Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Monday, 10 Dec 18 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Security: Polkit, CSP, Ansible and Router Hardening Checklist

Filed under
Security
  • Polkit CVE-2018-19788 vs. SELinux
  • Why is your site not using Content Security Policy / CSP?

    Yesterday, I had the pleasure of watching on Frikanalen the OWASP talk by Scott Helme titled "What We’ve Learned From Billions of Security Reports". I had not heard of the Content Security Policy standard nor its ability to "call home" when a browser detect a policy breach (I do not follow web page design development much these days), and found the talk very illuminating.

    The mechanism allow a web site owner to use HTTP headers to tell visitors web browser which sources (internal and external) are allowed to be used on the web site. Thus it become possible to enforce a "only local content" policy despite web designers urge to fetch programs from random sites on the Internet, like the one enabling the attack reported by Scott Helme earlier this year.

  • Red Hat Ansible Playbooks Password Exposure Vulnerability [CVE-2018-16859]

    CVE-2018-16859. A vulnerability in Red Hat Ansible could allow a local attacker to discover plaintext passwords on a targeted system.

  • Router Hardening Checklist

Games: DiRT 4, SuperTuxKart and The 10 Best Free Linux Games

Filed under
Gaming
  • DiRT4 Power Slides onto Linux in 2019

    DiRT 4 is the latest instalment of the popular franchise to drift on to free software platforms (as well as a non-free software platform in macOS). It follows on from the successful Linux release of DiRT Rally last spring.

    DiRT 4 was originally released on Windows, PlayStation 4 and Xbox One in June 2017 and has garnered plenty of praise, positive reviews and high review scores.

  • SuperTuxKart Spruces Up Its In-Game Visuals

    SuperTuxKart, the famous free software kart racer, is picking up some improved visuals within the in-game user interface and racing screens.

    Detailing their plans on the game’s official dev blog, the team behind the iconic racer have shared more details about the graphical spit and polish they’ve given the game ahead of its next major release.

  • Refreshing the GUI

    Online multiplayer won't be the focus of this new blog post : we will tell you more about it when launching the official beta in the coming weeks.

    Instead, we'll tell you more about the many changes in the game's UI.

  • The 10 Best Free Linux Games

    There are plenty of excellent games on Linux, and a fair amount of them are completely free. Some are open source, and others are fairly big names available through Steam. In every case, these are quality games that you can play any time on Linux at absolutely no cost.

Programming Leftovers

Filed under
Development

Review: openSUSE Tumbleweed (2018)

Filed under
Reviews
SUSE

My experiment with openSUSE's Tumbleweed was a mixed experience. On the positive side, Tumbleweed stays constantly up to date, providing the latest packages of software all the time. For people who regularly want to stay on the cutting edge, but who do not want to re-install or perform a major version-to-version upgrade every six months, Tumbleweed provides an attractive option. I also really like that file system snapshots are automated and we can revert most problems simply by restarting the computer and choosing an older snapshot from the boot menu.

On the negative side, a number of things didn't work during my time with the distribution. Media support was broken, the Discover software manager had a number of issues and some configuration modules caused me headaches. These rough edges sometimes get fixed, but may be traded out for other problems since the operating system is ever in flux.

In the long term, a bigger issue may be the amount of network bandwidth and disk space Tumbleweed consumes. Just to keep up with updates we need set aside around 1GB of downloads per month and (when Btrfs snapshots are used) even more disk space. In a few weeks Tumbleweed consumed more disk space with far fewer programs installed as my installation of MX Linux. Unless we keep on top of house cleaning and constantly remove old snapshots we need to be prepared to use significantly more storage space than most other distributions require.

Tumbleweed changes frequently and uses more resources to keep up with the latest software developments. I would not recommend it for newer Linux users or for people who want predictability in the lives. But for people who want to live on the cutting edge and don't mind a little trouble-shooting, Tumbleweed provides a way to keep up with new versions of applications while providing a safety net through Btrfs snapshots.

