Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Friday, 21 Oct 16 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Using tags to browse through source code

Filed under

When you read source code, often you need to look for definitions of functions, classes, or other objects. Editors such as Emacs and Vim help you browse the code by supporting the concept of tags.

Parallel Knoppix 2.3 LiveCD

Filed under

A new release of Parallel Knoppix is out, which is a Knoppix-based distribution for cluster computing using LAM-MPI and MPICH. Among the updates in Parallel Knoppix 2.3 is updates against Debian unstable.

Turbolinux preps multimedia player with bootable Linux

Filed under

Japan's Turbolinux will begin selling its Wizpy Linux-based multimedia player in February. As a bonus, the device can also be used to boot a PC into the Linux OS, allowing users to access their files in their own working environment on almost any PC.


Filed under
  • Changing file associations in ubuntu is as easy

  • Switching from Sun-Java5 to Sun-Java6 in Ubuntu6.10 (edgy)
  • Consolidate your gnome menus with gnome-main-menu

  • Tip of the Trade: Kickstart
  • How-To turn off beep from virtual console
  • What is umask and how to setup default umask under Linux?

Getting to the root of open source

Filed under

PART OF THE early received wisdom about open-source was that it couldn't last: why would people donate their time and expertise to creating something for no return?

Don't spread FUD about Vista

Filed under

Vista is out and the community of GNU/Linux enthusiasts are up on their feet trying to persuade everyone that instead of going with the flow and upgrading to Vista, we should upgrade to GNU/Linux. This wont stop any time soon.

Faster, safer Internet with OpenDNS

Filed under

The domain name system (DNS) maps human-understandable Web site addresses into numeric IP addresses. Launched in July 2006, OpenDNS adds a few free services on top of the traditional DNS to block phishing Web sites and auto-correct common misspelled URLs. And thanks to some clever traffic routing and load-balancing technology, OpenDNS can also deliver Web pages faster.

Understanding Open Source technology

Filed under

The IT industry is going through another round of major changes. A new concept in technology is bringing about tremendous opportunities for great possibilities. This new technological innovation is simply called Open Source.

Also: Open Source Licensing: An enigma wrapped in a mystery, wrapped in legal fees

Digital image resizing with the GIMP

Filed under

Processing digital images is a very common task today. Image processing tools are so common that users often process images by trial and error, without really knowing what they are doing. One of the operations people fail most commonly is resizing an image.

Backup Encryption

Filed under

Hardly a week goes by without some story in the news about a company leaking important data through loss of their backup tapes. Whether it is through malicious theft, opportunistic snatching, or accidental misplacement, there is a huge cost to a business when data is lost. When the data contains sensitive information about members of the public, possibly including bank account and credit card numbers, the cost can be severe indeed.

SuSE, Ubuntu and Linspire/Freespire- Understanding Your Market

Filed under

If I had a magic wand, I would take Novell’s resources and Ubuntu’s (Canonical) vision and see the birth of a single Linux product. Each entity has half of it right and the other half of it totally wrong.

Season of Usability Focuses on Two KDE Applications

Filed under

The Season of Usability, run by the OpenUsability project has kicked off with two KDE applications in the focus: BasKet Note Pads and the KDE 4 universal document viewer Okular.

The Road to KDE 4: Kalzium and KmPlot

Filed under

Since not all of the development for KDE 4 is in base technologies, this week features two of applications from the KDE-Edu team: Kalzium, a feature-filled chemistry reference tool, and KmPlot, a powerful equation graphing and visualization program.

MS to debut at Linux Asia ’07

Filed under

If you can’t beat them why not join them. This could well be Microsoft’s new mantra. For the first time ever Redmond Giant Microsoft will be rubbing shoulders with its arch rival, the Penguin (Linux mascot) at Linux Asia 2007.

Linux 2.6.20-rc6 Kernel Performance

Filed under

On top of our hardware reviews and comparisons at Phoronix we also cover and compare the latest ATI and NVIDIA drivers along with some of the other popular software packages; however, we have decided to feature Linux kernel performance comparisons with each major release. We will be covering some of the major highlights with each release as well as comparing its performance in a variety of tests against recent kernels.

