Page 1

Enjoy enhanced features with standard Ubuntu desktop tools

&

PLUS!

D a EE V or FR B Dfed

Run the kernel on low-cost devices

7G u 4. unt ub

linux lite calendar tips

3 Pi projects

manjaro arm binary counter custom kernels

The #1 open source mag

stop all

malware! The essential software you need to protect your PC from attack!

pages of tutorials & features

65 James Turnbull on Microsoft, open source and ‘sexy’ documentation flask sites Build a better web site today

better development Get started with constant integration and Semaphore

Explore the beautiful world of fractals Alternative open source operating systems


Welcome Win a secure Nitrokey Storage 2

who we are This issue We’re looking at how vulnerable Linux boxes are to evil malware. Have any of your systems been compromised, and what did you have to do to clean them out? Jonni Bidwell I remember getting a bootblock virus called Lamer Exterminator on my Amiga 500. It was notable because it could persist across warm reboots, infecting whatever floppy disk you booted next. This particular variant didn’t do any real damage – it just blanked the screen until an awkward key combination was pressed.

Nick Peers So far, touch wood, the only experience of malware I’ve had has been with Windows machines. The tales I could tell, if I hadn’t blanked out the horror… although these days it’s the false-positives that are more disrupting than actual malware. With behavioural threats starting to outstrip bog-standard malware, is anyone truly safe?

Les Pounder I once ran a WordPress server on Ubuntu 14.04 and it fell prey to a few issues: bad plug-ins, user config and workflows. I fixed it by switching to Ghost and it has been a joy. Very little admin needed, apart from the usual updates to Ubuntu 16.04.

Shashank Sharma I‘m happy to report that my Bash-fu has kept my system safe from malware. More likely, it’s probably on account of strict adherence to common-sense practices such as never ignoring security updates. I’m also shielded behind a strict firewall, and keep my ports locked, unless needed.

Alexander Tolstoy I feel like Linux boxes are more vulnerable to human elements (and some thoughtless defaults too). I once had to disable autodiscovery in CUPS to prevent people from printing ‘rise of the machines’-like messages to remote LAN printers. (That’s pretty funny – Ed)

www.techradar.com/pro/linux

Send your thoughts to the Linux Format dungeon server at linuxformat@futurenet.com and secure your chance to win a 32GB Nitrokey! It’s the complete open hardwareencrypted storage solution! Learn more at www.nitrokey.com.

Stop all malware! Does Linux need an antivirus? I was asked this by a reader and didn’t quite know how to answer. They were moving from a Windows background where standard practice is to constantly run anti-malware, as generally everything can be seen as a threat to a Windows user. Never did we need any less of an excuse to throw Jonni once more into the deep end, let him flounder around for a bit and see what nuggets of useful information he can drag back to shore. So that’s what Jonni’s been doing, trying his best to get his Linux boxes infected with all manner of online nasties, without much luck as it turns out. You can read his guide to Linux malware on page 32, and as we’ve often alluded to, it’s more about good practice than running constantly outdated anti-malware software. The other big news for this issue is that Ubuntu 19.04 has been released. We have the full 64-bit release on the DVD alongside the equally exciting Fedora 30. If you’re looking to try Linux in a friendly form, or want a simple environment to play with some of the latest open source technology like the Wayland display server, either of these offers a friendly and stable system. We can help you get started on page 96. Talking of Wayland, we take an in-depth look at the technology that’s going to be powering your Linux display. It’s complicated: it’s been in development for 10 years now and it still only just seems to work. We explain why on page 44. With alternative open source operating systems under the microscope, more Pi projects, using Linux to power embedded systems and setting up calendars, there’s something for everyone, so enjoy!

Neil Mohr Editor neil.mohr@futurenet.com

Subscribe & save! On digital and print – see p24

July 2019 LXF251     3


Contents

NEW GIFT

Reviews

Zotac Gaming GeForce GTX 1660  19 Jarred Walton say GDDR5 balances value against performance when he takes a look at the gaming performance of Nvidia’s latest mid-range graphics card.

Bedrock Linux 0.7.3 

20

He wouldn’t even mix libraries from different repos, so Mayank Sharma is in a tizzy with a project that encourages users to mix apps from different distros!

Bluestar Linux 5.0.7 

Subscribe now! Page 24

stop all malware! You may think we’re exaggerating, but just check out our guide on page 32…

22

Another month, another Arch-based desktop – and the logical question in Mayank Sharma’s mind is how is this any different from the others.