Read more

Linux 4.20-rc6

Filed under
Linux

Hmm. Things look fairly normal. just under half of the patch is to
drivers (gpu, networking, nvdimm, block, media..), with the rest being
tooling (mostly bpf selftests) core networking, documentation and some
arch updates, Some filesystem, core kernel and mm fixes in there too
(we've had some last-minute THP reverts and discussion for how to
re-do it next time).

Most of it looks pretty small and normal. Would I have preferred for
there to be less churn? Yes. But it's certainly smaller than rc5 was,
so we're moving in the right direction, and we have at least one more
rc to go.

I say "at least", not because I'm particularly worried about the
technical details and any outstanding bugs, but because of the whole
holiday season timing. I still suspect that what I'll do is release
4.20 just before xmas (so with the usual "rc7->final" cadence) but
then just leave a dead week for the holiday season. Again encouraging
everybody to send in their pull request for the merge window *before*
the holiday season, but I might just either ignore them for a week, or
take it very slow and easy.

And of course, if we have something worrisome come up, any technical
issues can derail that plan, but I don't think there's anything bad
pending now.

Linus

Read more

Also: Linux 4.20-rc6 Kernel Released - "Looks Fairly Normal"

Audiocasts: Linux Action News, OpenBSD in Stereo, GNU World Order, Coder Radio and Open Source Security Podcast

Filed under
Interviews
  • Linux Action News 83

    Plus the Kernel team’s clever Spectre slowdown fix, Emby goes proprietary, Steam Link lives on, and more.

  • OpenBSD in Stereo | BSD Now 275

    DragonflyBSD 5.4 has been released, down the Gopher hole with OpenBSD, OpenBSD in stereo with VFIO, BSD/OS the best candidate for legally tested open source Unix, OpenBGPD adds diversity to the routing server landscape, and more.

  • GNU World Order

    More listener email about ZFS. Noise music. More about workflows, and how to find the right application for your task.

  • Coder Radio 334

    Mike and Chris don’t claim to have a time machine, but they still have a major problem to solve.

  • Open Source Security Podcast: Episode 126 - The not so dire future of supply chain security

    Josh and Kurt continue the discussion from episode 125. We look at the possible future of software supply chains. It's far less dire than previously expected.

OpenShift in Fedora Infrastructure

Filed under
Red Hat

I thought I would write up a quick post to fill folks in on what our OpenShift setup is in Fedora Infrastructure, what we are doing with it now, and what we hope to do with it in coming years.
For those that are not aware, OpenShift is the Red Hat version of OKD, which is a open source, container application platform. That is, it’s a way to deploy and manage application containers. Each of your applications can use a known framework to define how they are built, managed and run. It’s pretty awesome. If you need to move your applicaiton somewhere else, you can just export and import it into another OpenShift/OKD and away you go. Recent versions also include monitoring and logging frameworks too. There is also a very rich permissions model, so you can basically give as much control to a particular application as you like. This means the developer(s) of the applications can also deploy/debug/manage their application without needing any ops folks around for that.
Right now in Fedora Infrastructure we are running two separate OpenShift instances:One in our staging env and one in production. You may note that OpenShift changes the idea of needing a staging env, since you can run a separate staging instance or just test one container of a new version before using it for all of production, however, our main use for the staging OpenShift is not staging applications so much as having another OpenShift cluster to upgrade and test changes in.

Read more

Also: NeuroFedora update: week 49

Editorial: An open letter to Valve on why they should keep on embracing Linux

Filed under
GNU
Linux
Gaming

News in the last week, heck, in the last few weeks and months have the potential to shake up the games industry significantly. It certainly may have huge repercussions for Linux gaming. It’s also been a little hard to follow sometimes, so I decided to explain many of the developments of the past few months and put them within an easy-to-understand context.

Read more

KDE Frameworks 5.53.0

Filed under
KDE

KDE Frameworks are 70 addon libraries to Qt which provide a wide variety of commonly needed functionality in mature, peer reviewed and well tested libraries with friendly licensing terms. For an introduction see the Frameworks 5.0 release announcement.

