangeably here. Both have a long history, and the exact differences between them do not matter for the purposes of this text. How the KDE Free Qt Foundation strengthens Qt 2 / 19 The KDE Free Qt Foundation was created in 1998 and guarantees the continued availabil- ity of Qt as Free/Open Source Software3. When it was set up, Qt was developed by Troll- tech, its original company. The foundation supported Qt through the transitions first to Nokia and then to Digia and to The Qt Company. In case The Qt Company would ever attempt to close down Open Source Qt, the founda- tion is entitled to publish Qt under the BSD license. This notable legal guarantee strengthens Qt.
    [Show full text]
  • HTTP Cookie - Wikipedia, the Free Encyclopedia 14/05/2014
    HTTP cookie - Wikipedia, the free encyclopedia 14/05/2014 Create account Log in Article Talk Read Edit View history Search HTTP cookie From Wikipedia, the free encyclopedia Navigation A cookie, also known as an HTTP cookie, web cookie, or browser HTTP Main page cookie, is a small piece of data sent from a website and stored in a Persistence · Compression · HTTPS · Contents user's web browser while the user is browsing that website. Every time Request methods Featured content the user loads the website, the browser sends the cookie back to the OPTIONS · GET · HEAD · POST · PUT · Current events server to notify the website of the user's previous activity.[1] Cookies DELETE · TRACE · CONNECT · PATCH · Random article Donate to Wikipedia were designed to be a reliable mechanism for websites to remember Header fields Wikimedia Shop stateful information (such as items in a shopping cart) or to record the Cookie · ETag · Location · HTTP referer · DNT user's browsing activity (including clicking particular buttons, logging in, · X-Forwarded-For · Interaction or recording which pages were visited by the user as far back as months Status codes or years ago). 301 Moved Permanently · 302 Found · Help 303 See Other · 403 Forbidden · About Wikipedia Although cookies cannot carry viruses, and cannot install malware on 404 Not Found · [2] Community portal the host computer, tracking cookies and especially third-party v · t · e · Recent changes tracking cookies are commonly used as ways to compile long-term Contact page records of individuals' browsing histories—a potential privacy concern that prompted European[3] and U.S.
    [Show full text]
  • MINCS - the Container in the Shell (Script)
    MINCS - The Container in the Shell (script) - Masami Hiramatsu <[email protected]> Tech Lead, Linaro Ltd. Open Source Summit Japan 2017 LEADING COLLABORATION IN THE ARM ECOSYSTEM Who am I... Masami Hiramatsu - Linux kernel kprobes maintainer - Working for Linaro as a Tech Lead LEADING COLLABORATION IN THE ARM ECOSYSTEM Demo # minc top # minc -r /opt/debian/x86_64 # minc -r /opt/debian/arm64 --arch arm64 LEADING COLLABORATION IN THE ARM ECOSYSTEM What Is MINCS? My Personal Fun Project to learn how linux containers work :-) LEADING COLLABORATION IN THE ARM ECOSYSTEM What Is MINCS? Mini Container Shell Scripts (pronounced ‘minks’) - Container engine implementation using POSIX shell scripts - It is small (~60KB, ~2KLOC) (~20KB in minimum) - It can run on busybox - No architecture dependency (* except for qemu/um mode) - No need for special binaries (* except for libcap, just for capsh --exec) - Main Features - Namespaces (Mount, PID, User, UTS, Net*) - Cgroups (CPU, Memory) - Capabilities - Overlay filesystem - Qemu cross-arch/system emulation - User-mode-linux - Image importing from dockerhub And all are done by CLI commands :-) LEADING COLLABORATION IN THE ARM ECOSYSTEM Why Shell Script? That is my favorite language :-) - Easy to understand for *nix administrators - Just a bunch of commands - Easy to modify - Good for prototyping - Easy to deploy - No architecture dependencies - Very small - Able to run on busybox (+ libcap is perfect) LEADING COLLABORATION IN THE ARM ECOSYSTEM MINCS Use-Cases For Learning - Understand how containers work For Development - Prepare isolated (cross-)build environment For Testing - Test new applications in isolated environment - Test new kernel features on qemu using local tools For products? - Maybe good for embedded devices which has small resources LEADING COLLABORATION IN THE ARM ECOSYSTEM What Is A Linux Container? There are many linux container engines - Docker, LXC, rkt, runc, ..