Howto: switch from Ubuntu to Kubuntu or Xubuntu or Edubuntu or vice versa (6.10 edgy)

Filed under

I recently installed Ubuntu6.10 with the Kubuntu6.10 install cd. Why? I did not feel like downloading the Ubuntu iso while having the Kubuntu cd ready for usage. After a successful install of Kubuntu its easy to revert to Ubuntu.

Ubuntu Quality Control Problems

Filed under

I have been a strong supporter of Ubuntu but am not a blind fan either. Ubuntu 6.10 “Edgy” is simply the worst linux version I have ever used in 8 years of running on Linux. Sure, “Dapper” had the infamous security update that crashed X losing 2 days of our productivity. But one big goof can be lived with - every thing else in Dapper was working well. But then we upgraded to Edgy and more serious problems began.

openSUSE 10.2 Network Boot and Installation HOWTO

Filed under

This HOWTO describes how to setup an openSUSE 10.2 machine to act as a network boot and install server. I have used this method to install openSUSE 10.2 on my Tablet PC (Toshiba Portege M200). The plan is to have a DHCP server assigning IPs, TFTP server for PXELINUX to be loaded (to load the openSUSE installer) and an NFS share to supply the installation files.

E is for elegant with Elive live CD

Filed under

Elive is a live CD Linux distribution based on Debian that uses the Enlightenment window manager. Elive aims to provide an aesthetically pleasing environment with a full suite of desktop applications that runs efficiently on older systems. Its developers aren't finished yet, but they've come a long way with Elive since the release of 0.3 more than a year ago. This CD shows how beautiful distributions can become without being bloated.

From KDE 3 to KDE 4: what we will leave behind

Filed under

The last commit digest made me thinking about applications development for KDE 4: several of the applications we really got used to in KDE 3 will be left behind because they will be replaced in one way or the other. So I decided to check which applications I know of will be replaced, and by what they will be replaced.

Syndicate content

More in Tux Machines

CVE-2016-5195 Patched

  • Linux Kernels 4.8.3, 4.7.9 & 4.4.26 LTS Out to Patch "Dirty COW" Security Flaw
    Today, October 20, 2016, Linux kernel maintainer Greg Kroah-Hartman announced three new maintenance updates for the Linux 4.8, 4.7, and 4.4 LTS kernel series, patching a major security vulnerability. Known as "Dirty COW," the Linux kernel vulnerability documented at CVE-2016-5195 is, in fact, a nasty bug that could have allowed local users to write to any file they can read. The worst part is that the security flaw was present in various Linux kernel builds since at least the Linux 2.6.x series, which reached end of life in February this year.
  • Canonical Patches Ancient "Dirty COW" Kernel Bug in All Supported Ubuntu OSes
    As reported earlier, three new Linux kernel maintenance releases arrived for various Linux-based operating systems, patching a critical and ancient bug popularly known as "Dirty COW." We already told you that the kernel vulnerability could be used by a local attacker to run programs as an administrator, and it looks like it also affects all supported Ubuntu releases, including Ubuntu 16.10 (Yakkety Yak), Ubuntu 16.04 LTS (Xenial Xerus), Ubuntu 14.04 LTS (Trusty Tahr), and Ubuntu 12.04 LTS (Precise Pangolin), as well as all of their official or unofficial derivatives running the same kernel builds.

Mad Max Now on GNU/Linux

  • Mad Max Open World Action-Adventure Video Game Released for Linux, SteamOS & Mac
    After teasing us earlier this month, today, October 20, 2016, Feral Interactive had the great pleasure of announcing the release of the Mad Max open world action-adventure video game for the SteamOS, Linux, and Mac platforms. Feral Interactive is well known for bringing AAA titles to the Linux and Mac gaming world, and after porting the Tomb Raider 2013 reboot last year to our beloved platforms, which continue to get more fans by the day, now the UK-based video games publisher delights us with the superb Mad Max title developed by Avalanche Studios and published by Warner Bros.
  • Mad Max Launches For Linux
    Feral Interactive's port of Mad Max to Linux (and macOS) is now officially out and can be found on Steam. Feral announced their Mad Max port at the beginning of October while today it's ready to ship. As mentioned in that original article, the Linux system requirements are fairly stiff with only listing NVIDIA hardware under Linux and the minimum being a GTX 660 while the recommendation is at least a GTX 970.
  • Mad Max Appears To Work Fine With RadeonSI Gallium3D
    This morning's release of the Mad Max game for Linux lists only NVIDIA graphics as supported, but it does turn out at least for newer AMD GPUs using the RadeonSI Gallium3D driver things should work -- well, assuming you are using the latest open-source driver code.
  • Mad Max released for Linux, port report and review available
    Mad Max is the latest Linux port from Feral Interactive, probably one of the titles I have been most excited about so hopefully it lives up to the promise. It has only been a few weeks since Feral Interactive released Dawn of War II, Chaos Rising and Retribution on Linux, and now we have a real whopper with Mad Max. Something Linux lacks is a reasonable amount of high quality open-world story-based games. We started getting a few with Borderlands 2 and Shadow of Mordor, but another top quality game like this is a must for us to keep the interest up.