This release is part of a series of planned monthly releases making improvements available to developers in a quick and predictable manner.

Read more

Also: KDE Frameworks 5.53 Released With Important KIO Performance Fix, KWayland Updates

Here's The Best Linux Distro For Your Lenovo ThinkPad X1 Extreme

Filed under
Linux

When I evaluate any combination of hardware and operating system, my goal is to have 100% out-of-the-box functionality and start testing. That's a demand I place on both Windows and Linux. I'm currently in the process of reviewing Lenovo's ThinkPad X1 Extreme (watch for separate Windows 10 and Linux reviews), but in the interim wanted to share my experience installing a few different Linux distributions on it. Beyond that, I want to provide an enthusiastic recommendation for X1 Extreme users wanting the easiest desktop Linux experience right out of the box.

Read more

Top 20 Best Tizen Apps for November 2018

Filed under
Linux

Once again, we’re here with the monthly rundown of the most downloaded apps from the Tizen Store. As usual, the month of November 2018 also didn’t bring any BIG good news for the Tizen smartphone users, except for a WhatsApp update. WhatsApp for Tizen got a relatively huge update early in November which helped the App grab a firm hold in the top spot of the most downloaded apps list once again.

Facebook, despite lacking features its Android and iOS counterparts boast, remains the second most downloaded app. Facebook Messenger, meanwhile, is back at third after temporarily losing the spot to a new game, Counter Terror: Pursuit, in October. Below is the list of the top 20 most downloaded apps.

Read more

The 5 Best Linux Distros for Laptops

Filed under
GNU
Linux

Maybe you’ve just purchased a brand new laptop. Or maybe you have an older laptop sitting in your closet that you’d like to bring back to life. Either way, the best Linux distros for laptops are those that offer better driver support and can accommodate the performance offered by most laptops.

People buy laptops for a specific purpose. That may be software development, creating graphic content, gaming, or office work. The Linux distros below are well suited to run on any laptop.

Read more

Graphics: Freedreno Gallium3D and NVIDIA

Filed under
Graphics/Benchmarks
  • Freedreno Gallium3D Lands MSAA Support For Qualcomm Adreno 600 Series

    While Qualcomm was busy hosting their Tech Summit this week in Hawaii, the independent open-source developers were pressing ahead with their reverse-engineered Qualcomm Adreno 3D graphics driver support.

    Rob Clark of Red Hat and Kristian Kristensen of Google landed their latest Freedreno Gallium3D driver improvements into Mesa 19.0. The most notable addition was multi-sample anti-aliasing support (MSAA) for the Adreno 600 series hardware. There is also now EXT_multisampled_render_to_texture support exposed by this Gallium3D driver. Besides that work there were also fixes and other changes.

  • NVIDIA Tegra X2 & Xavier Get HDMI Audio With Linux 4.21

    While it's not as exciting as if seeing full 3D open-source driver support, with the upcoming Linux 4.21 kernel are some mainline Tegra improvements that does include HDMI audio support for the X2 and Xavier SoCs.

    Thierry Reding of NVIDIA sent in the Tegra DRM driver updates this week for the upcoming Linux 4.21 cycle. He commented, "These changes contain a couple of minor fixes for host1x and the Falcon library in Tegra DRM. There are also a couple of missing pieces that finally enable support for host1x, VIC and display on Tegra194. I've also added a patch that enables audio over HDMI using the SOR which has been tested, and works, on both Tegra186 and Tegra194."

Powers of two, powers of Linux: 2048 at the command line

Filed under
HowTos

Hello and welcome to today's installment of the Linux command-line toys advent calendar. Every day, we look at a different toy for your terminal: it could be a game or any simple diversion that helps you have fun.
Maybe you have seen various selections from our calendar before, but we hope there’s at least one new thing for everyone.

