Configure Zabbix Monitoring Server with Puppet | Lisenet.com :: Linux | Security

We’re going to use Puppet to install and configure a Zabbix server. We will also allow active Zabbix agent auto-registration.

This article is part of the Homelab Project with KVM, Katello and Puppet series.

Homelab

We have a CentOS 7 VM installed which we want to configure as a Zabbix server:

monitoring.hl.local (10.11.1.13) – Zabbix server with agent auto-registration

SELinux set to enforcing mode.

See the image below to identify the homelab part this article applies to.

Zabbix LTS and PHP

We want to use a stable Zabbix LTS release, which is Zabbix 3.0 at the time of writing.

Note that Zabbix 3.0 LTS release supports PHP 5.4 or later, however PHP v7 is not supported yet. For more info, see Zabbix documentation.

Also note that PHP 5.6 will receive security support until 31 December 2018. For more info, see PHP supported versions. We will therefore use Remi’s PHP 5.6 repository served by Katello (we configured it here).

Configuration with Puppet

Puppet master runs on the Katello server.

Puppet Modules

We use puppet-zabbix Puppet module to configure the server. We also use puppetlabs-apache and puppetlabs-mysql to configure frontend and backend services.

Please see each module’s documentation for features supported and configuration options available.

Manage Firewall

We start with firewall configuration:

firewall { ‘007 allow Zabbix active checks’:
dport => [10051],
source => ‘10.11.1.0/24’,
proto => tcp,
action => accept,
}->
firewall { ‘008 allow Zabbix WebUI’:
dport => [80, 443],
source => ‘10.11.1.0/24’,
proto => tcp,
action => accept,
}

Install Apache

We use Apache to run Zabbix frontend, and MySQL as Zabbix backend database.

Do a minimal Apache install only, but make sure that a PHP module is loaded:

class { ‘apache’:
default_vhost => false,
default_ssl_vhost => false,
default_mods => false,
mpm_module => ‘prefork’,
server_signature => ‘Off’,
server_tokens => ‘Prod’,
trace_enable => ‘Off’,
}
include apache::mod::php

Install MySQL

MySQL 5.7 repository is served by Katello (we configured it here).

class { ‘mysql::server’:
package_name => ‘mysql-community-server’,
service_name => ‘mysqld’,
root_password => ‘PleaseChangeMe’,
create_root_my_cnf => true,
manage_config_file => true,
config_file => ‘/etc/my.cnf’,
purge_conf_dir => true,
restart => true,
override_options => {
mysqld => {
bind-address => ‘127.0.0.1’,
datadir => ‘/var/lib/mysql’,
log-error => ‘/var/log/mysqld.log’,
pid-file => ‘/var/run/mysqld/mysqld.pid’,
wait_timeout => ‘3600’,
interactive_timeout => ‘3600’,
},
mysqld_safe => {
log-error => ‘/var/log/mysqld.log’,
},
},
remove_default_accounts => true,
}

Install Zabbix Server

Zabbix 3.0 repository is served by Katello. Since this is the case, we set manage_repo to false.

class { ‘zabbix’:
zabbix_version => ‘3.0’,
zabbix_url => ‘monitoring.hl.local’,
database_type => ‘mysql’,
manage_repo => false,
manage_firewall => true,
manage_vhost => true,
apache_use_ssl => true,
}

If all goes well, at this point Zabbix should be up and running.

Configure Active Agent Auto-Registration

This part should be configured after the server has been created.

It is possible to allow active Zabbix agent auto-registration, after which the server can start monitoring them. This way new hosts can be added for monitoring without configuring them manually on the server.

When installed succesfully, Zabbix web interface will be accessibe and we can log in with the default credentials:

  1. Username: Admin
  2. Password: zabbix

In the Zabbix frontend, go to Configuration > Actions, select Auto registration as the event source and click on Create action. Use something like this:

  1. Name: Linux host autoregistration
  2. Conditions: none
  3. Operations: Link to templates: Template OS Linux

See the image below for more info.

We don’t use any conditions here as it’s optional and not really necessary for the homelab, however, we could use HostMetadataItem=system.uname if we wanted to separate say Linux servers from Windows.

Install Zabbix Agents on All Servers

By now we should have our Zabbix server running with agent auto-registration enabled. One thing that is still left to do is to configure Puppet to install a Zabbix agent on all homelab servers, and allow Zabbix passive checks.

