507 private links
This article explains how to show a history of recently installed, upgraded or removed packages, on Debian, Ubuntu or Linux Mint, from the command line. //
Show a list of recently upgraded packages, the date / time they were upgraded, as well as the old and new package version, on Debian, Ubuntu or Linux Mint:
grep "upgrade " /var/log/dpkg.log
zgrep "upgrade " /var/log/dpkg.log.2.gzapt package manager logs into /var/log/dpkg.log
Chmod calculator allows you to quickly generate permissions in numerical and symbolic formats. All extra options are included (recursive, sticky, etc). You’ll be ready to copy paste your chmod command into your terminal in seconds.
Hardware hacker Dmitry Grinberg recently achieved what might sound impossible: booting Linux on the Intel 4004, the world's first commercial microprocessor. With just 2,300 transistors and an original clock speed of 740 kHz, the 1971 CPU is incredibly primitive by modern standards. And it's slow—it takes about 4.76 days for the Linux kernel to boot.
Initially designed for a Japanese calculator called the Busicom 141-PF, the 4-bit 4004 found limited use in commercial products of the 1970s before being superseded by more powerful Intel chips, such as the 8008 and 8080 that powered early personal computers—and then the 8086 and 8088 that launched the IBM PC era.
If you're skeptical that this feat is possible with a raw 4004, you're right: The 4004 itself is far too limited to run Linux directly. Instead, Grinberg created a solution that is equally impressive: an emulator that runs on the 4004 and emulates a MIPS R3000 processor—the architecture used in the DECstation 2100 workstation that Linux was originally ported to. This emulator, along with minimal hardware emulation, allows a stripped-down Debian Linux to boot to a command prompt.
- The process proliferator: :(){ :|:& };:
I know it looks like a typo, but this command is the infamous Bash fork bomb. It is a Denial of Service (DoS) attack that will fill Linux's process table. The exact results depend on the system limit setting and who's running it, but all too often, it pegs out your processor, and the only way back is to reboot your system.
Script to create (1) a local certificate authority, (2) a host certificate signed by that authority for the hostname of your choice
While Let’s Encrypt and its API has made it wonderfully easy for anyone to generate and install SSL certificates on their servers, it does little to help developers with HTTPS in their development environments. Creating a local SSL certificate to serve your development sites over HTTPS can be a tricky business. Even if you do manage to generate a self-signed certificate, you still end up with browser privacy errors.
In this article, we’ll walk through creating your own certificate authority (CA) for your local servers so that you can run HTTPS sites locally without issue. //
dobes_vandermeer
I put this all together in a shell script you can run: https://gist.github.com/dobesv/13d4cb3cbd0fc4710fa55f89d1ef69be
The WSL commands below are listed in a format supported by PowerShell or Windows Command Prompt. To run these commands from a Bash / Linux distribution command line, you must replace wsl with wsl.exe. For a full list of commands, run wsl --help.
Zenwalk is a 64 bits "pure" Slackware system [distribution] with added post-install configurations, optimizations and out of the box tweaks, with a ready to use polished desktop environment, with added graphical system tools, added office and multimedia applications, and striped to keep just "one application per task"!
NILFS or NILFS2 (New Implementation of a Log-structured File System) is a log-structured file system implementation for the Linux kernel. It was developed by Nippon Telegraph and Telephone Corporation (NTT) CyberSpace Laboratories and a community from all over the world. NILFS was released under the terms of the GNU General Public License (GPL).
"NILFS is a log-structured file system, in that the storage medium is treated like a circular buffer and new blocks are always written to the end.[…]Log-structured file systems are often used for flash media since they will naturally perform wear-leveling;[…]NILFS emphasizes snapshots. The log-structured approach is a specific form of copy-on-write behavior, so it naturally lends itself to the creation of file system snapshots. The NILFS developers talk about the creation of "continuous snapshots" which can be used to recover from user-initiated file system problems[…]."[2]
Using a copy-on-write technique known as a log-structured file system, NILFS records all data in a continuous log-like format that is only appended to, never overwritten, an approach that is designed to reduce seek times, as well as minimize the kind of data loss that occurs after a crash with conventional file systems. For example, data loss occurs on ext3 file systems when the system crashes during a write operation. When the system reboots, the journal notes that the write did not complete, and any partial data writes are lost.
Syncthing Debian/Ubuntu Packages
Linux Mint 22 "Wilma" debuted late last week and holds on to the crown as the most sensible choice if you're looking to move across from Windows.
In the third part of the Bash Beginner Series, you'll learn to pass arguments to a bash shell script. You'll also learn about special bash shell variables.
Upgrading to Debian 12 is a relatively straightforward process.
If you hit any error, visit the Upgrades from Debian 11 (bullseye) page, which covers the known issues that might happen during an upgrade to Debian 12.
