cron.weekly issue #25: Shift, Gentoo on Tesla, RPerl, BSD explained and many more!

April 24, 2016

Welcome to cron.weekly issue 25 for Sunday, April 24th, 2016.

It’s been a pretty busy week once again with the major release of Ubuntu 16.04, a new Long Term Support Ubuntu version.

There’s a lot of practical guides in this edition too that can help you get started with running IPv6 or introduce Access Control Lists in your Linux environment.

Enjoy!

News#

Red Hat doubles down on OpenStack #

The biggest open source company in the world is revealing more projects built on (and to support) OpenStack.

Count me as a systemd convert #

Not everything in systemd is bad, this author discovers. The post mostly covers a particular debug session in which systemd offered the right tools to troubleshoot and fix the problem.

Gentoo Linux on a Tesla #

If you’re driving a car that’s 99% computer, surely you can get Linux to run on it. Right? Well, turns out, running Gentoo inside your Tesla is perfectly possible.

A Look Back at One Year of Docker Security #

A nice flashback on the various security mechanismes Docker has introduced over the last year in its various releases. It also offers a comparison between Docker, LXC and CoreOS rkt – although since this blogpost comes from the creators of Docker, I’d take it with a grain of salt.

Staying up-to-date on open source announcements & security issues via Twitter #

We all know staging up-to-date on open source security issues or new versions isn’t easy. There are a lot of projects to follow and it can be intensive to stay informed. This newsletter (hopefully) helps, but can’t cover it all. That’s why I created the @oss_announce and @foss_security Twitter accounts that automated this whole process: they live-tweet whenever important releases or security announcements are made.

How I Hacked HackingTeam #

As sysadmins, it’s our job to keep our systems secure. Reading about how an attacker goes about exploring a target and eventually breaching its security, offers us insights into areas we need to focus extra attention to. This particular post highlights flaws in no-sql databases (MongoDB) and shows how an attacker goes about a complicated hack.

libressl – more vague promises #

A look back at how LibreSSL started, the promises made at the start of the project and the current state.

How Badlock Was Discovered and Fixed #

Some more background to how Badlock, the samba vulnerability revealed last week, got discovered and how the fix got distributed to several distributions.

Tools & Projects#

Ubuntu 16.04 LTS (Xenial Xerus) released #

The latest Long Term Support (LTS) for Ubuntu is out: 16.04 ‘s most prominent features are ZFS support, the 4.4 kernel, the Mitaka release (13) of OpenStack and a new “snappy” package manager.

Hitch 1.2 released #

Hitch is a high performant SSL/TLS proxy, created by the Varnish team that gave us the fast caching daemon and load balancer. Version 1.2 fixed a couple of bugs and offers more configuration options for the frontend (SSL, ciphers etc.).

Glot.io: an open source pastebin #

If you’ve ever wanted to run a service like Pastebin, which allows anyone to paste text and get a unique link to share it, now you can with Glot.io. If you’re looking for a Pastebin alternative for yourself or your organisation, have a look at Glot.io.

skydive #

Skydive is an open source real-time network topology and protocols analyzer. It aims to provide a comprehensive way of understanding what is happening in the network infrastructure. Skydive agents collect topology informations and flows and forward them to a central agent for further analysis. All the informations a stored in an Elasticsearch database.

Rperl 1.7 released #

Rperl is a “restricted perl”, a version of Perl with a select set of features included and optimised for pure performance. When used properly, rperl can be up to 100x faster as “regular” perl. Version 1.7 now offers support for stand-alone executable binaries.

Hex #

Hex is a package manager for the Erlang ecosystem.

DC/OS: the Datacenter Operating System #

DC/OS is an entirely open source software project based on Apache Mesos, Marathon and a whole lot more.

SSSD: System Security Services Daemon #

SSSD is a system daemon. Its primary function is to provide access to identity and authentication remote resource through a common framework that can provide caching and offline support to the system. It provides PAM and NSS modules.

Upside-Down-Ternet #

A clever hack to deal with WiFi-stealing neighbours: some iptables and perl scripts to automatically reverse all text on pages visited by unwanted WiFi guests.

Spash #

Spash is a command line tool for Big Data platforms that simulates a real Unix environment, providing most of the commands of a typical Bash shell on top of YARN, HDFS and Apache Spark.

ScyllaDB 1.0 #

Scylla is a NoSQL column store database, fully compatible with Apache Cassandra at 10x the throughput and jaw dropping low latency.

GoBGP #

A full BGP implementation for your network in a Go library. This could be the perfect corner stone if you’re building your own SDN (Software Defined Networking) solution.

Perfect: server-side Swift #

Apple open sourced Swift a couple of months ago, their new programming language for developing iOS applications. The “Perfect” project takes the Swift language to the server, allowing you to write server-side applications in that very same language.

Micro #

Micro is a terminal-based text editor that aims to be easy to use and intuitive, while also taking advantage of the full capabilities of modern terminals.

Shift: MySQL schema migrations #

shift is an application that makes it easy to run online schema migrations for MySQL databases

cron.weekly issue #25: Shift, Gentoo on Tesla, RPerl, BSD explained and many more!

News#

Tools & Projects#

Guides & Tutorials#