Welcome to cron.weekly issue 23 for Sunday April 10th, 2016.
Every week I think ‘I won’t have enough content‘, only to be blown away with everything that got bookmarked. This week is no exception.
Lots of new tools and releases and a heavier-than-usual focus on networking in this release.
I hope you enjoy it!
When Free Software Depends on Nonfree
Richard Stallman wrote a piece on how free software often depends on non-free software (like a proprietary compiler or interpreter).
TED talk: Linus Torvalds, the mind behind Linux
A very open interview, recorded in February 2016, with the creator of Linux. Lots of interesting little details about the man behind the project.
Good bye “open source”, hello “free software”
15 years after the famous essay “Goodbye free software, hello open source”, this author looks at the reverse: why it’s important to consider software to be ‘free’ instead of just ‘open’.
Systems Admins: We Need To Talk.
This post outlines some of the biggest threats we face as sysadmins, and offers solid advice on how to prevent on getting yourself and your company hacked: fixing e-mail, software policies, principle of least privilege, … All very theoretical, but plenty of reading material for you to implement in your infrastructure.
The revenge of the listening sockets
A follow-up on one of the previous Cloudflare blogposts about tracking down the cause of latency in the Linux kernel, this time focussed particularly on network connectivity. As usual, very good details on the internals of the Linux kernel and practical commands to remember for your own debug sessions.
RubyGems.org gem replacement vulnerability and mitigation
RubyGems.org contained a bug that could allow an attacker to replace some .gem files on the RubyGems servers with a different file that they supplied. This bug has been fixed as of April 4th.
Top 10 tenets of a System Administrator
A nice summary of what it means to be a good sysadmin. Focus on automation, documentation, organisation, …
A decade of writing at Mozilla
A very honest article about a writer who started at Mozilla but didn’t quite care for Open Source. After 10 years, that has changed quite a bit.
Tools & Projects
Zulu: OpenJDK alternative
The Zulu project is a 100% open source alternative to OpenJDK, the Java framework. It comes as an alternative to OpenJDK 6, 7 and 8.
doctl: Digital Ocean CLI interface
Digital Ocean has release an official command line interface to interact with their API and configure your VMs, take back-ups, spin up new servers, … all from your terminal. This offers great possibilities for scripted installs and automation.
GNU Health is a Free/Libre project for health practitioners, health institutions and governments. Its modular design allows to be deployed in many different scenarios: from small private offices, to large, national public health systems.
An open source implementation to download videos from Youtube, Vimeo, … basically every video provider out there.
A ruby on rails application to ‘securely’ (your mileage may vary) transfer passwords to someone else. Links to passwords expire after a certain number of views and/or time has passed.
LogZoom, a fast and lightweight substitute for Logstash
LogZoom is a fast, lightweight, and reliable log data indexer written in Go. If you’ve ever considered using Logstash, Fluentd, or some other tool for log aggregation, you may want to consider using LogZoom instead.
Aria2: download utility
Aria2 is a lightweight multi-protocol & multi-source command-line download utility. It supports HTTP/HTTPS, FTP, SFTP, BitTorrent and Metalink. aria2 can be manipulated via built-in JSON-RPC and XML-RPC interfaces.
vis: a vim like text editor
Vis strives to be simple and focuses on its core task: efficient text management. The intention is not to be bug for bug compatible with vim, instead a similar editing experience should be provided. The goal could thus be summarized as “80% of vim’s features implemented in roughly 1% of the code”.
Versionpress: Git version control for WordPress
Git-based version control plugin for WordPress. Undo any change, branch & merge easily, migrate database content between environments and more.
allmark – the markdown server
allmark is a fast, standalone markdown web server for Linux, Mac OS and Windows written in go. You can point it at any directory that contains markdown files and it will immediately start a web-server that serves the rendered HTML content of the markdown file to you.