Ubuntu 19.04 ‘Disco Dingo’ 

22

Reaping the performance and feature benefits of the underlying distro, it’s a regular non-LTS release that scores well for its customisations and the icon extension.

Fedora 30 

23

Continues to maintain its position as the best distro for experiencing Gnome. It successfully translates the gains of its core components into a polished installation.

roundup

Open operating systems 

Interview

26

Using Arch with one hand while wearing a blindfold is no longer challenging for Shashank Sharma, who is now looking for something more arduous for his rig.

4     LXF251 July 2019

Terminal velocity 

40

Jonni Bidwell once again provokes the readership by fraternising with a Microsoft employee. The ever-knowledgeable James Turnbull talks Bash, vim and documentation.

www.linuxformat.com


contents On your free DVD

Raspberry Pi User Raspberry Pi news 

Ubuntu 19.04 Fedora 30 Page 94

48

The official Scratch Conference comes to the UK for the first time, learn C with a new book, and start stamp-collecting.

Manjaro Arm v8 

49

Les Pounder takes a look at an alternative operating system for the Raspberry Pi.

Space station detector

50

tutorials

Les Pounder shows us how to create an International Space Station alert system so we never miss it going overhead!

The Yocto Project 

Terminal: Gopass 

52

Tam Hanna guides you through creating a custom – and very small – Linux image for your embedded devices.

8-bit counter 

58

Remembering passwords is occasionally a bit much for Shashank Sharma – which is why he appreciates a good password manager like Gopass.

calendars: Get organised! 

56

60

Nick Peers reveals how Linux can help bring some order to your increasingly chaotic life using the standard desktop calendar tools.

Sean D. Conway needed a hardware display for a high school career symposium to demonstrate binary counting.

Coding Academy

Parsec: Ever more gaming 

66

Mats Tage Axelsson takes you on a tour of the Django framework.

Christian Cawley discovers that you don’t need Steam Link to stream games from your PC to a Raspberry Pi, and employs another game-streaming system.

Semaphore 2.0 

maths: Fun with fractals 

Database-driven websites 

82

86

Flask web framework 

90

electronics: Embedded devices  72

Mats Tage Axelsson helps you understand the Flask web framework for Python.

Mike Bedford delves into the world of embedded computing, and discovers that a small amount of hardware can certainly go a long way.

Regulars at a glance News 

6

Windows 10 gets Linux – or at least the kernel; Chromebooks will run Linux too; Red Hat Enterprise Linux 8 released; and Firefox breaks extensions. Whoops.

Linux user groups 

11

Les Pounder is excited about Liverpool Makefest 2019. Who isn’t?

Answers 

12

Upgrading your Shotwell, how to safely delete files, creating something random, tab completion and a locked BIOS.

Mailserver 

16

Good news from Brazil, bad news about our codec coverage, good news from an Apple user and bad news: no Linux from Scratch.

www.techradar.com/pro/linux

68

Mike Bedford leads us on a voyage of discovery into the maths of fractals and explores the extraordinary geometrical figure known as the Mandelbrot Set.

Mihalis Tsoukalos explains how to create projects in Semaphore 2.0 continuous integration and continuous development.

Subscriptions 

24

Back issues 

64

Overseas subs 

65

HotPicks 

76

Alexander Tolstoy hasn’t got any plans to take hour-long calls from his best new buddy President Trump, he’s far too busy already taking the best in FOSS and putting it to the test with awesome tools like: VSCodium, Retropixels, Deen, ConnMan, DeaDBeeF, QtRaw, TBtray, Safe Eyes, GPT fdisk, Ninslash, HTML5 Tower Defense.

Your free DVD 

94

Next month 

98

In-depth Swaying you to Wayland

44

What is the Wayland display manager, how does it work, and why should you care anyway? Jonni Bidwell explains all, or at least tries to.

