Category: Linux Journal – The Original Magazine of the Linux Community

Bare-Bones Monitoring with Monit and RRDtool

Bare-Bones Monitoring with Monit and RRDtool:

How to provide robust monitoring to low-end systems.

When running a critical system, it’s necessary to know what resources
the system is consuming, to be alerted when resource utilization reaches a
specific level and to trend long-term performance. Zabbix and Nagios are
two large-scale solutions that monitor, alert and trend system performance,
and they each provide a rich user interface. Due to the requirements of those
solutions, however, dedicated hardware/VM resources typically are required to host
the monitoring solution. For smaller server implementations, options
exist for providing basic monitoring, alerting and trending functionality.
This article shows how to accomplish basic and custom monitoring and
alerting using Monit. It also covers how to monitor long-term trending of system performance
with RRDtool.

Initial Monit Configuration

On many popular Linux distros, you can install Monit from the associated
software repository. Once installed, you can handle all the configuration
with the monitrc configuration file. That file generally is located within
the /etc directory structure, but the exact location varies based
on your distribution.

The config file has two sections:
Global and Services. The Global section allows for custom configuration
of the Monit application. The Monit service contains a web-based front
end that is fully configurable through the config file. Although the section
is commented out by default, you can uncomment items selectively for
granular customization. The web configuration block looks like this:


set httpd port 2812 and
    use address localhost
    allow localhost
    allow admin:monit

The first line sets the port number where you can access Monit
via web browser. The second line sets the hostname (the HTTP
Host header) that’s used to access Monit. The third line sets the
host from which the Monit application can be accessed. Note that you also
can do this using a local firewall access restriction if a
firewall is currently in place. The fourth line allows the configuration
of a user name/password pair for use when accessing Monit. There’s
also a section that allows SSL options for encrypted connections to Monit.
Although enabling SSL is recommended when passing authentication data, you
also could reverse-proxy Monit through an existing
web server, such as nginx or Apache, provided SSL is already configured
on the web server. For more information on reverse-proxying Monit
through Apache, see the Resources section at the end of this article.

The next items you need to enable deal with configuring
email alerts. To set up the email server through which email will be
relayed to the recipient, add or enable the following line:

via Linux Journal – The Original Magazine of the Linux Community

New Version of PuTTY Fixes Several Vulnerabili…

New Version of PuTTY Fixes Several Vulnerabilities, Google Announces the Stadia Cloud Gaming Service, Save the Internet Day March 23, Google Fined $1.49 Billion and NVIDIA Launches the Jetson Nano:

News briefs for March 20, 2019.

A new version of the PuTTY SSH client received several security patches over the weekend,
including one that “fixed a ‘game over’ level vulnerability”, according to
The
Register
. Version 0.71 includes “new features plugging a plethora of
vulns in the Telnet and SSH client, most of which were uncovered as part of
an EU-sponsored HackerOne bug bounty”.

Google announces Stadia, its new cloud gaming service. The
Verge
reports
that “Stadia will stream games from the cloud to the
Chrome browser, Chromecast, and Pixel devices, and it will launch at some
point in 2019 in the US, Canada, UK, and Europe.” Google also is launching
the Stadia Controller, which “looks like a cross between an Xbox and PS4
controller, and it will work with the Stadia service by connecting directly
through Wi-Fi to link it to a game session in the cloud.”

Save the Internet Day is
planned for March 23 in response to the planned EU copyright reform: “The
planned EU copyright reform constitutes a massive threat to the free exchange
of opinions and culture online. Together, on 23 March 2019 we call for a
Europe-wide day of protests against the dangers of the reform.” Visit here for an overview of the
planned protests.

Google is fined $1.49 billion by the European commission for search ad
brokering antitrust violations. TechCrunch
quotes
EU competition commissioner Margrethe Vestager: “Today’s
decision is about how Google abused its dominance to stop websites using
brokers other than the AdSense platform”.

