Language Selection

English French German Italian Portuguese Spanish

Red Hat

Red Hat: OpenShift 4.3, Red Hat Ansible Tower, SysAdmins and Openwashing

Filed under
Red Hat
  • OpenShift 4.3: The Project Launcher

    In Red Hat OpenShift 4.2, we introduced a number of new console customization features, including ConsoleNotifications, ConsoleExternalLogLinks, ConsoleLinks, and ConsoleCLIDownloads. New in 4.3, the ConsoleLink feature has been extended to cover even more use cases. In addition to the User Menu, Help Menu, and Application Menu, users can now add links to specific project dashboards.

  • Vault IDs in Red Hat Ansible and Red Hat Ansible Tower

    This article demonstrates the use of multiple vault passwords through vault IDs. You will learn how to use vault IDs to encrypt a file and a string. Once they’re encrypted, the vault ID can be referenced inside a playbook and used within Red Hat Ansible and Red Hat Ansible Tower.

  • What's your biggest sysadmin pet peeve?

    But sometimes, it feels like it's just a little harder than it needs to be.

    We've taken great pains to build standardized processes, establish systems for nearly everything, document our work, and make everything we can consistent and automatable. Our work may be difficult, but at least we've been able to bring it under control and make it predictable.

    Well, in theory. It never works out that way in practice.

    No matter how well-written our documentation is, that's no guarantee it's ever going to get read. No matter how many cases our ticketing system is designed to handle, somehow it never seems to prevent the unnecessary drive-by request. No matter how much care we put in to ensure that code deployments never happen late at night or on a weekend, sometimes they always do. Something breaks, and we get the call.

    Almost always, these things generate unplanned work, throw off our carefully-made plans, and cause slowdowns, missed deadlines, and, well, headaches.

    To some degree, that's all just a part of the job. But that doesn't stop us from grimacing and wishing perhaps, just this once, things had gone according to plan. So we're curious: What unplanned activity irks you the most? We've listed a few common headaches we've heard above.

  • NSA cloud advice, Facebook open source year in review, and more industry trends

    As part of my role as a senior product marketing manager at an enterprise software company with an open source development model, I publish a regular update about open source community, market, and industry trends for product marketers, managers, and other influencers. Here are five of my and their favorite articles from that update.

Fedora and Red Hat: Good and Bad

Filed under
Red Hat
  • Fedora Magazine: 4 cool new projects to try in COPR for January 2020

    COPR is a collection of personal repositories for software that isn’t carried in Fedora. Some software doesn’t conform to standards that allow easy packaging. Or it may not meet other Fedora standards, despite being free and open source. COPR can offer these projects outside the Fedora set of packages. Software in COPR isn’t supported by Fedora infrastructure or signed by the project. However, it can be a neat way to try new or experimental software.

    This article presents a few new and interesting projects in COPR. If you’re new to using COPR, see the COPR User Documentation for how to get started.

  • Robbie Harwood: Fedora Has Too Many Security Bugs

    I don't work on Fedora security directly, but I do maintain some crypto components. As such, I have my own opinions about how things ought to work, which I will refrain from here. My intent is to demonstrate the problem so that the project can discuss solutions.

    To keep this easy to follow, my data and process is in a section at the end; curious readers should be able to double-check me.