Today's toy is a command-line version of one of my all-time favorite casual games, 2048 (which itself is a clone of another clone).

Read more

More Radeon RX 590 Ubuntu Benchmarks - See How Your Linux GPU Performance Compares

Filed under
Graphics/Benchmarks

Published on Friday was my Radeon RX 590 Linux benchmarks now that the kinks in the support for this latest Polaris refresh are worked out (at least in patch form). Here are some complementary data points with some of the OpenGL tests outside of the Steam games for those curious about the RX 590 performance in other workloads or wanting to see how your own GPU performance would compare to these results.

The Radeon RX 590 continues running well with the patched Linux 4.20 kernel build (hopefully the last patch needed for the RX 590 will make it into 4.20 mainline soon) and in user-space was Mesa 19.0 from the Padoka PPA for this system running on Ubuntu 18.04 LTS.

Read more

This week in Usability & Productivity, part 48

Filed under
KDE

Next week, your name could be in this list! Not sure how? Just ask! I’ve helped mentor a number of new contributors recently and I’d love to help you, too! You can also check out https://community.kde.org/Get_Involved, and find out how you can help be a part of something that really matters. You don’t have to already be a programmer. I wasn’t when I got started. Try it, you’ll like it! We don’t bite!

Read more

Also: Baloo, Kate & Other KDE Programs Getting Improvements Ahead Of The Holidays

Git v2.20.0

Filed under
Development
OSS

The latest feature release Git v2.20.0 is now available at the usual places. It is comprised of 962 non-merge commits since v2.19.0 (this is by far the largest release in v2.x.x series), contributed by 83 people, 26 of which are new faces.

Read more

Also: Git 2.20 Brings Many Fixes, Updates To Windows Port

Syndicate content

More in Tux Machines

Security: Updates, Best VPNs for GNU/Linux, and Google+ Chaos Again

  • Security updates for Monday
  • Best VPNs for Linux
  • After a Second Data Leak, Google+ Will Shut Down in April Instead of August
    Back in October, a security hole in Google+’s APIs lead Google to announce it was shutting down the service. Now, a second data leak has surfaced, causing the company to move the shutdown up by four months. This new data leak is quite similar to the first one: profile information such as name, email address, age, and occupation was exposed to developers, even for private profiles. It’s estimated that upwards of 52 million users were affected by this leak. The good news is that while the first hole was open for three years, this one was only an issue for six days, from November 7th to the 13th, 2018.

Linux and Linux Foundation Leftovers

  • Initial i.MX8 SoC Support & Development Board Possibly Ready For Linux 4.21
    While the i.MX8 series was announced almost two years ago and the open-source developers working on the enablement for these new NXP SoCs hoped for initial support in Linux 4.17, the Linux 4.21 kernel that will be released in the early months of 2019 is slated to possibly have the first i.MX8 support in the form of the i.MX8MQ and also supporting its development/evaluation board.
  • AeonWave: An Open-Source Audio Engine Akin To Microsoft's XAudio2 / Apple CoreAudio
    An open-source audio initiative that's been in development for years but flying under our radar until its lead developer chimed in is AeonWave, which supports Windows and Linux systems while being inspired by Microsoft XAudio and Apple's CoreAudio.
  • Take Linux Foundation Certification Exams from Anywhere
    2018 has seen a new wave of popularity for the open source community and it has sparked more interest in potential engineers, system administrators, and Linux experts. 2019 is around the corner and now is a good time to look up Linux certification examinations that will enable you to progress in your career. The good news we have for you is that the Linux Foundation has made certification examinations available online so that IT enthusiasts can get certificates in a wide range of open source domains.

