Language Selection

English French German Italian Portuguese Spanish

SUSE

Xfce Virtual Machine Images For Development

Filed under
SUSE

The openSUSE distributions offer a variety of graphical desktop environments, one of them being the popular and lightweight Xfce. Up to now there was the stable tested branch available in Tumbleweed already during install. Furthermore, for interested users the development OBS repository xfce:next offered a preview state of what’s coming up next to Tumbleweed.

Xfce Development in openSUSE

Thanks to the hard work of openSUSE’s Xfce team there is a third option: Xfce Development Repository aka RAT In a playful way, a rat is meant to represent the unpolished nature of this release: a rat is scruffy looking compared to a mouse (the cute and beloved mascot of Xfce). And the RAT repository provides packages automatically built right from the Git Master Branch of Xfce upstream development. The goal of this project is to test and preview the new software so that bugs can be spotted and fixed ahead of time by contributing upstream. The packages pull in source code state on a daily basis and offer a quite convenient way to test and eventually help development. So this is where the team builds and tests the latest and unstable releases of Xfce Desktop Environment for openSUSE.

Read more

Security Patches in OpenSUSE and SUSE

Filed under
Security
SUSE
  • Two Tumbleweed Snapshots update PostgreSQL, Mesa

    Snapshot 20201117 provides the latest update of packages for the rolling release. Among the packages to update was Mozilla Thunderbird to version 78.4.3; the email client updated a Rust patch and brought in a new feature from a previous minor version that prompts for an address to be used when starting an email from an address book entry with multiple addresses. KDE’s Plasma 5.20.3 stopped the loading of multiple versions of the same plugin in the task manager KSysGuard and there were many other bug fixes for Plasma users. Four months of shell scripts were updated in the hxtools 20201116 version; one of the changes to gpsh changed the tmp location to /var/tmp, which was to avoid saving potentially large files to tmpfs. The Linux Kernel made a jump from 5.9.1 to 5.9.8, which had a change for Btrfs as well as several USB changes. Database package postgresql 13 had its first point release to 13.1, which took care of three Common Vulnerabilities and Exposures and fixed a time test case so it works when the USA is not observing daylight-savings time. The graphical tool for administering virtual machines, virt-manager slimmed down the filesystem device editor User Interface. Text editor vim had a fix for when a crash happens when using a popup window with “latin1” encoding and python 3.8.6 took care of CVE-2019-20916.

  • Guardicore and SUSE partner to help you protect your critical applications - SUSE Communities

    Within the cybersecurity segment, Guardicore stands out from the crowd with its Guardicore Centra Platform disrupting the legacy firewall market by implementing micro-segmentation in your organization. Their software-only approach is decoupled from the physical network, providing a faster alternative to firewalls. Built for the agile enterprise, Guardicore offers greater security and visibility in the cloud, data-center, and endpoint. It also ensures security doesn’t slow you down and thanks to SUSE environments, it allows you to code and deploy on demand

IBM/Red Hat/SUSE Leftovers

Filed under
Red Hat
SUSE

  • Secure your containers with SELinux | Opensource.com

    When things aren't working correctly in your Linux environment, the easiest thing to do is disable Security-Enhanced Linux (SELinux). Things suddenly begin to work, and you forget about it—but this is a common pitfall that means you've lost a very powerful security tool.

    Threats are rising alongside the rise of containers, microservices, and distributed architecture. This is due to an old, well-known issue: velocity. The advantage of containers is that they enable you to move fast, do more, and change quickly. This means container adoption has gone off the roof, but the speed it affords also means you will encounter more issues and vulnerabilities. This happens naturally when you're doing more things faster and quicker.

  • How to fix Linux EFI secure-boot shim bootloop issue - Hans' hacking log — LiveJournal

    How to fix the Linux EFI secure-boot shim bootloop issue seen on some systems.

    Quite a few Bay- and Cherry-Trail based systems have bad firmware which completely ignores any efibootmgr set boot options. They basically completely reset the boot order doing some sort of auto-detection at boot. Some of these even will given an error about their eMMC not being bootable unless the ESP has a EFI/Microsoft/Boot/bootmgfw.efi file!

    Many of these end up booting EFI/Boot/bootx64.efi unconditionally every boot. This will cause a boot loop since when Linux is installed EFI/Boot/bootx64.efi is now shim. When shim is started with a path of EFI/Boot/bootx64.efi, shim will add a new efibootmgr entry pointing to EFI/fedora/shimx64.efi and then reset. The goal of this is so that the firmware's F12 bootmenu can be used to easily switch between Windows and Linux (without chainloading which breaks bitlocker). But since these bad EFI implementations ignore efibootmgr stuff, EFI/Boot/bootx64.efi shim will run again after the reset and we have a loop.