  • Vague proposal: ship prebuilt initramfs images

    Measured boot involves generating cryptographic measurements of boot components and configuration and using that to either control access to a local secret (in the case of sealing secrets to a TPM) or proving to another device (eg, a remote server or a local phone) what was booted. We're shipping most of the infrastructure to do this, but we're still left with a pretty fundamental problem - we need to know what the expected values are in order to know whether something's been tampered with or not. For many components this isn't a huge problem (we build and distribute the files - users can extract them and calculate the appropriate measurements, and maybe long term we'll be able to ship the measurements in a digestable way), but our initramfs images are generated on the user system and include system-specific data. This makes it impractical to know the expected measurements in advance. I've been thinking about ways to solve this for a while, and I'm coming to the conclusion that the best plan is probably to just ship pre-built initramfs images. I can think of three main reasons to want to use system-specific images: 1) They're smaller. By default we're already generating a generic image for rescue purposes, so disk space isn't the concern here - we're largely looking at losing boot speed. As machines have got faster this is probably not a huge deal. 2) They contain machine-specific configuration. Some of this can be passed on the kernel command line instead (eg, the machine ID), but we'd need answers for the rest. I can think of a couple of solutions: a) Stick the config in UEFI variables. It's small enough that we wouldn't run out. Cool Extend grub to read some config files and synthesise an initramfs image for them. If we measure the paths that those images use then we don't need to worry about the contents as long as the tools that read the config can't be subverted via that configuration. 3) User customisation, such as including extra tooling. grub supports loading multiple initramfs images. Packages that right now install stuff in the initramfs could instead ship a prebuilt image that grub could append to the main initramfs. This would allow for things like overriding Plymouth themes, and we could ship the measurements for these pre-built images in order to allow them to be validated. Any thoughts on this?

  • Fedora Stakeholders Discuss Possibility Of Using Pre-Built Initramfs Images

    Another alternative to slow initramfs generation could be distributing pre-built initramfs images to users. An additional benefit of that is possibly better security with measured boot capabilities, a matter currently being discussed by Fedora stakeholders.

    Fedora from time-to-time has brought up the topic of using pre-built initramfs images and that happened again last week by former Red Hat employee turned Googler Matthew Garrett. He brought up a possible proposal to ship prebuilt initramfs images in the name of better security with measured boot.

  • RHEL 8 Still Vulnerable to “Magellan 2” SQLite Bugs, as Patches Drop

    Severe bugs in the ubiquitous SQLite engine – used in thousands of software applications – continue to pose a major security threat, security researchers say, with Red Hat admitting today that its flagship Red Hat Enterprise Linux (RHEL) 8 remains vulnerable, despite patching other products this week.

    Red Hat said in a security update it had now inoculated RHEL 7 and its “RHEL 8.0 Update Services for SAP Solutions”, but RHEL 8 itself remains affected by one of the vulnerabilities, first disclosed to the Chromium team by China’s Tencent Blade – which dubbed them “Magellan 2.0” – in October 2019.

  • Communication superstars: A model for understanding your organization's approach to new technologies

    The Open Organization Ambassadors have learned a great deal about the ways open principles are impacting organizational practices. In particular, we've developed an Open Organization Definition that specifies the five principles that distinguish open organizations from other types of organization—namely, more transparency, more inclusivity, greater adaptability, deeper collaboration and a sense of purpose teams/community. I've also delivered a presentation on this topic several times since 2016 and learned new insights along the way. So I'd like to update this article with a few comments that reflect those findings. And then, in a follow-up article, I'd like to offer readers some guidelines on how they can determine their organization's level of comfort with communication technology and use it to increase their success relative to industry competitors.

Red Hat vs. SUSE vs. Canonical Contributions To The Mainline Linux Kernel Over The 2010s

Filed under
Red Hat

After last week looking at the AMD/Intel/NVIDIA contributions to the mainline Linux kernel over the past number of years, there were reader requests for seeing how some of the top distributions compare namely Red Hat, SUSE, and Canonical.

These graphs today are looking at the contributions by SUSE, Red Hat, and Canonical to the mainline Linux kernel. Keep in mind this is the Git commits made from using the respective corporate domains for each organization.

Read more

Fedora and Red Hat: UEFI Nextcloud, OpenShift, Open Virtual Network (OVN) and Microsoft

Filed under
Red Hat
  • Richard Hughes: Hunting UEFI Implants

    Last week I spent 3 days training on how to detect UEFI firmware implants. The training was run by Alex Matrosov via and was a comprehensive deep-dive into UEFI firmware internals so that we could hunt for known and unknown implants. I’d 100% recommend this kind of training, it was excelent. Although I understood the general concepts of the protection mechanisms like SMM, HP Sure Start and Intel BIOSGuard before doing the training, it was really good to understand how the technologies really worked, with real world examples of where hardware vendors were getting the implementation wrong – giving the bad guys full control of your hardware. The training was superb, and Alex used lots of hands-on lab sessions to avoid PowerPoint overload. My fellow students were a mixture of security professionals and employees from various government departments from all over the world. We talked, a lot.