Games Leftovers

  • The Linux version of Civilization VI has been updated with cross-platform multiplayer support
    Just in time for the holidays, Linux gamers finally have version parity with other platforms. Expect to be able to spend just one more turn playing with friends on other operating systems.
  • John Romero has announced a free unofficial spiritual successor to The Ultimate DOOM's 4th episode
    John Romero, one of the co-founders of id Software has revealed he's been working on SIGIL, a free megawad for the original 1993 DOOM. [...] These boxes, will contain music from Buckethead, along with a custom song written expressly for SIGIL. A tempting purchase for any big DOOM fan, I especially love the sound of a 16GB 3-1/2-inch floppy disk-themed USB. You have until December 24, 2018 to order one and I imagine stock will go quite quickly.
  • Unvanquished Open-Source Game Sees Its First Alpha Release In Nearly Three Years
    Unvanquished had been easily one of the most promising open-source games several years back with decent in-game visuals/art, a continually improving "Daemon" engine that was a distant mod of ioquake3 while leveraging ETXReaL components and more, and all-around a well-organized, advancing open-source game project. Their monthly alpha releases stopped almost three years ago while today that's changed just ahead of Christmas. The Unvanquished developers announced Unvanquished Alpha 51 today as their first release in two years and eight months after having made fifty monthly alpha releases. While this is the fifty-first alpha, the developers say they should soon be ready for the beta drop.
  • Unvanquished, the free and open source shooter has a huge new release now out
    After being quiet for some time, the Unvanquished team is back and they have quite a lot to show off in the new release of their free and open source shooter. This is their first new release since April 2016, so the amount that's changed is quite striking! Hopefully, this will be the start of regular release once again, since they used to do monthly releases a few years ago and it was fun to watch it grow.
  • Valve adds even more gamepad support to their latest client beta
    Valve are continuing to support as many devices as possible with a new Steam client beta now available. Since there's no gamepad to rule them all, it makes sense for Valve to support as many as they can. Even though I love the Steam Controller, I do understand that it's not going to be a good fit for everyone. Now, Steam will support the PowerA wired/wireless GameCube Style controllers, PowerA Enhanced Wireless Controller and the PDP Faceoff Wired Pro Controller to boost their already rather large list of supported devices.
  • The turn-based tactical RPG Fell Seal: Arbiter's Mark is coming along nicely
    After a few months in Early Access, the tactical RPG Fell Seal: Arbiter's Mark has come along nicely and it's quite impressive. It became available on Steam back in August, this was with same-day Linux support as promised from developer 6 Eyes Studio after their successful Kickstarter.
  • Citra, the Nintendo 3DS emulator now has 'Accurate Audio Emulation'
    Citra, the impressive and quickly moving Nintendo 3DS emulator has a new progress report out and it sounds great. They've made some great progress on accurate audio emulation, with their new "LLE (Accurate)" option. They say this has enabled games like Pokémon X / Y, Fire Emblem Fates and Echoes and more to work. There's a downside though, that currently the performance does take quite a hit with it so they're still recommending the "HLE (Fast)" setting for now. They go into quite a lot of detail about how they got here, with plenty of bumps along the way. Most of the work towards this, was done by a single developer who suffered a bit of a burn-out over it.
  • Mindustry, an open source sandbox Tower Defense game that's a little like Factorio
    Available under the GPL, the developer originally made it for the GDL Metal Monstrosity Jam which happened back in 2017 and it ended up winning! Seems the developer didn't stop development after this, as they're currently going through a new major release with regular alpha builds.
  • Have graphical distortions in Unity games with NVIDIA? Here's a workaround
    It seems a lot of Unity games upgrading to later versions of Unity are suffering from graphical distortions on Linux with an NVIDIA GPU. There is a workaround available.

Wine-Staging 4.0-RC1 Released With Just Over 800 Patches On Top Of Wine

Released on Friday was Wine 4.0-RC1 while coming out over the weekend was the Wine-Staging re-base that is carrying still over 800 patches on top of the upstream Wine code-base. Wine-Staging 4.0-RC1 is available with 805 patches over what's found in the "vanilla" Wine code-base. But prior to the Wine 4.0 RC1 milestone there were a fair number of patches that were promoted upstream including ntoskrnl, WindowsCodecs, user32, and DXGI changes. Read more