Twitter
Home Blog Page 672

5 systemd Tools You Should Start Using Now

By
Paul Brown
-

Once you get over systemd’s rude departure from the plain-text, script-laden System V of yore, it turns out to be quite nifty and comes with an equally nifty toolbox. In this article, we’ll be looking at four of those tools, plus one you’re probably already familiar with but haven’t used in the way you will see here.

So, without more ado…

coredumpctl

You can use this tool, as the name implies, to retrieve coredumps from systemd’s journal.

By running:

coredumpctl

you will get all coredumps in a summarized list. This list may go back weeks or even months.

Figure 1: coredumpctl lists all coredumps registered in the journal.

By using

coredumpctl dump filter

you get a more detailed output about the last coredump that matches the filter. So,

coredumpctl dump 1758

will show all the details of the last coredump with PID 1758. As systemd’s journal broaches more than one session (mine goes back to May, for example), it is conceivable that there are several unrelated coredumps from processes with the same PID.

Figure 2: The dump modifier allows you extract much more detail from the coredump.

Likewise, if you filter using the name of the executable, for example, with:

coredumpctl dump chrome

you will see only the latest coredump for chrome. This makes sense, because it is probably the one you want and the most relevant to your current problem.

You can filter coredumps using PID (as shown above), the name of the executable (also shown above), by specifying the path to the executable (it must contain at least one slash, as in /usr/bin/name_of_executable), or use one or several of journalctl‘s general predicates. An example of the latter would be:

coredumpctl dump _PID=1758

which would be the same as the coredumpctl dump 1758 we saw above.

Another, more interesting example of using journalctl predicates would be to use a coredump’s timestamp:

coredumpctl dump _SOURCE_REALTIME_TIMESTAMP=1463932674907840

For a list of all journalctl’s predicates, have a look at the JOURNAL FIELDS section in man systemd.directives.

If instead of using the dump option, you use

coredumpctl gdb 1758

you will get all the details of the coredump and you will open the GNU debugger (gdb) so you can start debugging right away.

bootctl

Just in case you missed the memo, systemd-boot and not GRUB, is also in charge of the booting firmware now. Yes! That is yet another thing systemd has gobbled down its hungry maw, at least on most modern machines with a UEFI firmware.

Although learning how to configure a boot manager from scratch goes beyond the scope of this post (if you are really interested, this article may prove helpful), when you have done your custom configuration, you will need to use bootctl to get it installed.

(If you’re a Linux newbie, fear not: you will probably never have to do any of what is covered in this section. Your distro will do it for you. This is for Linux control freaks, aka Arch users, who can’t resist messing with every single aspect of their system.)

You need to be root (or invoke the command with sudo) to use bootctl. This may be the first indication that you should treat this command with respect: Misusing bootctl can render your system unbootable, so be careful.

A harmless way of leveraging bootctl is to use it to check the boot status of your machine. Note that, unless /boot points directly to an FAT EFI partition, you will have to specify the route to the EFI boot partition manually using the --path= option. In my openSUSE, for example, I have to do:

bootctl --path=/boot/efi

This will list all the boot options and their variables. You can see what my boot looks like in Figure 3. This is the default behavior and is the same as bootctl --path=/boot/efi status.

Figure 3: The bootctl tool allows you to view and manipulate the boot manager settings.

The output shows where the boot binary is stored (ESP:) and each of the bootable options.

If you’ve built your own boot manager framework, you can install it with:

bootctl --path=/boot/path/to/efi install

This also generates the binary systemd-boot file and stores it in boot/path/to/efi/EFI/Boot and adds a call to it at the top of boot order list.

If you have a newer version than the one installed in the EFI partition, you can update your systemd-boot with:

bootctl --path=/boot/path/to/efi update

You can remove systemd-boot from your EFI partition with:

bootctl --path=/boot/path/to/efi remove

Needless to say, be careful with this last one.

systemd-cgtop

Similar to the classic top tool that tells you which process is hogging your resources, systemd-cgtop tells you which cgroup is eating up most of your CPU cycles and memory.

If you are not familiar with control groups — cgroups for short — they provide a way of partitioning off resources for groups of users and tasks. You can, for example, use cgroups to set the limits of CPU and memory usage on a machine shared between two different groups of users and the applications they use. There is a complete explanation with examples on how to use and implement cgroups here.

systemd relies heavily on cgroups to control its services and systemd-cgtop is how you check that none of the groups are getting out of hand. And, If it is, you can then kill the whole group without needing to actually hunt down each of the processes in the group and killing them individually.