    My personal conclusion quite simply is that we’re failing as an industry. In the pursuit to reduce S3 resume time from 2s to 0.5s we introduce issues like the S3 bootscript vulnerability. With the goal to boot as quickly as possible, we only check the bare minimum certificate chain allowing additional malicious DXEs to be added to an image. OEMs are choosing inexpensive EC hardware from sketchy vendors that are acting as root of trust and also emulating hardware designed 30 years ago, whilst sharing the system SPI chip. By trying to re-use existing power management primitives like SMM as a security boundary the leaky abstractions fail us. Each layer in the security stack is assuming that the lower below it is implemented correctly, and so all it takes is one driver with SMM or CSME access to not check a memory address in a struct correctly and everything on top (e.g. BootGuard, ALSR, SELinux, etc) is broken. Coreboot isn’t the panacea here either as to get that to run you need to turn off various protections like BootGuard, and some techniques like Sure Start mean that Coreboot just isn’t a viable option. The industry seems invested into EDK2, for better or worse. This shouldn’t just be important to the few people just buying stuff from Purism – 10,000x laptops are being sold on Amazon for every laptop sold by vendors that care about this stuff.

    Most of the easy-to-exploit issues are just bugs with IBV or ODM-provided code, some of which can be fixed with a firmware update. Worst still, if you allow your “assumed secure” laptop out of sight then all bets are off with security. About a quarter of people at the UEFI training had their “travel laptop” tampered with at some point – with screws missing after “customs inspections” or with tamper seals broken after leaving a laptop in a hotel room. You really don’t need to remove the screws to image a hard drive these days. But, lets back away from the state-sponsored attacker back to reality for a minute.

    The brutal truth is that security costs money. Vendors have to choose between saving 10 cents on a bill-of-materials by sharing a SPI chip (so ~$10K over a single batch), or correctly implementing BIOSGuard. What I think the LVFS now needs to do is provide some easy-to-understand market information to people buying hardware. We already know a huge amount of information about the device from signed reports and from analyzing the firmware binaries. What we’re not doing very well is explaining it to the user in a way they can actually understand. I didn’t understand the nuances between BIOSGuard and BootGuard until a few days ago, and I’ve been doing this stuff for years.

  • Build your own cloud with Fedora 31 and Nextcloud Server

    Nextcloud is a software suite for storing and syncing your data across multiple devices. You can learn more about Nextcloud Server’s features from

    This article demonstrates how to build a personal cloud using Fedora and Nextcloud in a few simple steps. For this tutorial you will need a dedicated computer or a virtual machine running Fedora 31 server edition and an internet connection.

  • OpenShift 4.3: Dashboard refinements and the new Project dashboard

    The Cluster Overview dashboard we introduced in Red Hat OpenShift 4.2 was a significant and well-received addition to the Web Console, and our team has greatly enjoyed seeing how OpenShift users (and even our own developers) have been using it to identify and resolve issues they otherwise may not have noticed.

    We’ve made a number of changes both big and small to the dashboard based on our user research findings and the feedback we’ve collected from readers like you. This post covers some of the key improvements and introduces a new member of the dashboard family that we think developers in particular are going to love.

  • Open Virtual Network unidlingOpen Virtual Network unidling

    Open Virtual Network (OVN) is a project born as a sub-component of Open vSwitch (OVS), which is a performant, programmable, multi-platform virtual switch. OVN allows OVS users to natively create overlay networks by introducing virtual network abstractions such as virtual switches and routers. Moreover, OVN provides methods for setting up Access Control Lists (ACLs) and network services such as DHCP. Many Red Hat products, like Red Hat OpenStack Platform, Red Hat Virtualization, and Red Hat OpenShift Container Platform, rely on OVN to configure network functionalities.

