May was the month for learning at Linux.com and The Linux Foundation, and we covered a range of topics and offered an array of free resources to help you expand your knowledge of Linux and open source. Let’s take a look at some of the month’s most popular content.
With the rapid adoption of open source in the enterprise comes the need for sound security practices. This article by Sam Dean looks at various resources for securing your open source code, including links to free tools, checklists, and best practices.
Looking for more free training? Enrollment is now open for The Linux Foundation’s new Introduction to Open Source Networking Technologies training course (LFS165x). This online course, available for free on edX.org, teaches the fundamentals needed to understand and adopt SDN, NFV, network automation, and modern networking.
A new ebook Open Source AI: Projects, Insights, and Trends by Ibrahim Haddad covers 16 open source AI projects, including Acumos AI, Apache Spark, Caffe, and TensorFlow. This free, 100+ page ebook provides in-depth information on the projects’ histories, codebases, and GitHub contributions, and more.
Interested in more about AI? Check out these open source AI and machine learning articles and enter the Acumos AI developer challenge.
Chances are you’ve heard about Snap packages. These universal packages were brought into the spotlight with the release of Ubuntu 16.04 and have continued to draw attention as a viable solution for installing applications on Linux. What makes Snap packages so attractive to the end user? The answer is really quite easy: Simplicity. In this article, I’ll answer some common questions that arise when learning about Snaps and show how to start using them.
Exactly what are Snap packages? And why are they needed? Considering there are already multiple ways to install software on Linux, doesn’t this complicate the issue? Not in the slightest. Snaps actually makes installing/updating/removing applications on Linux incredibly easy.
How does it accomplish this? Essentially, a Snap package is a self-contained application that bundles most of the libraries and runtimes (necessary to successfully run an application) into a single, universal package. Because of this, Snaps can be installed, updated, and reverted without affecting the rest of the host system, and without having to first install dependencies. Snap packages are also confined from the OS (via various security mechanisms), yet can still function as if it were installed by the standard means (exchanging data with the host OS and other installed applications).
Are Snaps challenging to work with? In a word, no. In fact, Snaps make short work of installing apps that might otherwise challenge your Linux admin skills. Since Snap packages are self-contained, you only need to install one package to get an app up and running.
Although Snap packages were created by Ubuntu developers, they can be installed on most modern Linux distributions. Because the necessary tool for Snap packages is installed on the latest releases of Ubuntu out of the box, I’m going to walk you through the process of installing and using Snap packages on Fedora. Once installed, using Snap is the same, regardless of distribution.
Installation
The first thing you must do is install the Snap system, aka snapd. To do this on Fedora, open up the terminal window and issue the command:
sudo dnf install snapd
The above command will catch any necessary dependencies and install the system for Snap. That’s all there is to is. You’re ready to install your first Snap package.
Installing with Snap: Command-line edition
The first thing you’ll want to do is find out what packages are available to install via Snap. Although Snap has begun to gain significant momentum, not every application can be installed via Snap. Let’s say you want to install GIMP. First you might want to find out what GIMP-relate packages are available as Snaps. Back at the terminal window, issue the command:
sudo snap find gimp
The command should report only one package available for GIMP (Figure 1).
Figure 1: GIMP is available to install via Snap.
To get a better idea as to what the find option can do for you, issue the command:
sudo snap find nextcloud
The output of that command (Figure 2) will report Snap packages related to Nextcloud.
Figure 2: Searching for Nextcloud-related Snap packages.
Let’s say you want to go ahead and install GIMP via Snap. To do this, issue the command:
sudo snap install gimp
The above command will download and install the Snap package. After the command completes, you’ll find GIMP in your desktop menu, ready to use.