  • How security and compliance automation can help achieve a more secure hybrid cloud

    In hybrid cloud environments, where workloads are deployed in physical hosts, virtual machines and containers across on-premise and cloud environments, security becomes more and more complex. As a part of the AnsibleFest Virtual Experience, Lucy Kerner, a Red Hat security strategist and evangelist, and Justin Lacey, a Red Hat solution architect, led the breakout session "Implementing a secure hybrid cloud using security and compliance automation." The session highlighted a combination of Red Hat technologies that can help simplify and improve security and compliance in a hybrid cloud environment at scale using automation. Missed out on this session? We’re recapping some key points here.

  • Renewing my thrill at work with Ansible | Enable Sysadmin

    Ansible empowered me to utilize my own technical strengths and passion to improve processes and enjoy my time.

  • Using Multus and DataVolume in KubeVirt - Red Hat Developer

    KubeVirt is a cloud-native virtual machine management framework based on Kubernetes. KubeVirt orchestrates workloads running on virtual machines in the same way that Kubernetes does for containers. KubeVirt has many features for managing the network, storage, images, and the virtual machine itself. This article focuses on two mechanisms for configuring network and storage requirements: Multus-CNI and CDI DataVolumes. You will learn how to configure these KubeVirt features for use cases that require high performance, security, and scalability.

    [...]

    As a cloud-native virtual machine management framework, KubeVirt adopts cloud-native technologies alongside its own inventions. As a result, KubeVirt APIs and controllers support flexible and scalable virtual machine configurations and management that can integrate well with many technologies in the cloud-native ecosystem. This article focused on KubeVirt’s network and storage mechanisms. We look forward to sharing more exciting features in the future, including KubeVirt’s mechanisms for handling CPU, memory, and direct device access.

  • Addressing Modern IT Infrastructure Management with SUSE Manager and SUSE Manager for Retail

    Applications hide in containers, systems hide in other systems, new configurations appear and disappear with a single mouse click, and every file is a potential threat. It is no wonder that CIOs and IT managers are looking for new tools and a new approach that will bring harmony, safety and economy to precious IT assets in changing times. Welcome to the new world of IT infrastructure management.

  • SUSE Manager certified on Nutanix Acropolis Hypervisor

    Nutanix provides a fully software-defined stack that integrates compute, virtualization, storage, networking, and security to power any application at any scale. Nutanix Acropolis Hypervisor is their enterprise-ready hypervisor, offering integrated virtualization, app mobility, management, operational insights, and security.

    We are very excited that SUSE Manager is now certified on Nutanix Acropolis Hypervisor. As part of the Nutanix Ready Program SUSE Manager is now a recommended and trusted application. With this certification SUSE Manager can run confidently on Nutanix infrastructure.

$6 billion Linux deal? SUSE IPO rumored

Filed under
SUSE

According to Bloomberg, EQT is planning an IPO for German Linux and enterprise software company SUSE. EQT is a Swedish-based private equity firm with €50 billion in raised capital. SUSE is the leading European Union (EU) Linux distributor.

Over the years, SUSE has changed owners several times. First, it was acquired by Novell in 2004. Then, Attachmate, with some Microsoft funding, bought Novell and SUSE in 2010. This was followed in 2014 when Micro Focus purchased Attachmate and SUSE was spun off as an independent division. Then, EQT purchased SUSE from Micro Focus for $2.5 billion in March 2019.

With an IPO of approximately $6 billion, EQT would do very well for itself in very little time.

Read more

openSUSE Board Election 2020 announced

Filed under
SUSE

Yes, but this time, it is the regular board election that is happening. The previous elections that were conducted during the past year were due to ad-hoc and unforeseen circumstances. However, as per the regular election cycle, we have three seats that are going to be vacant on the openSUSE Board in December. They are the seats of Axel Braun, Marina Latini and Stasiek Michalski. Note that Stasiek was elected this year to replace Christian Boltz whose term ends in 2020. However, Stasiek is opting out from this election due to personal commitments.

My friend from the Election Committee, Ariez Vachha, made the election announcement on the project mailing list yesterday. The election wiki page has been updated accordingly, which includes the usual election schedule poster. That’s courtesy of our friends from the openSUSE Indonesia community.

