Linux News

Xojo, a cross-platform programming language and IDE, just released a new version that supports building apps for Linux ARM 64.

The post Xojo Adds Support for Building Apps for Linux ARM 64 appeared first on Linux Today.

Published at LXer:

Product security incident response teams (PSIRTs) are teams of security professionals that work diligently behind the scenes to protect software products and services of companies...

Read More...

Product security incident response teams (PSIRTs) are teams of security professionals that work diligently behind the scenes to protect software products and services of companies...

All,

Looking for complete CD/DVD distro packages of Linux, preferrably Ubuntu or Debian based, but not totally planted there that are ready to run for:

1. Network Server (Linux & Windows) with DHCP server and full file sharing on the network,
2. Internet Hosting Server,
3. Full File and Data Synchronization across 20+ machines,
4. Full File, Data and system backups on the 20+ machines,
5. Full control, through web enabled interface of all 20+ machines, similar to or WEBMIN.
6. Synchronization that finds and eliminates duplicate files putting them into git or another version contolr app,

So far finding it hard to find all the addon packages needed to accomplish all this but know such "Ready to Run" distros exist, having talked to other using them and/or doing it.

All help in this appreciated.

Cheers!

TBNK

Published at LXer:

The GNOME desktop is a common default desktop for most Linux distributions and, as with most operating systems, you manage your data on GNOME with software called a file manager. GNOME promotes a simple and clear naming scheme for its applications, and so its file manager is called, simply, Files. Its intuitive interface is simple enough that you forget what operating system you're using altogether. You're just using a computer, managing files in the most obvious way. GNOME Files is a shining example of thoughtful, human-centric design, and it's an integral part of modern computing. These are my top five favorite things about GNOME Files, and why I love using it.

Read More...

Deepak Goel, CTO of D2iQ, provides insight into which security measures can help organizations that use Kubernetes better protect their workloads.

The post Security Measures to Protect Kubernetes Workloads appeared first on Linux Today.

The GNOME desktop is a common default desktop for most Linux distributions and, as with most operating systems, you manage your data on GNOME with software called a file manager. GNOME promotes a simple and clear naming scheme for its applications, and so its file manager is called, simply, Files. Its intuitive interface is simple enough that you forget what operating system you're using altogether. You're just using a computer, managing files in the most obvious way. GNOME Files is a shining example of thoughtful, human-centric design, and it's an integral part of modern computing. These are my top five favorite things about GNOME Files, and why I love using it.

openSUSE Leap 15.3 will reach its end-of-life on Dec. 31. So if you’re still using it, it’s time to upgrade to Leap 15.4. Here’s how.

The post openSUSE Leap 15.3 Is at the End of Life: Here’s How to Upgrade appeared first on Linux Today.

Mid 2011 27" iMac OS X 10.13.3. I have password. How do I access files on the its drive from Linuxmint 20.1 Live session?

iMac stalls booting before login, which indicates bad GPU, but runs Linux live session with full video, so I suspect Mac OS or driver problem. I want to determine correct GPU driver is installe or needs to be reinstalled.

Published at LXer:

With the upcoming Ubuntu 23.04 (Lunar Lobster) release, Canonical is finally ready to deploy its brand-new installer for the Ubuntu Desktop flavor written in Google�s Flutter UI SDK for mass consumption.

Read More...

gscan2pdf worked well when initially installing it. However, today, as soon as I launch it, I get these error messages. Note: It is connected to power & usb cords properly...
Attached Thumbnails  

With the upcoming Ubuntu 23.04 (Lunar Lobster) release, Canonical is finally ready to deploy its brand-new installer for the Ubuntu Desktop flavor written in Google’s Flutter UI SDK for mass consumption.

Ardour can now decode and encode Ogg/Opus files without relying on the command-line for post-processing. Learn more here.

The post Ardour 7.2 Open-Source DAW Brings New Support Features appeared first on Linux Today.

They at it again:

So, although it caught my eye on windoze-10, somewhere in updates going to v108 (but pre 108.0.1), FF changed my default Search setting from DDG to Gool !

I also have a boatload of about:config changes to harden FF, I just not sure if any of my changes in there were undone. Not hard to keep config copies for comparison, I just don't do that (a mistake in realm of security).