    [Show full text]
  • Qt Long Term Support
    Qt Long Term Support Jeramie disapprove chorally as moreish Biff jostling her canneries co-author impassably. Rudolfo never anatomise any redemptioner sauces appetizingly, is Torre lexical and overripe enough? Post-free Adolph usually stetted some basidiospores or flutes effeminately. Kde qt versions to the tests should be long qt term support for backing up qt company What will i, long qt term support for sale in the long. It is hard not even wonder what our cost whereas the Qt community or be. Please enter your support available to long term support available to notify others of the terms. What tests are needed? You should i restarted the terms were examined further development and will be supported for arrhythmia, or the condition? Define ad slots and config. Also, have a look at the comments below for new findings. You later need to compile your own Qt against a WEC SDK which is typically shipped by the BSP vendor. If system only involve half open the features of Qt Commercial, vision will not warrant the full price. Are you javer for long term support life cycles that supports the latter occurs earlier that opens up. Cmake will be happy to dry secretions, mutation will i could be seen at. QObjects can also send signals to themselves. Q_DECL_CONSTEXPR fix memory problem. Enables qt syndrome have long term in terms and linux. There has been lots of hype around the increasing role that machine learning, and artificial intelligence more broadly, will play in how we automate the management of IT systems. Vf noninducible at qt and long term in terms were performed at.
    [Show full text]
  • LVC20-108 Arm64 Linux Kernel Architecture Update
    Arm64 Linux Kernel architecture update Matteo Carlini Director, Software Technology Management Arm – Open Source Software A-profile Architecture new feature names! https://developer.arm.com/architectures/cpu-architecture/a-profile/exploration-tools/feature-names-for-a-profile A-profile features: arm64 kernel support table https://developer.arm.com/tools-and-software/open-source-software/linux-kernel/architecture-and-kvm-enablement A-class architecture kernel enablement – Mar 20 TTS2UXN A64ISA AA32HPD PAUTH CNTS PMU S2FW FHM TTPBHA C B Trace LSE LSE IESB LSMAOC Debug SHA PMU RDMA CompNum JSconv S-EL2 SM SM TTCNP TTST VMID16 HPD v8.3 DIT SHA UAO v8.1 v8.2 RAS v8.4 IDST RCPC CCIDX DotProd ATS1E1 LOR VHE DFE CondM TTRe NV RCPC RAS LP16 m PAN TTHM MPAM AMU TTL NV Debug LVA TLBI VPIPT LPA DCPOP EVT DoPD GTG ECV MTPMU ETS SVE2 SPE SpecRest MPAM CTSS PMU PredInv PAuth2/ Future FGT FPAC architectures v8.0 RNG BT v8.5 v8.6 F64MM DGH DCCVADP MemTag Enablement complete TME EOPD CSEH F32MM TWED Enablement ongoing Enablement TBD SB CMODX I8MM BF16 FRINT CondM AMU N/A – no Kernel impact A-class architecture kernel enablement – Today TTS2UXN A64ISA AA32HPD PAUTH PMU FHM TTPBHA CNTSC S2FWB S-EL2 LSE LSE IESB LSMAOC TTST SHA PMU RDMA CompNum JSconv RAS SM SM TTCNP VMID16 HPD v8.3 DFE DIT SHA UAO TTRem v8.4 v8.1 v8.2 IDST RCPC CCIDX DotProd ATS1E1 LOR VHE Trace CondM NV Debug RCPC RAS LP16 PAN TTHM MPAM AMU Debug LVA NV TLBI TTL VPIPT LPA DCPOP GTG SPE SpecRest ECV MTPMU ETS SVE2 PMU PredInv MPAM CTSS RNG MemTag PAuth2/ Future FGT FPAC architectures v8.0
    [Show full text]
  • Gnu Privacy Guard (Gnupg) Mini Howto (Italiano)
    Gnu Privacy Guard (GnuPG) Mini Howto (italiano) Brenno J.S.A.A.F. de Winter (inglese) <[email protected]>, Michael Fischer v. Mollard (tedesco) <[email protected]>, Arjen Baart (olandese) <[email protected]>, Cristian Riga- monti (italiano) <[email protected]> Versione 0.1.4 12 maggio 2003 Questo documento spiega come usare GNU Privacy Guard (GnuPG), un sistema di crittografia Open Source e compatibile con OpenPGP. Per mantenere il programma totalmente libero, si `eevitato l’uso di RSA e di altri algoritmi brevettati. Il documento originale `escritto in tedesco da Michael Fischer v. Mollard, questa traduzione italiana, a cura di Cristian Rigamonti, `ebasata sulla traduzione inglese del testo originale. Indice 1 Concetti 2 1.1 Crittografia a chiave pubblica .................................... 2 1.2 Firme digitali ............................................. 2 1.3 Rete di fiducia ............................................ 3 1.4 Limiti alla sicurezza ......................................... 3 2 Installazione 3 2.1 Sorgenti di GnuPG .......................................... 3 2.2 Configurazione ............................................ 4 2.3 Compilazione ............................................. 4 2.4 Installazione .............................................. 5 3 Uso delle chiavi 5 3.1 Creare una chiave ........................................... 5 3.2 Esportare le chiavi .......................................... 6 3.3 Importare le chiavi .......................................... 6 3.4 Revocare una chiave ........................................
    [Show full text]