July 2019 LXF251     5


Newsdesk This ISSUE: Windows 10 has Linux! Red Hat has Linux 8! Chromebooks have Linux! The new Pinebook Pro has Linux!

proprietary Operating system news

Windows 10 will now include the Linux kernel uring its Build 2019 developer conference, Microsoft announced that it will be shipping a complete Linux kernel with Windows 10. Windows Subsystem for Linux 2 (WSL2) will be based on Linux kernel 4.9, and by using a real Linux kernel – with local patches to tune WSL2’s use of the kernel – the feature will improve launch times and reduce memory consumption compared to WSL1, which used emulation to run Linux software. Having Linux as such an integral part of Windows would have been unthinkable years ago, but Microsoft has been commendably committed to its new-found love of Linux and open source software. A few years back, it introduced Bash on Windows for running Linux apps in its operating system, and now it is shipping a full Linux kernel that it also uses with its Azure platform. The WSL2 can be installed through the Microsoft Store in Windows 10, as well as from a custom distribution package at https://github. com/Microsoft/WSL-DistroLauncher. In a blog post announcing WSL2 (http://bit. ly/LXF251MSBlog 1) and its Linux kernel, Jack Hammons, Program Manager, Linux Systems Group at Microsoft, explains that “In leveraging Linux, we are making a commitment to be good citizens and contribute back the changes that we make”. So, while there will be local patches involved to enable new features and address issues, and that “when the WSL kernel source becomes available it will consist of links to a set of patches in addition to the long-term stable

D

source,” in time the reliance on local patches will decrease. Hammons also promises that the kernel created for WSL2 will be fully open source, with instructions for creating your own kernel made available on GitHub. The kernel will also be kept continually updated with the most recent fixes and mitigations. WSL2 will be made available in a version of Windows 10 that is going out to Windows Insiders this summer. Windows Insiders get early versions of Windows 10 – so they are essentially beta testers – and as long as

Image credit: Microsoft

Microsoft is including a custom-built Linux kernel in Windows, while promising the community it will be “a good citizen”.

The Windows Terminal gives access to command line tools in Windows.

“We are making a commitment to be good citizens and contribute back the changes that we make” everything goes to plan, the WSL2 feature will make it into the stable version of Windows 10 soon. If you’ve got Windows 10 and are eager to try out the feature when it’s launched, you can become a Windows Insider at https://insider. windows.com/en-gb/. At Build 2019, Microsoft also announced the Windows Terminal, which is a command-line tool that can be installed from the Microsoft Store in Windows 10 and comes with some nifty features. You can check it out at http://bit.ly/ LXF251WinTerminal 2.

1) https://devblogs.microsoft.com/commandline/shipping-a-linux-kernel-with-windows/ 2) https://devblogs.microsoft.com/commandline/introducing-windows-terminal/

6     LXF251 July 2019

www.linuxformat.com


newsdesk enterprise Distros

opinion

Red Hat Enterprise Linux 8 released with a new logo

GStreamer 1.16

Last RHEL release before Red Hat joins IBM

R

resources of Red Hat Enterprise Linux – so developers can add new features in a secure and stable way with the minimum of disruption. There’s a huge amount of new features added with this major release, so we recommend you check out the release notes at http://bit.ly/ LXF251RHEL8ReleaseNotes. As well as releasing a major new version, Red Hat has changed its logo for the first time in 19 years. Gone is the ‘shadowy guy’ who wore the Red Hat, leaving just the headwear, which was the original symbol for the company. While many people may miss Shadowman, as he is affectionately known, some people thought of him as rather sinister, so he’s been dumped. The styling of the name has also been changed from ‘redhat’ to ‘Red Hat’.

The new Red Hat logo drops Shadowman for a less ‘sinister’ logo.

shiny Hardware

All Chromebooks to be Linux-ready Every 2019 Chromebook will be able to run Linux out of the box uring this year’s Google IO developer conference, Google announced that every Chromebook which is launched this year will be Linux-ready out of the box – which means you don’t need to fiddle around with any settings or third-party programs to get Linux working. According to Google, all you will need to do is open the Chrome OS app switcher and type Terminal into the search box. This will launch the Termina VM which begins running a Debian 9.0 Stretch Linux container. If you don’t want to run Debian, you can also use Ubuntu or Fedora, but those are slightly more complicated to get up and running. A useful sub-reddit, r/Crostini, has some hints and tips for running Linux on

