Is it time to migrate away from cron?

Like cron jobs, systemd timers can trigger events—shell scripts and programs—at specified time intervals, such as once a day, on a specific day of the month (perhaps only if it is a Monday), or every 15 minutes during business hours from 8am to 6pm. Timers can also do some things that cron jobs cannot. For example, a timer can trigger a script or program to run a specific amount of time after an event such as boot, startup, completion of a previous task, or even the previous completion of the service unit called by the timer.

To say KISS isn’t for everybody would be a massive understatement. After all, it only targets x86-64 architecture and the English language. To say KISS is the first unique take on Linux I’ve seen in a long time would be 💯 on target.

Here are a few of my favorites from its “feature” list:

• Every installation of the distribution contains the full sources (of the distribution) with git history attached.
• Is simple and small enough to be maintainable in its entirety by a single person with little effort.
• There is no “backend”. This distribution is merely a few git repositories.

And it looks rad too.

Dmitri Popov:

digiKam is the cornerstone of my photographic workflow. This powerful and versatile photo management application has all the tools and features necessary for transferring, organizing, processing, and managing photos, RAW files, and videos. But even though digiKam can handle practically any photographic task you throw at it, there is still room for optimizing and improving parts of the Linux-based photographic workflow.

Themeable and has a game-inspired menu system 🔥

Instead of blocking ads & trackers at the device level, Pi-hole is a DNS sinkhole that gets the job done at the network level. One benefit of this (in addition to ease of use) is that it can block content in non-browser locations like mobile apps and the like.

NymphCast is a software solution which turns your choice of Linux-capable hardware into an audio and video source for a television or powered speakers. It enables the streaming of audio and video over the network from a wide range of client devices, as well as the streaming of internet media to a NymphCast server, controlled by a client device.

In addition, it supports powerful apps (NymphCast apps) written in AngelScript to extend the functionality of NymphCast with a variety of online services.

Fedora CoreOS is a container-focused (mostly) immutable Linux distribution designed to be lightweight and secure. It features Ignition as an early-boot-provisioning systems that alleviates all post-boot configuration, OSTree as an atomic-update mechanism, and podman as a secure and daemon-less container runtime.

If you’ve ever asked yourself WHY you need to SSH in to configure a system, why your cloud server OS comes with inkjet printer packages, or how you can get out of the burden of critical but uninspired kernel updates… then check out Fedora CoreOS!

Dan Guido mentioned this might be a thing on our Algo VPN episode. Turns out he was right (once version 5.6 of the Linux kernel hits package mirrors for download).

Linus had this to say about WireGuard:

“Can I just once again state my love for it and hope it gets merged soon? Maybe the code isn’t perfect, but I’ve skimmed it, and compared to the horrors that are OpenVPN and IPSec, it’s a work of art,”

Little Snitch is cool because it surfaces network connection attempts and lets you decide whether or not to allow them. OpenSnitch is cool because it is open source and built with Python and Go. Buyer beware:

THIS SOFTWARE IS WORK IN PROGRESS, DO NOT EXPECT IT TO BE BUG FREE AND DO NOT RELY ON IT FOR ANY TYPE OF SECURITY

If you’ve been following along in the open source news cycle lately, you’ve probably heard that Red Hat has dropped the docker container runtime engine from both its Red Hat Enterprise Linux (RHEL) and CentOS Linux distributions.

I must not be following along, because that’s news to me.

That being the case, what do you do when you need to deploy containers? Fortunately, they’ve created a near drop-in replacement for docker, called Podman.

Podman is a rename from kpod, sorta. The new thing is actually called libpod, and Podman exists as the CLI for that library. It’s all a bit confusing, but what’s cool is none of this requires a daemon like the Docker Engine.

If you’d like to give it a go, this walk-through by The New Stack will get you started.

George Hilliard is an embedded system engineer who has designed a cheap business card that runs Linux and has a USB port. In this blog, he talks about the logistics and design of the card.

The Xfce desktop has a specific, self-stated goal: to be fast on a system with low resources while being visually appealing and user-friendly. It’s been the de facto choice for lightweight Linux distributions (or remixes) for years and is often cited by its fans as a desktop that provides just enough to be useful, but never so much as to be a burden.

