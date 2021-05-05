Language Selection

  • Install OpenLiteSpeed, MariaDB, PHP8.0 on Ubuntu 20.04/18.04 Server

    This tutorial is going to show you how to install LOMP stack (OpenLiteSpeed, MariaDB, and PHP8.0) on Ubuntu 20.04/18.04. A software stack is a set of software tools bundled together. LOMP stands for Linux, OpenLiteSpeed, MariaDB/MySQL and PHP, which can power dynamic websites and web applications. Linux is the operating system; OpenLiteSpeed is the web server; MariaDB/MySQL is the database server and PHP is the server-side scripting language responsible for generating dynamic web pages.

  • GNOME: How To Disable The Touchpad When A Mouse Is Plugged In And While Typing

    GNOME Desktop: This article explains how to automatically disable the laptop touchpad when an external mouse is plugged in and how to disable the touchpad while typing.

    The GNOME Settings app has various options for mice and touchpads, including setting the speed, natural scrolling, and more. You can even disable the touchpad permanently from there. But there's no option to disable the laptop touchpad while using an external mouse, or to disable the touchpad while typing, directly in Settings.

    But there are settings for enabling these 2 very useful options, though they are not exposed in the Settings app. For the instructions below to work, you'll need to be using the GNOME Shell desktop and libinput.

  • A deeper dive into Chrome WebFeed

    You should first read about the article Chrome experiment to let you Follow websites before you keep reading this one. This article goes deeper into the technical details of how Chrome WebFeed works.

    Chrome detects all Atom and RSS feeds on webpages using the feed auto-discovery mechanism.

  • Chrome experiment lets you Follow news and website updates

    Google is experimenting with a new way to undercut the value of its fiercest “attention competitors” (Twitter and Facebook.) It’s also helping web publishers and the open web ecosystem at the same time. Here’s a brief history of the technology behind Chrome’s new Follow feature, and how it’s better than earlier attempts at building feeds into web browsers.

    Google has announced it’s experimenting with integrating syndication feeds ("RSS") into its Chrome web browser. The experiments are currently restricted to early-preview releases of Chrome on Android devices configured for U.S. English. The technology media jumped on the news and many called it a Google Reader reboot. Google Reader was a powerful news aggregation tool beloved by power-users; who’ll never forgive Google for discontinuing it in 2013. Chrome’s latest experiment is nothing like Reader; it’s something else entirely. —and it’s much more likely to succeed!

  • Amazing Marvin and KeyCombiner

    I recently came across an excellent tool called KeyCombiner that helps you practice keyboard shortcuts (3 sets for free, $29/6 months for more sets). I spent some time to create a set for Amazing Marvin, my current todo manager of choice.

  • Explore the Kubernetes ecosystem in 2021 | Opensource.com

    Kubernetes, the de facto standard for container orchestration, has quickly grown to dominate the container environment both in terms of infrastructure management and application development. As an open source platform with a huge community of enthusiasts and professionals, and being a part of the Cloud Native Computing Foundation, Kubernetes has become not only a powerful and impressive orchestration system itself but it has fostered a huge ecosystem of related tools and services to make it easier to use and extend its functionality with ever more powerful and sophisticated components.

    In this new eBook, A guide to Kubernetes for SREs and sysadmins, Jess Cherry (with contribution by Ben Finkel) covers a slew of these related tools and services, for management of and integration with Kubernetes. Cherry and Finkel provide some helpful getting started guides, both for Kubernetes and some of the tools. They even share interview questions to help prepare readers for jobs within this quick-growing, massive ecosystem.

  • Get started with Kustomize for Kubernetes configuration management

    Preparing to run a new (or convert an existing) application in Kubernetes takes work. Working with Kubernetes requires defining and creating multiple "manifests" for the different types of objects in your application. Even a simple microservice is likely to have a deployment.yaml, service.yaml, configmap.yaml, and other files. These declarative YAML files for Kubernetes are usually known as "manifests." You might also have to set up secrets, ingresses, persistent volumes, and other supporting pieces.

    Once those are created, you're done with managing your manifests, right? Well, it depends. What happens if someone else needs to work with your manifest but needs a slightly (or significantly) different version? Or what happens if someone wants to leverage your manifests for different stages or environments? You need to handle reuse and updates for the different use cases without losing track of your original version.

  • Test your Kubernetes experiments with an open source web interface

    Have you wanted to cause chaos to test your systems but prefer to use visual tools rather than the terminal? Well, this article is for you, my friend. In the first article in this series, I explained what chaos engineering is; in the second article, I demonstrated how to get your system's steady state so that you can compare it against a chaos state; and in the third, I showed how to use Litmus to test arbitrary failures and experiments in your Kubernetes cluster.

  • How to Install Webmin on CentOS Linux - Unixcop

    Keeping an eye on your system’s performance is one of the essential tasks that any Linux user should undertake from time to time.This helps in diagnosing any bottlenecks that are likely to impact performance.