D

www.techradar.com/pro/linux

Olivier Crête Multimedia Lead, Collabora

Source: Red Hat

ed Hat Enterprise Linux 8, the Linux distro aimed at businesses, has been released. The latest version, the last before Red Hat joins IBM after the latter bought it for a staggering $34 billion, has been “redesigned for the hybrid cloud era and built to support the workloads and operations that stretch from enterprise datacenters to multiple public clouds,” according to the press release (http://bit.ly/LXF251RHEL8PR). As part of this release, Red Hat Insights is being included as “Red Hat’s Linux expertise as-a-service,” which uses predictive analytics based on Red Hat’s knowledge of open source technology to help administrators identify and fix IT issues with the minimum of downtime. Red Hat Smart Management is also introduced in RHEL 8 as an add-on for the distro, which will make it easier for companies to use hybrid cloud computing in an easy-to-manage and patch interface. Find out more at http://bit.ly/ LXF251RedHatSmartManagement. Another new feature in RHEL8 is Application Streams, which enable developers to access ”fast-moving languages, frameworks and developer tools” without impacting the core

current Chromebooks – check it out at www.reddit.com/r/Crostini/. By making it so easy to run Linux – which will run alongside Chrome OS, rather than dual-booting either operating system – Google has made Chromebooks even more useful than before. With support for Android apps, Chromebooks are now formidable little devices that offer great battery life and affordable prices, which makes them ideal for developers and students. With Linux running alongside Chrome OS, you’ll be able to browse files in the Chrome OS file manager, for example, and open them in Linux apps such as LibreOffice. If you’ve been put off by the limitations of Chrome OS in the past, now is an ideal time to take another look at these flexible laptops.

After a year-long development cycle, the much anticipated GStreamer 1.16 was made available recently. With it came a number of exciting new features we’re especially proud of, including per-element latency tracer and support for planar or non-interleaved audio. We’ve added support for the next generation, royalty-free AV1 codec to Matroska and MP4 containers, which are the two main container formats used around the internet. The GStreamer WebRTC stack gained support for data channels for peer-topeer communication based on SCTP in addition to the existing video and audio support. Closed captions, an important feature for accessibility, are now supported as a first-class citizen in GStreamer; this makes it possible to get those assistive subtitles embedded in TV streams. The Video4Linux encoder and decoders gain support for the HEVC codec, while the Nvidia-specific nvenc plug-ins gain support for encoding HEVC adding to its existing decoding capability. Nvenc also gained support for both decoding and encoding VP8 and VP9. GStreamer is more mature than ever and the team is already working hard on the next set of features.

July 2019 LXF251     7


Newsdesk Laptops

opinion

The $199 Linux laptop by Pine64 shown off running in new video. he Pinebook Pro, a Linux laptop by Pine64 that will launch at $199, looks like it is edging ever closer to release. A new video (www.youtube.com/ watch?v=mj3_jMBlbxA) unveils the latest prototype, which comes with improved hardware that can handle 4K videos. The Pinebook Pro is made out of magnesium alloy rather than plastic like the original Pinebook, and has a USB-C port for data, charging and video out, as well as a range of usual ports. The processor is a Rockchip RK3399 with Mali-T860 MP4 graphics, 4GB of RAM (double the amount of the original Pinebook), 64GB

T

Keith Edmunds is Tiger Computing Ltd’s MD, which provides support for businesses using Linux.

8     LXF251 July 2019

Software

Pinebook Pro: pitched as a Linuxtoting alternative to Chromebooks.

eMMC storage, a 14-inch 1080p display and a 10,000 mAh battery. You can find out more about the specs of the device at: www.pine64.org/pinebook-pro/. As you can see in the video, the prototype appears to work, but there are still a few issues that need to be sorted before the Pinebook Pro goes on sale. For example, audio isn’t currently working, and there are problems with charging the laptop, as well as suspending and resuming the operating system. Once these (admittedly rather major) issues are fixed, hopefully we’ll see the Pinebook Pro going on sale in the next few months.

Distros

Extensions break Firefox

CEO surprised by desktop boom

Out-of-date certificate makes extensions unusable.