Red Hat and Fedora

  • Red Hat – the open source conglomerate
    As successful companies grow, they accumulate products; new ones are developed and additional ones are acquired. Managing diverse portfolios is a challenge, not least when it comes to putting it all together on a single presentation slide to make it appear there is an overall coherent product strategy.
  • Ericsson Embraces Red Hat OpenStack Platform
    Ericsson and Red Hat today announced a broad alliance to work together on network functions virtualization (NFV) products. And the telco infrastructure provider will now support the Red Hat OpenStack Platform. Ericsson already has a longstanding distribution partnership with Red Hat that includes Red Hat Enterprise Linux and Red Hat JBoss Middleware. The existing distribution partnerships define not only commercial terms, but also joint support models, co-engineering and certification testing, and joint go-to-market collaboration.
  • Raleigh's Red Hat teams up with Ericsson
    Open-source software firm Red Hat (NYSE: RHT) has teamed up with Ericsson (Nasdaq: ERIC) on what the companies are calling a “broad alliance” aimed at transforming the information and communications technology market. Red Hat, headquartered at downtown Raleigh’s Red Hat Tower, announced that its new partnership with Ericsson would allow the duo to deliver fully open-source and production-ready cloud infrastructure, spanning OpenStack, software-defined networking and software-defined infrastructure.
  • FCAIC in the House
    The job is like many other roles called “Community Manager” or “Community Lead.” That means there is a focus on metrics and experiences. One role is to try ensure smooth forward movement of the project towards its goals. Another role is to serve as a source of information and motivation. Another role is as a liaison between the project and significant downstream and sponsoring organizations. In Fedora, this means I help the Fedora Project Leader. I try to be the yen to his yang, the zig to his zag, or the right hand to his right elbow. In all seriousness, it means that I work on a lot of the non-engineering focused areas of the Fedora Project. While Matthew has responsibility for the project as a whole I try to think about users and contributors and be mechanics of keeping the project running smoothly.
  • keepalived: Simple HA
    We have been using keepalived in Fedora Infrastructure for a while now. It’s a pretty easy to use and simple way to do some basic HA. Keepalived can keep track of which machine is “master” for a IP address and quickly fail over and back when moving that IP address around. You can also run scripts on state change. Keepalived uses VRRP and handles updating arp tables when IP addresses move around. It also supports weighting so you can prefer one or another server to “normally” have the master IP/scripts.
  • What does Factory 2.0 mean for Modularity?
    This blog now has a drop-down category called Modularity. But, many arteries of Modularity lead into a project called Factory 2.0. These two are, in fact, pretty much inseparable. In this post, we’ll talk about the 5 problems that need to be solved before Modularity can really live. The origins of Factory 2.0 go back a few years, when Matthew Miller started the conversation at Flock. The first suggested names were “Fedora Rings”, “Envs and Stacks”, and Alephs.
  • varnish-5.0, varnish-modules-0.9.2 and hitch-1.4.1, packages for Fedora and EPEL
    The Varnish Cache project recently released varnish-5.0, and Varnish Software released hitch-1.4.1. I have wrapped packages for Fedora and EPEL. varnish-5.0 has configuration changes, so the updated package has been pushed to rawhide, but will not replace the ones currently in EPEL nor in Fedora stable. Those who need varnish-5.0 for EPEL may use my COPR repos at They include the varnish-5.0 and matching varnish-modules packages, and are compatible with EPEL 5, 6, and 7.
  • Installroot in DNF-2.0

