Language Selection

English French German Italian Portuguese Spanish

LWN

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Updated: 8 min 25 sec ago

[$] The misc control group

Tuesday 18th of May 2021 09:39:57 PM
Control groups (cgroups) are meant to limit access to a shared resource among processes in the system. One such resource is the values used to specify an encrypted-memory region for a virtual machine, such as the address-space identifiers (ASIDs) used by the AMD Secure Encrypted Virtualization (SEV) feature. Vipin Sharma set out to add a control group for these ASIDs back in September; based on the feedback, though, he expanded the idea into a controller to track and limit any countable resource. The patch set became the controller for the misc control group and has been merged for Linux 5.13.

Introducing Site Isolation in Firefox (Mozilla security blog)

Tuesday 18th of May 2021 04:33:55 PM
The Mozilla Security Blog announces that there is a new site-isolation mechanism available for testing in the Firefox browser. It's a defense against Meltdown and Spectre exploits.

This fundamental redesign of Firefox's Security architecture extends current security mechanisms by creating operating system process-level boundaries for all sites loaded in Firefox for Desktop. Isolating each site into a separate operating system process makes it even harder for malicious sites to read another site’s secret or private data.

Security updates for Tuesday

Tuesday 18th of May 2021 02:53:35 PM
Security updates have been issued by Debian (chromium, curl, prosody, and ruby-rack-cors), Fedora (dotnet3.1 and dotnet5.0), openSUSE (ibsim and prosody), SUSE (kernel and python3), and Ubuntu (caribou and djvulibre).

[$] Exported-symbol changes in 5.13

Monday 17th of May 2021 08:52:26 PM
There have been many disagreements over the years in the kernel community concerning the exporting of internal kernel symbols to loadable modules. Exporting a symbol often exposes implementation decisions to outside code, makes it possible to use (or abuse) kernel functionality in unintended ways, and makes future changes harder. That said, there is no authority overseeing the exporting of symbols and no process for approving exports; discussions only tend to arise when somebody notices a change that they don't like. But it is not particularly hard to detect changes in symbol exports from one kernel version to the next, and doing so can give some insights into the kinds of changes that are happening under the hood.

T2 Linux 21.5 "Because we can" for 18 architectures

Monday 17th of May 2021 06:57:56 PM
The T2 System Development Environment Linux 21.5 was released with 18 pre- and cross-compiled architectures. "The 21.5 release received updates across the board, while a major point of work was the GCC 11 update as well as re-basing and fixing upstream regressions for the Sony PS3 support as well as various small improvements, including an up to 15 seconds faster system shutdown when using sysvinit."

Security updates for Monday

Monday 17th of May 2021 03:12:43 PM
Security updates have been issued by Debian (libimage-exiftool-perl and postgresql-9.6), Fedora (chromium, exiv2, firefox, kernel, kernel-headers, kernel-tools, mariadb, and python-impacket), Mageia (avahi), openSUSE (chromium, drbd-utils, dtc, ipvsadm, jhead, nagios, netdata, openvpn, opera, prosody, and virtualbox), Slackware (libxml2), SUSE (kernel and lz4), and Ubuntu (intel-microcode, python-eventlet, and rust-pleaser).

Kernel prepatch 5.13-rc2

Monday 17th of May 2021 12:28:22 PM
The 5.13-rc2 kernel prepatch is out for testing. "The fixes here are all over the place - drivers, arch updates, documentation, tooling.. Nothing particularly stands out".

[$] Sticky groups in the shadows

Friday 14th of May 2021 03:58:21 PM
Group membership is normally used to grant access to some resource; examples might include using groups to control access to a shared directory, a printer, or the ability to use tools like sudo. It is possible, though, to use group membership to deny access to a resource instead, and some administrators make use of that feature. But groups only work as a negative credential if the user cannot shed them at will. Occasionally, some way to escape a group has turned up, resulting in vulnerabilities on systems where they are used to block access; despite fixes in the past, it turns out that there is still a potential problem with groups and user namespaces; this patch set from Giuseppe Scrivano seeks to mitigate it through the creation of "shadow" groups.

Stable kernels 5.12.4, 5.11.21, 5.10.37, and 5.4.119

Friday 14th of May 2021 02:10:33 PM
Greg Kroah-Hartman has announced the release of the 5.12.4, 5.11.21, 5.10.37, and 5.4.119 stable kernels. These are enormous updates, with changes throughout the kernel tree; users should upgrade.

Security updates for Friday

Friday 14th of May 2021 01:53:04 PM
Security updates have been issued by Debian (jetty9, libgetdata, and postgresql-11), openSUSE (java-11-openjdk), SUSE (dtc, ibsim, ibutils, ipvsadm, and kernel), and Ubuntu (awstats and glibc).