    Webmin is a free and open-source front-end monitoring and administration tool that helps Linux users have a glance at various system metrics and perform administration tasks without the need of running commands on the terminal.

  • Enable Parallel Downloading In Pacman In Arch Linux - OSTechNix

    Pacman version 6 is shipped with parallel downloads support. Here is how to enable parallel downloading in Pacman in Arch Linux and its variants like EndeavourOS and Manjaro Linux.

  • How To Install Drupal on Linux Mint 20 - idroot

    In this tutorial, we will show you how to install Drupal on Linux Mint 20. For those of you who didn’t know, Drupal is one of the most popular open-source CMS platforms worldwide. It is written in PHP, Drupal is an open-source and free CMS that is used for creating stunning blogs and websites. It provides a wide variety of tools, templates, and plugins to create powerful and elegant websites with excellent security and reliability. It’s both a backend and front-end platform, with the backend riding on MySQL database and the front-end powered by PHP and Javascript.

    This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of Drupal content management systems on a Linux Mint 20 (Ulyana) server.

  • How to install Docker on Fedora Linux system

    Docker is a tool that is used to run software in a container. It's a great way for developers and users to worry less about compatibility with an operating system and dependencies because the contained software should run identically on any system.

    Docker is available for download and installation on Fedora as well as most other distributions of Linux. However, installing it on Fedora can be a bit tricky because Red Hat doesn't offer native support for Docker on its distributions. Instead, Red Hat pushes support for Podman, an alternative to Docker. This makes Docker a bit harder to install, but it's still possible on Fedora.

    In this guide, we'll show you how to install Docker on Fedora and get started with installing containerized software. After Docker is installed, you can use it to install software packages much the same way you would use your distro's package manager to download an app. The difference of using Docker is that everything is more automated, with compatibility and dependencies no longer being potential issues.

  • How to install MariaDB 10 on AlmaLinux 8 or Rocky Linux - Linux Shout

    MariaDB is a popular SQL database forked from MySQL. This was developed after Oracle acquired Sun Microsystems in 2010. MariaDB is mostly compatible with MySQL and can mostly replace MySQL without problems (API compatible). The processor architectures x86 and AMD64 are supported.

    MariaDB uses the “storage engine” XtraDB as a replacement for InnoDB. Alphanumeric fields in heap tables can exceed 256 characters. Support of Pool of Threads to guarantee high speed even with 200,000+ connections.

    Here in this tutorial, we will learn how to install and secure MariaDB on AlmaLinux and Rocky Linux 8.

  • How to join Fedora Linux Desktop to an Active Directory domain - TechRepublic

    Recently, I covered how to connect Ubuntu Desktop to an Active Directory domain. The domain controller I connected to was set up using Ubuntu Server and Samba. As you might expect, Fedora Linux is not to be left out of the mix, as you can join this particular distribution to that AD as well.

LG allows others to use its open source software management tool

LG Electronics Inc. on Thursday said its open source software management tool is now available to outside developers as the South Korean tech giant eyes to bolster its presence in the software community. LG said the FOSSLight (Free and Open Source Software Light) system, which it has been using since 2014, can now be downloaded for free at its website. Open source software is distributed with its original source code and allows programmers to freely use or modify work. But at the same time, programmers must follow license regulations for each open source. LG's FOSSLight is a system than can check the open source compliance process. It can analyze a developer's software to verify whether it has followed license conditions and meets security requirements. Read more

Proprietary Software/Microsoft Leftovers

  • Big Oil Fought Cybersecurity Regulations, Making Pipeline Attacks Easier [Ed: Microsoft Windows]
  • New ‘Epsilon Red’ ransomware is targeting [sic] unpatched Microsoft Exchange servers [iophk: Windows TCO]

    First detected by security researchers at Sophos plc and revealed Friday, the ransomware was found targeting [sic] a U.S.-based business in the hospitality industry. Delivered as the final executable payload in a hand-controlled attack, the ransomware demanded a payment of 4.29 bitcoin, valued at the time at about $210,000.

  • FBI says Russia-linked group behind JBS [crack] [iophk: Windows TCO]

    The FBI has identified a Russia-linked group as the entity behind the cyberattack on the meat producing group JBS USA.

    “We have attributed the JBS attack to REvil and Sodinokibi and are working diligently to bring the threat actors to justice,” the FBI wrote in a statement on Wednesday.

  • Russia-Linked Group Behind JBS Attack Revels in ‘Audaciousness’ [iophk: Windows TCO]

    REvil, the Russian-linked [cracking] group the FBI said is responsible for the cyberattack on JBS SA, the largest meat producer in the world, has emerged as one of the most prolific -- and public -- ransomware groups in recent years.

    The [crackers], also known as Sodinokibi, have been at the forefront of the ransomware-as-a-service model of cyberattacks since the group first came to prominence as a security threat in 2019. In this model, [cracking] groups provide malware for others to use in an attack in exchange for a cut of the ransom payments. In order to recruit talent, REvil deposited $1 million in Bitcoin as a way to give potential affiliates peace of mind that they would get paid.