Upgrading from Debian 10 to Debian 11 is a relatively easy and painless process.
If you hit any error, visit the Release Notes for Debian 11 (bullseye) page, which covers the known issues that might happen during an upgrade to Debian 10 bullseye.
FreeBSD is a well-known server platform and a free and open-source Unix-like operating system derived from the Berkeley Software Distribution (BSD). FreeBSD is an OS designed to power contemporary servers, PCs, and embedded systems.
BSD is an abbreviation for "Berkeley Software Distribution". It is the moniker given to source code releases from the University of California, Berkeley that were initially enhancements to AT&T's Research UNIX® operating system. Multiple open-source operating system projects are based on the 4.4BSD-Lite edition of this source code. In addition, they include a variety of packages from other Open Source projects, the GNU project in particular.
Full system compromise possible by peppering servers with thousands of connection requests. //
The severity of the threat posed by exploitation is significant, but various factors are likely to prevent it from being mass exploited, security experts said. For one, the attack can take as long as eight hours to complete and require as many as 10,000 authentication steps, Stan Kaminsky, a researcher at security firm Kaspersky, said. The delay results from a defense known as address space layout randomization, which changes the memory addresses where executable code is stored to thwart attempts to run malicious payloads.
Other limitations apply. Attackers must also know the specific OS running on each targeted server. So far, no one has found a way to exploit 64-bit systems since the number of available memory addresses is exponentially higher than those available for 32-bit systems. Further mitigating the chances of success, denial-of-service attacks that limit the number of connection requests coming into a vulnerable system will prevent exploitation attempts from succeeding. //
The vulnerability affects the following:
- OpenSSH versions earlier than 4.4p1 are vulnerable to this signal handler race condition unless they are patched for CVE-2006-5051 and CVE-2008-4109.
- Versions from 4.4p1 up to, but not including, 8.5p1 are not vulnerable due to a transformative patch for CVE-2006-5051, which made a previously unsafe function secure.
- The vulnerability resurfaces in versions from 8.5p1 up to, but not including, 9.8p1 due to the accidental removal of a critical component in a function.
Ebury backdoors SSH servers in hosting providers, giving the malware extraordinary reach. //
Infrastructure used to maintain and distribute the Linux operating system kernel was infected for two years, starting in 2009, by sophisticated malware that managed to get a hold of one of the developers’ most closely guarded resources: the /etc/shadow files that stored encrypted password data for more than 550 system users, researchers said Tuesday. //
A 47-page report summarizing Ebury's 15-year history said that the infection hitting the kernel.org network began in 2009, two years earlier than the domain was previously thought to have been compromised. The report said that since 2009, the OpenSSH-dwelling malware has infected more than 400,000 servers, all running Linux except for about 400 FreeBSD servers, a dozen OpenBSD and SunOS servers, and at least one Mac. //
There is no indication that either infection resulted in tampering with the Linux kernel source code.
ranthog Ars Tribunus Angusticlavius
9y
11,300
numerobis said:
I was assuming the real-time stuff (e.g. TACC's control loop) was on a separate real-time OS, since it doesn't get affected when the user-mode apps go bonkers. Are they using a real-time linux for that?
You can run a non-real time process, such as an OS, on top of a real time OS. The underlying hypervisor layer is the effective real time OS and safety related stuff is handled down at that layer, and it is likely a fully real time OS in addition to a virtualization environment. //
Numfuddle Ars Scholae Palatinae
4y
1,243
Subscriptor
Rauth85 said:
Hmm surprised none of the current systems would be using nix.
Most use Linux for Non-Safety critical systems (like parts of the infotainment) and QNX for safety. Usually they also use seperate MCUs or cores for the vehicle bus systems that run dedicated low level real time OS kernels (like MicroSAR from Vector Informatik or TresosOS from elektrobit). Tesla is no exception here.
The ability to use Linux for high end safety and non-safety SW (i.e. ASIL certified safety) is novel. It hasn't been done before because it's both hard to certify an OS with as many lines of code as Linux for ISO 26262 and it's also a moving target. As soon as you add a change you would have to re-certify the whole system again and again and again.
If the claims of Elektrobit are true they have now solved the certification issue as well as the IS26262 hardening of the SW stack which makes Liinux ready for ASIL rated systems without running years old kernels and the respective security issues.
One does not simply suggest changing a kernel line to help out a parsing tool. //
Cloudgazer Ars Tribunus Angusticlavius
9y
17,106
Syntactic sugar causes cancer of the semi-colon - Alan Perlis. //
DJ Farkus Ars Centurion
3y
368
Tabs or spaces: flexible, don't care.
Tabs of 2, 4, 8, whatever: flexible, don't care
But ask me to use a language where whitespace is syntax (eg, python) and we will have sharp words.
An A-Z Index of the Linux command line: bash + utilities.