Language Selection

English French German Italian Portuguese Spanish

Devuan Posts From Former Apple Software Engineer

Filed under
OS
  • Linux Dying In Dependency Hell

    There is a concept in computer programming of “Dependency Hell”. It comes about, IMHO, when folks forget to follow the K.I.S.S. principle (Keep It Simple, Stupid.) and / or just don’t pay attention to a couple of basics of computing. In particular, to realize that ALL change is incredibly expensive in time and effort while changes that are incompatible with other parts of the system (or other changes) can be lethal (to the project, product, or whole system).

    The Unix Way of “Do one small thing and do it well” comes from this understanding. One Small Thing done well is unlikely to change much. If I have a program that just takes a byte stream and directs it to a file, that’s not got a lot of room for “enhancements”, revisions, or bugs. If my “Init Systems” just launches a PID1 (Process ID #1) that launches some other processes listed in a script or configuration file, well, my init system is unlikely to ever need much change, revision, “enhancement”, nor will it have much in the way of bugs (if any). This has been fundamental and true for about 50 years of Unix history.

    What has happened relatively recently is an explosion of (gratuitous?) change and “enhancement” that looks to me like it is NOT making things better and IS making things worse. Simply because it makes for a huge growth in Dependency Hell issues.

  • The Joy Of Chroot – Devuan on XU4
  • Devuan 2.0 on Odroid XU4

More in Tux Machines

today's leftovers

  • The Fridge: Ubuntu Weekly Newsletter Issue 605

    Welcome to the Ubuntu Weekly Newsletter, Issue 605 for the week of November 10 – 16, 2019. The full version of this issue is available here.

  • And the Collabora family keeps growing!

    As we begin winding down 2019, it's time to take a moment to celebrate the new Collaborans who joined our various engineering and administrative teams in Q2 & Q3 this year! Comprised of some of the most motivated and active Open Source contributors and maintainers around the world, Collaborans share an enduring passion for technology and Open Source, and these 14 new joiners are no different.

  • Security updates for Wednesday

    Security updates have been issued by Debian (redmine), Fedora (libidn2), Mageia (clamav, ghostscript, kernel, kernel-linus, libexif, libjpeg, mariadb, microcode, and systemd), and openSUSE (libjpeg-turbo).

  • EFF, Antivirus Companies, and Human Rights Groups Launch Coalition to Combat Stalkerware

    San Francisco—The Electronic Frontier Foundation (EFF), Kaspersky, Operation Safe Escape and seven other organizations today launched the Coalition Against Stalkerware to unite and mobilize security software companies and advocates for domestic abuse victims in actions to combat and shut down malicious stalkerware apps.Stalkerware, a type of commercially-available surveillance software, is installed on phones without device owners’ knowledge or consent to secretly spy on them. The apps track victims’ locations and allow abusers to read their text messages, monitor phone calls, see photos, videos, and web browsing, and much more. It’s being used all over the world to intimidate, harass, and harm victims, and is a favorite tool for stalkers and abusive spouses or ex-partners.Groups supporting targets of domestic abuse are seeing a growing number of victims seeking help about stalkerware. According to Kaspersky, the number of its antivirus users finding stalkerware on their devices rose by 35%, from 27,798 in 2018 to 37,532 in 2019. The threat landscape for stalkerware has also widened, as Kaspersky has detected 380 various forms of stalkerware in the wild in 2019—31% more than a year ago.The Coalition Against Stalkerware aims to provide help for victims and bring leaders in antivirus technology together to establish best practices for ethical software development.

  • CloudFormation gets open source CLI to automate external resource creation

    AWS has updated its infrastructure as code product CloudFormation, fitting it with an open source CLI and a registry to get started with custom resource providers. The refresh is meant to let users automate the creation of non-AWS resources and improve resource coverage, both of which seem to have been requested a lot in the past months. CloudFormation CLI comes with sample code and documentation facilitating the creation of resource providers. To build one, users first have to describe their resource, including attributes and properties, in a schema which conforms to AWS’ Resource Provider Definition Schema. Once that is done, they’ll have to write a handler in Java or Go that defines the core operations create, read, update, delete, and list for the resource.

