Home Blog

How to create a Linux user that cannot log in

As a Linux system administrator, there are times when you might need to create a user who doesn’t have the ability to log in. When would that type of user be necessary? Say, for instance, you have to create a user for an application to function properly, but you don’t want that user to either have a home directory or the ability to log in.

Why? Security. The more users you have on your Linux system, the higher the chances malicious actors can break in and wreak havoc. This is especially true when we’re talking about a user account that won’t be used by an actual human, so it won’t be monitored in any way. There are a number of ways to take care of this task, but here is the correct way to do it.

[Source: TechRepublic]

What are Open Source Security Approaches? With Examples

Open source security approaches enable organizations to secure their applications and networks while avoiding expensive proprietary security offerings. An open source approach allows organizations to secure their applications across cloud providers and other platforms using platform-agnostic APIs. These APIs are written by contributors to the open source software code while cloud providers may use open source code that allows the open APIs to connect to the cloud.

Open source approaches, for security or not, also bring in collaboration across an industry. It isn’t just one organization that benefits from a program or technology, but everyone who contributes to and uses it.

[Source: SDxCentral]

Distributions Were For Linux, Not For Kubernetes

Companies looking to make money in the world of Linux went out and took the core, bundled it up with their best practices and their favorite applications, and then sold it as a “distribution.” You see this with Red Hat Linux, Ubuntu, etc. — even the open-source versions took the base system and then built significantly above and beyond that to the point where each had its own default windowing interface, and some were massively different experiences for the user even though what was underneath was basically the same.

The business model was opinions, applications, user experience, security and support, all wrapped around the Linux Kernel. This worked great, and at least a few companies built large, successful businesses on top of this model. It worked so well that there are several companies looking to do the same thing with Kubernetes.

[Source: Forbes]

Huawei’s plan to escape Google could fix Android for everyone

Huawei has stopped sidestepping the unavoidable question – no Google, what next? After suggesting it could (eventually) make its own smartphone operating system, built on Harmony OS in 2019, Huawei is now unequivocal – for the foreseeable future, it’s all in with its Google Mobile Services (GMS) free version of Android.

The long term partnership with Google saw Huawei launch the jewel in its crown, the P30 Pro, which, a year on, is still an easy phone to recommend. But, there’s a big question mark over its more recent, arguably better-specced devices like the Mate 30 Pro and upcoming Huawei Mate Xs, given the fact they don’t support essential features like access to the Google Play Store.

[Source: Wired.co.uk]

Free Software Foundation Aims To Launch Code Hosting / Collaboration Platform This Year

The Free Software Foundation is planning to launch their own public code hosting and collaboration platform in 2020. The Free Software Foundation “Forge” will complement their existing and aging Savannah servers used for code hosting. The Free Software Foundation isn’t looking to develop their own hosting/collaboration platform as an original GNU project but looking at an existing free software solution they can adapt for their purposes.

The Free Software Foundation team is currently evaluating options based on practical and ethical criteria such as whether the JavaScript is deemed free software with LibreJS, and other stringent free software requirements.

[Source: Phoronix]

Mirantis: Balancing Open Source with Guardrails

Mirantis, an open infrastructure company that rose to popularity with its OpenStack offering, is now moving into the Kubernetes space very aggressively. Last year, the company acquired the Docker Enterprise business from Docker. This week, it announced that they were hiring the Kubernetes experts from the Finnish company Kontena and established a Mirantis office in Finland, expanding the company’s footprint in Europe. Mirantis already has a significant presence in Europe due to large customers such as Bosch and Volkswagen.

The Kontena team primarily focused on two technologies. One was a Kubernetes distro called Pharos, which differentiated itself from other distributions by specializing in addressing life cycle management challenges. They had developed some unique capabilities for deployment and for updating Kubernetes itself.

The second product by Kontena is Lens. “It’s like a Kubernetes dashboard on steroids. In addition to offering the standard dashboard functions, it went multiple steps further by providing a terminal for command line interfacing to nodes and containers, and additional real-time insights, role-based access controls and a number of other capabilities that are currently absent from the Kubernetes dashboard,” said Dave Van Everen, SVP of Marketing at Mirantis.

Everything that Kontena does is open source. These open source projects are already used by hundreds of organizations around the world. “They have a proven track record of contributing valuable technology pieces to the Kubernetes ecosystem, and we saw an opportunity to bring the team on board and capitalized on that opportunity as quickly as we could,” said Van Everen.

Mirantis will integrate many of the technology concepts and benefits from Pharos into its Docker Enterprise offering. With Kontena engineers on board, Mirantis expects to incorporate the best of what Kontena offered into its commercially supported Docker Enterprise and Kubernetes technology.

With this acquisition, Mirantis has hinted at a very aggressive 2020. The company is weeks away from launching the first Docker Enterprise release since the acquisition. The release brings many new capabilities on top of Docker Enterprise 3.0. The company is working on merging the Mirantis KaaS capabilities with Docker Enterprise. “We will add new capabilities, including multi-cluster management and continuous automated updates to the Kubernetes that’s already within Docker Enterprise,” said Van Everen.

What is Mirantis today?

Mirantis started out as a pure-play OpenStack company, but as the market dynamics changed, the company adjusted its own positioning and bet on CD platforms like Spinnaker and container orchestration technologies like Kubernetes. So, what are they focusing on today?

Van Everen said that Mirantis is definitely embracing Kubernetes as the open standard used by enterprises for modern applications. Kubernetes itself has a massive ecosystem of technologies that a customer needs to leverage. “When we speak about Kubernetes, we speak about full-stack Kubernetes, which includes that ecosystem consisting of a couple dozen components in a typical cluster deployment. Our job as a trusted partner in helping our customers accelerate their path to modern applications is to streamline and automate all of the infrastructure and DevOps tooling supporting their app development lifecycle,” san Van Everen.