This needs to go in to the main environment manifest file /etc/puppetlabs/code/environments/homelab/manifests/site.pp so that configuration is applied to all servers.

class { ‘zabbix::agent’:
zabbix_version => ‘3.0’,
## Do not use DNS, use IP address.
server => ‘10.11.1.13’,
## Do not set logtype to ‘system’ unless you want
## to find yourself debugging SELinux problems.

logtype => ‘file’,
logfile => ‘/var/log/zabbix/zabbix_agentd.log’,
## Use Katello repository
manage_repo => false,
manage_firewall => false,
manage_selinux => true,
## Zabbix Agent does not work well with SELinux
## See: https://support.zabbix.com/browse/ZBX-12592

selinux_require => [
‘type kernel_t’,
‘type devlog_t’,
‘type zabbix_agent_t’,
‘class sock_file write’,
‘class process setrlimit’,
‘class unix_dgram_socket ‘,
],
selinux_rules => { ‘zabbix_agent_t’ => [
‘allow zabbix_agent_t kernel_t:unix_dgram_socket sendto’,
‘allow zabbix_agent_t self:process setrlimit’,
‘allow zabbix_agent_t self:unix_dgram_socket { connect create }’,
]
},
## Allow active Zabbix agent auto-registration,
## after which the server can start monitoring them.

serveractive => ‘monitoring.hl.local’,
hostmetadata => ‘system.uname’,
}

Configure firewall on all servers to allow Zabbix passive checks:

firewall { ‘006 allow Zabbix passive checks’:
proto => ‘tcp’,
source => ‘monitoring.hl.local’,
dport => ‘10050’,
action => ‘accept’,
}

The end result should be similar to this:

All agents auto-register with the server.

Source

Sonic Heroes Guide | GamersOnLinux

 

sonicheroes80.jpg

Choose a team of 3 characters from the Sonic games and work your way through fast levels full of jumps, traps and enemies. Switch between your characters abilities to eliminate enemies and finish the level. Each level can be completed in different ways and then at the end is a boss fight.

sonicheroes96.jpg

Follow my step-by-step guide on installing, configuring and optimizing Sonic Heroes in Linux with PlayOnLinux.

Note: This guide applies to the Retail CD ROM version of Sonic Heroes. Other versions may require additional steps.Tips & Specs:
To learn more about PlayOnLinux and Wine configuration, see the online manual: PlayOnLinux Explained

Mint 18.3 64-bit

PlayOnLinux: 4.2.12
Wine: 3.0

Wine Installation
Click Tools

Select “Manage Wine Versions”
wine01.png

Look for the Wine Version: 3.0

Select it
Click the arrow pointing to the right
wine02.png

Click Next

Downloading Wine

wine04.png

Extracting

Downloading Gecko

wine05.png

Installed

wine06.png

Wine 3.0 is installed and you can close this window

Copy Disk Data

  1. Enter Disk 1 of 2
  2. Create a folder on your Desktop
  3. Copy all of the files from Disk 1
  4. Paste the files in your new folder
  5. Eject Disk 1 (right-Click, select Eject)
  6. Enter Disk 2 and repeat
  7. Over-write any existing files

Note: Keep Disk 2 in the CD/DVD ROM drivePlayOnLinux Setup
Launch PlayOnLinux

Click Install
sonicheroes01.png

Click “Install a non-listed program”

sonicheroes02.png

Select “Install a program in a new virtual drive”

Click Next
sonicheroes03.png

Name the virtual drive: sonicheroes

Click Next
sonicheroes04.png

Check all three options:

 

  • Use another version of Wine
  • Configure Wine
  • Install some libraries

Click Next
sonicheroes05.png

Select Wine: 3.0

Click Next
sonicheroes06.png

Select “32 bits windows installation”

Click Next
sonicheroes07.png

Wine ConfigurationApplications Tab
Windows version: Windows XP

Click Apply
sonicheroes08.png

Drives Tab
Select Drive D:

Click Remove
Click Add
sonicheroes08a.png

Select D:

Click OK
sonicheroes08b.png

Navigate to your Desktop folder

 

Code:

/home/username/Desktop/sonicheroes
Click OK
sonicheroes08c.png

Type: CD-ROM

Click Apply
sonicheroes09.png

Graphics Tab
Check “Automatically capture the mouse in full-screen windows”

Click OK
sonicheroes10.png

PlayOnLinux Packages (DLLs, Libraries, Components)

Check the following:

 

  • POL_Install_corefonts
  • POL_Install_d3dx9
  • POL_Install_tahoma

Click Next
sonicheroes11.png

Note: All packages should automatically download and install
Click Browse

Navigate to the folder on your Desktop

Select “setup.exe”
Click Open
sonicheroes13.png

Click Next again…

Check “Agree”

Click Next
sonicheroes15.png

Check “Full”

Click Next
sonicheroes16.png

Click “Start Installation”

sonicheroes17.png

Disk Warning

Click Browse
sonicheroes17a.png

Select [-D-]

Click OK
sonicheroes18.png

Click OK

If the installer still doesn’t continue, Cancel and start over
Make sure Disk 1 is properly unmounted and Disk 2 is in the drive
Re-do the Drives Tab steps in Wine Configuration
It took me a few tries to get this right and the installer would complete

PlayOnLinux Shortcut
Select “Launcher.exe”

Click Next
sonicheroes21.png

Name the shortcut: Sonic Heroes

Click Next
sonicheroes20.png

Select “I don’t want to make another shortcut”

Click Next
sonicheroes23.png

PlayOnLinux Configure
Select “Sonic Heroes”

Click Configure
sonicheroes24.png

General Tab
Wine version: 3.0

sonicheroes25.png

Note: Click the down-arrow to select other versions of Wine. Click the + to download other versions of WineDisplay Tab
Video memory size: Enter the amount of memory your video card/chip uses

sonicheroes26.png

Close Configure

Launch Sonic Heroes (Launcher)

Click Run
sonicheroes27.png

Note: Click debug to see bugs and errors
Click Options

sonicheroes28.png

Screen Setting Tab

Adjust:

  • Window Mode
  • Fullscreen
  • Resolution
  • Fog
  • Anisotropic Filter
  • Shadow Setting
  • Free Camera
  • Clipping
  • Frame Rate

Click Select
sonicheroes29.png

Click “Play game”

sonicheroes28.png

Conclusion:
Unfortunately the highest resolution Sonic Heroes can run at is 1280×960. No widescreen support, so you will either have to run it windowed or change your Linux Desktop resolution to match before launching Sonic Heroes. Once the game is running, everything performs perfectly. I was able to play on my keyboard and my old Logitech controller.

Gameplay Video:

Screenshots:sonicheroes81.jpg

sonicheroes84.jpg

sonicheroes86.jpg

sonicheroes90.jpg

sonicheroes97.jpg

sonicheroes99.jpg

sonicheroes100.jpg

Source

Announcing Managed Databases for Amazon Lightsail

Posted On: Oct 16, 2018

Today, Amazon Lightsail announces the addition of managed databases to its easy-to-use cloud platform, allowing you to create a fully configured database in minutes for a low, predictable price. Lightsail databases bundle together a database instance, SSD-backed storage, a data transfer allocation, and management tools, starting at $15/month.

With Lightsail databases, you can scale your databases independently of your virtual servers, improve the availability of your applications, or easily run standalone databases in the cloud. You can now more easily deploy multi-tiered applications entirely within the Lightsail experience by combining Lightsail load balancers, virtual servers, and managed databases.

As a fully managed service, Lightsail automatically performs common maintenance tasks, like patching the underlying database infrastructure and operating system, and upgrading databases between minor versions. Lightsail also helps you keep your data secure by providing data encryption and protecting connection information with integrated password management.

With Lightsail, you benefit from free automated backups and point-in-time restores, and you can access metrics and database logs anytime through the Lightsail console. You can also further improve the redundancy and availability of your applications by using High Availability plans and on-demand database snapshots.

Lightsail databases support MySQL (PostgreSQL coming soon) in all regions where Lightsail is available. You can create Lightsail databases using the Lightsail console and the Lightsail CLI/SDK.

For more information on Amazon Lightsail and managed databases, visit the AWS Blog.