[$] Calling kernel functions from BPF

Thursday 13th of May 2021 02:31:20 PM
The kernel's BPF virtual machine allows programs loaded from user space to be safely run in the kernel's context. That functionality would be of limited use, however, without the ability for those programs to interact with the rest of the kernel. The interface between BPF and the kernel has been kept narrow for a number of good reasons, including safety and keeping the kernel in control of the system. The 5.13 kernel, though, contains a feature that could, over time, widen that interface considerably: the ability to directly call kernel functions from BPF programs.

Security updates for Thursday

Thursday 13th of May 2021 01:45:13 PM
Security updates have been issued by Debian (graphviz and redmine), Fedora (dom4j, kernel, kernel-headers, kernel-tools, mariadb, php, php-phpmailer6, and redis), openSUSE (kernel and nagios), and Ubuntu (mysql-5.7, mysql-8.0 and python-django).

[$] LWN.net Weekly Edition for May 13, 2021

Thursday 13th of May 2021 12:41:54 AM
The LWN.net Weekly Edition for May 13, 2021 is available.

[$] Holes in the WiFi

Wednesday 12th of May 2021 10:49:51 PM
The discoverer of the KRACK attacks against WPA2 encryption in WiFi is back with a new set of flaws in the wireless-networking protocols. FragAttacks is a sizable group of WiFi vulnerabilities that (ab)use the fragmentation and aggregation (thus "Frag") features of the standard. The fixes have been coordinated over a nine-month period, which has allowed security researcher Mathy Vanhoef time to create multiple papers, some slide decks, a demo video, patches, and, of course, a web site and logo for the vulnerabilities.

GNU Guix 1.3.0 released

Wednesday 12th of May 2021 03:48:36 PM
GNU Guix, the transactional package manager and distribution, has released version 1.3.0. This released adds new features, refines the user experience, and improves performance. Support for the POWER9 platform is now offered as technological preview.

New stable kernels

Wednesday 12th of May 2021 03:25:21 PM
Stable kernels 5.12.3 and 5.11.20 have been released with important fixes throughout the tree. Users should upgrade.

Security updates for Wednesday

Wednesday 12th of May 2021 03:10:57 PM
Security updates have been issued by Debian (composer, hivex, lz4, and rails), Fedora (chromium, community-mysql, djvulibre, dom4j, firefox, php, php-phpmailer6, python-django, and redis), Mageia (mariadb, nagios, and pngcheck), openSUSE (opera, syncthing, and vlc), SUSE (kernel, openvpn, openvpn-openssl1, shim, and xen), and Ubuntu (flatpak, linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-gke, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-hwe-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux, linux-aws, linux-azure, linux-gcp, linux-hwe-5.8, linux-kvm, linux-oracle, linux-raspi, linux, linux-aws, linux-azure, linux-gcp, linux-kvm, linux-oracle, linux-raspi, linux, linux-aws, lnux-aws-hwe, linux-azure, inux-azure-4.15, linux-dell300x, linux-gcp, linux-hwe, linux-gcp-4.15, linux-kvm, linux-oracle, linux-raspi2, linux-snapdragon, linux-oem-5.10, linux-oem-5.6, and mariadb-10.1, mariadb-10.3, mariadb-10.5).

[$] Pyodide: Python for the browser

Tuesday 11th of May 2021 10:43:13 PM
Python in the browser has long been an item on the wish list of many in the Python community. At this point, though, JavaScript has well-cemented its role as the language embedded into the web and its browsers. The Pyodide project provides a way to run Python in the browser by compiling the existing CPython interpreter to WebAssembly and running that binary within the browser's JavaScript environment. Pyodide came about as part of Mozilla's Iodide project, which has fallen by the wayside, but Pyodide is now being spun out as a community-driven project.

Why Sleep Apnea Patients Rely on a CPAP Machine Hacker (Vice)

Tuesday 11th of May 2021 09:39:13 PM
Vice takes a look at the SleepyHead system for the management of CPAP machines.

The free, open-source, and definitely not FDA-approved piece of software is the product of thousands of hours of hacking and development by a lone Australian developer named Mark Watkins, who has helped thousands of sleep apnea patients take back control of their treatment from overburdened and underinvested doctors. The software gives patients access to the sleep data that is already being generated by their CPAP machines but generally remains inaccessible, hidden by proprietary data formats that can only be read by authorized users (doctors) on proprietary pieces of software that patients often can’t buy or download.

Making eBPF work on Windows (Microsoft Open Source Blog)

Tuesday 11th of May 2021 05:10:25 PM
The Microsoft Open Source Blog takes a look at implementing eBPF support in Windows. "Although support for eBPF was first implemented in the Linux kernel, there has been increasing interest in allowing eBPF to be used on other operating systems and also to extend user-mode services and daemons in addition to just the kernel. Today we are excited to announce a new Microsoft open source project to make eBPF work on Windows 10 and Windows Server 2016 and later. The ebpf-for-windows project aims to allow developers to use familiar eBPF toolchains and application programming interfaces (APIs) on top of existing versions of Windows. Building on the work of others, this project takes several existing eBPF open source projects and adds the “glue” to make them run on Windows."