All that said, for security reasons, if you need to maintain your settings, after updates you need to validate all your FF settings. This is why I always demand "build" or "blueprint" docs to be made on everything.

I got no notice of any kind !
Reference: https://support.mozilla.org/en-US/kb...ctlocale=en-US

Hello everyone, I'm new here, but as you may guess from the Topic not really new to Linux!

I'm basically a Refugee from a sadly too popular Q&A Site which turned into a tyrannous Dictatorship of pedantic nitpicking, Power abusing, probably totally incompetent little fluffy Unicorn Nerd "Children" as Mods, which just lacked the Knowledge to grok this very big but very well defined, and seemingly important Question which I'm now about to test on you, in an acceptable Manner, it even got destroyed by Downvotes in Minutes and Deleted as --you don't believe it-- "Spam", even though it was my first Post there and had not one Link or Product Advertisement in it... No Moderator Advice/Guiding, no Discussion, nothing, just BAM Hours of Work destroyed, so i hope you Folks here are not like those Fools!

I tried to reformat it for here and stripped out some Critiques of the Other mentioned "Q&A" Site, which summed up during the hopeless Process to Reinstate it, but maybe I've not caught all of it, so any still left Critique is not meant against LQ, at least for now, who knows what awaits me here --since it is probably not the smartest Thing to do, to one Day wake up in a Cult after 20Years of passionate Membership and then to proceed to question openly our Believes Foundation, that Linux is perfect...--.

It has a legit and well defined Purpose compared to all the other '/sys' "Backup" Questions which falsely got laughed at with the counter Question "Why do you want to do this anyway?!"...

It also points out, that there seems to be an extreme Problem in our Linux World, since either '/sys' should no longer be designed as pseudo FS, or the Admin Tools must be able to handle it correctly, but as it is, it seems unacceptable to me, so if no High-End Guru here could point me to a standard *nix Tool or relatively acceptable Method with many of them piped, which can reliably and uniformly(No shitty Hacks for each Subcategory in '/sys'!) operate in the Security critical '/sys'(And optionally also in '/proc' and '/dev'), i then want to use the Pro Answers/Comments to this Question/Problem here for a BUG Report either on the Kernel, or the Toolset, therefore please give it your best Shot!(The UNIX Philosophy should have been "Every thing is a File AND ONE ALSO MUST BE ABLE TO PROPERLY HANDLE IT AS SUCH WITH THE SYSTEM UTILITIES", and the '/sys' pseudo FS clearly contradicts with that if there is no Tool which can handle it properly in a global Scale, just like One would Backup a FS with `rsync` or the complete Blockdevice with `dd` in one easy Step, even a `find` Search for Something can fail, that's pure Misery IMHO!)

What i have in Mind and tested so far:

After falling deep down into the Rabbit Hole of Firmware Malware "Paranoia"(If i provide no Links, I probably just get stamped as only "Opinion" based, if i would do provide a Ton of them, I'll probably could get deleted for "spamming" as new User, so i just hope most of you which clicked on such a Topic already know about the Subject and yes, it might be a little hypothetical that one becomes a Victim of such an sophisticated Attack, but i have my Reasons to asses my Risk Profile this way, therefore i desire to expand my Knowledge in this Direction, especially since i had a little Journey in Android "Security" Affairs, which freaked the Hell out of me, how vulnerable our Linux "Castle" actually is...), i tried to devise me a Way, which probably at least could monitor if any potential Malware would luckily be too stupid to hide its Traces, and AFAIK the '/sys' Path lets us read out Portions(Or even Everything?) of some EEPROMs(Maybe other Chips too, i don't know, therefore i ask... And yes, I'm sadly well aware, that the only serious Way to do such Things is by desoldering the Chips and reading them out in a Chip Flasher, but surely no one does this as often as he probably should, so therefore i think it is Time for Firmware IDS Tools which would point out, that it may be needed to have a good Look at some Components!) like for Example if the Motherboard has ever been "infected" with an Windoze License Key, which can be read out with
Code: `sudo strings -- '/sys/firmware/acpi/tables/MSDM' | tail -n1` (Probably good for Installs of it in a VM, if one has to, but "strangely" didn't found the License Keys anywhere anymore), so my Idea was to initially backup the whole '/sys'(Maybe the interesting Parts of '/proc' and '/dev' too) Path and its Contents from my newly bought Machine with
Code: `sudo rsync -HAXhaxSW -- '/sys' '/mnt/Backup/'` which i always use to successfully copy whole Systems with all their Sockets, Pipes, Sparse Files and what not, but since '/sys' is just a pseudo FS, `rsync` seems to fail miserably on these Files...(I know why, don't waste your Time on this One, it's discussed here already)