NVIDIA launched the Jetson Nano module and Jetson Nano Dev Kit. Linux
Gizmos reports
that the Jetson Nano Developer kit is available for
pre-order for $99 and that it will ship sometime in April. The post quotes
NVIDIA, who says the Jetson Nano “delivers 472 GFLOPS of compute performance for running modern
AI workloads and is highly power-efficient, consuming as little as 5
watts”.

via Linux Journal – The Original Magazine of the Linux Community

Handling Complex Memory Situations

Handling Complex Memory Situations:

Jérôme Glisse felt that the time had come for the Linux kernel
to address seriously the issue of having many different types of memory
installed on a single running system. There was main system memory and
device-specific memory, and associated hierarchies regarding which memory
to use at which time and under which circumstances. This complicated new
situation, Jérôme said, was actually now the norm, and it should be treated
as such.

The physical connections between the various CPUs and devices and RAM
chips—that is, the bus topology—also was relevant, because it could influence
the various speeds of each of those components.

Jérôme wanted to be clear that his proposal went beyond existing efforts
to handle heterogeneous RAM. He wanted to take account of the wide range of
hardware and its topological relationships to eek out the absolute
highest performance from a given system. He said:

One of the reasons for
radical change is the advance of accelerator
like GPU or FPGA means that CPU is no longer the only piece where
computation happens. It is becoming more and more common for an application
to use a mix and match of different accelerator to perform its computation.
So we can no longer satisfy our self with a CPU centric and flat view of a
system like NUMA and NUMA distance.

He posted some patches to accomplish several different things. First, he
wanted to expose the bus topology and memory variety to userspace as a
clear API, so that both the kernel and user applications could make the
best possible use of the particular hardware configuration on a given
system. A part of this, he said, would have to take account of the fact
that not all memory on the system always would be equally available to all
devices, CPUs or users.

To accomplish all this, his patches first identified four basic
elements that could be used to construct an arbitrarily complex graph of
CPU, memory and bus topology on a given system.

These included “targets”, which were any sort of memory; “initiators”,
which were CPUs or any other device that might access memory; “links”,
which were any sort of bus-type connection between a target and an
initiator; and “bridges”, which could connect groups of initiators to
remote targets.

Aspects like bandwidth and latency would be associated with their relevant
links and bridges. And, the whole graph of the system would be exposed to
userspace via files in the SysFS hierarchy.

via Linux Journal – The Original Magazine of the Linux Community

Firefox 66 Now Available, the Kodi Foundation …

Firefox 66 Now Available, the Kodi Foundation Joins the Linux Foundation, Nextcloud Founder Writes Open Letter against the EU Copyright Directive, Tetrate Hosting First Server Mesh Industry Conference and SiFive Announces HiFive 1 Revision B Dev Board:

News briefs for March 19, 2019.

Mozilla
announces the release of Firefox 66 this morning
. With this new version, Firefox now prevents
websites from playing sound automatically, has an improved search experience,
smoother scrolling and much more. You can download Firefox from here.

The Kodi Foundation has joined the Linux Foundation. From the press
release
: “We strongly believe that open-source is the best way to achieve
awesome things. That was and still is what moves Kodi forward. Ever since
XBMP, where this project started, a small group of like-minded individuals
from different backgrounds have worked together to achieve a goal, taking
advantage of each other’s merits and talents.”

Nextcloud Founder and CEO Frank Karlitschek addressed an open letter sent to
EU Parliament members against
the Copyright Directive Articles 11 and 13. The letter was signed by more
than 130 companies and business alliances from 16 European countries.
Karlitschek says, “As founder and CEO of Nextcloud I fear that Articles 11
and 13 of this
directive create a serious disadvantage for European startups. The fact that
more than 100 companies from different European
countries signed our text within a few days shows that I am far from being
the only one. I urge every politician to protect European businesses and
vote against Article 11 and Article 13.” You can
view the open letter here.