Source

Debian 8.8 XFCE Desktop Installation on Oracle VirtualBox

Debian 8.8 XFCE Desktop Installation on VirtualBox
Debian 8.8 XFCE Desktop Installation on Oracle VirtualBox

This video tutorial shows

Debian 8.8 XFCE Desktop installation

on Oracle

VirtualBox

step by step. This tutorial is also helpful to install Debian 8.8 on physical computer or laptop hardware. We also install

Guest Additions

on Debian 8.8 XFCE Desktop for better performance and usability features: Automatic Resizing Guest Display, Shared Folder, Seamless Mode and Shared Clipboard, Improved Performance and Drag and Drop.

Debian GNU/Linux 8.8 Xfce Desktop Installation Steps:

  1. Create Virtual Machine on Oracle VirtualBox
  2. Start Debian 8.8 XFCE Desktop Installation
  3. Install Guest Additions
  4. Test Guest Additions Features: Automatic Resizing Guest Display and Shared Clipboard

Installing Debian 8.8 Xfce Desktop on Oracle VirtualBox

 

Debian 8.8 New Features and Improvements

Debian 8.8

mainly adds corrections for security problems to the stable release, along with a few adjustments for serious problems. Security advisories were already published separately and are referenced where available. Those who frequently install updates from security.debian.org won’t have to update many packages and most updates from security.debian.org are included in this update.

Debian GNU/Linux 8.8

is not a new version of Debian. It’s just a Debian 8 image with the latest updates of some of the packages. So, if you’re running a Debian 8 installation with all the latest updates installed, you don’t need to do anything.

Debian Website:

https://www.debian.org/

What is Xfce Desktop Environment?

Xfce is a lightweight desktop environment for UNIX-like operating systems. It aims to be fast and low on system resources, while still being visually appealing and user friendly. It includes a window manager, a file manager, desktop and panel.

Xfce Desktop Website:

https://www.xfce.org/

Hope you found this Debian GNU/Linux 8.8 XFCE Desktop installation on Oracle VirtualBox tutorial helpful and informative. Please consider sharing it. Your feedback and questions are welcome!

Source

Who’s Using Ubuntu – Freedom Penguin

Who’s Using Ubuntu Posted on September 1, 2018

Joe Collins

Joe Collins worked in radio and TV stations for over 20 years where he installed, maintained and programmed computer automation systems. Joe also worked for Gateway Computer for a short time as a Senior Technical Support Professional in the early 2000’s and has offered freelance home computer technical support and repair for over a decade. Joe is a fan of Ubuntu Linux and Open Source software and recently started offering Ubuntu installation and support for those just starting out with Linux through

EzeeLinux.com

. The goal of EzeeLinux is to make Linux easy and start them on the right foot so they can have the best experience possible. Joe lives in historic Portsmouth, VA in a hundred year old house with three cats, three kids and a network of computers built from scrounged parts, all happily running Linux.

(Last Updated On: September 1, 2018)

A look at who’s using Ubuntu and their hardware.

For more: https://blog.ubuntu.com/2018/06/22/a-first-look-at-desktop-metrics

Please be sure to give EzeeLinux a ‘Like’ on Facebook! Thanks! https://www.facebook.com/EzeeLinux
Check out http://www.ezeelinux.com and for more about Linux.

Joe Collins

Joe Collins worked in radio and TV stations for over 20 years where he installed, maintained and programmed computer automation systems. Joe also worked for Gateway Computer for a short time as a Senior Technical Support Professional in the early 2000’s and has offered freelance home computer technical support and repair for over a decade.

Joe is a fan of Ubuntu Linux and Open Source software and recently started offering Ubuntu installation and support for those just starting out with Linux through EzeeLinux.com. The goal of EzeeLinux is to make Linux easy and start them on the right foot so they can have the best experience possible.

Joe lives in historic Portsmouth, VA in a hundred year old house with three cats, three kids and a network of computers built from scrounged parts, all happily running Linux.

Source

Best Ubuntu Flavors | Linux Hint

Unlike Windows, Ubuntu is much more sophisticated with various flavors to appeal to different types of users. Before discussing the different types of Ubuntu, let’s first discuss Ubuntu itself.

Ubuntu is an open-source OS, which contains a broad set of enterprise-grade software for configuration, development, management and other various services. It is an OS which is used across all platforms namely, the cloud, PCs, IoT devices and most importantly, the servers.