  • Using Red Hat Universal Base Image with Azure Pipelines and Red Hat

Red Hat and IBM: Stronger Now?

Filed under
Red Hat
  • OpenShift: Working with Internal Docker Registry

    OpenShift provides an internal container image registry that can be deployed in an OpenShift environment to locally manage images.

  • IBM’s Quarterly Sales Finally Rose—But Not By Much

    IBM’s shares rose by around 5% on January 21 after it said its fourth-quarter revenues had increased by 0.1%, to $21.8 billion, after five quarters in a row of year-over-year sales declines.

    Big Blue’s fortunes were boosted by a new mainframe product line and revenues from open-source software giant Red Hat, which it acquired in July 2019 for around $34 billion. Adjusted net income for the quarter fell about 5%, to $4.2 billion, while the company reported earnings per share of $4.71 compared with analysts’ consensus estimates of $4.69. IBM saw its full-year 2019 revenue fall 3.1%, to $77.1 billion, and its net income drop by 10%, to $11.4 billion.

  • Six months after IBM spent $34 billion to acquire an open source software company, IBM's Q4 results showed that 'Red Hat goodness is kicking in'
  • IBM Sales Expected to Dip Despite Red Hat Purchase: What to Watch

    International Business Machines Corp. is expected to report fourth-quarter earnings after the market closes Tuesday. The technology giant may be heading for its sixth successive quarter of year-over-year revenue decline—but has been trying to reverse that slide, in part, through the $33 billion purchase of open source software giant Red Hat Inc.

  • IBM Earnings Hint at Signs of Turnaround

    International Business Machines Corp. reported a slight increase in quarterly revenue, ending a streak of falling sales and providing a first indication Chief Executive Ginni Rometty’s roughly $33 billion acquisition of open-source software giant Red Hat may help turn around Big Blue’s fortunes.

  • IBM Open Sources SysFlow Monitoring Platform

    Fred Araujo, a research scientist in the Cognitive Cybersecurity Intelligence Group at IBM Research, said IBM developed lightweight SysFlow agent software and monitoring tools as a way to provide more context around the telemetry data being collected while simultaneously reducing the amount of data that needs to be stored.

    SysFlow encodes a representation of system activities into a compact format that records how applications interact with their environment, Araujo said, noting that level of context provides deeper visibility in everything from container workloads to cybersecurity forensics. However, unlike existing monitoring platforms, SysFlow doesn’t require IT organizations to collect a massive amount of data to achieve that goal—it is intended to provide for a superset of the NetFlow framework used to analyze network traffic patterns to capture system events, he said.

    Araujo noted IBM doesn’t envision SysFlow eliminating the need for legacy log analytics platforms, as they provide a way to analyze log data. However, SysFlow does enable IT organizations to apply analytics via a graph-like visualization to surface patterns that goes beyond a comparative simple rules-based approach, said Araujo. For example, SysFlow’s approach will make it easier to uncover the relationship between various events that make up a cybersecurity attack and subsequently to identify what countermeasures to employ to create the appropriate kill chain response. It also should substantially reduce the amount of fatigue cybersecurity teams experience from chasing down false-positive alerts, he said.

  • Open source principles key to digital transformation

    The book outlines how open source principles can be used to build a better business by powering the transformation of not only technology, but also culture and business practices.

    However, there is no single understanding of exactly what digital transformation is. Most people recognise that the world has changed with digital devices and services connecting everything and everyone, and customers have more choice than ever before.

    As a result, every industry faces disruption and businesses have to change – transform – if they are to meet new consumer demands and stay ahead of the competition.

  • Fedora program update: 2020-04

    Here’s your report of what has happened in Fedora this week.

    I will not hold office hours next week due to travel, but if you’ll be at FOSDEM, you can catch me in person.

