Language Selection

English French German Italian Portuguese Spanish

Gentoo

Calculate Linux Desktop 18 LXQt released

Filed under
Gentoo

We are happy to announce the release of a new Calculate Linux Desktop flavour, featuring the LXQt desktop and therefore named CLDL. As well as other Calculates, it is backward compatible with Gentoo. As well as Gentoo, it uses Portage to install and manage packages. Our repository contains 13033 binary packages. The system boots with OpenRC. For network configuration, you have the choice between NetworkManager or OpenRC. For sound management, ALSA is suggested, PulseAudio is not needed.
CLDL is the fifth little one in the Calculate Linux Desktop family, providing a full-fledged workplace both in office and at home. This new distribution perfectly combines the advantages of Qt5, which is indeed the base for its interface, with the low system requirements of the Openbox window manager. CLDL is localized out-of-box in all standard European languages.

Read more

Elivepatch Progressing For Live Kernel Patching On Gentoo, Rolling To Other Distros

Filed under
Linux
Gentoo

Elivepatch is a distributed live kernel patching mechanism developed by the Gentoo crowd during GSoC 2017 and has continued to be developed. While it is still centered around Gentoo, there are ambitions to bring this open-source live kernel patching tech to other distributions.

Alice Ferrazzi as the Gentoo Kernel Project Leader has been central to the development of Elivepatch going back to its start almost two years ago and she presented on it last week at Linux Plumbers Conference 2018. Elivepatch builds upon the live-patching code in the mainline kernel but was motivated due to the different vendor solutions being quite limited. For example, Oracle with Ksplice only works with Oracle Linux kernels, some of the vendor solutions being closed-source, requiring other custom kernel bits, or lack long-term support.

Read more

Compartmentalized computing with CLIP OS

Filed under
OS
Gentoo

The design of CLIP OS 5 includes three elements: a bootloader, a core system, and the cages. The system uses secure boot with signed binaries. Only the x86 architecture was supported in the previous versions, and there are no other architectures in the plan for now. The core system is based on Hardened Gentoo. Finally, the cages provide user sessions, with applications and documents.

Processes running in separate cages cannot communicate directly. Instead, they must pass messages using special services on the core system; these services are unprivileged and confined on the cage system, but privileged on the core. These communication paths are shown in this architecture diagram from the documentation. Cages are also isolated from the core system itself — all interactions (system calls, for example) are checked and go through mediation services. The isolation between applications will be using containers, and the team plans to use the Flatpak format. The details of the CLIP OS 5 implementation are not available yet, as this feature is planned for the stable release.

A specific Linux security module (LSM) inspired from Linux-VServer will be used to add additional isolation between the cages, and between the cages and the core system. Linux-VServer is a virtual private server implementation designed for web hosting. It implements partitioning of a computer system in terms of CPU time, memory, the filesystem, and network addressing into security contexts. Starting and stopping a new virtual server corresponds to setting up and tearing down a security context.

Read more

Calculate Linux 18 released

Filed under
Gentoo

We are happy to announce the release of Calculate Linux 18!

In this latest version, Calculate Utilities were ported to Qt5, your network is managed in a different way, and binary packages get checked using their index signature.

Calculate Linux Desktop featuring KDE (CLD), Cinnamon (CLDC), Mate (CLDM), or Xfce (CLDX) environments, Calculate Linux Scratch (CLS), Calculate Directory Server (CDS) and Calculate Scratch Server (CSS) are available for download.

Read more

CLIP OS, Like Chrome OS, is Based on Gentoo

Filed under
Gentoo

ANSSI, the National Cybersecurity Agency of France, has released the sources of CLIP OS, that aims to build a hardened, multi-level operating system, based on the Linux kernel and a lot of free and open source software. We are happy to hear that it is based on Gentoo Hardened!

Read more

A brief discussion about package installation times in Gentoo Linux

Filed under
Gentoo

I thought that perhaps users of binary-based Linux distributions who are contemplating trying out the source-based distribution Gentoo Linux might be interested to know a bit about installation times in contrast to binary distributions. I am not going to go into great detail here; this is just to give interested people a quick idea of possible package installation times in Gentoo Linux.