Updating Snap packages
Once a Snap package is installed, it will not be updated by the normal method of system updating (via apt, yum, or dnf). To update a Snap package, the refresh option is used. Say you want to update GIMP, you would issue the command:
sudo snap refresh gimp
If an updated Snap package is available, it will be downloaded and installed. Say, however, you have a number of Snap packages installed, and you want to update them all. This is done with the command:
sudo snap refresh
The snapd system will check all installed Snap packages against what’s available. If there are newer versions, the installed Snap package will be updated. One thing to note is that Snap packages are automatically updated daily, so you don’t have to manually issue the refresh command, unless you want to do this manually.
Listing installed Snap packages
What if you’re not sure which Snap packages you’ve installed? Easy. Issue the command sudo snap list and all of your installed Snap packages will be listed for you (Figure 3).
Figure 3: Listing installed Snap packages.
Removing Snap packages
Removing a Snap package is just as simple as installing. We’ll stick with our GIMP example. To remove GIMP, issue the command:
sudo snap remove gimp
One thing you’ll notice is that removing a Snap package takes significantly less time than uninstalling via the standard method (i.e., sudo apt remove gimp or sudo dnf remove gimp). In fact, on my test Fedora system, installing, updating, and removing GIMP was quite a bit faster than doing so with dnf.
Installing with Snap: GUI edition
You can enable Snap support in GNOME Software with a quick dnf install command. That command is:
sudo dnf install gnome-software-snap
Once the command finishes, reboot your system and open up GNOME Software. You will be prompted to enable third party repositories (Figure 4). Click Enable and Snap packages are now ready to be installed.
Figure 4: Enabling the Snap repositories in GNOME Software.
If you now search for GIMP, you will see two versions available. Click on one and if you see Snap Store as the source (Figure 5), you know that’s the Snap version of GIMP.
Figure 5: Installing a Snap package through GNOME Software.
Although I cannot imagine a reason for doing so, you can install both the standard and Snap version of the package. You might find it difficult to know which is which, however. Just remember, if you use a mixture of Snap and non-Snap packages, you must update them separately (which, in the case of Snap packages, happens automatically).
Get your Snap on
Snap packages are here to stay, of that there is no doubt. No matter if you administer or use Linux on the server or desktop, Snap packages help make that task significantly easier. Get your Snap on today and see if you don’t start defaulting to this universal package format, over the standard installation fare.
Learn more about Linux through the free “Introduction to Linux” course from The Linux Foundation and edX.
Vehicles are increasingly software-defined networks on wheels. In response, Automotive Grade Linux (AGL) has exploded in popularity. Dan Cauchy, a 2018 Top Embedded Innovator and Executive Director of AGL offers insight on trends in open source software and the automotive market.
Today, Linux is everywhere, including cars. What can you tell us about your vision for AGL in vehicles?
CAUCHY: The question implies that AGL is simply an operating system, when in fact it is much more than that. It is a complete software stack combined with a thriving ecosystem.
AGL is built from the ground up including the Linux kernel and hardware board support package, middleware, application framework and APIs, software-development kit (SDK), and reference applications. It is a complete system but offers the flexibility of being fully customizable.
With the rise of containers and virtual machines, some system administrators have been neglecting their system logs. That’s a mistake.
Even if your containerized applications spin up and down several times an hour, you still need to keep and analyze logs. To find the root cause of a failure or to track down a system attack, you must be able to review what happened, when it happened, and what components of your software and hardware stack were affected. Otherwise, you’ll waste time looking for problems in the wrong place — time that you don’t have to spare in an emergency. Or, worse still, you may miss hidden issues such as performance problems, security violations, or costly use of system resources.
Without system logs, you’re not administering a system; you’re running a black box and hoping for the best. That’s no way to run servers, whether they are physical, virtual, or containerized.
So, here are some of the basics to keep in mind as you approach server logging in the 21st century. These are all practices that I either use myself or picked up from other sysadmins, including many from the invaluable Reddit/sysadmin group.
Linux manages hardware peripherals using kernel modules. Here’s how that works.
