Welcome to _cron.weekly _issue #89 for Sunday, July 16th, 2017.
A new major release for Fedora with interesting details on handling rolling upgrades, a critical look at ZFS, some geeky timestamp info & lots of more links to follow-up on.
In a discussion around rlimits being introduced for setuid exec’s, Linus makes the bold statement that he can no longer “trust init to do the right thing”, referring to systemd. Lots of interesting discussion around this on HackerNews.
This post gives you an overview of the security related features that made it to the 4.12 kernel that was released 2 weeks ago.
A critical look at ZFS exploring both its weaknesses and its strengths, together with a bit of history on how it got to this point.
The team behind the Go programming language is publicly discussing their plans & ambitions to get “Go 2” going, looking at what worked in Go 1.x and the technical challenges they want to tackle in Go 2.x.
In PHP 7.2, due to be released in a couple of weeks/months, is going to have built-in support for Libsodium in its core. Libsodium is a modern cryptography library, making PHP one of the first to have this bundled in its core. We all know having the tools available doesn’t necessarily mean they’ll get used correctly, but this is a great step forward for securing PHP applications.
We’ve rolled over the magical 1.4 billion into the 1.5 billion era! `date +%s`
Tools & Projects
Track & alert on the health and performance of every server, container, and app in any environment, with Datadog. Sign up for a free 14-day trial. (Sponsored)
GoCD is a continuous delivery tool specializing in advanced workflow modeling and dependency management. It lets you track a change from commit to deploy at a glance, providing superior visibility into your workflow. It’s open source, free to use and download. (Sponsored)
A distributed issue tracker, in git! It’s implemented as a git subcommand, has a convenient command line interface & all data is just “in git”. This tip came via the Show CW section of the forum.
Pterodactyl Panel is a free, open-source, game agnostic, self-hosted control panel for users, networks, and game service providers. Pterodactyl supports games and servers such as Minecraft, ARK: Evolution Evolved, CS:GO, Team Fortress 2, Insurgency, Teamspeak 3, Mumble, and many more.
Proxy TCP connections based on static rules, HTTP Host headers, and SNI server names.
This is clever: pipe output from command-line programs to the web in real-time!
A new major release for the Fedora project: Fedora 26 introduces GCC 7, Golang 1.8, Python 3.6 & lots of upstream bugfixes. If you want to know what Red Hat 8 is going to look like, get started with the latest Fedora.
Boltron is Fedora’s solution for running multiple versions of applications without conflicting libraries or configuraties. This will allow you to run multiple versions of PHP, Apache, MySQL, … next to each other without interference, allowing you get the latest release for some tools and a more stable release for others.
A real-time visualization of network traffic (Ethernet and Internet), and streaming of header data from your network interfaces via WebSockets. The video explains this best, looks like a very quick & easy way to graph a host layout on your network.
localtunnel exposes your localhost to the world for easy testing and sharing. No need to mess with DNS or deploy just to have others test out your changes.
OPNsense is an open source, easy-to-use and easy-to-build FreeBSD based firewall and routing platform. OPNsense includes most of the features available in expensive commercial firewalls, and more in many cases.
A new replication engine for master/slave, auto-promotions and partial resynchronisation, support for Redis modules, new caching algoritms & improvements all around.
A collection of small bash scripts for heavy terminal users.
Tania is a free and open source farming management system for everyone. You can manage your growing areas, reservoirs, farm tasks, inventories, and the crop growing progress. Written in PHP.
A suite of utilities simplilfying linux networking stack performance troubleshooting and tuning.
OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.
Guides & Tutorials
This post explains the pro’s & con’s of several Bash testing frameworks, giving you a solid base to decide which method you’d like to use for testing your own Bash scripts.
So many good details on tools like kprobe, tracepoints, uprobes, ftrace, eBPF, … if you use strace a lot, you’ll love this post. I didn’t even know there were so many other tracing tools out there!
Very cool examples of using systemd, like overwriting unit file details in a deeper folder hierarchy, tricks with timers & users + some handy little commands for every-day systemd life.
Chances are, you’ve got at least one Windows box lying around. This post gives step-by-step instructions to get those events into Graylog for further analysis. Should be fairly straight forward to adapt the article for any OS with events/logs to be fed into Graylog.
Step-by-step instructions to securing your data onto Amazon’s S3 with Duplicity, covering full & incremental back-ups, restoring data & automation.
An insane amount of examples of things you can do with sed, from simple search & replaces to regular expressions & entire control structures like if /else. Another tip via the forum!
Some very simple steps on using the dnf package manager to do an in-place upgrade from Fedora 25 to 26.
We’re on a mission to create the most beneficial payout ecosystem in the world and fundamentally change the way people receive money! As a Site Reliability Engineer at OptioPay you own and manage core infrastructure like Kubernetes, Kafka, Postgres, CI systems, Nginx and the machines on which it all runs. (no remote work) (Sponsored)
These questions were asked on the cron.weekly forum and stand out or are in need of more eyes to find the answer. Go for it, join the discussions!
Those with little kids at home, what are you doing to protect them from accidentally visiting unwanted sites or limiting internet-time?
A quick survey to find “that missing tool” in your toolbelt, what’s something you learned about recently that you’ve come to love and can’t do without anymore?
What unique features have you seen in load balancers that you’d love to see in others too?