Canonical’s Mark Shuttleworth taken aback.

ozilla’s Firefox web browser encountered a serious issue recently when an out-of-date certificate made all extensions unusable. The bug caused the software to view the extensions as incompatible, despite running without issue earlier. The problem was severe enough for Mozilla to rush out a fix, with the team tweeting that “So sorry for the issue we’re having with add-ons right now! We’re working hard to fix it and will keep you updated.” As promised, Mozilla released Firefox 66.0.5, which includes a fix for the issue.

uring an an interview at the Open Infrastructure Summit, Mark Shuttleworth revealed that Canonical, the company behind the Ubuntu distro, had seen an unprecedented growth of companies signing up for Ubuntu desktop support contracts. “They want to have fleets of Ubuntu desktop for their artificial intelligence engineers,” Shuttleworth admits. “We’re starting actually now to commercially support the desktop in a way that we’ve never been asked to before,” he added. “Previously, those were kind of off the books, under the table. You know, ‘Don’t ask, don’t tell’ deployments. But now suddenly, it’s the AI team and they’ve got to be supported.” While surprising, it’s certainly good to know that companies are making sure that their employees who use Ubuntu have official support. You can view a video of the interview (as well as other interviews conducted at the Open Infrastructure Summit) www.openstack. org/videos/summits/denver-2019.

M

Source: Mozilla

The expression “What could possibly go wrong?” typically introduces a catalogue of disasters that adequately – and often embarrassingly – answers the question. In this case, it’s Mozilla with egg on its face. Thanks to the expiration of an intermediate certificate, a large number of Firefox extensions stopped working at midnight of 3 May. Easy to fix the technical problem: issue a new certificate. Not so easy to fix the reputation problem, though. It’s also easy to prevent the problem occurring in the first place. I’ve written before about the need for comprehensive monitoring of a business IT infrastructure. In today’s environment, that’s a requirement rather than a nice-to-have. Coupled with the monitoring is the need to have both someone motivated to take action when problems are reported, and a process or procedure that defines what should happen for each and every alert. When a problem occurs that the monitoring didn’t pick up, but could have, you have two problems: the original problem and the fact that the monitoring is deficient. How’s your monitoring looking?

Image credit: Pine64Pictures

Pinebook Pro is almost ready to launch

Slipped certificates

Firefox recently encountered an issue that prevented extensions from running.

D

www.linuxformat.com


newsdesk

Distro watch

Opinion

When will it end?

What’s behind the free software sofa? MPEG-1 and MPEG-2 are video codecs that are used widely, but because they were proprietary software, many distros (including Fedora) did not ship with them. However, in a note (http://bit.ly/LXF251FedoraLegal) posted by Tom Callaway of the Fedora Legal team, MPEG-1 (H.261) and MPEG-2 (H.262) video implementations are now permitted in Fedora. So it appears that the patent constraints that plagued those codecs are no longer in use.

Image credit: Petr Kratochvil

MPEG-1 and MPEG-2

DVDs use MPEG-2 – but encrypted DVD playback is still blocked in Fedora.

Project Trident 19.04

This desktop operating system is based on TrueOS, and has been updated to 19.04. It uses features included in the FreeBSD 13.0-CURRENT branch, as well as the Lumina 1.5.0 desktop environment. According to the release statement (https://project-trident.org/ post/2019-05-07_19.04_available), there have been a number of important changes since the last version, such as rEFInd being incorporated into the Project Trident install ISO by default.

The latest version of Project Trident is based on the latest stable tag from TrueOS: v20190412.

Fatdog64 Linux 801

The body-shaming Linux distro is a lightweight 64-bit distro that started life as a fork of Puppy Linux. The latest version comes with a number of bug fixes since the previous version, along with new features – including xtrlock, which enables you to lock the screen without blanking, madock, which is a screen magnifier tool, and UExtract and PackIt are included by default. Find out more in the release announcement at http:// murga-linux.com/puppy/viewtopic.php?t=115537.

Fatdog64 Linux was originally derived from Puppy Linux, but with more applications built-in.

GuixSD 1.0.0

Also known as the Guix System Distribution, GuixSD is a stateless Linux-based operating system built around the GNU Guix package manager. The aim of the distro is to provide advanced package management features. The new release brings a new system installer, improved X.Org configuration and over 1,000 new packages in its repositories. Since the 0.16.0 release, 5,700 commits have been made by 99 people. Find out more at www.gnu.org/software/guix/blog/2019/gnu-guix1.0.0-released.

www.techradar.com/pro/linux

Jonni Bidwell has been hiding under his duvet until the weather gets a little warmer and the internet safer…

GuixSD 1.0.0 comes with ISO-9660 installation images, a VM image, and with tarballs to install the package manager.

