cron.weekly issue #120: sudo, CoreOS, uq, Ubuntu & more

cron.weekly is a newsletter about Linux, open source & webdevelopment. Want to get it in your inbox every Sunday? Subscribe below!

I respect your privacy and you won't get spam. Ever. Just a weekly-ish newsletter about Linux and open source.

Want to help support this blog? Try out Oh Dear, the best all-in-one monitoring tool for your entire website, co-founded by me (the guy that wrote this blogpost). Start with a 10-day trial, no strings attached.

We offer uptime monitoring, SSL checks, broken links checking, performance & cronjob monitoring, branded status pages & so much more. Try us out today!

Image of Mattias Geniar

Mattias Geniar, February 09, 2020

Follow me on Twitter as @mattiasgeniar

Hi everyone! 👋

Welcome to cron.weekly issue #120.

If you allow untrusted users to SSH into your server(s), you might want to pay special attention to the sudo vulnerability that got released. If you haven’t already, update!

I’m also looking to add some sponsors to the newsletter, feel free to reach out if you have a product or service you’d like to promote. 😄

Enjoy this issue! ☕️

News & general 🗞

End-of-life announcement for CoreOS Container Linux

Fedora CoreOS is the official successor to CoreOS Container Linux. You have until May 26th 2020 to migrate your workloads, then CoreOS goes end-of-life.

Sudo vulnerability in versions 1.7.1+

Sudo, a utility found in dozens of Unix-like operating systems, has received a patch for a potentially serious bug that allows unprivileged users to easily obtain root privileges on vulnerable systems.

For some more reading on the vulnerability, read the official statement.

All FOSDEM 2020 videos

Last weekend one of the biggest open source conferences in Europe took place in Belgium: Fosdem. Almost all videos of the presentations are available online already. That’s incredibly fast!

A new hash algorithm for Git

Work is being done to move Git away from SHA-1 to SHA-256.

Systemd-Homed Merged As A Fundamental Change To Linux Home Directories

Systemd-homed has been merged as the latest (optional) fundamental change to Linux distributions in how home directories are handled. I can’t help but think might be a bridge too far …

Ubuntu 20.04 LTS Adds WireGuard Support

While WireGuard was merged into Linux 5.6, the Ubuntu 20.04 LTS release is currently tracking Linux 5.4 and for the April release is likely to be shipping with Linux 5.5 as the 5.6 release will be cutting it too close. But Ubuntu 20.04’s kernel has now back-ported WireGuard.

Tools & Projects 🛠

Uptime & broken page monitoring by Oh Dear! sponsored

Oh Dear doesn’t just check a single page to determine if your site is up. Oh no, it crawls your entire site (just like Google) and reports broken pages and mixed content alerts. Give it a try, there’s a 10-day free trial!

FLIF - Free Lossless Image Format

FLIF is a novel lossless image format which outperforms PNG, lossless WebP, lossless BPG, lossless JPEG2000, and lossless JPEG XR in terms of compression ratio.

Deviceplane

Deviceplane is an open source device management tool for embedded systems and edge computing. It helps solve various infrastructure problems related to remote device management such as SSH access, deploying remote updates, monitoring & organizing hosts.

bocker

Docker implemented in around 100 lines of bash.

sandstorm

Sandstorm is a self-hostable web productivity suite. You can use it to create documents, spreadsheets, blogs, git repos, task lists, and more as easily as you’d install apps on your phone.

rtty

You can use rtty to access your device’s terminal from anywhere via the web. It’s composed of both a client and a server tool.

cronyo

Cronyo provides a simple CLI to manage your cron jobs on AWS.

PyRobot

PyRobot is an Open Source Robotics Research Platform. It’s a light weight, high-level interface which provides hardware independent APIs for robotic manipulation and navigation.

heimdall

Heimdall is a self-hosted email alias/forwarding service. It’s built as a privacy tool to fight spam and also better manage access to personal email address. As a self-hosted/managed solution, you have complete control over your data.

uq

uq removes duplicate lines from the output, regardless of the order. Unlike sort | uniq, uq does not sort entries. This allows uq to operate on continuous streams as well.

opensnitch

OpenSnitch is a GNU/Linux port of the Little Snitch application firewall.

Guides & Tutorials 🎓

Scaling to 100k Users

A good write-up on the steps most companies go through when they scale from 1 to a thousand users, including splitting the web/database setup, adding load balancers, introducing caching etc.

Finding MySQL Scaling Problems Using perf

I’ve never used perf to troubleshoot anything, but this guide makes me want to give it a try. There are some really cool detailed metrics you can get out of it.

Managing your attached hardware on Linux with systemd-udevd

This post explains some good commands on managing the hardware inside your Linux machine using systemd-udevd.

What exactly is Docker?

This post gave a good overview of the time before Docker and what problems it solves. If you’ve only known of an age where Docker was omni-present, it’s good to remind yourself of why it exists in the first place. :)

Writing Safe Shell Scripts

Writing shell scripts leaves a lot of room to make mistakes, in ways that will cause your scripts to break on certain input, or (if some input is untrusted) open up security vulnerabilities. Here are some tips on how to make your shell scripts safer.

Regex cheatsheet - I Hate Regex

A useful site to help you with writing regex’s. I especially like the lookup diagram (ie: on this IPv6 regex) to help troubleshoot.

Want to subscribe to the cron.weekly newsletter?

I write a weekly-ish newsletter on Linux, open source & webdevelopment called cron.weekly.

It features the latest news, guides & tutorials and new open source projects. You can sign up via email below.

No spam. Just some good, practical Linux & open source content.