Linux 5.10 LTS Status and More Stables Releases of Linux Announced Today

• Linux 5.10 LTS Will Only Be Maintained Until EOY 2022 Unless More Companies Step Up

  Announced a few years ago was the notion of "extended" LTS kernel versions whereby the long term support cycle would span six years rather than the usual two years for LTS kernels in providing maintenance and bug/security fixes to the codebase. This means Linux 5.4 LTS is supported until the end of 2025, Linux 4.19 until the end of 2024, and even Linux 4.14 until the start of 2024. But with the recently minted Linux 5.10 LTS at least for now it's only being committed to maintenance until the end of next year. There's been differing remarks/indications for how long the Linux 5.10 long-term support cycle would last with many expecting six years given that's what has been happening on recent LTS kernels -- even the Linux 4.4 kernel is being planned for maintenance until February 2022 and Linux 4.9 until 2023. Linux stable maintainer Greg Kroah-Hartman has now provided a more transparent answer on the Linux kernel mailing list stemming from the talk over how long Linux 5.10 will be maintained.

• Three stable kernels

  Stable kernels 5.10.11, 5.4.93, and 4.19.171 have been released. They contain important fixes and users should upgrade.

• 5.10.11

• 5.4.93

• 4.19.171

Security and FUD

• Security updates for Wednesday

  Security updates have been issued by Arch Linux (sudo), CentOS (sudo), Debian (sudo), Fedora (kernel, php-pear, and sudo), Gentoo (cacti, mutt, and sudo), Mageia (sudo), openSUSE (sudo), Oracle (sudo), Red Hat (sudo), Scientific Linux (sudo), Slackware (sudo), SUSE (go1.14, go1.15, nodejs8, and sudo), and Ubuntu (libsndfile and sudo).

• Mimecast admits certificate compromise tied to SolarWinds supply chain attack

  Email security firm Mimecast has admitted that the compromise of a certificate it had issued for some Microsoft services is connected to the SolarWinds supply chain incident.

• SolarWinds Cyberattack: Layered OT Security Creates Best Defense

  The recent SolarWinds supply chain cyberattacks serve to underscore an age-old cybersecurity tenant, and the reason we need to continue beating the drum as cybersecurity professionals: Use a layered approach to OT security. This incident highlights a rare, specific use case of a nation state threat actor, an Advanced Persistent Threat (APT). In this particular case, layers provided somewhat limited value, but helped keep the less skilled attackers – about 99% of those on the playing field – at bay. Technology boundaries can be used to lessen the impact of (but unfortunately not prevent) nation state APTs. They not only offer additional protection, they may also help expose the presence of APTs in your network. Let’s examine how they would have helped in the case of APTs like the Sunburst malware that infected SolarWinds Orion software and was downloaded by 18,000 organizations.

• Linux malware uses open-source tool to evade detection [Ed: How pro-Microsoft propaganda sites blame for a tool which comes from Microsoft (GitHub) "Open Source" and "Linux" (though it is the fault of neither). Alternative headline: Microsoft malware is being used to attack machines that run GNU/Linux]

  This tool is known as libprocesshider and is an open-source tool available on Github that can be used to hide any Linux process with the help of the ld preloader.

AMD Schedutil vs. Performance Governor Benchmarks On Linux 5.11 Shows More Upside Potential

With a pending patch, the Linux 5.11 AMD Zen 2 / Zen 3 performance is looking very good as far as the out-of-the-box performance is concerned when using Schedutil as is becoming the increasingly default CPU frequency scaling governor on more distributions / default kernels. With the previously noted Linux 5.11 regression addressed from when the AMD CPU frequency invariance support was first introduced, the Schedutil performance from small Ryzen systems up through big EPYC hardware is looking quite good. But how much upside is left in relation to the optimal CPU frequency scaling performance with the "performance" governor? Here is a look at those benchmarks on Ryzen and EPYC for Schedutil vs. Performance on a patched Linux 5.11 kernel.

today's howtos

• Visualizing system performance with RHEL 8 using Performance Co-Pilot (PCP) and Grafana (Part 2)

  In this post, I’d like to show you how to use Performance Co-Pilot (PCP) with Grafana and Redis to store and graph performance data for all the machines in your environment. We’ll do this in a simple two machine setup, but the concepts are the same as you add more machines.