In a nutshell, Mirantis is making it easier for customers to use Kubernetes.

Over the years, Mirantis has gained expertise in IaaS with the work they did on OpenStack. “All of that plays a role in helping companies move faster and become more agile as they’re modernizing their applications. We apply many of those same strengths to the Kubernetes ecosystem,” he said.

Mirantis is also building expertise in continuous delivery platforms like Argo CD and is offering customers a spectrum of professional services around application modernization, from writing code that is based in microservices architecture, to integrating CI/CD pipelines and modernizing the tooling for CI/CD to better support cloud-native patterns. By supporting Kubernetes technology with app modernization services, Mirantis is helping customers wherever they are in their digital transformation and cloud-native journey.

“All of those things that our services team provides are complementary to the technology. That’s a unique value that only Mirantis can provide to the market, where we can couple open source technologies with strong services to ensure that companies really get the most out of that open source technology and fulfill their ultimate goal, which is to accelerate their pace of innovation,” Van Everen said.

Container networking is a critical piece of the cloud-native world and Mirantis already has expertise in the area, thanks to their work on OpenStack. The company recently joined the Linux Foundation’s LF Networking project which is home to Tungsten Fabric (formerly known as OpenContrail), a technology that Mirantis uses for its OpenStack offerings.

He explains, “While we use Calico for the container networking, Tungsten Fabric would be an important part of the underlying networking supporting Kubernetes deployments. Staying true to our heritage, we want to be involved in the open community and have both a voice and a stake in the direction the communities are moving in.”

As for the ongoing debate or controversy around two competing service mesh technologies Istio and Linkerd, the company has made its bet on Istio. A few months ago, Mirantis announced a training program for Istio, which was bundled with Mirantis’ KaaS offerings.

“We include Istio as a service mesh by default in child clusters under Mirantis KaaS management. It’ll be used as an ingress with Docker Enterprise initially. Moving forward, we’re still looking at how to best deploy it in a service mesh configuration by default and provide a configurable but still functional default deployment for Istio as a service mesh,” said Van Everen.

It might seem like Mirantis is latching on to the latest hot technologies like OpenStack, Spinnaker, Docker Enterprise, Kubernetes, and Istio to see what sticks. In reality, there is a method to it: the company is going where its customers are going, with the technologies that customers are using. It’s a fine balancing act.

“That’s the type of technology challenge that Mirantis embraces. We are open source experts and continue to provide the greatest flexibility and choice in our industry, but we do it in such a way that there are guardrails in place so that companies don’t end up having something that’s overly complex and unmanageable, or configured incorrectly,” he concluded.

Note: Cross posted to TFIR

Linux Gamers And Creators Should Pay Attention To Arch-Based Salient OS

Sometimes our field of vision or limited experience restricts us from seeing worthy alternatives. That’s especially true when it comes to desktop Linux; there is no shortage of quality Linux operating systems to test out. So when I argued here that System76’s Pop!_OS is perfect for gamers and produced this video demonstrating it, there were two passionate camps in the comments section. One side voiced cheerful agreement, but the other side basically said “Clearly you haven’t tried Salient OS.”

OK, challenge accepted. But What Is Salient OS, Anyway? It’s safe to categorize this firmly as a boutique Linux distribution. Its creator “Silent Robot” initially conceived Salient OS to be his own personal “perfect distro,” but members of the community latched on and encouraged him to release it to the wider world.

[Source: Forbes]

Mirantis co-founder launches FreedomFi to bring private LTE networks to enterprises

Boris Renski, the co-founder of Mirantis, one of the earliest and best-funded players in the OpenStack space a few years ago (which then mostly pivoted to Kubernetes and DevOps), has left his role as CMO to focus his efforts on a new startup: FreedomFi. The new company brings together open-source hardware and software to give enterprises a new way to leverage the newly opened 3.5 GHz band for private LTE and — later — 5G IoT deployments.

“There is a very broad opportunity for any enterprise building IoT solutions, which completely changes the dynamic of the whole market,” Renski told me when I asked him why he was leaving Mirantis.

[Source: TechCrunch]

Microsoft’s Azure Sphere, its Linux-based microcontroller plus cloud service, hits general availability

Microsoft’s Azure Sphere hardware and service designed to better secure Internet of Things (IoT) devices is generally available as of today, February 24. Microsoft initially introduced Azure Sphere, which includes a Microsoft-developed Linux operating system for microcontrollers, in 2018. The technology evolved out of a Microsoft Research project, called Project Sopris.

“IoT is in the science-fair stage. Every enterprise is doing at least one experiment here. But security is really keeping them from going to scale, ” said Galen Hunt, a Microsoft Distinguished Engineer and managing director of Azure Sphere.

[Source: ZDNet]

An Open Source Ebike

In the ebike world, there are two paths. The first is a homemade kit bike with motors and controllers from China. The second is a prebuilt bike from a manufacturer like Giant, with motors and controllers from China, which will be half as fast and cost three times as much. The choice is obvious, and there are other benefits to taking the first path as well, such as using this equipment which now has an open source firmware option.

The Tong Sheng TSDZ2 drive is popular in the ebike world because it’s an affordable kit motor which has a pedal-assist mode using torque sensors, resulting in a more polished experience. In contrast, other popular kit motors tend to rely on less expensive cadence sensors which are not as smooth or intuitive.

[Source: Hackaday]