A running Linux kernel is one of those things you don’t want to upset. After all, the kernel is the software that drives everything your computer does. Considering how many details have to be simultaneously managed on a live system, it’s better to leave the kernel to do its job with as few distractions as possible. But if it’s impossible to make even small changes to the compute environment without rebooting the whole system, then plugging in a new webcam or printer could cause a painful disruption to your workflow. Having to reboot each time you add a device to get the system to recognize it is hardly efficient.
To create an effective balance between the opposing virtues of stability and usability, Linux isolates the kernel, but lets you add specific functionality on the fly through loadable kernel modules (LKMs). As shown in the figure below, you can think of a module as a piece of software that tells the kernel where to find a device and what to do with it. In turn, the kernel makes the device available to users and processes and oversees its operation.
Unlike most other IoT threats, malware can survive reboot.
A new threat which targets a range of routers and network-attached storage (NAS) devices is capable of knocking out infected devices by rendering them unusable. The malware, known as VPNFilter, is unlike most other IoT threats because it is capable of maintaining a persistent presence on an infected device, even after a reboot. VPNFilter has a range of capabilities including spying on traffic being routed through the device. Its creators appear to have a particular interest in SCADA industrial control systems, creating a module which specifically intercepts Modbus SCADA communications.
While VPNFilter has spread widely, data from Symantec’s honeypots and sensors indicate that unlike other IoT threats such as Mirai, it does not appear to be scanning and indiscriminately attempting to infect every vulnerable device globally.
Q: What devices are known to be affected by VPNFilter?
A: To date, VPNFilter is known to be capable of infecting enterprise and small office/home office routers from Linksys, MikroTik, Netgear, and TP-Link, as well as QNAP network-attached storage (NAS) devices. These include:
Linksys E1200
Linksys E2500
Linksys WRVS4400N
Mikrotik RouterOS for Cloud Core Routers: Versions 1016, 1036, and 1072
Attempts to establish Linux as a gaming platform have failed time and time again, with Valve’s SteamOS being the latest high-profile casualty. Yet, Linux has emerged as a significant platform in the much smaller niche of retro gaming, especially on the Raspberry Pi. Atari has now re-emerged from the fog of gaming history with an Ubuntu-based Atari VCS gaming and media streaming console aimed at retro gamers.
In addition to games, the Atari VCS will also offer Internet access and optional voice control. With a Bluetooth keyboard and mouse, the system can be used as a standard Linux computer. The catch is that the already delayed systems won’t ship until July 2019.
Indiegogo deals
Shortly after appearing on Indiegogo this week, the Atari VCS vaulted over its $100,000 funding goal to hit $1.7 million and counting. Indiegogo packages that are discounted by $50 include a basic Atari VCS Onyx model that goes for $199 or $229 with a classic joystick. These are both Early Bird deals that expire June 4.
There is also a wood-paneled Collector’s Edition version that sells for $299 with a classic joystick or $339 with a modern game controller. Other deals, including a $319 package with both the joystick and modern controller, are available for the next month.
The Atari VCS was unveiled as the Ataribox last September. The new prototype looks the same, with a design borrowed from the circa-1977 Atari 2600, but with sleek, tapered edges.
The Ataribox was originally said to run a Linux stack on an AMD customized processor with Radeon Graphics technology. Some observers had hoped that the delay in launching the Indiegogo campaign meant that Atari would tap one of AMD’s new, gaming-friendly AMD Ryzen processors. However, it settled for one of AMD’s two-year old Bristol Ridge A1 chips with Radeon R7 graphics. This is overkill for most retro games, but, depending on the A1 model, may be too underpowered to attract developers thinking of porting more modern games.
Back in the ’70s and ’80s, Atari offered one of the largest game platforms around, combining a console with a large catalog of 2D titles. The company faded later under the onslaught of major 3D gaming consoles from Nintendo, Sony, and others, and its last console — the 1993 Jaguar — disappeared quickly. After filing for bankruptcy protection in 2013, Atari rebounded as a mobile games developer, and has licensed its name for the Blade Runner 2049 movie.
Features
Atari offers an Atari Vault library with more than 100 classic games in their original arcade and/or Atari 2600 formats. Next year, it will launch a new Atari VCS Store in partnership with “a leading industry partner to be announced shortly.”
