If you’ve been following along in the open source news cycle lately, you’ve probably heard that Red Hat has dropped the docker container runtime engine from both its Red Hat Enterprise Linux (RHEL) and CentOS Linux distributions.

I must not be following along, because that’s news to me.

That being the case, what do you do when you need to deploy containers? Fortunately, they’ve created a near drop-in replacement for docker, called Podman.

Podman is a rename from kpod, sorta. The new thing is actually called libpod, and Podman exists as the CLI for that library. It’s all a bit confusing, but what’s cool is none of this requires a daemon like the Docker Engine.

If you’d like to give it a go, this walk-through by The New Stack will get you started.

George Hilliard is an embedded system engineer who has designed a cheap business card that runs Linux and has a USB port. In this blog, he talks about the logistics and design of the card.

The Xfce desktop has a specific, self-stated goal: to be fast on a system with low resources while being visually appealing and user-friendly. It’s been the de facto choice for lightweight Linux distributions (or remixes) for years and is often cited by its fans as a desktop that provides just enough to be useful, but never so much as to be a burden.

I’ve never used Xfce myself, but I’ve heard plenty of my fellow devs sings its praises over the years.

I probably understood ~60% of the data htop exposes. After reading this extremely thorough post, I understand a lot more. The section on load average is pure gold.

If you are a system administrator, or just a regular Linux user, there is a very high chance that you worked with Syslog, at least one time. On your Linux system, pretty much everything related to system logging is linked to the Syslog protocol. Designed in the early 80’s by Eric Allman (from Berkeley University), the syslog protocol is a specification that defines a standard for message logging on any system.

This is pitched as “everything that you need to know about Syslog.” From what I can tell, it might just live up to that pitch. It’s high quality and thorough.

It’s great to read RMS and other GNU developer’s perspective on how we got past the UNIX days. I’m particularly interested in a conversation around this statement from the author:

Open source discourse typically encourages certain practices for the sake of practical advantages, not as a moral imperative.

I’m fascinated by the different perspectives. There’s one where F/OSS is a human right, and another where it’s a business opportunity. They’re not mutually exclusive, but which is more prevalent these days?

My thought is that we wouldn’t be where we are today if the former didn’t dominate in the ‘90s, but we’re significantly more capitalistic with our OSS these days.

What’s your take on it?

If you’d like to follow along with someone who “has no idea what they’re doing” to learn how to take a base Docker image made with a single line Dockerfile FROM debian:latest and convert it to something launch-able, then read on…

…messing about with things like this is the only way to gain extra knowledge of any system internals. We are going to speak Docker and Linux here. What if we want to take a base Docker image, I mean really base, just an image made with a single line Dockerfile like FROM debian:latest, and convert it to something launchable on a real or virtual machine? In other words, can we create a disk image having exactly the same Linux userland a running container has and then boot from it?

Instantbox spins up a temporary Linux system with instant webshell access from any browser. Great for presentations, demos at schools and user groups, testing out random ideas, and more.

Distros supported include Ubuntu, CentOS, Arch Linux, Debian, Fedora, and Alpine.

This write up is a mindbending and informative view of the “everything is a file” philosophy of Linux. Alison does an exceptional job of making filesystem internals feel approachable. It’s a must read for those who love to understand how things work.

Talos touts:

• Security: reduce your attack surface by practicing the Principle of Least Privilege (PoLP) and enforcing mutual TLS (mTLS).
• Predictability: remove needless variables and reduce unknown factors from your environment using immutable infrastructure.
• Evolvability: simplify and increase your ability to easily accommodate future changes to your architecture.

Hit up the README if you’re curious about the name, why there’s no shell/ssh access, or how it’s different than CoreOS/RancherOS/Linuxkit

Everyone’s favorite package manager for macOS released version 2.0 with official support for Linux and Windows 10 (with Windows Subsystem Linux). Cross-platform setup scripts just got a whole lot easier.

This guide is still a WIP, but if the table of contents is any indicator, it’s going to be spectacularly useful once it’s done. Bookmark/star to save for later. See also: the linux hardening checklist

This is an excellent summation of the state of the world of Linux distros from a development perspective.

If I were to start all over again today, I’d probably go with Arch because it speaks to a lot of my sensibilities. However, I’ve been in Debian/Ubuntu land for far too long to make any major changes now. Also, if it ain’t broke…

A hypervisor that traps Linux system call and translates them into Darwin’s system calls. It can interpret ELF files so Linux binaries run without any modification.

Gaming in Linux has evolved a lot in the past few years. Now, you have dozens of distros pre-optimized for gaming and gamers. We tested all of them and hand-picked the best.

This is a well-done roundup, replete with features and minimum hardware requirements for each distro. 👌

I did not see this coming. Linus Torvalds, writing to the Linux Kernel mailing list:

I need to change some of my
behavior, and I want to apologize to the people that my personal
behavior hurt and possibly drove away from kernel development
entirely.

I am going to take time off and get some assistance on how to
understand people’s emotions and respond appropriately.

Introspection is hard, especially when you don’t like what you see after staring yourself in the mirror. Cheers to him for owning up to mistreating others and attempting to change. Here’s hoping he follows through. 🤞

This repository contains a step-by-step guide that teaches how to create a simple operating system (OS) kernel from scratch. I call this OS Raspberry Pi OS or just RPi OS. The RPi OS source code is largely based on Linux kernel, but the OS has very limited functionality and supports only Raspberry PI 3.

6 lessons available with 5 more on the roadmap.

I use the history command all the time, but I’ve never really dug in to it to see what all is possible. If you’re in a similar spot, this article by Steve Morris is a good primer. 👌

Graphpath is a shining example of the Unix philosophy’s virtues.

it’s just a shell script using standards tools (route, arp and ifconfig on *BSD and ip on Linux)

The results? Super useful.

For those coming off the heels of The Changelog #292 where we talked with Philipp Krenn about Elasticsearch, you’re gonna wanna play around with full text searching your man pages with Elasticsearch.

This post covers:

1. Setup an Elasticsearch instance locally
2. Create an index for the data
3. Feed the index with the man pages of the OS
4. Create a search method for full text searching
5. Full text search the man pages

GameMode is a daemon/lib combo for Linux that allows games to request a set of optimisations be temporarily applied to the host OS.

Alternative project names included Turbo Button and I Need NOS.

Cockpit makes Linux discoverable, allowing sysadmins to easily perform tasks such as starting containers, storage administration, network configuration, inspecting logs and so on.

Paul Miller:

There are two major reasons I can think of to hack a game console. The first one is obvious: so you can play cracked copies of games. That’s why modern consoles are so difficult to hack, because millions of dollars are on the line. But some people just want to run any software they choose on the hardware they own. And for those people, Linux on the Switch is a huge achievement.

This hack boasts touchscreen support, a fully operational death star web browser, and a GPU-powered demo app. Sadly, there are no details out on how you can do it yourself, but Twitter user fail0verlow has a nice video of it in action embedded in a tweet.

Julia Evans:

Yesterday I added Linux container support to rbspy, so that an instance of rbspy running on the host machine can profile Ruby programs running in containers… I thought it would be fun to explain what adding “container support” involves in practice!

(rbspy is her sampling profiler for Ruby.)

This bit is interesting, and why this post isn’t tagged with the Docker topic:

We didn’t need to care about Docker or anything like that – it’s irrelevant what container runtime our containers are using, and we certainly don’t interact with Docker at all.

I guess a few simple syscalls is all it takes!

A simple shell script to tell if your Linux installation is vulnerable against the 3 “speculative execution” CVEs.

The broad sweeping impact of these vulnerabilities is overwhelming.