The package manager of a binary-based distribution such as Ubuntu downloads and installs binary (i.e. pre-built) packages. On the other hand, Gentoo’s package manager Portage downloads source-code packages and builds the binaries (executables) on your machine. Nevertheless, a small number of Portage packages contain binaries rather than source code, either because the source code could take many hours to build on older hardware or because the source code is simply not available in the public domain. An example of the first scenario is Firefox, which is available in Gentoo both as the source code package www-client/firefox and as the binary package www-client/firefox-bin so that the user can choose which to install (‘merge’, in Gentoo parlance). An example of the second scenario is TeamViewer, which is only available as the binary package net-misc/teamviewer because TeamViewer is closed-source software (i.e. the company that develops TeamViewer does not release its source code).

Read more

Security Issues at Gentoo Narrowed Down to Crappy Password

Filed under
Gentoo
Security
  • Linux experts are crap at passwords!

    Fortunately, Gentoo’s GitHub respository wasn’t the primary source for Gentoo code, and few, if any, Gentoo users were relying on it for software updates.

  • Gentoo publishes detailed report after its GitHub was compromised

    You may have seen the news towards the end of June that Gentoo, a fairly advanced Linux distribution, had its GitHub repository compromised after an attacker managed to gain access to one of the connected accounts. Now, Gentoo has published a comprehensive report about the incident and it turns out that the gaff was due to not following rudimentary security tips.

  • Weak Admin Password Caused Compromise of Gentoo GitHub repository

    Gentoo have finished their investigation of the hack that affected their project last week on GitHub. The point of vulnerability has turned out to be a weak Administrator password. upon compromise the hackers added the Linux killer command “rm -rf /” so when users cloned the project to their computers all their data will be erased.

Microsoft, the NSA, and GitHub

Filed under
Gentoo
Microsoft
Security
  • Gentoo hacker's code changes unlikely to have worked

    Linux distribution Gentoo's maintainers say attempts by attackers last week to sabotage code stored on Github is unlikely to have worked.

    Gentoo's Github account was compromised in late June.

    The attacker was able to gain administrative privileges for Gentoo's Github account, after guessing the password for it.

    Gentoo's maintainers were alerted to the attack early thanks to the attacker removing all developers from the Github account, causing them to be emailed.

  • NSA Exploit "DoublePulsar" Patched to Work on Windows IoT Systems

    An infosec researcher who uses the online pseudonym of Capt. Meelo has modified an NSA hacking tool known as DoublePulsar to work on the Windows IoT operating system (formerly known as Windows Embedded).

    The original DoublePulsar is a hacking tool that was developed by the US National Security Agency (NSA), and was stolen and then leaked online by a hacking group known as The Shadow Brokers.

    At its core, DoublePulsar is a Ring-0 kernel mode payload that acts like a backdoor into compromised systems. DoublePulsar is not meant to be used on its own, but together with other NSA tools.

  • Predictable password blamed for Gentoo GitHub organisation takeover [Ed: when Microsoft takes over the NSA gets all these passwords. (NSA PRISM)]

    Gentoo has laid out the cause and impact of an attack that saw the Linux distribution locked out of its GitHub organisation.

    The attack took place on June 28, and saw Gentoo unable to use GitHub for approximately five days.

    Due a lack of two-factor authentication, once the attacker guessed an admin's password, the organisation was in trouble.

Security: Open Source Security Podcast and Inaccurate Gentoo Coverage

Filed under
Gentoo
Security
  • Open Source Security Podcast: Episode 103 - The Seven Properties of Highly Secure Devices

    We take a real world view into how to secure our devices. What works, what doesn't work, and why this list is actually really good.

  • Github code repository for Gentoo Linux hacked [Ed: Lots of inaccuracies here]

    The Gentoo Linux distribution's Github repository was hacked last June 28, with the attackers modifying the code there.

    Github is a repository for all sorts of source code projects in a variety of programming languages. Gentoo Linux is one such project, stored in Github.

    Gentoo Linux administrators updated users as soon as the issue was found out.