Fedora: CoreOS Lab, phpMyAdmin, Eclipse, twa and More

Filed under
Red Hat
  • 2020 Fedora CoreOS Lab

    Fedora CoreOS is a container focused operating system, coupled with automatic updates, to enable the next wave of cloud native infrastructure. Fedora CoreOS is built for many platforms, each of them delivered as a pre-built disk image. In every environment where Fedora CoreOS is deployed the initial boot starts with roughly the same disk image. In cloud environments these are cloud images that were made specifically for that cloud. For bare metal environments the coreos-installer can be used, which performs a bit for bit copy of the disk image with some convenience factors added.

    If the delivered artifact is a disk image how can it be customized? The answer to that is Ignition.

    Fedora CoreOS uses Ignition to provision a node in an automated fashion. Ignition config files are written in JSON and typically not user friendly. For that reason Fedora CoreOS offers the Fedora CoreOS Config Transpiler (also known as FCCT) that will create Ignition configs from a more user friendly format. Additionally we offer the ignition-validate sub-utility that can be used to verify Ignition config and catch issues before launching a machine.

  • Remi Collet: phpMyAdmin version 5

    RPM of the new major version of phpMyAdmin are available in remi repository for Fedora and for Enterprise Linux (RHEL, CentOS...).

  • Eclipse 2019-12 Now Available From Flathub

    If you don't already know, Flatpak is the new way to build and distribute desktop applications for Linux. You can use Flathub to gain access to a growing collection of Flatpak applications, including Eclipse IDE. You just need to follow the setup instructions for your Linux distribution.

  • Fedora 31 : The twa web auditor tool.

    This tool comes with a good intro: A tiny web auditor with strong opinions.
    The tool named twa takes one domain at a time and use these dependencies: bash 4, curl, dig, jq, and nc, along with the POSIX system.

  • Tales from Google CodeIn’19

    As you may know, Google CodeIn (GCI) is a global, online contest introducing teenagers to the world of open source development. With a wide variety of bite-sized tasks, it’s easy for beginners to jump in and get started no matter what skills they have.

  • Git Forge requirements

    This document lays out a problem statement, requirements, and constraints according to the Open Decision Framework. The aim is to arrive at a transparent decision about the future of a git forge for the communities that represent the platforms that the Community Platform Engineering (CPE) team manages. Those communities are the CentOS and Fedora platforms and also include the Red Hat Enterprise Linux (RHEL) platform from a tooling and integration perspective. This document is the first in a series of documents capturing the conversation about the problems we face and driving the conversation to implement the decisions captured.

Red Hat and IBM Leftovers

Filed under
Red Hat
  • Which cloud strategy is right for your business in 2020?

    At Red Hat, we’re constantly receiving useful industry insights from our customers when speaking to them about their current priorities and issues. Our recent Global Customer Tech Outlook study revealed that many organisations don’t know what cloud strategy to put in place, with 17% stating that this was something they were still working on. A further 12% had not yet developed any plans at all for their cloud strategy in 2020.

  • Editing, debugging, and GitHub in Red Hat CodeReady Workspaces 2

    In a previous article, I showed how to get Red Hat CodeReady Workspaces 2.0 (CRW) up and running with a workspace available for use. This time, we will go through the edit-debug-push (to GitHub) cycle. This walk-through will simulate a real-life development effort.

    To start, you’ll need to fork a GitHub repository. The Quote Of The Day repo contains a microservice written in Go that we’ll use for this article. Don’t worry if you’ve never worked with Go. This is a simple program and we’ll only change one line of code.

    After you fork the repo, make note of (or copy) your fork’s URL. We’ll be using that information in a moment.

  • Apache Camel K development inside Eclipse Che: Iteration 1

    The Eclipse Che 7.6.0 release provides a new stack for Apache Camel K integration development. This release is the first iteration to give a preview of what is possible. If you like what you see, shout it out, and more will surely come.

    This article details how to test this release on a local instance deployed on minikube. The difference with a hosted instance is that we avoid the prerequisites involving Camel K installation in the cluster and specific rights for the user.