Look at Figure 4. What you see there is the very image of a sane and happy system. Nothing is hogging resources, and only some of all the activity of all the cgroups is registering at all. But I could, for example, get rid of the auditd service if it were misbehaving. As it is not essential to keep the system running, I can do this with:

systemctl kill auditd.service

And… poof! It’s gone!

Figure 4: systemd-cgtop tells you how your cgroups are behaving.

In this case, auditd.service has only got to tasks associated with it, but, as you can see, some have literally hundreds, especially groups used for end users, so using systemctl to call cgroups is very convenient.

By the way, if you want to see the processes within a given cgroup, try this:

systemd-cgls /cgroup.name

For example, try this:

systemd-cgls /system.slice/NetworkManager.service

And you’ll see all the processes working under the NetworkManager sub-cgroup.

Conclusion

This was a just a taste of the tools systemd has for system administration. Not only are there many more (and we’ll be looking at a new batch in a future article), but also the options and combinations you can use with these instructions make them much more powerful than they seem at first glance.

If you would like to delve more deeply into systemd, use:

man systemd.index

to get an overview of all the man pages related with systemd.

Advance your career in Linux System Administration! Check out the online Essentials of System Administration course from The Linux Foundation — also offered in Spanish and Portuguese.

Top 10 Tech Predictions For 2017 From IDC

By
Forbes
-

IDC released today its 10 IT industry predictions for 2017 in a webcast with Frank Gens, IDC’s senior vice president and chief analyst. The predictions covered many trends driving success today and in the future, from how the entire global economy will be re-shaped by digital transformation, the transition of all enterprises from being “digital immigrants” to being “digital natives,” the scaling up of innovation accelerators, the emergence of “the 4th platform” (a new set of technologies that will become mainstream in ten years), drastic changes in how enterprises connect to their customers, and the ecosystem becoming as important for business success as IP.

Here are IDC’s ten predictions:

Read more at Forbes

The Company of the Future

By
Thomas Euler
-

In the process of eating the world, software had traditional organizational structures for lunch. Analogies, methods and tactics that originated in the IT world have a major influence on general business thinking (as they should; the two are increasingly the same thing). Today, we talk about ‘new operating systems for organizations’, organisations are understood as networksagile management is all the buzz and every new company wants to be a lean startup, create an MVP and iterate from there.

Conversely, looking at new developments in technology can often give a hint at the future of business at large. I see three developments that have the potential to influence our company of the future in a major way.

  • Microservices
  • Blockchain
  • Industry 4.0

While this might read like a list of keynote topics at any major tech conference in 2016, let’s look further than the average trend report.

Read more at Thomas Euler’s Blog

Trireme Open-Source Security Project Debuts for Kubernetes, Docker

By
eWeek
-

Network isolation isn’t the only way to secure application containers anymore, so Aporeto unveils a new security model for containers running in Docker or as part of Kubernetes cluster.

Dimitri Stiliadis co-founded software-defined networking (SDN) vendor Nuage Networks in 2011 in a bid to help organizations improve agility and security via network isolation. In the container world, however, network isolation alone isn’t always enough to provide security, which is why Stiliadis founded Aporeto in August 2015. On Nov. 1, Aporeto announced its open-source Trireme project, providing a new security model for containers running in Docker or as part of a Kubernetes cluster.

Read more at eWeek

5 Reasons to Opt for a Linux Rolling Distro vs. a Standard Release

By
PCWorld
-

There are a lot of reasons I recommend Ubuntu to Linux newbies. It’s well supported, reasonably stable, and easy to use. But I prefer to roll with Arch Linux myself. It has several compelling attributes, but one of its biggest pluses is that Arch is a rolling-release distribution.

What?

If you’re using Linux for the first time, there’s a pretty good chance your OS is what’s called a “versioned release” distribution. Ubuntu, Fedora, Debian, and Mint all release numbered versions of their respective operating systems. By contrast, a rolling-release distribution eschews versions altogether. Here are a few of the things you can expect from a rolling release.

Read more at PCWorld

What Is the Linux Kernel?

By
Mohd Sohail
-

So Linux is 25 years old now. The Linux kernel was created by a Finnish student named Linus Torvalds in 1991 who at the time was a 21-year-old computer science student at the University of Helsinki, Finland . On 25 August 1991, Torvalds posted the following to comp.os.minix, a newsgroup on Usenet…

“I’m doing a (free) operating system (just a hobby, won’t be big and professional like gnu) for 386 (486) AT clones. This has been brewing since April, and is starting to get ready. I’d like any feedback on things people like/dislike in minix, as my OS resembles it somewhat (same physical layout of the file-system (due to practical reasons) among other things).