Now that we have a little understanding of Ubuntu, let’s discuss its different flavors. In layman’s terms – Ubuntu derivatives are OS projects which are built based on Ubuntu’s source code by Ubuntu enthusiasts. These flavors are all supported by Canonical, which is a company whose mission is to make open-source software available to the world in the most efficient way possible.

Every flavor of Ubuntu is unique, which includes the default one called Ubuntu GNOM and they offer a unique OS workflow to the user base.

We have chosen the five of the best flavors, in our opinion, to examine.

1. Ubuntu GNOM

Ubuntu GNOM is one of the most prominent flavor of Ubuntu and it runs the GNOM Desktop Environment. This flavor is a default release by Canonical and has a great user base which makes its more appealing.

This flavor provides great flexibility but comes at a cost; Ubuntu GNOM will not run smoothly on lower-end devices as it requires at least 4GB of RAM to work efficiently.

Ubuntu GNOM Desktop Overview

2. Lubuntu

This flavor of the Ubuntu is geared more towards capturing the interest of those users who are on the fence about leaving Windows as their primary OS. Lubuntu provides a very Windows-like experience while sticking to the roots of Linux-based OS.

Its environment is extremely simplistic and uses a lightweight LXDE Desktop Environment. Additionally, this flavor also does not require a high-end device like the Ubuntu GNOM and will run perfectly on most of the devices; it only requires 1GB of RAM for functioning properly.

Lubuntu Desktop

3. Kubuntu

Are you someone who’s more into the aesthetics of the OS? Well, then, Kubuntu is what you are looking for.

Commonly referred to as the KDE Ubuntu, this flavor has easily one of sleekest user-interface thanks to its integration with Plasma DE.

It is extremely customizable and very efficient for general purpose computing, requiring only 2GB of RAM to operate to its fullest potential.

Kubuntu has kept the essence of the Windows OS while remaining true to its roots; it has a start menu, taskbar, system tray etc. This helps all the users who are aiming to switch from Windows OS to Linux but are always hesitant. The modern version of Kubuntu provides an equally reliable and user-friendly environment which is an added bonus for the users.

Kubuntu Desktop

4. Ubuntu Studio

As the name would suggest, Ubuntu Studio provides an efficient workstation for graphics, photography, audio, publications and video creators. Often times, artists don’t find an OS which is optimized to meet their needs but Ubuntu Studio serves all their perfectly.

The Ubuntu Studio comes with Xfce DE and has a very muted default look but the users can easily customize that without any hassle.

Ubuntu Studio Desktop

5. Ubuntu Budgie

This flavor is rather new in the market. The Ubuntu Budgie has a beautiful and a modern take on Linux that will please everyone’s aesthetics. The learning curve of Budgie is fairly easy when compared with other flavors of Ubuntu; this calls for a special mention for the developers and designers who ensured a familiar look while improving things all around.

The goal of this flavor was to create an elegant and simple desktop interface. The Budgie also has a customizable factor which plays in its favor and it already has a list of included software which will get you working and browsing immediately.

Another neat feature that has been introduced in Budgie is the sidebar where applications can be quickly revealed and hidden. The sidebar holds applets and notifications and it can help you keep your desktop clutter-free.

Bonus Addition: Edubuntu

The Edubuntu flavor of the Ubuntu is designed for teaching, especially the children in schools, homes and in various communities. The purpose is to teach them about how to use computers. This flavor uses GNOM DE and comes with pre-installed education software.

Although this flavor was discontinued back in 2014 and its last release was 14.04.2.

Edubuntu Desktop

Here are our top picks for the top 5 flavors of Ubuntu; these flavors may not be targeted for the same demographic but they at least give you an idea as to how flexible Ubuntu really is as an OS.

Please, let us know what you think about the flavors and the operating system itself: @linuxhint.

Source

Running Linux containers as a non-root with Podman

Linux containers are processes with certain isolation features provided by a Linux kernel — including filesystem, process, and network isolation. Containers help with portability — applications can be distributed in container images along with their dependencies, and run on virtually any Linux system with a container runtime.

Although container technologies exist for a very long time, Linux containers were widely popularized by Docker. The word “Docker” can refer to several different things, including the container technology and tooling, the community around that, or the Docker Inc. company. However, in this article, I’ll be using it to refer to the technology and the tooling that manages Linux containers.