  • OpenShift 4.3: Spoofing a User

    Imagine you’re a cluster administrator managing a huge number of users. A user reaches out to you with a problem: “My console is broken.” There’s seemingly an infinite number of possible explanations for why this user can’t access the console. However, you can’t see their system and they have difficulty explaining what the console is doing. The Red Hat OpenShift team recently met with a university customer whose admins frequently run into this scenario. Luckily, OpenShift 4.3’s web console UI addresses this exact problem. New to 4.3, we’ve introduced the ability to spoof users and groups.

  • IBM partners with's AI startup at Davos's tech company, I.AM+, and IBM have created a global partnership to ensure enterprise-level security for customer data as artificial intelligence (AI) adoption pushes further into the mainstream.

    Human-like conversational experiences are at the forefront of I.AM's Omega AI platform, and speed and security are priorities for its worldwide customers, according to the company.

  • Istio 1.4 improves user experience and simplifies managing clusters

    At the end of 2019, Istio announced its fourth consecutive quarterly release for the year, Istio 1.4. The release focuses on improving user experience and making it simpler for operators to manage their clusters. Added features and improvements include the new Istio operator, v1beta1 authorization policy, automatic mutual Transport Layer Security (TLS) support, and updates to istioctl, as shown in the following graphic:

    Timeline from Istio 1.1 to 1.4

    The following sections describe the highlights, and give you opportunities to walk through some examples. To learn the details about Istio 1.4, see the community release notes and the Istio documentation. As of today, the 1.4 release has three patch releases – 1.4.1, 1.4.2 and 1.4.3. These patches include bug fixes, improvements, and security updates. Also, check out Dan Berg’s 6-minute presentation video from serviceMeshCon: Dramatic UX Improvement and Analytics-driven Canary Deployment with Istio (1118-RM06-06.mp4), which gives a quick recap of the Istio 1.4 release.

  • Open Innovation Stories: Tamar Eilam and how Istio become a microservices rallying point

    With microservices, the name says it all. These bite-size software services have fundamentally changed the way software is developed by breaking large applications into smaller pieces. However, with that sometimes comes complexity. This is where Istio, a services mesh for tying together microservices and applications, helps.

    Istio can be traced back to the early 2010s. Before then, software development and IT operations were separate workstreams that could drag on for 18 months for a single project. But around 2010, they became intertwined, marking the beginning of the DevOps movement. This disconnect between workstreams was a challenge that Tamar Eilam, an IBM Fellow of Cloud and DevOps with IBM Research, was familiar with, and she watched this and another fast-growing industry trend—migration to the cloud—with great interest.

    “That As-a-Service model provided an opportunity to learn much quicker what your users want because you’re observing what they’re doing,” Tamar says. “And you continue to evolve your service, not every six months, but on a daily basis.”

    Tamar joined IBM’s Thomas J. Watson Research Center in Yorktown Heights, N.Y., in 2000, following a Ph.D. program in computer science at Technion in her native Israel. She hadn’t been in her job for long before she began to notice a vexing problem: a widening communications gap between developers and operators. Developers didn’t always understand operational concerns, while operators often had a blind spot when it came to applications.

    To break down these barriers, Tamar devised a language she called “patterns of expertise,” a unifying set of best practices that allowed for more efficient management of applications. It gave rise to a suite of IBM computing processes, and in 2014, she was named an IBM Fellow, the highest honor for the company’s scientists and engineers.

  • How to protect your data, applications, cryptography and OS – 100% of the time

    Businesses looking to maximise the security, reliability, efficiency and performance of their essential, mission-critical applications are recognising the mainframe as a robust platform for a variety of workload types.

    With Ubuntu on IBM Z and LinuxONE, enhanced security features, pervasive encryption and cryptographic support are leveraged by any workload that must stand up to the most stringent compliance and regulatory standards and certifications.

Red Hat Leftovers

Filed under
Red Hat
  • Red Hat Extends Runtimes Middleware Portfolio

    Red Hat has made available the latest instance of Red Hat Runtimes, a suite of lightweight open source components and frameworks that makes it easier to discover the middleware most appropriate for building a specific type of application.