Security News

  • Security advisories for Thursday
  • More information about Dirty COW (aka CVE-2016-5195)
    The security hole fixed in the stable kernels released today has been dubbed Dirty COW (CVE-2016-5195) by a site devoted to the kernel privilege escalation vulnerability. There is some indication that it is being exploited in the wild. Ars Technica has some additional information. The Red Hat bugzilla entry and advisory are worth looking at as well.
  • CVE-2016-5195
    My prior post showed my research from earlier in the year at the 2016 Linux Security Summit on kernel security flaw lifetimes. Now that CVE-2016-5195 is public, here are updated graphs and statistics. Due to their rarity, the Critical bug average has now jumped from 3.3 years to 5.2 years. There aren’t many, but, as I mentioned, they still exist, whether you know about them or not. CVE-2016-5195 was sitting on everyone’s machine when I gave my LSS talk, and there are still other flaws on all our Linux machines right now. (And, I should note, this problem is not unique to Linux.) Dealing with knowing that there are always going to be bugs present requires proactive kernel self-protection (to minimize the effects of possible flaws) and vendors dedicated to updating their devices regularly and quickly (to keep the exposure window minimized once a flaw is widely known).
  • “Most serious” Linux privilege-escalation bug ever is under active exploit (updated)
    While CVE-2016-5195, as the bug is cataloged, amounts to a mere privilege-escalation vulnerability rather than a more serious code-execution vulnerability, there are several reasons many researchers are taking it extremely seriously. For one thing, it's not hard to develop exploits that work reliably. For another, the flaw is located in a section of the Linux kernel that's a part of virtually every distribution of the open-source OS released for almost a decade. What's more, researchers have discovered attack code that indicates the vulnerability is being actively and maliciously exploited in the wild.
  • Linux users urged to protect against 'Dirty COW' security flaw
    Organisations and individuals have been urged to patch Linux servers immediately or risk falling victim to exploits for a Linux kernel security flaw dubbed ‘Dirty COW'. This follows a warning from open source software vendor Red Hat that the flaw is being exploited in the wild. Phil Oester, the Linux security researcher who uncovered the flaw, explained to V3 that the exploit is easy to execute and will almost certainly become more widely used. "The exploit in the wild is trivial to execute, never fails and has probably been around for years - the version I obtained was compiled with gcc 4.8," he said.
  • Hackers Hit U.S. Senate GOP Committee
    The national news media has been consumed of late with reports of Russian hackers breaking into networks of the Democratic National Committee. Lest the Republicans feel left out of all the excitement, a report this past week out of The Netherlands suggests Russian hackers have for the past six months been siphoning credit card data from visitors to the Web storefront of the National Republican Senatorial Committee (NRSC). [...] Dataflow markets itself as an “offshore” hosting provider with presences in Belize and The Seychelles. Dataflow has long been advertised on Russian-language cybercrime forums as an offshore haven that offers so-called “bulletproof hosting,” a phrase used to describe hosting firms that court all manner of sites that most legitimate hosting firms shun, including those that knowingly host spam and phishing sites as well as malicious software. De Groot published a list of the sites currently present at Dataflow. The list speaks for itself as a collection of badness, including quite a number of Russian-language sites selling synthetic drugs and stolen credit card data. According to De Groot, other sites that were retrofitted with the malware included e-commerce sites for the shoe maker Converse as well as the automaker Audi, although he says those sites and the NRSC’s have been scrubbed of the malicious software since his report was published. But De Groot said the hackers behind this scheme are continuing to find new sites to compromise. “Last Monday my scans found about 5,900 hacked sites,” he said. “When I did another scan two days later, I found about 340 of those had been fixed, but that another 170 were newly compromised.”
  • Thoughts on the BTB Paper
    The Branch Target Buffer (BTB) whitepaper presents some interesting information. It details potential side-channel attacks by utilizing timing attacks against the branch prediction hardware present in Intel Haswell processors. The article does not mention Intel processors later than Haswell, such as Broadwell or Skylake. Side-channel attacks are always interesting and fun. Indeed, the authors have stumbled into areas that need more research. Their research can be applicable in certain circumstances. As a side-note, KASLR in general is rather weak and can be considered a waste of time[1]. The discussion why is outside the scope of this article.