Read more

MicroOS Is Immutable Linux

Filed under
OS
SUSE

Linux finds a lot of uses in computers that aren’t desktops. But there is a problem. What happens if your mission-critical control computer or retail kiosk gets an update and then fails? Happens all the time with Windows and it can happen with Linux, too. The openSUSE project has an answer: MicroOS which bills itself as immutable. Aimed at container deployment, the operating system promises atomic updates with no disk changes during runtime. If an update does break something, the BTRFS file system allows you to roll back to a previous snapshot. [Tyler] installs the OS and gives it a walkthrough in the video below.

As [Tyler] found, there are not many applications installed by default. Instead, you are expected to install flatpaks so the applications live in their own containers, isolated from the operating system and each other.

Of course, this isn’t for everyone. On the other hand, there is something seductive about having a computer that is very reliable even in the face of updates. Of course, you can do snapshots with BTRFS or ZFS anywhere those are supported, but unless you are very careful, you might have problems with dependencies for applications and the wrong update can still ruin your day. The OS supports GNOME or KDE, with system requirements that claim you can run it in 1GB of RAM and 20GB of disk space. We’d imagine you’ll be happier if you have more, of course.

Read more

New AppArmor 3, KDE Applications, GStreamer Update in Tumbleweed

Filed under
SUSE

Some minor email changes have affected the Tumbleweed snapshot reviewer, so reviewer ratings won’t be listed.

The latest snapshot, 20201111, updated a half dozen RubyGems. The 4.11.0 rubygem-mini_magick package fixed the fetching of metadata when there are GhostScript warnings and fixed some method redefined warnings. The rubygem-web-console 4.1.0 package update added support for Rails 6.1.

KDE Applications 20.08.3 arrived in snapshot 20201110. In the 20.08.3 apps update, a fix for Okular addressed a wrong memory access that could cause a crash and a fix for the fast scrolling with Shift+Scroll. Video editor kdenlive provided a fix for the monitor displayed frames per second with high fps values and fixed the playlist clips that had a no audio regression. There were several other app fixes and konsole provided an important fix for closing the split view with ‘Alt+C’. Mozilla Firefox 82.0.3 fixed regressions introduced in the pervious minor version and took care of a Common Vulnerabilities and Exposures, which in certain circumstances, the MCallGetProperty opcode would emit with unmet assumptions that could result in an exploitable use-after-free condition. GStreamer 1.18.1 provided some important security and memory leak fixes while providing various stability and reliability improvements. Hardware identification and configuration data package hwdata 0.341 updated the Peripheral Component Interconnect, USB and vendor identifications. The multi-purpose desktop calculator qalculate 3.14.0 improved the plot speed for functions that are defined using expressions. Other packages updated in the snapshot were libbluray 1.2.1, a month and a half of updates for libiscsi and udisks2 2.9.1.

An update of the Xfce file manager package thunar to version 1.8.16 was the lone update in snapshot 20201108. The newer version updated translations, fixed an error for custom date formats and added a missing parameter to the ThunarBrowserPokeDeviceFunc function.

Read more

SUSE/OpenSUSE Leftovers

Filed under
SUSE

  • SES 7 and SUSE Global Services: A Perfect Pairing

    It’s no surprise that data is the most valuable commodity you have. After all, with the right data, you can personalize your services to meet your customer’s exact needs – virtually leapfrogging your competition. And with the rate of which data is growing, why wouldn’t you invest in a Software Defined Storage (SDS) solution. After all, SDS provides your business with greater flexibility, efficiency and faster scalability – and at the same time being extremely budget-friendly.

  • Digest of YaST Development Sprint 112 | YaST

    Our previous sprint report was full of promises. We stated we were working to improve the Cockpit support for (open)SUSE and finishing some other interesting stuff. We also mentioned we had delivered a YaST presentation in the openSUSE + LibreOffice Virtual Conference. Time has come to pay our debts. The current report offers more news about all that.

  • Supercharge your compliance practices with SUSE Manager

    Many industries and governments require compliance with security standards to ensure security, identity, confidentiality and data integrity. These standards specify a minimum-security level and also mandate measures such as logging and auditing to reveal any hints of unauthorized use.

  • An Introduction to SUSE Manager for Retail

    SUSE Manager for Retail is an open source infrastructure management solution that is optimized and tailored for the retail industry.