  • OpenShift 4.3: User Management Improvements

    The Red Hat OpenShift Web Console has always strived to be the easiest way to interact with OpenShift resources, and in version 4.3 we’ve added more capabilities around viewing and editing user management resources. Dedicated pages to view Users and Groups for the cluster have been added, allowing cluster admins to easily see who has access to the cluster and how they are organized. These new pages are consolidated under one navigation section, so there is now just one place to look for any user management resource. Let’s take a closer look.

  • Culture of innovation: Open Data Hub

    Red Hat is continually innovating and part of that innovation includes researching and striving to solve the problems our customers face. That innovation is driven through the Office of the CTO and includes Red Hat OpenShift, Red Hat OpenShift Container Storage and innovative projects such as the Open Data Hub. We recently interviewed Juana Nakfour, Senior Software Engineer in the AI Center of Excellence for the office of the CTO at Red Hat, about this very topic.

  • OpenShift Container Platform (OCP) 4 Networking Overvi
  • How open data is helping create change in Chile
  • Starting Small: Open Data in Chile

Red Hat Leftovers

Filed under
Red Hat
  • Using Kubernetes ConfigMaps to define your Quarkus application’s properties

    So, you wrote your Quarkus application, and now you want to deploy it to a Kubernetes cluster. Good news: Deploying a Quarkus application to a Kubernetes cluster is easy. Before you do this, though, you need to straighten out your application’s properties. After all, your app probably has to connect with a database, call other services, and so on. These settings are already defined in your file, but the values match the ones for your local environment and won’t work once deployed onto your cluster.

    So, how do you easily solve this problem? Let’s walk through an example.

  • Deploy PostgreSQL in OpenShift backed by OpenShift Container Storage

    PostgreSQL has been the fastest growing open source RDBMS over the past decade. It has a solid community and has been around for many years adding more and more features. PostgreSQL features ACID (Atomicity, Consistent, Isolation and Durability) properties. It has indexes (primary/unique), updatable views, triggers, foreign keys (FKs) and even stored procedures (SPs). PostgreSQL also features built-in replication via shipping the WAL (Write Ahead Log) to a number of different database replicas. These replicas can be used in read-only mode. It also has a synchronous replication, where the master waits for at least one replica to have written the data before ACKing.

  • Convert2RHEL: How to update RHEL-like systems in place to subscribe to RHEL

    Convert2RHEL: How to update RHEL-like systems in place to subscribe to RHEL

    Over the years, one of the requests Red Hat has gotten over and over again is for help converting other Linux systems to Red Hat Enterprise Linux, in place. We're happy to announce the availability of Convert2RHEL in EPEL. This is a tool that can be used for the conversion of other-than-RHEL systems to RHEL to allow Red Hat to provide support for them. In this post we'll look at systems that can be converted with Convert2RHEL, some of its limitations, and some basic usage.


    We recommend that customers who want to convert non-RHEL systems to RHEL set up a consulting engagement with Red Hat's Consulting Services. However, we are making the tool available as a self-service option for those customers who wish to try to convert their systems on their own. Naturally, we strongly recommend having tested backups for any system that you are looking to run a conversion on.

    If you have a support agreement with another vendor, it's our recommendation that you maintain that agreement while working on the transition to RHEL, as we do not provide support for non-RHEL systems. Note that we cannot support "hybrid" systems that have a mix of RHEL and other (e.g. CentOS) packages.

    Once a system has been converted to RHEL via the Convert2RHEL tool, or if you do a clean install of RHEL, then it can be eligible for support with a Red Hat Enterprise Linux subscription.

  • Culture of innovation and collaboration: Open Data Hub

    Red Hat is continually innovating and part of that innovation includes researching and striving to solve the problems our customers face. That innovation is driven through the Office of the CTO and includes Red Hat OpenShift, Red Hat OpenShift Container Storage and innovative projects such as the Open Data Hub. We recently interviewed Juana Nakfour, Senior Software Engineer in the AI Center of Excellence for the office of the CTO at Red Hat, about this very topic.