Well, another month another critical processor vulnerability (with a catchy name) and, as a bonus, a flaw in Whatsapp that meant your phone can be hacked just by receiving a call. You don’t even have to answer it. Meanwhile, SIM swapping attacks (where mobile operators are tricked, bribed or otherwise coerced into porting a telephone number to a new SIM, undermining two factor authentication) are on the rise, and Google’s Bluetooth-LE Titan security keys can be hijacked by a proximity attack. In other news, Signalling System 7 (the protocols that connect mobile networks and have been around since 1975) can be attacked. So too can the Border Gateway Protocol (essentially a band aid applied to the Internet in the 90s), large swathes of the internet are regularly routed anomalously. It’s not the end of the world—application (and firmware) updates and product revisions will protect against some of these attacks, and phone companies will hopefully improve security checks. But it’s all a little terrifying, and serves to show how technology we take for granted can be thwarted.

July 2019 LXF251     9


Newsdesk

Kernel Watch

opinion

mds mess

Jon Masters summarises the latest happenings in the Linux kernel, so that you don’t have to. Jon Masters is a kernel hacker who’s been involved with Linux for more than 22 years, and works on energy-efficient Arm servers.

A new speculative execution side-channel vulnerability has been disclosed, known as MDS, which stands for Microarchitectural Data Sampling. This time, it impacts structures within Intel CPUs that track stores (writes) and loads (reads) to and from memory. The basic issue is that these structures can contain stale data from previous CPU operations. Under certain conditions it could be possible to use a cache side-channel attack similar to Meltdown in order to sample some of the leftbehind data. Then, using sophisticated analysis, an attacker may be able to stitch it together. The kernel has been modified to add a mitigation for MDS that flushes out stale values left behind in the buffers of impacted CPUs. This mitigation is enabled automatically at boot time if it is required (depending upon the processor), but it can also be controlled through the mds= command line parameter. The documentation notes that on some systems it may also be necessary to disable Hyper-Threading, a feature that allows a single CPU core to appear as if it were several “logical processors”. This can be done through additional parameters that can be specified at boot time.

10     LXF251 July 2019

inus Torvalds announced the release of the 5.1 Linux kernel, noting that he had been “waffling” about the timing but in the end, nothing that came up had been big enough to cause a delay. The 5.1 kernel includes many new features, among them support for using persistent memory as RAM (rather than just as a backing for storage devices), a more scalable way to track changes to large filesytems, and comes close to completing the ‘Y2038’ preparation.

L

optimizations to the BPF verifier, to a new ‘caseinsensitive’ option for the ext4 filesystem (similar to Windows FAT32).

Super block root watch Linux has historically not had a scalable means to monitor for changes on a large filesystem. Software wishing to watch for the creation of new files and directories would have to set up recursive ‘inotify’ watches for each part of the filesystem, resulting in very poor scalability. ‘Super block root watch’ aims to solve this by adding a means to monitor for new filesystem events at the ‘superblock’ level. The superblock is the very top level of any filesystem, thus implementing monitoring at this level allows for software to use a single API call to get all events. Previous work (in kernel 4.20) had added some of the initial plumbing. This is now completed in the latest kernel with the addition of fsnotify_dirent and fanotify_dirent APIs to report directory modification (create/delete/ rename of files and folders) events. This should mean that finally Linux will have an equivalent to the Windows USN Journal, or macOS FSEvents. You will notice this even as a regular desktop user, with snappier updates of files in the Files viewer (nautilus) in future releases of Gnome and other desktops.

“Linux has historically not had a scalable means to monitor for changes on a large filesystem.” With the release of 5.1 came the opening of the merge window (period of time during which disruptive changes are allowed into the kernel) for what will become 5.2 in another couple of months. Linus had noted in his 5.1 mail that his eldest daughter was graduating college right in the middle of the 5.2 merge and that he would “be effectively offline for a few days there”, but he hoped not to have to extend the merge window. Instead, he cranked through thousands of patches even faster than usual. Many new features are scheduled for 5.2, ranging from performance