Tetrate will be hosting the first-ever Service Mesh Industry Conference in
San Francisco on March 28th and 29th. From the press release: “Service Mesh
day 2019 is hosted by Tetrate and supported by Google, Juniper Networks,
Capital One, and open source foundations including Cloud Native Computing
Foundation, Cloud Foundry, OpenStack and ONF. The conference will bring
together open source experts, cloud providers, customers and industry
influencers to explore the use of service mesh technology in enterprise
environments. The conference will explore issues such as managing
microservices for any app, at any scale, decentralized security controls and
the future evolution of service mesh technologies. Attendees will have a
chance to network with users and creators in this space who are pioneering
service mesh deployments first-hand and participate in conversations that
will shape the direction of the industry.” The full schedule is here, and you can purchase
tickets here.

SiFive announces an upgraded Freedom Everywhere SoC and the HiFive1 Revision B
developer board. According to Phoronix,
“The HiFive1 is a mini development board without video output and can be
connected to Arduino-compatible accessories and designed for real-time
embedded use-cases. But this small embedded development board is available
for $49 USD.” See SiFive.com
for more information.

via Linux Journal – The Original Magazine of the Linux Community

How usable is desktop Linux on ARM?

How usable is desktop Linux on ARM?:

Please support Linux Journal by subscribing or becoming a patron.

via Linux Journal – The Original Magazine of the Linux Community

Khronos Releases OpenXR 0.90, Solus 4 Fortitud…

Khronos Releases OpenXR 0.90, Solus 4 Fortitude Now Available, Geary 3.32 Released, Linux Kernel 5.1-rc1 Is Out, Opera Announces Opera 60 Beta:

News briefs for March 18, 2019.

Khronos today released the OpenXR 0.90 provision specification. From the
press release: “OpenXR is a unifying, royalty-free, open standard that
provides high-performance access to augmented reality (AR) and virtual
reality (VR)—collectively known as XR—platforms and devices. The new
specification can be found on the Khronos website and is released in
provisional form to enable developers and implementers to provide feedback at
the OpenXR forum.”

Solus 4 Fortitude
is now available
. This new major release “delivers a
brand new Budgie experience, updated sets of default applications and
theming, and hardware enablement”. Visit the download page to install.

Geary
3.32 was released
yesterday. This is a feature release of the GNOME email
application and aims to “align Geary’s interface better with GNOME 3.32”. It
has “a new icon, the application menu has been moved to a burger menu in the
main window, sender images in conversations are now taken from the the
desktop address-book, and those without a custom photo are given a
personalised image with initials and background colour based on their name”,
along with the usual bug fixes and other improvements. To install, visit here.

Linux kernel 5.1-rc1 is out. Linus Torvalds writes,
“The merge window felt fairly normal to me. And looking at the stats,
nothing really odd stands out either. It’s a regular sized release
(which obviously means "big” – , but it’s not bigger than usual) and
the bulk of it (just over 60%) is drivers. All kinds of drivers, the
one that stands out for being different is the habanalabs AI
accelerator chip driver, but I suspect we’ll be starting to see more
of that kind of stuff. But there are all the usual suspects too – gpu,
networking, block devices etc etc.“

Opera
recently announced that Opera 60 has entered the beta stream
.
"Opera 60 beta brings a refreshed interface with light and dark
themes inspired by high- and low-key lighting photography, respectively. It
will also include a Crypto Wallet in the sidebar.” This version is actually merging
with Opera 59, and the two versions are being called Reborn 3,
which will be in the stable channel soon. See the Opera 60
changelog
for more
details on the changes.

via Linux Journal – The Original Magazine of the Linux Community

Text Processing in Rust

Text Processing in Rust:

Rust Programming Language Logo

Create handy command-line utilities in Rust.

This article is about text processing in Rust, but it also contains a
quick introduction to pattern matching, which can be very handy when
working with text.