  • FBI names REvil as the group behind meat supplier cyberattack [iophk: Windows TCO]

    The FBI has said that cybercriminal group REvil (also known as Sodinokibi) was behind the recent attack on meat supplier JBS (via The Record). This follows a statement from White House deputy press secretary Karine Jean-Pierre, which indicated that the attack likely came from a Russian-based organization.

  • FBI: JBS ransomware attack was carried out by REvil [iophk: Windows TCO]

    Smilyanets said there hasn’t been any signs of public postings from REvil related to the incident—the group often pressures organizations into paying a demand by exposing some information. “That can indicate that negotiations are underway,” he said.

Security Leftovers

  • Security updates for Thursday

    Security updates have been issued by Arch Linux (chromium, curl, dhclient, dhcp, firefox, keycloak, lib32-curl, lib32-libcurl-compat, lib32-libcurl-gnutls, libcurl-compat, libcurl-gnutls, opera, packagekit, pam-u2f, postgresql, rabbitmq, redis, ruby-bundler, and zint), Debian (caribou, firefox-esr, imagemagick, and isc-dhcp), Fedora (mapserver, mingw-python-pillow, and python-pillow), openSUSE (chromium), Red Hat (firefox, glib2, pki-core:10.6, polkit, rh-ruby26-ruby, and rh-ruby27-ruby), SUSE (ceph, dhcp, libwebp, nginx, qemu, squid, and xstream), and Ubuntu (firefox, linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle, linux-snapdragon, linux, linux-aws, linux-azure, linux-gcp, linux-kvm, linux-oracle, and policykit-1).

  • Reproducible Builds in May 2021

    In these reports we try to the most important things that we have been up to over the past month. As a quick recap, whilst anyone may inspect the source code of free software for malicious flaws, almost all software is distributed to end users as pre-compiled binaries. If you are interested in contributing to the project, please visit our Contribute page on our website.

  • SAML Implementation Vulnerability Impacting Some Akamai Services - The Akamai Blog

    This blog post provides an overview of a vulnerability discovered in Akamai's Enterprise Application Access (EAA) product which has been patched. This vulnerability could have allowed an actor to impersonate an authorized user when interacting with an application that used Security Assertion Markup Language Version 2 (SAMLv2, referred to as SAML in this document) to authenticate users. Following the initial notification from a third party, Akamai engineers identified that the vulnerability was in Lasso, a third-party, open source library which implements the SAML v2.0 authentication protocol. Lasso is the library that Akamai EAA uses to verify SAML assertions for applications when a customer configures SAML authentication with third-party identity provider(s) (IdPs). Further investigation of the Lasso library determined that the weakness had a wider impact on other software which has Lasso as a dependency. A comprehensive fix was deployed to the EAA network as of March 4th, 2021. No updates were required for the EAA connector appliances or the EAA Client. Akamai has determined that the SOGo and PacketFence packages maintained by Inverse, a company recently acquired by Akamai, also depend on Lasso for deployments using SAML for authentication. The SOGo package was also subject to another independent but related vulnerability, CVE-2021-33054. Information about the impact on SOGo and PacketFence may be found here. We have verified that all other external facing applications provided by Akamai, including Akamai Control Center, are not vulnerable to this attack vector.

  • Wireshark 3.4.6

    Wireshark is a network packet analyzer. A network packet analyzer will try to capture network packets and tries to display that packet data as detailed as possible. You could think of a network packet analyzer as a measuring device used to examine what's going on inside a network cable, just like a voltmeter is used by an electrician to examine what's going on inside an electric cable (but at a higher level, of course). In the past, such tools were either very expensive, proprietary, or both. However, with the advent of Wireshark, all that has changed. Wireshark is perhaps one of the best open source packet analyzers available today.

Nate Graham: KDE 2021 roadmap mid-year update

Power/session actions in the lock screen: AT RISK No new work done. May not happen this year. Production-ready Plasma Wayland session: ON TRACK In part due to it being an official KDE goal, a truly enormous, herculean amount of work has gone into making the Plasma Wayland session usable, to the point where the Fedora KDE spin has decided to enable it by default in Fedora 34, which ships Plasma 5.21. This is quite a vote of confidence! I fully expect that by Plasma 5.23, it will be broadly usable for day-to-day use. I find that it’s almost there for me. Fingerprint support throughout the stack: AT RISK No new work done. May not happen this year. We are kind of blocked by the necessary SDDM pieces not being done yet. Assistance needed. Finish up Breeze Evolution: ON TRACK Work is proceeding and the new widget style will land in Plasma 5.23. After that, most of the remaining work requires changes to apps themselves, particularly to make them less framey. Adopting KHamburgerMenu in more of our apps will help too, and it’s already been done for Dolphin and Gwenview, with more on the way. Read more