So i resorted to use
Code: `sudo cp -av -- '/sys' '/mnt/Backup/'` which surprisingly worked for a While as expected, but then it of course chocked on a '/sys/kernel/debug/tracing/trace_pipe' Pipe... `cp -a` also seems to not have any exclude Functionality for such Cases...

Then i thought I'll couple it with `find '/sys/' -not -type p,s`, but that of course would not preserve me the Folder Hierarchy in the Target Directory --which it should of course if one wants to compare it afterwards with `meld` or some other Diff GUI--, and the recursively operating `cp -a` which had this Functionality, would not be a very good Idea to be fired by `find`'s '-exec', namely because of its recursive working Nature...

Last but not least i hacked me
Code: `sudo find '/sys/' -not -type d,p,s -not -iname '*pipe' -exec cp --parents --preserve=all -d -v -- '{}' '/mnt/Backup/' \;` together just to realize, that it is truly so, that `find` simply can not detect and therefore exclude Pipes on a pseudo FS like the '/sys' Path, and the '-exec' Execution of `cp` again chocked somewhere on a damn Pipe, so in Despair i resorted to the "-iname '*pipe'" Approach you already saw in my Oneliner, but guess what, not every Pipe is of course named "Pipe" in the '/sys' FS, and there comes One after the Other, and we would had to catch and exclude them all manually or with some ultra psychotic arcane Terminal Witchcraft Hack i no longer wanted to invent, since i very hardly believe it just should not be so problematic and the Kernel Folks should just change that stupid Behavior if no *nix Tool can handle that pseudo FS properly!!!

With `tar` i guess it would have been the same Problem, that One has to exclude all the Pipes and other blocking Stuff manually...

One can also not just make an complete Image of '/sys' with `dd` since it is not a Mountpoint from a Blockdevice, because it is so pseudo...


So finally my ultimate Questions are(Don't get triggered about the plural Word Questions, it's all basically in the Bounds of one Question Direction if one understands the Subject to it's full Extend, what the ranted about Mods of the other "Q&A" Site probably didn't, since they even just deleted my Work in under the Time it would took to read that all...):
1. Has anyone a reliable Shell Way to achieve what i wanted? (If it was somehow not clear till now, i want to Backup the whole --or as much as i can get of it at least-- '/sys' to real Files so that i later always can compare it against the actual System State, in the probably just naive Hope of maybe one Day finding not legit Changes in the Parts of the BIOS --or other Firmware-- which seem to be "stored"/exposed --to some Extent-- in '/sys' and maybe other EEPROM Dumps one can seemingly find there --I'm no Pro yet in such Things, but if i can diff it, i can one fine Day understand it all, but my new Machine is of course not forever new/"clean", so i must gather all the HW Data now, and then i can later on still learn what would have been relevant of this Dump and what not--, or just any Device that after a Corruption with Malware maybe changes Something obvious One could monitor if he had collected all Hardware/Firmware Data right from the Start after he bought his new Machine(And yes, i sadly know, that a new Machine hasn't to be a clean Machine, because it could very well already had a little Excursion to a "TAO Implant Station", so as a probably laughable best Effort i reflash any Chip i can, and that is sadly all i can do for now, until we globally start a Revolution against such Grievances, just like the Guys from Purism already started with their "as free and well sealed/secured delivered as possible" Hardware). In other Words, i just want total Control over any Data all my Devices could spit out about them self in order to detect potentially dubious Changes(I guess since such Firmware Attacks on a broader Scale would be utterly complicated anyways, they maybe not copy and include the previous Hardware Info perfectly, so One eventually would have the Chance to detect that something goes on, if perhaps the Serial Number, MAC Address, Vendor ID, or whatever changes suddenly, so that's what i --apart from eventually dumpable Firmware Binary Data-- plan to Monitor as a best Effort), so if there is a better Way than dumping the whole '/sys' pseudo "FS", then i like to hear about that too of course! And with i want to log it all, i mean all, even the EDID of the Display via I2C, SPI, whatever, just simply EVERYTHING One can get about his Machine, and if anyhow possible, preferably in one easy Rush, like we could have done with `rsync` or `cp -a` if '/sys' wouldn't have been designed so pseudo as it sadly is!)