• Calibre 5.0 for Linux

  For those who like to read, Calibre is a wonderful program for managing e-books. Calibre will not only allowed to maintain and organize your library of e-books but also perform format conversions. Calibre can also let you read your e-books on your system without needing an e-reader. Of course, you can always read an e-book on a smartphone.

• Firecracker: start a VM in less than a second

  Initially when I read about Firecracker being released, I thought it was just a tool for cloud providers to use – I knew that AWS Fargate and https://fly.io used it, but I didn’t think that it was something that I could directly use myself. But it turns out that Firecracker is relatively straightforward to use (or at least as straightforward as anything else that’s for running VMs), the documentation and examples are pretty clear, you definitely don’t need to be a cloud provider to use it, and as advertised, it starts VMs really fast! So I wanted to write about using Firecracker from a more DIY “I just want to run some VMs” perspective. I’ll start out by talking about what I’m using it for, and then I’ll explain a few things I learned about it along the way.

• 3 email mistakes and how to avoid them

  In prior years, this annual series covered individual apps. This year, we are looking at all-in-one solutions in addition to strategies to help in 2021. Welcome to day 17 of 21 Days of Productivity in 2021. OK, so we've talked about some things we should do with our email - Stop treating it as an instant messenger, Prioritize things, trying to reach Inbox Zero, and filtering it effectively. But what things SHOULDN'T we do?

• 6 Steps to Teach Yourself System Administration

  Looking for ways to get started in system administration? In this Skills article, we’ll provide an overview of resources that will help you on your way. If you’re unfamiliar with the basics of what a system administrator does, we recommend starting with this introduction. There is no traditional path for acquiring the technical skills needed as a system administrator, according to Enable Sysadmin. “Some sysadmins have an associate or college degree, and some don’t. Depending on when a sysadmin began their career, he or she might have a variety of technical certificates ... or none at all.” Here, we provide an array of options with which to plot your own course of study.

• How to install KaOS 2021.01

• How to Install Krita 4.4.2 via Another PPA in Ubuntu 20.04, 20.10

  For those prefer installing apps via apt method, the digital painting software Krita 4.4.2 now is available to install via another well trusted PPA for Ubuntu 20.04, Ubuntu 20.10, Linux Mint 20. Krita 4.4.2 was released a week ago as the latest version of the free open-source painting software, with new features: SVG mesh Gradients, mesh transform, new gradient fill layer type, new brushes, and improved HiDPI support.

• How to set up static IP address on Debian Linux 10/11 - nixCraft

  I have Debian 10 Linux cloud server, and it is configured to get IP addresses via DHCP. How do I convert DHCP address to static IP address settings?

• How To Enable Hardware Accelerated Video Decode In Google Chrome, Brave, Vivaldi And Opera Browsers On Debian, Ubuntu Or Linux Mint

  Google Chrome 88 (and newer) has made hardware accelerated video decoding available on Linux, but it's not enabled by default. Google Chrome is not the only Chromium-based web browser to support hardware acceleration on Linux though. This article explains how to enable hardware-accelerated video decoding in Google Chrome, Brave, Vivaldi and Opera web browsers running on Debian, Ubuntu, Pop!_OS or Linux Mint (Xorg only). Using hardware-accelerated video decode in your web browser should result in using less CPU usage (and thus, less battery draining) when playing online videos. It's worth noting that Chromium web browser had patches that allowed making hardware accelerated video decoding available on Linux for some time, and some Linux distributions packaged it using those patches. So Chromium users have had hardware acceleration on Linux for some time, depending on their Linux distribution or if they installed the patched Chromium in some other way. E.g. on Ubuntu / Linux Mint there's a PPA with VA-API patched Chromium builds. Thus, these instructions may also work for Chromium browser, depending on how it's built.

• How to Manipulate Images in the Linux Terminal

  Ever tire of constantly opening up your favorite image editor for a simple crop, resize, or to change the file format? Maybe you have a need to easily perform these tasks in batch or within software? Here's how to use the Linux convert tool, which allows you to do all this with terminal via the command line, and much more.