  • Gentoo warning after GitHub hack [Ed: Crack, not "hack"]

    A key Gentoo Linux source code repository should be considered compromised after “unknown individuals” gained access to Gentoo’s Github organisation.

    In an email to the Gentoo announcement list, developer Alec Warner said that the individuals had seized control of the GitHub Gentoo organisation “and modified the content of repositories as well as pages there”.

Gentoo Needs to Delete GitHub

Filed under
Gentoo
Security
  • Gentoo GitHub mirror hacked and considered compromised

    Linux distribution Gentoo has had its GitHub mirror broken into and taken over, with GitHub pages changed and ebuilds replaced.

    In an alert, Gentoo said the attacker gained control of the Github Gentoo organisation at June 28, 20:20 UTC.

    "All Gentoo code hosted on github should for the moment be considered compromised," the alert said.

  • Et tu, Gentoo? Horrible gits meddle with Linux distro's GitHub code

    If you have fetched anything from Gentoo's GitHub-hosted repositories today, dump those files – because hackers have meddled with the open-source project's data.

    The Linux distro's officials sounded the alarm on Thursday, revealing someone managed to break into its GitHub organization account to modify software and webpages.

    Basically, if you downloaded and installed materials from Gentoo via GitHub, you might be compromised by bringing in malicious code. And until the all clear is given, you should avoid fetching anything from the project's 'hub org account.

    "Today, 28 June, at approximately 20:20 UTC unknown individuals have gained control of the Github Gentoo organization, and modified the content of repositories as well as pages there," Gentoo dev Alec Warner said in a bulletin.

  • Gentoo Linux GitHub organisation hacked, content modified

    The GitHub organisation of the Gentoo Linux distribution has been compromised and the project behind Gentoo is warning users not to use code from this source.

    In a statement, the Gentoo leadership said some unknown individuals had gained control of the GitHub Gentoo organisation on 28 June at 20.20 UTC and modified the content and pages.

    Gentoo is a Linux distribution meant for advanced users. The source is compiled locally depending on user preferences and is often optimised for specific hardware.

Syndicate content

More in Tux Machines

Android Leftovers

Watchdog: IRS botched Linux migration

Poor IT governance prevented the IRS from making progress on a long-term effort to migrate 141 legacy applications from proprietary vendor software to open source Linux operating systems, according to an audit by the Treasury Inspector General for Tax Administration. Under a migration plan developed in 2014, two-thirds of targeted applications and databases were supposed to have been successfully migrated by December 2016. However, only eight of the 141 applications targeted have successfully transitioned to Linux as of February 2018. More than one third have not even started. Read more

