cron.weekly issue #110: wuzz, OpenSSH, Kernel 5.0, rsync, Kubernetes, Joplin & more

cron.weekly is a newsletter about Linux, open source & webdevelopment. Want to get it in your inbox every Sunday? Subscribe below!

I respect your privacy and you won't get spam. Ever. Just a weekly-ish newsletter about Linux and open source.

Want to help support this blog? Try out Oh Dear, the best all-in-one monitoring tool for your entire website, co-founded by me (the guy that wrote this blogpost). Start with a 10-day trial, no strings attached.

We offer uptime monitoring, SSL checks, broken links checking, performance & cronjob monitoring, branded status pages & so much more. Try us out today!

Image of Mattias Geniar

Mattias Geniar, December 17, 2017

Follow me on Twitter as @mattiasgeniar

Welcome to cron.weekly issue #110 for Sunday, December 17th, 2017.

I might’ve missed a lot this week, this issue seems shorter than usual. Or it’s just because we’re nearing the end of year and things are cooling of a bit.

This’ll be the last issue of 2017, I’m taking a break over the holidays and will be back on Sunday, January 7th.

Enjoy the holidays everyone!

News

Hiding content from Git + more on escape sequences

This is some really clever use of terminal escape sequences, allowing you to hide content in “git diff” by invoking sequences that hide text, alter colours, … the screencast demo is very powerful.

Internet protocols are changing

A good read on what and how things are evolving on the internet, and what challenges they bring. The rise of HTTP/2, TLS 1.3, QUIC and DOH (DNS-over-HTTP) all bring their own improvements but are hard to get traction.

Microsoft adds OpenSSH client to Windows 10

Will it be any good & replace PuTTy?

Kernel 5.0 in summer of 2018

Not because there’s a major new release, just because it’s “time” to bump the major version around that time. Don’t hold on too much to kernel version numbers, they don’t mean that much.

Rsync vulnerability

rsync 3.1.3-development before 2017-10-24, as used in the xlucas svfs rsync fork and other products, mishandles archaic checksums, which makes it easier for remote attackers to bypass intended access restrictions.

Sysadvent 2017

We’re already 17 blogposts in, so there’s plenty of catching up to do: one article for each day of December, ending on the 25th article, Sysadvent shares great articles about systems administration topics written by fellow sysadmins.

GitHub’s technology predictions for 2018

A pretty varied post, but I love the shoutout to open source being more popular than ever in 2018.

The importance of Devuan

Devuan is the Debian-without-systemd distro, in this post the author explores the reasons why it’s important to keep Devuan – even with a limited user base alive & kicking.

Tools & Projects

Get full-stack observability with Datadog

Go from a global view of your infrastructure to inspecting an individual request trace, all in one developer-friendly platform. Start a free 14-day trial. (Sponsored)

RUDDER – upgrade your IT to Continuous Configuration

RUDDER is the open source and multi-platform solution combining traditional configuration management and continuous auditing. Dedicated to production infrastructure needs, RUDDER lets you safely face continuous growth, threats and regulatory requirements. Watch the demo video! (Sponsored)

Kubernetes 1.9

This release introduces an improved workload API, beta support for Windows, an alpha implementation of the Container Storage Interface (CSI, allowing more storage backends), CoreDNS & plenty more.

Linux from scratch in Docker

A docker configuration to build bootable iso image with Linux From Scratch 8.1.

wuzz

Wuzz is an interactive cli tool for HTTP inspection. Its command line arguments are similar to cURL’s arguments, so it can be used to inspect/modify requests copied from the browser’s network inspector with the “copy as cURL” feature.

sandglass

Sandglass is a distributed, horizontally scalable, persistent, time ordered message queue. It was developed to support asynchronous tasks and message scheduling which makes it suitable for usage as a task queue.

Guides & Tutorials

GoCD – Open Source Continuous Delivery Server

GoCD is a continuous delivery tool supporting modern infrastructure with elastic on-demand agents and cloud deployments. With GoCD, you can easily model, orchestrate and visualize complex workflows from end to end. It’s open source, free to use and download. (Sponsored)

An introduction to Joplin, an open source Evernote alternative

A good intro to the note-taking app Joplin, looking at features as well as some practical install tips.

Nginx authentication based on subrequest result

This is an interesting Nginx feature I only learned about recently: Nginx can authenticate each request to your website with an external server or service. To perform authentication, NGINX makes an HTTP subrequest to an external server where the subrequest is verified. If the subrequest returns a 2xx response code, the access is allowed, if it returns 401 or 403, the access is denied.

How to find disk I/O latency with ioping monitoring tool on Linux

Most I/O troubleshooting guides focus on iotop, it’s nice to see ioping get a mention this time: ioping is a tool to monitor I/O latency in real time. It shows disk latency in the same way as ping shows network latency.

Want to subscribe to the cron.weekly newsletter?

I write a weekly-ish newsletter on Linux, open source & webdevelopment called cron.weekly.

It features the latest news, guides & tutorials and new open source projects. You can sign up via email below.

No spam. Just some good, practical Linux & open source content.