Read At LinuxAndUbuntu

Apcera Platform Primes Containers for Enterprise Deployment

By
SDx Central
-

Apcera today is launching what it claims is the first enterprise-grade container management platform. The idea is to provide a turnkey package that includes all the functions necessary for running containers — functions such as orchestration and networking, along with aspects such as security.

It would be like turning “containers” and their environment into a single product, packaged nicely and wrapped up with a bow. Something parallel is happening in OpenStack and cloud management, where startups such as Platform9 and ZeroStack are finding ways to figuratively shrink-wrap the cloud into an all-inclusive offering.

Here’s the tradeoff. Apcera made things simpler for the enterprise by selecting pieces of the environment ahead of time — orchestration, for example. There’s still a lot of flexibility to choose things like software stacks, but “we answered all the dependency questions for you,” says Josh Ellithorpe, Apcera’s lead architect.

Read more at SDxCentral

It’s Finally Legal To Hack Your Own Devices (Even Your Car)

By
Wired
-

Last Friday, a new exemption to the decades-old law known as the Digital Millennium Copyright Act quietly kicked in, carving out protections for Americans to hack their own devices without fear that the DMCA’s ban on circumventing protections on copyrighted systems would allow manufacturers to sue them. One exemption, crucially, will allow new forms of security research on those consumer devices. Another allows for the digital repair of vehicles. Together, the security community and DIYers are hoping those protections, which were enacted by the Library of Congress’s Copyright Office in October of 2015 but delayed a full year, will spark a new era of benevolent hacking for both research and repair.

Read more at WIRED

Web Pioneer Tries to Incubate a Second Digital Revolution

By
MIT Technology Review
-

Brian Behlendorf knows it’s a cliché for veteran technologists like himself to argue that society could be run much better if we just had the right software. He believes it anyway.

“I’ve been as frustrated as anybody in technology about how broken the world seems,” he says. “Corruption or bureaucracy or inefficiency are in some ways technology problems. Couldn’t this just be fixed?” he asks.

This summer Behlendorf made a bet that a technology has appeared that can solve some of those apparently human problems. Leaving a comfortable job as a venture capitalist working for early Facebook investor and billionaire Peter Thiel, he now leads the Hyperledger Project, a nonprofit in San Francisco created to support open-source development of blockchains, a type of database that underpins the digital currency Bitcoin by verifying and recording transactions.

Read more at MIT Tehnology Review

Fireside Chat: GKH Talks Licensing, Email, and Aging Maintainers

By
Eric Brown
-

No one aside from Linus Torvalds has more influence or name recognition in the Linux Kernel project than Greg Kroah-Hartman. More commonly known as GKH, the ex SUSE kernel developer and USB driver maintainer is now a Linux Foundation Fellow and the full-time maintainer of the -stable Linux branch and staging subsystem, among other roles. In a recent Fireside Chat with Kroah-Hartman at Embedded Linux Conference Europe, Tim Bird, Chair of the Architecture Group of the Linux Foundation’s CE Working Group, described him as the hardest working person he knows.

Not only does Kroah-Hartman review an endless series of kernel patchsets and explore new directions for Linux — he attends almost every Linux-related conference in the world, said Bird. This year, GKH will only reach about 100,000 miles of travel, down from last year’s 140K. This slacker schedule may in part be due to recently moving with his family from the Pacific Northwest to Paris, France.

But why Paris, asked Bird. “The food and wine are good,” said GKH. “My daughter thinks I’m having a midlife crisis. I claimed she’s on the coattails of it – she worked at LinuxCon last week.” For the record, GKH said his main goal in Paris was to collaborate with researchers at Pierre Marie Curie University on applied research in OS and system design.

The Keynote Fireside Chat at ELC Europe, held Oct, 11-13 in Berlin, focused primarily on two issues: whether older kernel maintainers should hand their jobs over to younger developers, and how to best bring open source scofflaws into compliance (see below). Meanwhile, here are a few other edited quick takes from GKH about issues ranging from patch review technologies to the role of Linux on microcontrollers.

On whether Linux has a role on microcontrollers…

GKH: A student of mine got Linux running on a Cortex-M3 with 4MB, which is great for Linux, but 2MB is pushing it. At LinuxCon in Toronto, some of us were drunk and found ways that we think we can get the kernel into 512KB — but it won’t do anything. Stripping Linux down for these chips would be awesome — I’d love to do that. But there are already so many good OSes for this. Zephyr is now a good alternative to Nuttx.