Strings are a huge subject in Rust, which can be easily realized by
the fact that Rust has two data types for representing strings as well
as support for macros for formatting strings. However, all of this also
proves how powerful Rust is in string and text processing.

Apart from covering some theoretical topics, this article shows how to develop
some handy yet easy-to-implement command-line utilities that let you
work with plain-text files. If you have the time, it’d be great to
experiment with the Rust code presented here, and maybe develop your own
utilities.

Rust and Text

Rust supports two data types for working with strings: String
and str.
The String type is for working with mutable strings that
belong to you, and it has length and a capacity property. On the other
hand, the str type is for working with immutable strings that you want
to pass around. You most likely will see an str variable be used as
&str. Put simply, an str variable is accessed as a reference to some
UTF-8 data. An str variable is usually called a “string slice” or, even
simpler, a “slice”. Due to its nature, you can’t add and remove any
data from an existing str variable. Moreover, if you try to call the
capacity() function on an &str variable, you’ll get an error message
similar to the following:


error[E0599]: no method named `capacity` found for type
 ↪`&str` in the current scope

Generally speaking, you’ll want to use an str when you want to pass a string
as a function parameter or when you want to have a read-only version
of a string, and then use a String variable when you want to have a mutable
string that you want to own.

The good thing is that a function that accepts &str parameters can
also accept String parameters. (You’ll see such an example in the
basicOps.rs program presented later in this article.)
Additionally, Rust supports the char type, which is for representing
single Unicode characters, as well as string literals, which are
strings that begin and end with double quotes.

Finally, Rust supports what is called a byte string. You can define a new
byte string as follows:

via Linux Journal – The Original Magazine of the Linux Community

Weekend Reading: Tor and Tails

Weekend Reading: Tor and Tails:

Tor and Tails

Tails is a live media Linux distro designed to boot into a highly secure desktop environment. Tor is a browser that prevents somebody watching your internet connection from learning what sites you visit, and it prevents the sites you visit from learning your physical location.

Learn why anonymity matters and how you can protect yourself with this Linux Journal Weekend Reading.

Tor Hidden Services 

Why should clients get all the privacy? Give your servers some privacy too!

Tails above the Rest: the Installation

How to get and validate the Tails distribution and install it. We will follow up with what Tails can and can’t do to protect your privacy, and how to use Tails in a way that minimizes your risk. Then we will finish with some more advanced features of Tails, including the use of a persistent volume (with this feature, depending on your needs, you could conceivably use Tails as your main Linux distribution).

Tails above the Rest, Part II

Now that you have Tails installed, let’s start using it. Read on to find out how to get started.

Tails above the Rest, Part III

In the first two parts on this series, we gave an overview of Tails, including how to get the distribution securely, and once you have it, how to use some of the basic tools. Here, we cover some of the more advanced features of Tails, such as some of its log-in options, its suite of encryption tools and the persistent disk.

Tor Security for Android and Desktop Linux 

The Tor Project presents an effective countermeasure against hostile and disingenuous carriers and ISPs that, on a properly rooted and capable Android device or Linux system, can force all network traffic through Tor encrypted entry points (guard nodes) with custom rules for iptables. This action renders all device network activity opaque to the upstream carrier—barring exceptional intervention, all efforts to track a user are afterwards futile.

A Bundle of Tor

The best way to set up Tor on your personal machine.

Dolphins in the NSA Dragnet

via Linux Journal – The Original Magazine of the Linux Community

The JS Foundation and Node.js Foundation Have …

The JS Foundation and Node.js Foundation Have Merged to Form the Open JS Foundation, GNOME 3.32 Now Available, Qt 5.12.2 Patch Release, Kernel Update for Ubuntu 14.04, Debian GNU/Linux Project Leader Nominations:

News briefs for March 15, 2019.