By the launch date, Atari plans to have “new and exclusive” games for download or streaming, including “reimagined classic titles from Atari and other top developers,” as well as multi-player games. The Atari VCS Store will also offer video, music and other content. For now, Atari has listed 14 content partners.
The hardware is not open source, and the games will be protected with HDCP. However, the Ubuntu Linux stack based on Linux kernel 4.10 is open source, and includes a “customizable Linux UX.” A Linux “sandbox” will be available for developing or porting games and apps.
Developers can build games using any Linux compatible gaming engine, including Unity, Unreal Engine, and Gamemaker. Atari also says that “Linux-based games from Steam and other platforms that meet Atari VCS hardware specifications should work.” Developers must register with Atari, and the games must be pre-approved. Atari VCS Store will take an “industry-standard percentage” of the sale price.
Manufactured by Flex, the Atari VCS ships with 4GB DDR4 RAM, as well as 32GB eMMC and a microSD slot. The 14.5×5.3×1.6-inch system is further equipped with dual-band WiFi and Bluetooth 5.0, as well as HDMI 2.0, Gigabit Ethernet, and 4x USB 3.0 ports. A 4-mic array supports voice commands, and the system is compatible with typical Bluetooth and USB controllers in addition to Atari’s Bluetooth-connected joystick and controller.
The platform will offer live streaming using Twitch.tv and will support cross-game chat using Skype and Discord. Optional cloud storage and other Internet services will be available via subscription.
Despite its Indiegogo success, there’s no guarantee the Atari VCS won’t go the way of the Steam Machine in the larger gaming market. However, the competition is less daunting in retro gaming, and the fact that at least 6,300 backers are willing to wait over a year for their Linux gaming box is promising indeed.
Artificial Intelligence (AI) has quickly evolved over the past few years and is changing the way we interact with the world around us. From digital assistants, to AI apps interpreting MRIs and operating self-driving cars, there has been significant momentum and interest in the potential for machine learning technologies applied to AI.
The Acumos AI Challenge, presented by AT&T and Tech Mahindra, is an open source developer competition seeking innovative, ground-breaking AI solutions from students, developers, and data scientists. We are awarding over $100,000 in prizes, including the chance for finalists to travel to San Francisco to pitch their solutions during the finals on September 11, 2018. Finalists will also have the chance to have their solutions featured in the Acumos Marketplace, exposure, and meetings with AT&T and Tech Mahindra executives.
Linux is a family of free, open source software operating systems built around the Linux kernel. Originally developed for personal computers based on the Intel x86 architecture, Linux has since been ported to more platforms than any other operating system. Thanks to the dominance of the Linux kernel-based Android OS on smartphones, Linux has the largest installed base of all general-purpose operating systems. Linux is also the leading operating system on servers and “big iron” systems such as mainframe computers, and it is the only OS used on TOP500supercomputers.
To tap this functionality, many enterprise companies have adopted servers with a high-powered variant of the Linux open source operating system. These are designed to handle the most demanding business application requirements, such as network and system administration, database management, and web services. Linux servers are often chosen over other server operating systems for their stability, security, and flexibility. Leading Linux server operating systems include CentOS, Debian, Ubuntu Server, Slackware, and Gentoo.
What features and benefits on an enterprise-grade Linux server should you consider for an enterprise workload?
Containerd integration is now generally available as a runtime option for the open source Kubernetes container orchestration system.
While Docker is the dominant player among container runtimes, some experts in the field believe other options such as containerd can sometimes be the better choice.
With that in mind, engineers from Google, Docker, IBM, ZTE and ZJU have developed a way to use containerd instead of Docker. While it may seem strange that Docker Inc. is involved what appears to be a competing project, the company actually initiated the containerd project before donating it to the community, and the Docker engine is based on it.
The backers of containerd describe it as an industry-standard container runtime with an emphasis on simplicity, robustness and portability.
