cron.weekly issue #117: TCP, Dtail, Parsr, Pssh, Bash & more


cron.weekly is a newsletter about Linux, open source & webdevelopment. Want to get it in your inbox every Sunday? Subscribe below!

I respect your privacy and you won't get spam. Ever. Just a weekly-ish newsletter about Linux and open source.
Image of Mattias Geniar

Mattias Geniar, January 19, 2020

Follow me on Twitter as @mattiasgeniar

Hi everyone! πŸ‘‹

Welcome to cron.weekly issue #117. There’s a bit of follow-up from last week’s issue regarding ZFS, some cool new tools and practical tutorials.

There’s some more web development news than usual this time, lots of things happening in the browser space lately that might affect you (or your co-working devs).

Oh, and you’ll find some discount codes for SCALE 18x and DevOps Day LA at the very bottom.

Enjoy reading!

Podcast: Intel vs. AMD vs. ARM πŸŽ™

Last week I recorded a new episode of syscast, the podcast I sometimes do (and want to get back to more frequently). This issue is a complete step out of my comfort zone, as we discuss the differences in Intel and AMD CPUs and the rise of ARM.

I learned a ton about the history of CPUs and how to better compare them. My goal was to get a better understanding of modern CPUs to make better server purchasing decisions. If you decide to listen, I’d love to hear feedback!

Have a listen! πŸš€

News & general πŸ—ž

The Chrome team is looking to freeze & unify the User-Agent in its browser. Right now, it includes a very detailed version string that allows for passive fingerprinting. The goal is to move to User-Agent client hints instead.

Take this User-Agent string, for example. It’s from my browser.

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36

What’s that Mozilla/5.0 even still doing in there? And why is it exposing my OS & exact version numbers? I think it’s a good move to gradually phase out the detailed User-Agent.

Building a more private web: A path towards making third party cookies obsolete

The Chrome team plans to phase out support for third-party cookies. These are cookies that get embedded by things like ads, Facebook’s tracking pixels etc.

Linus Torvalds says “Don’t use ZFS” - but doesn’t seem to understand it

This is a solid response post to Linus’ earlier claims that you shouldn’t be using ZFS. In this article, the author looks at the controversial kernel change that prompted Linus’ response as well as the benefits of the ZFS filesystem.

Fedora 31 has decided to allow (and have) giant process IDs (PIDs)

Every new process and thread on Linux gets a new PID (short for process ID). PIDs are normally assigned sequentially until they hit some maximum value and rollover. As of Fedora 31, giant process IDs have been enabled so you might see PIDs that exceed the 1.000.000 number (and that’ll mess up the output of ps, top, …). You can change this behaviour with the kernel.pid_max setting in sysctl.

Is SMS 2FA Secure?

tl;dr: no, it isn’t. Lots of information on that site to persuade anyone higher up the corporate food chain to replace SMS with something more secure as 2FA.

Multipath TCP Support Is Working Its Upstream - First Bits Landing With Linux 5.6

The prerequisites have been merged to allow for Multipath TCP (MPTCP) in the Linux 5.6 kernel.

Tools & Projects πŸ› 

DNS Spy: paranoid about your DNS sponsored

DNS Spy is a tool that’ll monitor all your DNS records for wanted and unwanted changes. If you’ve ever been burned by DNS (either by yourself or a coworker), DNS Spy can give you the confidence that a DNS change has the desired outcome. Stop blaming DNS, start monitoring it.

aws-gate

aws-gate allows you to connect to EC2 instances without the need to maintain any bastion host, VPN service or manage SSH keys.

rogerwelin/cassowary

Cassowary is a modern HTTP/S, intuitive & cross-platform load testing tool built-in Go for developers, testers and sysadmins. Cassowary draws inspiration from awesome projects like k6, ab & httpstat.

Nebula Graph

A distributed, fast open-source graph database featuring horizontal scalability and high availability.

cantools

A set of CAN BUS tools written in Python 3.

GoatCounter

GoatCounter is a web analytics platform, roughly similar to Google Analytics or Matomo.

gter

Gter is a terminal for GUI apps. The video best describes it. It allows you to run your GUI applications (like Firefox, calc, …) in your terminal window.

parsr

Parsr, is a minimal-footprint document (image, pdf) cleaning, parsing and extraction toolchain which generates readily available, organized and usable data for data scientists and developers.

k3c

k3c is a local container engine designed to fill the same gap Docker does in the Kubernetes ecosystem. Specifically, k3c focuses on developing and running local containers, basically docker run/build.

Open DMARC Analyzer

Open DMARC Analyzer is an Open Source DMARC Report Analyzer to be used with DMARC reports that have been parsed by the rrdmarc script or techsneeze’s dmarcts-report-parser.

sandy

A tiny sandbox to run untrusted code: sandy uses Ptrace to hook into READ syscalls, giving you the option to accept or deny syscalls before they are executed.

tuptime

Tuptime is a tool to report the historical and statistical data in real-time of the system, keeping it between restarts. Like uptime command but with more interesting output.

DTail

DTail (a distributed tail program) is a DevOps tool for engineers programmed in Go for following (tailing), catting and grepping (including gzip and zstd decompression support) log files on many machines concurrently.

Guides & Tutorials πŸŽ“

MySQL Challenge: 100k Connections

This post explores a way to establish 100,000 connections to MySQL. Not just idle connections, but executing queries. 100,000 connections. It includes some kernel parameter tuning using sysctl, tweaks to the systemd unit file & MySQL configs.

systemd service sandboxing and security hardening 101

Systemd enable services to run with a whole suite of hardening and sandboxing features from the Linux kernel. Here’s how to get a quick security review of the services running on your system and how to go about hardening their security.

How to Make a Raspberry Pi VPN Server

The Raspberry Pi has a ton of different uses. This post has step-by-step instructions on how to build a VPN (virtual private network) server on it.

Making Python Programs Blazingly Fast

An in-depth post on profiling python applications to find why and where they’re slow and optimize them.

Auto-restart a crashed service in systemd

Systemd allows you to configure a service so that it automatically restarts in case it’s crashed.

Deploy your side-projects at scale for basically nothing

This post gives a detailed description on how to run your code (in any language) on Google Cloud Run, keeping costs down and not having to worry about servers.

The difference between Bash’s $* and $@

In Bash, there are two closely related “special parameters” for accessing how the current script was invoked: $* and $@. For both variables, the behavior is affected by whether or not the variable is enclosed in double-quotes.

Running Commands on Multiple Linux Hosts Using PSSH

I’ve always loved pssh to easily execute commands across a variety of servers. This post shows you to use it.

Events πŸ›

SCALE 18x

  • Date: March 5-8, 2020
  • Venue: Pasadena Convention Center

SCaLE 18x is the 18th annual Southern California Linux Expo. SCaLE is the largest community-run open-source and free software conference in North America. It expects to host 120 exhibitors this year, along with over 200 sessions, tutorials and special events. From kernels to containers, beginner installs to advanced security, HAMs to clouds.

You can use code CRON for a 30% discount.

DevOpsDay LA

  • Date: March 6, 2020
  • Venue: Pasadena Convention Center

DevOpsDay LA is a technical conference covering topics of software development, IT infrastructure operations, and the intersection between them.

You can use code CRON for a 30% discount.



Want to subscribe to the cron.weekly newsletter?

I write a weekly-ish newsletter on Linux, open source & webdevelopment called cron.weekly.

It features the latest news, guides & tutorials and new open source projects. You can sign up via email below.

No spam. Just some good, practical Linux & open source content.