Composer 1.0 released
Composer is PHP’s package management system. Last week, version 1.0 was released. Composer helps developers install 3rd party packages and manage dependencies.
vuls: Vulnerability scanner for Linux
Vuls is a Vulnerability scanner for Linux, agentless, written in golang. It can scan for any vulnerabilities on a Linux Server as well as the middleware that is not included in OS package management. It also nmap-like functionality to scan your network and detect hosts on its own.
dgit: distributed git
The Github team has open sourced their implementation of git: dgit is a new distributed storage system that dramatically improves the availability, reliability, and performance of serving and storing Git content.
Vegeta: HTTP/2 support
Vegeta is a HTTP load testing tool and library. Their latest release, version 6.1, adds support for HTTP/2. So you can now use Vegeta to loadtest an HTTP/2 server.
Kibana 5.0 alpha 1
The new version of Kibana is approaching fast: alpha 1 has now been released. A new design, first class applications, a new plugin installer and loads of internal changes. This new release is looking very promising.
Grunt 1.0 released
Mutt 1.6 released
Mutt is still very much alive and kicking: this e-mail client released version 1.6 which brings support for S-MIME encryption, better character set support, header caching and more.
OpenBazaar is Open for Business
OpenBazaar is a decentralized peer-to-peer network for trade that uses Bitcoin. That trade happens directly between buyers and sellers with no one in the middle – and no fees or restrictions on trade.
Mailtrain: open source Mailchimp clone
Mailtrain is a Self hosted newsletter app built on top of Nodemailer. It’s got list management, custom fields, 3rd party sender services and many more. If you’re using Mailchimp for your newsletters (like I am now), maybe Mailtrain can replace that.
Guides & Tutorials
Abandoning Gitflow and GitHub in favour of Gerrit
A practical introduction to Gerrit, the code review tool, and the move from a Github based organisation to Gerrit. For this particular team, it offered better code reviews, cleaner pull requests and faster response times.
Network Cheat Sheets
Lots of very practical cheat sheets on BGP, WLAN, OSPF, IPv6/IPv4, RIP, … basically every network protocol you can reasonably come across.
10 Ubuntu / Debian Linux apt Command Examples
A set of examples on using ‘apt’ instead of ‘apt-get’ for package management on Ubuntu & Debian systems.
The Definitive Guide to Linux System Calls
If you’ve ever run “strace” on a program, these terms will sound familiar: open, fork, read, write, … Interpreting them however can be rather difficult. This post clearly explains the function of each Linux system call and some of its internals. Lots of content in here, all very low-level.
Linux networking examples and tutorials
Practical examples on configuring OSPF, BGP, VLANs and more in this tutorial. This is written for the Linux sysadmin with a lot of new use cases for familiar tools like “ip”, “ifconfig”, “tcpdump”, …
OpenPGP Best Practices
A lengthy guide, but it looks like a very complete one: how to configure OpenPGP. Background info on keyservers, key management, IDs, …
GPG signature verification on Github
Github now supports GPG signing of commits, so code changes can be verified. This guide shows the Github implementation, with links to extra GPG documentation.
Use Vim Inside A Unix Pipe Like Sed Or AWK
I’ll be honest: this is dark magic. This guide shows how you can insert a vim command in the middle of a piped-command, to alter its input.
Linux network metrics: why you should use nstat instead of netstat
This article is about the differences between netstat and nstat regarding Linux system network metrics, and why nstat is superior to netstat.
Dockerise your PHP application with Nginx and PHP7-FPM
This guide explains how you can set up both Nginx and PHP 7 inside a Docker image. If you want to get started with Docker, these kind of introductions are perfect.
Linux Insides: The initcall mechanism
Some more very low-level Linux bits: how the initcall mechanisme. The main point of the initcall mechanism is to determine correct order of the built-in modules and subsystems initialization.
Contaminate AWS instances on ssh login
A very clever idea you can use for more than just AWS instances: whenever someone logs in to a server via SSH, mark it as “contaminated” so you can re-provision it. The idea is to prevent manual changes to a server and enforces a consistent infrastructure.