  • A New SUSE SAP Business One installer image is ready - SUSE Communities

    Cloud environments grow organically and often include a dizzying combination of virtual, bare metal and container-based systems. If cloud computing is part of your Linux landscape, you’ll save time and money with a single tool for managing all your Linux resources. SUSE® Manager is a versatile Linux management tool (all major distributions) built for the cloud.

  • Portworx and SUSE: a cloud-native storage partnership

    Kubernetes changed how we manage our applications and it has done the same for storage data which is growing at a staggering rate, coming from a vast variety of sources. The global software-defined-storage (SDS) is expected to hit $16 billion by 2020.

    In such a promising context, a partnership between Portworx and SUSE definitely made sense. It goes back to 2018 right after we met at Kubecon in Copenhagen. The Kubernetes ecosystem was just booming, and we were looking for partners who could align with us in the adoption of cloud native and container-based technologies. Portworx can be used to run any stateful service, on top of any cloud or storage infrastructure, using any Kubernetes platform and has now been certified on SLES 12 and lately on our latest version of CaaS Platform 4.

  • A New SUSE SAP Business One installer image is ready - SUSE Communities

    First of all many thanks to all IHV‘s which have validated the new installer image. They went the extra mile with us and make this happen. I‘d like to say thank you again for the great cooperation between all parties during this validation period. The new SUSE SAP Business One installer image was validated by FUJITSU, Nutanix, Supermicro and Dell for their respective Hardware.

Updates for Poppler, Plasma, Xfce, LLVM 11 Arrive in Tumbleweed

Filed under
SUSE

Four openSUSE Tumbleweed snapshots were released since our last blog more than a week ago.

These four snapshots had a variety of package updates that included updates for LLVM, Wireshark, Node.js, Plasma and Xfce.

A few hours ago, the first snapshot of the month of November was released with snapshot 20201104, which started trending at a rating of 90 on the Tumbleweed snapshot reviewer. The snapshot brought the new major version of LLVM 11. More than half the changelog covers the additions and changes for this compiler. Generic improvements to Clang as a whole were made and new compiler flags like -fstack-clash-protection will provide protection against the stack clash attack for x86, s390x and ppc64 architectures. The edict package, which is a Japanese-English Dictionary in machine readable form received more than a year’s worth of updates in it’s 20201102 release. Node.js 14.15.0 had no major changes, but the Long-Term-Support version had a International Components for Unicode version bump. LibreOffice’s update to version 7.0.3.1 in Tumbleweed provided some bug fixes and translation updates. The update of Perl 5.32.0 brought in support of unicode 13.0 and Wireshark 3.2.8 took care of a build failure caused from the bison parser. The Xfce desktop fixed a memory leak when reconnecting to a DisplayPort monitor with the update of the xfdesktop 4.14.3 package.

Read more

Also: openSUSE Tumbleweed – Review of the week 2020/45 – Dominique a.k.a. DimStar (Dim*)

SUSE: PayiQ and SUSE Enterprise Storage 7

Filed under
SUSE
  • PayiQ partners with SUSE for its mobile ticketing platform

    The mobile ticketing market reached US$ 1.2 Bn in 2019 and was anticipated (before Covid-19) to exhibit an impressive CAGR of 17% during the forecast period of 2020 to 2030. Adoption of mobile ticketing systems and apps to drive ticket sales, reduce reliance on printed paper and plastic tickets, and to encourage digitization and cashless payments are all aiding the growth of the mobile ticketing market. The transportation and event sectors will lead the way in terms of sales through 2030, thereby pushing the growth of the global mobile ticketing market in a big way.

  • Deeper Look at SUSE Enterprise Storage 7 - SUSE Communities

    Of the many improvements to Ceph itself, I’d like to point out three areas: Performance, Rados Block Device (RBD) and health alerting.
    Listing of RGW buckets has been improved significantly. Recovery of objects is now much faster since only the modified portion of the object needs to be copied, this increases latencies during recovery.
    Mirroring of block devices now supports a snapshot-based mode and cloning of a disk preserves now the sparseness of the underlying objects thus greatly reducing storage needed.
    Health alerts have been improved, they can be muted now – either temporarily or permanently. If a daemon crashes, administrators can get notified about those. A newly introduced ‘simple’ alert module allows sending emails without using any external monitoring infrastructure.
    A nearly complete list of changes is in the Ceph upstream release announcement by my colleague Abhishek Lekshmanan, who’s in charge of releasing Ceph upstream.