    Open Data Hub is a meta-Operator that has a lot of tools packaged together that can easily install an end-to-end AI/ML platform at once. Just the fact that they're modular and all in together, connected, means you can use module A, together with module P together with module E, which makes it easier for data scientists and engineers to develop faster.

  • Introducing the syslog-ng-stable RPM repositories

    For many years – especially after syslog-ng changed to a rolling release model – users I talked to asked for up-to-date RPM packages. They also asked for a separate repository for each new release to avoid surprises (a new release might accidentally or even intentionally break old features) and to be able to use a given release if they want to (“if it works, do not fix it”). That is how my unofficial RPM repositories were born.

    Recently some long-time syslog-ng users and members of the Splunk community started to ask for a repository, which always has the latest syslog-ng version available. Most users still prefer to use separate repositories. That is how I came up with the idea for the syslog-ng-stable repository: I push a new release to this new rolling repo only after at least a week of delay. This is enough to spot most major problems. Once the delay is over and everything seems to be OK, I can push the latest release to the syslog-ng-stable repo. If there is a bigger problem, I can skip the release in the stable repo or wait for a fix.

  • IBM snaps out of its revenue doldrums, breaking a five-quarter losing streak in Q4

    International Business Machines is living a case study of a large, established company vying to transform. Over the last decade, the technology elder has struggled to move into areas like cloud and AI. IBM has leaned on a combination of its own R&D abilities and deep pockets to push into modern markets, but has struggled to turn them into revenue growth.

    At one point, Big Blue posted 22 sequential quarters of falling revenue, a mind-boggling testament to how hard it can be to turn around a juggernaut. More recently, IBM shrank for another five consecutive quarters, a streak it broke with yesterday’s news that it had beat analyst expectations.

  • MontaVista Software Announces Commercial Support for CentOS

    MontaVista® Software, LLC, extends its coverage of non-MontaVista Linux distributions by announcing commercial support for CentOS. In addition to Clear Linux OS commercial support that was announced in 2019 (, MontaVista extends its commitment to the embedded Linux community with CentOS support and maintenance programs.

Qubes OS 4.0.3 has been released!

Filed under
Red Hat

We’re pleased to announce the release of Qubes 4.0.3! This is the third stable point release of Qubes 4.0. While it includes only minimal changes over 4.0.3-rc1 and 4.0.2, it includes many updates over the initial 4.0 release, in particular:

All 4.0 dom0 updates to date
Fedora 30 TemplateVM
Debian 10 TemplateVM
Whonix 15 Gateway and Workstation TemplateVMs
Linux kernel 4.19 by default

Read more

Syndicate content

More in Tux Machines

eXtern OS – A NodeJS Based Linux Distribution

eXternOS is a free, new and exciting Linux operating system based on Nodejs, being developed by a computer engineering and computer science student who goes by name Anesu Chiodze. It is a whole different operating system from what we usually have on our computers; it redefines your interaction with your content on a computer, by providing a modern and distinctive user interface and very different user experience, compared to long-established Linux desktop distributions and other operating systems. It is powered by NW.js which has full support for Node.js APIs and most if not all third-party modules–bringing about limitless possibilities of app development, without looking elsewhere. It brings a new dimension to building native applications with modern web technologies such as HTML5, CSS3, WebGL and more. Read more

Top 5 Best MS Office Alternatives for Linux in 2020

Like it or not, Microsoft Office is the de facto standard in most work environments, educational institutions, and government offices. As such, all MS Office alternatives for Linux are automatically measured against it and evaluated based on their compatibility with the file formats created by Word, Excel, and PowerPoint. As a Linux user in 2020, you can choose from multiple mature alternatives to MS Office. Most MS Office alternatives for Linux can be downloaded and used free of charge to open, edit, and create documents in a variety of file formats, including .docx, .xlsx, and .pptx. Read more

Today in Techrights

Android Leftovers