I’ve never used Xfce myself, but I’ve heard plenty of my fellow devs sings its praises over the years.

I probably understood ~60% of the data htop exposes. After reading this extremely thorough post, I understand a lot more. The section on load average is pure gold.

If you are a system administrator, or just a regular Linux user, there is a very high chance that you worked with Syslog, at least one time. On your Linux system, pretty much everything related to system logging is linked to the Syslog protocol. Designed in the early 80’s by Eric Allman (from Berkeley University), the syslog protocol is a specification that defines a standard for message logging on any system.

This is pitched as “everything that you need to know about Syslog.” From what I can tell, it might just live up to that pitch. It’s high quality and thorough.

It’s great to read RMS and other GNU developer’s perspective on how we got past the UNIX days. I’m particularly interested in a conversation around this statement from the author:

Open source discourse typically encourages certain practices for the sake of practical advantages, not as a moral imperative.

I’m fascinated by the different perspectives. There’s one where F/OSS is a human right, and another where it’s a business opportunity. They’re not mutually exclusive, but which is more prevalent these days?

My thought is that we wouldn’t be where we are today if the former didn’t dominate in the ‘90s, but we’re significantly more capitalistic with our OSS these days.

What’s your take on it?

If you’d like to follow along with someone who “has no idea what they’re doing” to learn how to take a base Docker image made with a single line Dockerfile FROM debian:latest and convert it to something launch-able, then read on…

…messing about with things like this is the only way to gain extra knowledge of any system internals. We are going to speak Docker and Linux here. What if we want to take a base Docker image, I mean really base, just an image made with a single line Dockerfile like FROM debian:latest, and convert it to something launchable on a real or virtual machine? In other words, can we create a disk image having exactly the same Linux userland a running container has and then boot from it?

Instantbox spins up a temporary Linux system with instant webshell access from any browser. Great for presentations, demos at schools and user groups, testing out random ideas, and more.

Distros supported include Ubuntu, CentOS, Arch Linux, Debian, Fedora, and Alpine.

This write up is a mindbending and informative view of the “everything is a file” philosophy of Linux. Alison does an exceptional job of making filesystem internals feel approachable. It’s a must read for those who love to understand how things work.

Talos touts:

• Security: reduce your attack surface by practicing the Principle of Least Privilege (PoLP) and enforcing mutual TLS (mTLS).
• Predictability: remove needless variables and reduce unknown factors from your environment using immutable infrastructure.
• Evolvability: simplify and increase your ability to easily accommodate future changes to your architecture.

Hit up the README if you’re curious about the name, why there’s no shell/ssh access, or how it’s different than CoreOS/RancherOS/Linuxkit

Everyone’s favorite package manager for macOS released version 2.0 with official support for Linux and Windows 10 (with Windows Subsystem Linux). Cross-platform setup scripts just got a whole lot easier.

This guide is still a WIP, but if the table of contents is any indicator, it’s going to be spectacularly useful once it’s done. Bookmark/star to save for later. See also: the linux hardening checklist

This is an excellent summation of the state of the world of Linux distros from a development perspective.

If I were to start all over again today, I’d probably go with Arch because it speaks to a lot of my sensibilities. However, I’ve been in Debian/Ubuntu land for far too long to make any major changes now. Also, if it ain’t broke…

A hypervisor that traps Linux system call and translates them into Darwin’s system calls. It can interpret ELF files so Linux binaries run without any modification.

Gaming in Linux has evolved a lot in the past few years. Now, you have dozens of distros pre-optimized for gaming and gamers. We tested all of them and hand-picked the best.

This is a well-done roundup, replete with features and minimum hardware requirements for each distro. 👌

I did not see this coming. Linus Torvalds, writing to the Linux Kernel mailing list:

I need to change some of my
behavior, and I want to apologize to the people that my personal
behavior hurt and possibly drove away from kernel development
entirely.

I am going to take time off and get some assistance on how to
understand people’s emotions and respond appropriately.

Introspection is hard, especially when you don’t like what you see after staring yourself in the mirror. Cheers to him for owning up to mistreating others and attempting to change. Here’s hoping he follows through. 🤞