The JS Foundation and the Node.js Foundation are merging to form the OpenJS
Foundation. ZDNet
reports
that the Linux Foundation made the announcement this week at the
Open Source Leadership Summit in Half Moon Bay, CA. The OpenJS Foundation’s
mission “ is to support the growth of JavaScript and related web technologies
by providing a neutral organization to host and sustain projects, and fund
development activities. It’s made up of 31 open-source JavaScript projects
including Appium, Dojo, jQuery, Node.js, and webpack.”

GNOME
3.32 Taipei was released this week
. This version represents 6 months
of work by the GNOME Community and includes many improvements and new
features. The visual style has been refreshed with an brand-new set of app
icons. It also “introduces an experimental feature for Wayland
desktop sessions that enables fractional scaling”. And, data structure
improvements in the GNOME desktop have caused a “ faster, snappier feel to
the animations, icons and top ‘shell’ panel”. See the release notes for
more details on all the changes and enhancements.

Qt 5.12.2
was released today
. This is the second patch release of Qt 5.12 LTS and
contains more than 250 bug fixes. See the Change Files for the full list of changes.

Canonical yesterday released a new Linux kernel update for Ubuntu 14.04 LTS
(Trusty Tahr) to fix a recently discovered vulnerability. According to Softpedia
News
, the security issue affects Linux kernel 3.13 and is “race condition
(CVE-2019-6133) discovered by Jann Horn of Google Project Zero in Linux
kernel’s fork() system call, which could allow a local attacker to gain
access to services storing cache authorizations and run programs with
administrative privileges.” Users should update immediately.

The Debian GNU/Linux project has extended the date for nomations for the
leader post. One nomination has come in so far, Joerg Jaspert, part of the
Debian Account Managers team. ITWire
reports
that nominations were initially slated to close March 16.

via Linux Journal – The Original Magazine of the Linux Community

Chasing Linux Kernel Archives

Chasing Linux Kernel Archives:

archives

Kernel development is truly impossible to keep track of. The main mailing
list alone is vast beyond belief. Then there are all the side lists and IRC
channels, not to mention all the corporate mailing lists dedicated to
kernel development that never see the light of day. In some ways, kernel
development has become fundamentally mysterious.

Once in a while, some lunatic decides to try to reach back into the past and
study as much of the corpus of kernel discussion as he or she can
find. One such person is Joey Pabalinas, who recently wanted to gather
everything together in Maildir format, so he could do searches, calculate
statistics, generate pseudo-hacker AI bots and whatnot.

He couldn’t find any existing giant corpus, so he tried to create his own
by piecing together mail archived on various sites. It turned out to be
more than a million separate files, which was too much to host on either
GitHub
or GitLab. He asked the linux kernel mailing
list
for suggestions on better
hosting opportunities. Although he acknowledged, “It’s possible I’m the only
weirdo who finds this kind of thing useful, but I figured I should share it
just in case I’m not.”

Joe Perches suggested plumbing the archives at
kernel.org/lore.html, which
go back decades. But Joey said he’d tried that, and he found it all but
impossible to convert those archives to the Mailbox format he wanted.
Instead, he’d spent the previous several weeks scraping the lkml.org
archive and scripting his own conversion routines.

Konstantin Ryabitsev remarked:

The maildir format is kind of terrible for
LKML, because having millions of messages in a single directory is very
hard on the underlying FS. If you break it up into multiple folders, then
it becomes difficult to search. This is the main reason why we have chosen
to go with the public-inbox format, which solves both of these problems and
allows for a very efficient archive updating and replication using git.

Meanwhile, Jasper Spaans raised his eyebrows at Joey’s statement that he’d
gotten more than a million separate files by scraping lkml.org. Jasper
said:

First of all, there are more than 3M messages stored in the lkml.org
database, so I guess you’ve missed some messages or something is really
broken. Besides, unless you figured out how to get to the raw data, you’ve
just scraped a rendering which discards stuff like pgp signatures etc and
has very incomplete headers. Unless you don’t care for those of course.

via Linux Journal – The Original Magazine of the Linux Community