On whether email still makes sense as the basis for patch review, vs. say, Gerritt…

GKH: There’s nothing else that’s better, faster, or more widely used around the world than email. It’s free, and it works great for people who can’t use GUIs, who have intermittent Internet access, or who don’t speak English as their first language. You can also use tools on top of email such as Patchwork, which can tie into continuous integration and testing, and that’s what people use Gerrit for.

On whether there are too many aging kernel developers and maintainers…

GKH: Yes, we are getting old, but it beats the alternative. Age is a dual factor. David Miller has maintained the network stack for 21 years, and I’ve been maintaining USB since the 1990s. That’s knowledge, depth, and information. When USB 3 came out, Microsoft put a whole new team on it. We had one really good developer – Sarah Sharp – implement USB 3 for us in half the time. So knowledge is good.

But we also work on getting in new developers. We work with Outreachy and Summer of Code and lots of universities to bring in interns, some of whom are younger than Linux. We have tons work – if people want to do it. We have subsystems that nobody maintains. The Parallel port subsystem hadn’t had a maintainer for over 12 years because no one wanted to do it. A new developer came in and converted the Parallel ports to the driver model, and he did great, and he got a job. So youthful ignorance and blind ambition are great. I was there.

On the dos and don’ts of open source licensing compliance…

GKH: Amazon is an example of a company that perfectly complies with the license, but all they do is throw this random tarball up on some website. It’s the old SourceForge, ‘Let’s bury it somewhere’ crap, and that’s not good. It costs them money, and it’s a pain for us. So we just ignore them. They’re not receiving any of the benefits of being part of the community.

The biggest problem we have is the dumping of these huge patchsets. Look at Qualcomm’s 2.5 million lines of code crap in a git repository – okay, so it’s getting better, now it’s only 1.5 million lines. That’s crazy — it’s impossible to mine. They say, ‘Ooh, our new chips are based on kernel 3.18.’ Good job, guys. You’ll reach 4.4 just in time for me to obsolete that kernel. So all these embedded devices are running these crazy patchsets. It’s Linux ‘like’. There are entire SoCs and graphics drivers that nobody’s ever seen or touched.

On whether the Linux community is tough enough in enforcing open source compliance…

GKH: There’s been a lot of discussion lately about GPL enforcement. People have claimed that if we don’t enforce the GPL, it’s the same as BSD. That’s flat out false. Yes, people violate our license. That always happens. But it’s gotten a lot better. Back in the 1990s, people were shipping closed source Ethernet, SCSI, and controller drivers. It was crazy.

Intel used to be one of the biggest GPL violators, and now they’re our biggest supporter. And that happened due to us working with them. If you go into a company with lawyers, walls are going to come down, and you’re going to alienate everybody. It’s better if your developers contact the developers inside the company and say ‘What can we do to help you get your code merged into the kernel?’

Look at Microsoft, which is now an active contributor to Linux. That happened because Microsoft’s customers wanted open source, and because I knocked on their door nicely and asked if we could help with their kernel code. Their initial code dump was 12,000 lines of crap. We added it to the kernel staging directory, and after a year when we finally merged it out, it was only 7,000 lines, and supported four new device types. We showed them that if they worked with us, we could make their code smaller, make their stuff run better, and make their customers happier.

We’re in it for the long haul. We don’t just want an instant code dump — we want them to become part of our community. You may want to get one device working, but what you really want is to get them to join the community. The only way we’re going to survive is if we bring in more people. Make them realize that working with the community saves them time and money. One day, they will become so reliant on Linux that they have to invest. They will turn to their partners and ask why they aren’t doing the same. This has been proven again and again.

Watch the complete fireside chat with Greg Kroah-Hartman below:

https://www.youtube.com/watch?v=s2I_7uCto5Q?list=PLbzoR-pLrL6pRFP6SOywVJWdEHlmQE51q

Watch all 125+ sessions from ELC + OpenIoT Summit covering the latest on embedded Linux development and open source IoT. Watch now >>

Embedded Linux Conference + OpenIoT Summit North America will be held on February 21 – 23, 2017 in Portland, Oregon. Check out over 130 sessions on the Linux kernel, embedded development & systems, and the latest on the open Internet of Things.

 

Linux.com readers can register now with the discount code, LINUXRD5, for 5% off the attendee registration price. Register now>>

 
1...671672673...10,743Page 672 of 10,743