2. Is there maybe already any finished Free Software Tool which does all that --or even more, something like a sophisticated IDS for Firmware on Chips which would do this initial Logging of any Hardware Info for later Comparisons?-- and preferably comes from the regular Distro Repository, which is Debian in my Case? Chipsec? If Chipsec would be the right Tool for the Job, then I'll had a little Bonus Question --if allowed--, namely, is it secure to use this on a Production Server, since i for Example don't like to fire Pen Testing Suits on them, because to my Understanding they mostly just demonstrate that a Hack is possible, but maybe not in the safest Way i guess... Therefore I'd mostly like to do it all by my self with basic Sys Tools, since i somewhat hate studying other --potentially dubious non Distro Repository-- Peoples Code just to be sure, especially if their Projects are way too big or in Languages i don't understand very well(Almost any besides of Bash, but maybe my Criteria for calling my self knowledgeable of Something is just set really high, of course i could read C,C++,Python,Java Script and so on, to analyze if some fishy Installment of Malware goes on, but judging if subtle Traps are built in, is always another Story)!

3. Am i right in the Assumption, that there is no regular *nix Tool which could handle '/sys' properly or that it at least should not be so hard to be able to achieve such a legit and Security important Task like backing up any Hardware related Information?! If so, where must we conspire in order to make them change this bad Behavior in the Kernel and make '/sys' less pseudo or the Linux *utils Toolset more capable?!

Thanks in Advance for your Time and thoroughly Answers(You can write a Bible about the Topic if you are a Monster Mutant Guru in this Sector and wish to do so, it doesn't have to be short, i like Details, especially in this horrible "How do we fight the closet(No Typo!:D) Source Firmware Dangers which undermines all our free Software Security Measures and Efforts..." Topic)!

No cowardly Downvotes/Deletes of my Post without clear Explanation of the Reasons why please, be a Man!

PS: Wintertime is Hackfest Days, ergo i might be off for some Time, so please all you Bounty Hunters be patient, i will not accept any Answer ASAP, Quality matters and I'd like to see many Answers/Methods to that ugly Problem --so that we can forward them to Kernel Devs if needed--! ;)

After nearly a year of operation, the OpenSSF issued an annual report outlining what Alpha-Omega has achieved to advance the state of open-source security.

The post OpenSSF’s Alpha-Omega Reports Open-Source Security Successes appeared first on Linux Today.

Published at LXer:

As a long-time advocate for open source and a contributor to Drupal, I spend a lot of time thinking about how organizations can leverage the platform. I've been thinking about Drupal's position in the larger digital ecosystem and how it compares to the other options on the market. And how Drupal can lean more on its strengths when planning out the strategy for a new project.How Drupal fits into the digital landscapeIn 2022..

Read More...

As a long-time advocate for open source and a contributor to Drupal, I spend a lot of time thinking about how organizations can leverage the platform. I've been thinking about Drupal's position in the larger digital ecosystem and how it compares to the other options on the market. And how Drupal can lean more on its strengths when planning out the strategy for a new project.How Drupal fits into the digital landscapeIn 2022..

So when pipewire updates, all the config files in /usr/share/pipewire are updated. I've got some specific things in /usr/share/pipewire/jack.conf, and need to do a diff on these every time pipewire updates. Is there a way I can specify that file in my configs of slackpkg or slackpkg+ to prompt me before overwriting that file? (I realize for 99.9% of Slackware users, they will never need to touch that file.)

It takes me two seconds to restore from the backup of jack.conf, but I'm wondering if there's a way I could automate it somewhat with slackpkg, the way other config files are.

This simple tutorial demonstrates how to find free disk space in Ubuntu and other Linux distros using the command line and GUI tools.

The post How to Find Free Disk Space in Ubuntu and Other Linux Distros appeared first on Linux Today.