  • Open Source Community Connects Global 5G Cloud Native Network

    LF Networking (LFN), which facilitates collaboration and operational excellence across open networking projects, today demonstrated an end-to-end, global, 5G, cloud native network live on-stage at KubeCon + CloudNativeCon North America. As a thought leader in generating technology from multiple sources based on telecom 5G requirements, LFN’s OPNFV community shepherded the cutting-edge Proof-of-Concept (PoC), which illustrates how to build, connect, and manage a global 5G network – including on-prem, cloud, and edge operations – on open architecture running network services using Kubernetes. As global communications providers gear up to deliver high-speed connectivity to support new services and use cases (e.g. autonomous vehicles, smart cities, specialized applications, IoT, AR/VR, and more), the need for low-latency, high-bandwidth, scalable networks is more important than ever. Conventional communications and connectivity hardware will not sustain next-generation mobile technology, so the need for cloud native architectures is essential for delivering the performance, capabilities, and automation that 5G requires. The LF Networking community, comprised of major projects such as ONAP, OPNFV, OpenDaylight, FD.io, Tungsten Fabric and more — account for more than 70 percent of the world’s mobile subscribers through participating carriers. It serves as the de facto open source umbrella for helping telcos evolve.

  • JCC Erratum Impact On Skylake Xeon Scalable Plus The Patched Assembler

    Last week ago we provided a number of benchmarks looking at the performance impact from Intel's Jump Conditional Code (JCC) Erratum that required a CPU microcode update to mitigate but that comes with a performance hit. At least Intel has pending GNU Assembler patches to help offset that performance hit. In time for last week's articles I didn't have a chance to perform Skylake Xeon Scalable (1st Gen) benchmarks but now here are some metrics alongside Cascade Lake.

  • Ceph RGW dynamic bucket sharding: performance investigation and guidance

    If we know how many objects the application would store in a single bucket, pre-sharding the bucket generally helps with overall performance. On the flip side, if the object count is not known in advance, the dynamic bucket re-sharding feature of Ceph RGW really helps to avoid degraded performance associated with overloaded buckets. In the next post we will learn how the performance of RHCS 3.3 has improved since RHCS 2.0 and what all performance benefits BlueStore OSD backend brings with it.

OSS CMS: Converting ikiwiki to Hugo and WP Maintanance Plugin

  • Birger Schacht: Converting ikiwiki to hugo

    Sometimes I play around with Tails and on rare occasions I also build a Tails image myself. One thing that makes the build of Tails a bit tedious is that it a also builds the Tails Website, which contains the whole documentation (which is really cool, because that way users have the most up to date documentation on their desktop!). The problem is, that the website takes a looooong time to build- on my Laptop (i7-5600U) it takes around 11 minutes. I was curious if it was possible to convert the whole website, which is based on ikiwiki, to the hugo static site generator which is known to be pretty fast (”with its amazing speed and flexibility, Hugo makes building websites fun again” as the hugo website puts it ;)). I did some research if there was some tooling to do so- the Hugo website lists some migration tools but nothing for ikiwiki, but I stumbled upon anarcat’s conversion notes which has a lot of information and also links to the write up jak did on his conversion. Anarcat also published a python script to convert ikiwiki to hugo which I tried, but there were some important parts missing.

  • WP Maintanance Plugin Vulnerable To CSRF & XSS

    If you have installed WP Maintenance plugin on your WordPress site or blog, this article is for you. Recently Wordfence team discovered CSRF vulnerability in WP Maintenance plugin that is used to put the website on maintenance mode during maintenance. The plugin allows webmasters to customize the maintenance page and show it to all website visitors during maintenance. Wordfence team discovered CSRF vulnerability in the plugin that can also allow an attacker to inject malicious code into the website and can redirect all site visitors to another malicious website.

Free Software and Proprietary Software

  • [ProtonVPN] Release notes for Linux client version 2.0

    We’re proud to release version 2.0 of the ProtonVPN Linux client. Entirely rewritten in Python, the new version of the client is lighter, faster, and more stable. Version 2.0 also includes the Kill Switch feature, which keeps your data private, even if your VPN connection is interrupted.