Syndicate content

More in Tux Machines

5 open source alternatives to GitHub

Git is a popular version-control system, primarily used for code but popular in other disciplines, too. It can run locally on your computer for personal use, it can run on a server for collaboration, and it can also run as a hosted service for widespread public participation. There are many hosted services out there, and one of the most popular brands is GitHub. GitHub is not open source. Pragmatically, this doesn't make much of a difference to most users. The vast majority of code put onto GitHub is, presumably, encouraged to be shared by everyone, so GitHub's primary function is a sort of public backup service. Should GitHub fold or drastically change its terms of service, recovering data would be relatively simple because it's expected that you have a local copy of the code you keep on GitHub. However, some organizations have come to rely on the non-Git parts of GitHub's service offerings, making migration away from GitHub difficult. That's an awkward place to be, so for many people and organizations, insurance against vendor lock-in is a worthwhile investment. Read more

5 Ways to Check Your Android Phone Hacked or Not

Do you suspect that your Android smartphone or tablet is infected with some malware or spyware? Well, there are several pointers that can indicate this is the case. For example, your device is unnecessarily slow and even freezes periodically, or displays popups. Experiencing these symptoms can mean that your device has been hacked but that is not always the case. Sometimes, devices act funny due to a handful of reasons including a security hack. In today’s article, we give you five tips on how to check whether your phone is infected with malicious software as well as how to ensure that it is safe/protected. Read more

Top Tips to Protect Your Linux System

Linux-based operating systems have a reputation for their high-security level. That's one of the reasons why the market share for Linux has been growing. The most commonly used operating systems such as Windows are often affected by targeted attacks in the form of ransomware infections, spyware, as well as worms, and malware. As a result, many personal, as well as enterprise users, are turning to Linux-based operating systems such as the Ubuntu-based Linux OS for security purposes. While Linux based systems are not targeted as frequently as other popular operating systems, they are not completely foolproof. There are plenty of risks and vulnerabilities for all types of Linux devices which put your privacy as well as your identity at risk. Read more

Kernel (Linux): Windows Assimilation, Wake-on-LAN, AMD and Intel

  • Tuxera First to Bring Network Bandwidth-Saving SMB Compression Feature to Linux Environments
  • Tuxera First to Bring Network Bandwidth-Saving SMB Compression Feature to Linux Environments

    Tuxera, a world-leader in quality-assured storage management and networking software, announced that the company's SMB server implementation, Fusion File Share by Tuxera, now offers transparent compression to platforms outside of Microsoft Windows. Compression is being rapidly and widely adopted in the storage industry as a feature in memory hardware, file system implementations, and also networking protocols such as Microsoft's server messaging block technology (SMB). The ability to compress files inline during transfer can significantly reduce bandwidth and transfer time. Microsoft released the transparent compression feature to their SMB protocol specification in early 2019. However, Tuxera is the first to implement SMB compression outside of Microsoft Windows, bringing this highly in-demand feature to Linux environments in enterprises around the world.

  • Wake-on-LAN

    With Wake-on-LAN (WoL) it can be slightly easier to manage machines in-house. You can fire up the workstation and start the day’s compile jobs (to catch up with overnight work by the KDE community, say) while drinking an espresso downstairs and doomscrolling. [...] If all the administrative bits are in place, then the simple way to wake up a machine is wake <hostname>. This requires root, since it sends specially-crafted (broadcast) Ethernet packets, which isn’t something that regular users can do.

  • AMD+SUSE Tackling Frequency Invariance For AMD EPYC 7002 CPUs - Phoronix

    Thanks to work by AMD and SUSE engineers, the Linux kernel could soon be seeing frequency invariance support for EPYC 7002 "Rome" processors for yielding greater performance and power efficiency. Over the past year we have seen a lot of Linux kernel work for dealing with frequency invariance but to now that on the x86 side has been focused on Intel Xeon processors. Now through the cooperation of AMD with patches led by SUSE, frequency invariance is being worked on for the EPYC 7002 "Rome" processors.

  • Intel Begins Landing Their Open-Source Vulkan Driver Ray-Tracing Support

    This week marked the release of Vulkan 1.2.162 with the ray-tracing extensions now finalized. As such Intel's stellar open-source team has begun landing their work around Vulkan ray-tracing ahead of the Xe HPG hardware availability that will support this functionality. Back in October I wrote about Intel preparing their open-source driver support for Vulkan ray-tracing ahead of Xe HPG and now with the updated Vulkan spec out there they are able to push more of their work.