Ongoing Development Laurent Dufour posted an updated (version 12) patch series titled “Speculative Page Faults” aiming to improve scalability for massively threaded applications. In spite of the name containing “speculative” this has nothing to do with security, but instead to do with speculating that other threads won’t be trying to set up a similar mapping at the same moment. A discussion is under way about ways to handle kernel live patching in the presence of LTO (Link Time Optimisation). LTO is a feature that enables a compiler to eke out further performance from binaries. It isn’t enabled in upstream kernels, but it is used by Android when compiled with LLVM. Alas, in its current form it is incompatible with

live patching, without some work. Dmitry Safonov posted version 3 of a patch series titled “Introduce Time Namespace” which aims to allow containers to have a different view of the current time from that seen by other applications or VMs on a system. This is necessary in order to handle migration of containers in production environments where the time may be different between physical hosts. Yoni Bettan posted “Introducing virtioexample”, a patch that aims to create a “template or guideline for contributors when they wish to create a new virtio device and to document “the right way” to do so”. virtio is heavily used on Linux systems to paravirtualise hardware.

www.linuxformat.com


LUGS

Linux user groups The intrepid Les Pounder brings you the latest community and LUG news.

Liverpool Makefest 2019

Find and join a LUG Build Brighton Thursday evening is open night. www.buildbrighton.com Cornwall Tech Jam Second Saturday of the month, alternating between Bodmin and Camborne. www.cornwalltechjam.uk Glasgow Makers and Hardware Hackers Mitchell Library, Glasgow. https://m.facebook.com/ groups/115303729096198 Huddersfield Raspberry Jam Meet every month at Huddersfield Library, typically on the fourth Saturday of each month. https://huddersfieldraspberryjam.co.uk Horsham Raspberry Jam Parkside, Chart Way, Horsham. www.facebook.com/hackhorsham Leeds Hackspace Open night every Tuesday 7pm-late, open day second Saturday of the month, 11am-4pm. www.leedshackspace.org.uk Medway Makers 12 Dunlin Drive, St Mary’s Island, Chatham ME2 3JE. www.medwaymakers.com New Jersey Linux User’s Group Last Tuesday of every month, at Panara Bread, 165 Route 4 West, Paramus, NJ. http://njlnux.org

It’s the fifth year for this glorious event. ith no Maker Faire UK for the foreseeable future, it now falls to other events to serve the growing need for maker-centric events in the UK. There are many events across the country, some still sporting the ‘Maker Faire’ branding, others forging their own path. One of the most popular is Liverpool Makefest, which is enjoying its fifth year in 2019. Originally started by the makers and educators of Liverpool, this one-day event still prides itself with filling the beautiful central library full of makers from every corner of the UK and community. Learn how to make your own electric guitar, use Python to build robots, create long-distance radio networks using LoRA and Pi.

W

PLUG – Perth Linux Users’ Group Once a month, at Spacecubed, 45 Saint Georges Terrace, Perth, Western Australia. www.plug.org.au

All of this has been and remains to be free. Families spend the day learning new skills, creating projects using Linux, electronics and crafts. Liverpool Makefest is a great day out and the central library is just across the road from the main train station. so there’s little chance of losing your way. From this one event you will learn, laugh and discover. The makers running their stalls are all there to tell you about their projects and how you can be inspired to make something. This free event is on Saturday 30 June and tickets are available from https://lpoolmakefest.org. You can even learn more about the makers showing off their projects, and hear the official podcast, hosted by former Linux Outlaw host Dan Lynch. Spread throughout the central library it’s a great free day out for all the family.

rLab Reading Hackspace Unit C1, Weldale ST, Reading, Wednesday from 7pm. http://rlab.org.uk Teesside Hackspace Tuesday Evenings at Teesside Hackspace. www.teessidehackspace.org.uk The Things Network Reading Walkabout Bar, Reading, 2nd Tues 7pm. ttnreading.org

Community events news

Oggcamp 2019 The “unconference” will take place on 19-20 October in Manchester, and right now the organisers are running a call for papers (CFP) for the main scheduled talk track. So if you want to talk to over 500 people about your specialist topic, get your paper in now! But fear not, the

www.techradar.com/pro/linux

unscheduled tracks are still there and there will also be a kids’ track, where eager minds can learn to code and hack with Raspberry Pi and micro:bit. More details at https://oggcamp.org.

Saturday where eager children can learn from members of the community. You can get tickets, call for speakers and more information from: https://2019.pyconuk.org.

PyCon UK 2019 This year is taking place in Cardiff from 13-17 September and is the main Python conference for UK Pythonistas. At PyCon UK you can take part in workshops covering the broad Python community – from embedded devices running MicroPython, to Python in the datacentre/data science environments. There is also a kids’ track for the

Hackspace Manchester The team from HacMan has found a new space and they need your help! HacMan has been around for almost a decade, starting life as a group meeting in a local Stockport pub. Now the hackspace has just secured much larger premises for its 100 members. If you are local and can help build their new space, please get in touch! www.hacman.org.uk.