  • LibreOffice community at Czech free software events

    Like every year, we would like to say few words about our impressions and experiences from our Czech free and open source software (FOSS) conferences in autumn. As in the last year, we participate with our LibreOffice booth at LinuxDays in Prague (me and Zdeněk Crhonek), and at OpenAlt in Brno (Petr Valach and Zdeněk Crhonek).

  • Google's Stadia Game Streaming Service Arrives To A Collective 'Meh'

    As we noted last week, there's a laundry list of potential issues plaguing Google's attempted entry into the game streaming space via Google Stadia, not least of which is the US' substandard broadband networks and arbitrary broadband caps. Stadia eliminates the physical home game console and instead moves all game processing to the cloud. And while it's clear that this is the inevitable path forward and somebody is going to eventually dominate the space, there's no solid indication yet that it's going to be Google.

  • Security lessons from a Mac-only fintech company

    Apple remains a highly secure choice for enterprise professionals, but security threats remain and the environment requires sophisticated endpoint management tools, according to Build America Mutual (BAM) CTO David McIntyre.

  • Trump is lying about the ‘new’ ‘Apple’ factory

    This is not true for a couple reasons — one of them nitpicky and one of them a lot more serious. The nitpicky problem is that Apple isn’t actually building a manufacturing plant. The company is building a new campus in Austin, but it’s miles away from the factory and the jobs are going to be very similar to the kind of white-collar design and engineering work that Apple does in Cupertino. Apple doesn’t do its own manufacturing, and the plant Trump is standing in belongs to a contractor called Flex Ltd (formerly Flextronics).

    But the bigger problem is that what Flex is doing isn’t anything new. This particular factory has been manufacturing Mac Pros since 2013, when Cook first announced it would assemble them in the United States. That’s before Trump took office. So the idea that we’re seeing the beginning of something, or that Trump has done something during his presidency to bring about this particular instance of US manufacturing, just doesn’t hold water.

    Trump is talking as if Apple has created a brand-new factory in Texas to build Mac Pros. If all you saw was a five-second clip on the news, that’s probably the impression you would get — but it just isn’t true.

  • SecureCRT 8.7 and SecureFX 8.7 Beta Releases from VanDyke Software Introduce New Enhancements for Increased Efficiency and Streamlined Workflow

    The new releases also introduce macOS Dark Mode, local Proxy command firewall, new algorithms, and support for Ubuntu 19.x and macOS Catalina.

  • SaltStack adds automatic vulnerability remediation tool to portfolio

    IT automation tool provider SaltStack has kicked off its SecOps division by announcing the general availability of SaltStack Protect. Protect is meant to make the “massive amount of coordination and work required to actually fix thousands of infrastructure security vulnerabilities” less daunting, by throwing some automation into the mix. To do that, the product ingests vendor CVE advisories and delivers scans and remediation workflows as a service to SaltStack customers. Automatic prioritisation of which issues to tackle first can be realised by feeding the system with real-time data on the configuration state of all assets in a SaltStack environment, which ties it in with the rest of the SaltStack portfolio.

today's howtos

  • NMCLI Command To Show Available WiFi Networks, Signal Strength on Linux!
  • Looping Through a File that Contains Spaces (for Loop)
  • Zsync HTTP-based File Transfer Utility Transfers Large Files Efficiently
  • How to open a PSD file without Photoshop

    It stands to reason that with the PSD file being a photo-editing file, the best ways to open PSD image files without Photoshop are going to be other photo editing programs. GIMP, which stands for Gnu Image Manipulation Program is an excellent and free image editor alternative to Photoshop. GIMP works on Linux, Mac OS, and Microsoft Windows powered devices and is open source software, meaning it is developed voluntarily by developers all over the world. GIMP offers professional level features, which include being able to open and indeed edit PSD files. Many professional photographers and graphic designers use GIMP for their jobs, and many contribute towards developing new features. If you want to have complete control over the Photoshop file you’re trying to open without Photoshop, then GIMP is the tool you’re looking for. You can download GIMP by pressing the download button below. Then, once you’ve installed it, you can open a PSD file as you would open any other file type.