Graphics: Wayland's Weston, AMD, GitLab, NVIDIA

  • Wayland's Weston Switching Over To The Meson Build System
    Complementing the Meson build system support for Wayland itself, the Weston reference compositor now has been Meson-ized. Pekka Paalanen and Daniel Stone, both of Collabora, have landed the Meson build system support for the Weston compositor. At this stage the new build system should be fully working and correct.
  • AMDGPU DC Gets Polaris Corruption Fix, Some Code Refactoring
    AMD has published their latest batch of "DC" Display Core patches for the AMDGPU Linux kernel driver. This batch of 45 patches against this display code for the AMDGPU Direct Rendering Manager driver has some code cleanups and refactoring, changes some error messages to just warnings, and has a display corruption fix affecting some Polaris hardware.
  • Investigating GitLab
    The Direct Rendering Manager (DRM) kernel subsystem is a fairly small part of the kernel, he said. It is also a fairly small part of the open-source graphics stack, which is under the X.Org umbrella. DRM sits in the middle between the two, so the project has learned development tools and workflows from both of the larger projects. The kernel brought DRM into the Git world in 2006, which was just a year after Git came about; it was a "rough ride" back then, Vetter said. With Git came "proper commit messages". Prior to that, the X.org commit messages might just be a single, unhelpful line; now those messages explain why the change is being made and what it does. The idea of iterating on a patch series on the mailing list came from the kernel side as did the "benevolent dictator" model of maintainership. DRM, the X server, Wayland, and others all followed that model along the way. From the X.Org side came things like the committer model; in Mesa, every contributor had commit rights. That model has swept through the graphics community, so now DRM, the X server, and Wayland are all run using that scheme. Testing and continuous integration (CI) is something that DRM has adopted from X.Org; the kernel also does this, but DRM has adopted the X.Org approach, tooling, and test suites. For historical reasons, "almost everything" is under the MIT license, which comes from X.Org projects as well. There has been a lot of movement of tools and development strategies in both directions via the DRM subsystem. He thinks that using GitLab may be "the next big wave of changes" coming from the user-space side to kernel graphics, and maybe to the kernel itself eventually. This won't happen this year or next year, Vetter predicted, but over the next few years we will see GitLab being used more extensively.
  • AMDGPU For Linux 4.20 Gets The Final Radeon RX 590 Fix, Adds The New Vega PCI IDs
    With just over one week to go until the expected Linux 4.20 kernel release, Alex Deucher of AMD today sent in the latest batch of fixes to the DRM tree for landing at the end of this cycle. Notable about this latest set of "fixes" for the AMDGPU kernel graphics driver are: - The final Radeon RX 590 fix so this newer Polaris GPU no longer hangs under load. So once this Linux 4.20 material is merged to mainline, this month-old Polaris graphics card should now be happily running on Linux -- assuming you also have the latest Polaris firmware files and a recent version of Mesa. See our Radeon RX 590 benchmarks article for more details.
  • AMDVLK 2018.Q4.4 Driver Update Brings Performance Improvements, New Vulkan Bits
    AMD developers today outed their latest "AMDVLK" open-source Vulkan driver code drop dubbed AMDVLK 2018.Q4.4.
  • NVIDIA 415.23 Driver Fixes Build Issues Against Linux 4.20 Kernel
    The NVIDIA 415.23 driver was issued just to fix a build issue against the near-final Linux 4.20 kernels. In particular, there has been a build failure around the vm_insert_pfn function that is now worked around when building the NVIDIA proprietary driver's shim against the Linux 4.20 release candidates.
  • NVIDIA Now Shipping The Jetson AGX Xavier Module
    NVIDIA has been shipping the Jetson AGX Xavier Developer Kit the past few months while now they are beginning to ship the AGX Xavier Module intended for use in next-generation autonomous machines.

OpenSUSE/SUSE: 2018-2019 Elections Underway, SUSE Linux Enterprise 12 Service Pack 4, and 'Making the Selection' (Storage)

  • 2018-2019 Elections Underway with Calls for Candidates and New Members
    Earlier this week, on Tuesday, Dec. 11, 2018, the Elections Committee posted the Schedule for the 2018-2019 openSUSE Board Elections, along with the announcement of a Membership Drive and a call for nominations and applications for Candidates to fill three vacant seats on the openSUSE Board. The annual Board Elections are normally expected to run in November and December, with ballots cast and results published in time for the newly-elected Board Members to take their seats on the Board at the beginning of January. However, some additional work needed to be completed for this election, and the elections were delayed in part to accommodate the additional work.
  • SUSE Linux Enterprise 12 Service Pack 4 is Generally Available
    SUSE Linux Enterprise 12 Service Pack 4 is now generally available. Service Pack 4 marks the fourth generation of SUSE Linux Enterprise Server 12, a major code stream and product foundation with a lifecycle from 2014 to 2024 plus Long Term Support (10+3 years). This release consolidates all fixes and updates introduced since SUSE Linux Enterprise 12 Service Pack 3.
  • Making the Selection
    You’ve likely read or heard a lot about today’s data explosion and how it’s affecting enterprises. After combing through all the overexcited rhetoric about how quickly data is multiplying or how many petabytes you’ll soon have to handle, one thing remains clear: You need to find a new way to store and manage your data or you’ll get left behind. While that mandate puts pressure on your organization to act quickly, it’s also the catalyst to a whole new world of exciting opportunities. More data can mean deeper, more accurate insights into your operations and customer needs, which empowers you to streamline processes and personalize experiences like never before. More data can also lead to greater innovation and new sources of revenue.