July 2019 LXF251     11


9000

Answers

Answers

Got a burning question about open source or the kernel? Whatever your level, email it to lxf.answers@futurenet.com Shotwell Q Upgrading I tried to apply Nick Peers’ piece

on Shotwell to upgrade my version of it. I have Debian 8 Mint on a 32-bit machine. Shotwell is version 0.20.1-1 and I have been unable to upgrade as the PPA is not recognised in Debian. Am I stuck on 0.20.1-1 unless Debian adds a later version, I buy modern 64-bit kit or change to Mint or Ubuntu? It has to be said that Shotwell 0.20.1-1 works fine for me, but it’s not the latest and now that Peers has told me…! John Welford

A

Debian 8 (Jessie) is the old, stable version of Debian. It will only receive updates to handle security issues and bugs, not version bumps. That leaves two options: installing from a PPA or from source. The PPA is for Ubuntu, which is why it will not add in Debian. You could try downloading the individual .deb files to your computer and then installing them with dpkg, for example, like this: $ dpkg -i shotwell.x.y.z_i386.deb

I want to wipe all the data from a partition so it can’t be recovered. What is the best way to do that from the command line? Leon Barnett

A

The answer rather depends on how securely you want to delete the data. Do you just want to make sure a casual user running testdisk can’t recover anything, or do you want to guard against more sophisticated data-recovery techniques? The simplest option is to use dd to overwrite the partition with zeros: $ dd if=/dev/zero of=/dev/sdXN bs=4M

Make sure you give the correct device for your partition: dd has no handholding “Are you sure?” prompts,  it just gets on with copying data. 

12     LXF251 July 2019

wonders FOSS is   the point?

However, this may have unexpected side effects when doing it on a different distro to that which the package was built for. A safer option would be to build from source, which also gives you the benefit of having the latest version. The first step is to If you want the latest version of Shotwell, or any other software, in an older distro, ensure you have be prepared to install from source. the meson, vala and ninja packages installed, then download If at any time it complains about the latest sources, currently 0.30.1, missing dependencies, install those and from https://wiki.gnome.org/Apps/ start again with the command that failed. Shotwell. Unpack the archive and build it This will compile a copy of Shotwell in the with these commands, run from a terminal build directory, and you can run it from in the directory containing the downloaded here in the terminal by giving the full path. file: This is fine for testing, but once you know it works you should install it to the system, $ tar xf shotwell-0.30.1.tar.xz so that it appears in menus and so on, $ cd shotwell-0.30.1 using the following: $ meson build $ ninja -C build

Secure deletion Q

Neil Bothwick

A somewhat more secure version of this is to use /dev/urandom instead of /dev/zero , to write random data to the partition. Running this more than once decreases the chances of anything being read from the partition. There are also a couple of programs written for secure deletion of files. You will already have shred installed and can wipe a partition with $ shred /dev/sdXN

Running shred may take a while, especially if you increase the number of overwrites from the default of 3.  dd /dev/zero may well be sufficient for you. Alternatively, there is the wipe command, which may not be installed by default. This uses an even more intensive algorithm to get rid of all   data on a drive.

$ sudo ninja -C build install

This command has to be executed with sudo, or as root, to install to system directories. You must uninstall the current version of Shotwell before doing this, otherwise your PC could get confused. Once you have installed from source, it’s your responsibility to keep it up to date – your package manager no longer knows it is installed. As time goes on, you will find more and more issues like this, and sometimes find software that you cannot install from source without similarly updating various dependencies. With that in mind, the best approach for long-term sanity is to upgrade your entire distro to the latest stable Debian (Stretch). There’s a good explanation of how to do this at http://bit.ly/lxf251stretch. One could argue that if you want the latest versions of software, you shouldn’t be running Debian Stable in the first place, but either Debian Testing or one of the other distros you mention that are based on testing. That is a choice that’s up to you to make, though.

www.linuxformat.com

Profile for Future PLC

Linux Format 251 (Sampler)  

You can subscribe to this magazine @ www.myfavouritemagazines.co.uk

Linux Format 251 (Sampler)  

You can subscribe to this magazine @ www.myfavouritemagazines.co.uk