More in Tux Machines

Excellent Utilities: duf – disk usage utility

This is a series highlighting best-of-breed utilities. We cover a wide range of utilities including tools that boost your productivity, help you manage your workflow, and lots more besides. There’s a complete list of the tools in this series in the Summary section. The Command Line Interface (CLI) is a way of interacting with your computer. To harness all the power of Linux, it’s highly recommended mastering the interface. It’s true the CLI is often perceived as a barrier for users migrating to Linux, particularly if they’re grown up using GUI software exclusively. While Linux rarely forces anyone to use the CLI, some tasks are better suited to this method of interaction, offering inducements like superior scripting opportunities, remote access, and being far more frugal with a computer’s resources. duf is a simple disk usage utility that offers a more attractive representation than the classic df utility. It’s written in Go. Read more

Sway 1.6.1 Wayland Compositor Released With WLROOTS 0.14

Simon Ser has released Sway 1.6.1 as the newest version of this popular i3-inspired Wayland compositor. Sway 1.6 came back in April with better Flatpak/Snap application integration, smoother move/resize operations, X11 clipboard handling improvements, and many other improvements for this popular "indie" Wayland compositor. Read more

today's howtos

  • Kali Linux Man in the Middle Attack Tutorial for Beginners 2021

    Man in the middle attack is the most popular and dangerous attack in Local Area Network. With the help of this attack, A hacker can capture the data including username and password traveling over the network. He/she is not only captured data from the network he/she can alter data as well. For example, if you send a letter to your friend the hacker can capture the letter before reaching the destination, and can edit and then send to your friend a modified letter. But a good thing is this attack only can be performed in a local area network it means one of the victims must be in the same network of the attacker. May be possible you have heard that using a public Wi-Fi network is not as secure as your home network the only reason is a man in the middle attack.

  • How to Install chrome in Ubuntu 20.04 complete Guide

    Google Chrome is a web browser, most used widely in the world. It is fast, simple, and easy to use and secure browser built for the modern web. Neither Google Chrome comes with Ubuntu default, nor included in the Ubuntu repositories. But here, I am telling about another open-source web browser. It is available in the default Ubuntu repositories. If you don’t want to install chromium and looking only for chrome, this article will help you.

  • How to Install and Use Tilix Terminal Emulator in Linux

    Tilix is an open-source advanced Linux terminal emulator that uses GTK+ 3 and offers a lot of features that are not part of the default terminal that ships with Linux distributions.

  • How to Install NetBeans IDE 12 on Fedora 34/33 – TecAdmin

    NetBeans is an open-source integrated development environment for the application development on Windows, Mac, Linux, and Solaris operating systems. It offers excellent debugging capabilities, coding, plugins, and extensions with multiple out-of-the-box features. The NetBeans is widely used by the PHP and Java application developers. A shell script is provided by the official team for easier installation of Netbeans on Linux systems. However, we can have also use the Snap package to install the latest NetBeans IDE on the Fedora system quickly. This tutorial will help you to install NetBeans IDE on a Fedora system using the Snap package manager.

  • How to Fix 504 Gateway Timeout in Nginx Server

    I use NGINX a lot. I recently deployed a Node.js web application with NGINX as a reverse proxy server for it. One of the key features of the application is support for data imports using excel templates. However, it didn’t take long before users uploading bulky files started getting a 504 Gateway Timeout error from NGINX.

  • How To Install Next.js on Ubuntu 20.04 LTS - idroot

    In this tutorial, we will show you how to install Next.js on Ubuntu 20.04 LTS. For those of you who didn’t know, Next.js is a Javascript framework built on React.js, which allows developers to build static and dynamic websites and web applications. This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the Next.js open-source Javascript framework on Ubuntu 20.04 (Focal Fossa). You can follow the same instructions for Ubuntu 18.04, 16.04, and any other Debian-based distribution like Linux Mint.

  • How To Install AlmaLinux Desktop

    This tutorial explains the installation of AlmaLinux Desktop to computer. This begins with where to grab the OS itself, make a bootable medium of it, boot the computer with it, then starts the installation and partitioning until finished. The final result will be a fully functional computer with AlmaLinux GNOME.

  • Generate Rainbow Tables and Crack Hashes in Kali Linux Complete Guide

    Rcracki_mt is a tool used to crack hashes and found in kali linux by default. It is used rainbow tables to crack the password. Some other tools generate rainbow tables. You can download Rainbow table https://www.freerainbowtables.com/tables2/ if you don’t want to download rainbow table you can create you own by Using winrtgen in window and rtgen in Kali Linux

AMD SFH Linux Driver Updated For "Next Gen" Ryzen Laptops

There's the next chapter to the unfortunately rather sad state of the AMD Sensor Fusion Hub (SFH) driver support under Linux. Since 2018 with AMD Ryzen laptops there has been the Sensor Fusion Hub for various accelerometer/gyroscopic sensor functionality, among other uses and akin to Intel's Sensor Hub. It wasn't though until January 2020 that AMD published their SFH driver for Linux. Read more