What is Docker

Docker is a daemon that runs on your system as root, and manages running containers by leveraging features of the Linux kernel. Apart from running containers, it also makes it easy to manage container images — interacting with container registries, storing images, managing container versions, etc. It basically supports all the operations you need to run individual containers.

But even though Docker is very a handy tool for managing Linux containers, it has two drawbacks: it is a daemon that needs to run on your system, and it needs to run with root privileges which might have certain security implications. Both of those, however, are being addressed by Podman.

Introducing Podman

Podman is a container runtime providing a very similar features as Docker. And as already hinted, it doesn’t require any daemon to run on your system, and it can also run without root privileges. So let’s have a look at some examples of using Podman to run Linux containers.

Running containers with Podman

One of the simplest examples could be running a Fedora container, printing “Hello world!” in the command line:

$ podman run –rm -it fedora:28 echo “Hello world!”

Building an image using the common Dockerfile works the same way as it does with Docker:

$ cat Dockerfile
FROM fedora:28
RUN dnf -y install cowsay

$ podman build . -t hello-world
… output omitted …

$ podman run –rm -it hello-world cowsay “Hello!”

To build containers, Podman calls another tool called Buildah in the background. You can read a recent post about building container images with Buildah — not just using the typical Dockerfile.

Apart from building and running containers, Podman can also interact with container registries. To log in to a container registry, for example the widely used Docker Hub, run:

$ podman login docker.io

To push the image I just built, I just need to tag so it refers to the specific container registry and my personal namespace, and then simply push it.

$ podman -t hello-world docker.io/asamalik/hello-world
$ podman push docker.io/asamalik/hello-world

By the way, have you noticed how I run everything as a non-root user? Also, there is no big fat daemon running on my system!

Installing Podman

Podman is available by default on Silverblue — a new generation of Linux Workstation for container-based workflows. To install it on any Fedora release, simply run:

$ sudo dnf install podman

Adam Šamalík

Open source enthusiast and Fedora contributor. Design is not just how it looks like.

Source

Linux-powered Jetson Xavier module gains third-party carriers

CTI announced two carrier boards for the Nvidia’s AI/robotics focused Jetson AGX Xavier module: a compact Rogue carrier and a Mimic Adapter that plugs the Xavier into any CTI Jetson TX2/TX2i/TX1 carrier.

Connect Tech, Inc. (CTI) has released two new developer options for Nvidia’s octa-core Jetson AGX Xavier computer-on-module, which is already supported by Nvidia’s innovative, $1,299 Jetson Xavier Developer Kit. Like the official dev kit, CTI’s 105 x 92mm Rogue board is approximately the same size as the 105 x 87 x 16mm Xavier, making it easier to use for robotics applications.

Rogue carrier with Xavier module (equipped with fan)
(click images to enlarge)

 

CTI also launched a Jetson AGX Xavier Mimic Adapter board that mediates between the Xavier and any CTI carrier for the Jetson TX1, TX2, and the latest industrial-focused version of the TX2 called the

Jetson TX2i

. These include the

three TX2 boards

announced in early 2017: the Cogswell carrier with GigE Vision, the Spacely carrier designed for cam-intensive Pixhawk drones, and the tiny, $99 Sprocket. CTI’s Jetson TX1 boards include the original

Astro

, as well as its later

Orbitty and Elroy

.

Jetson AGX Xavier Mimic Adapter with Xavier and Elroy carrier (left) and exploded view
(click images to enlarge)

The Jetson Xavier “enables a giant leap forward in capabilities for autonomous machines and edge devices,” says CTI. Nvidia claims the Xavier has greater than 10x the energy efficiency and more than 20x the performance of its predecessor, the Jetson TX2. The module — and the new CTI carriers — are available with a BSP with Nvidia’s Linux4Tegra stack. Nvidia also offers an AI-focused Isaac SDK.

The Xavier features 8x ARMv8.2 cores and a high-end, 512-core Nvidia Volta GPU with 64 tensor cores with 2x Nvidia Deep Learning Accelerator (DLA) — also called NVDLA — engines. The module is also equipped with a 7-way VLIW vision chip, as well as 16GB 256-bit LPDDR4 RAM and 32GB eMMC 5.1.

Nvidia Drive AGX Xavier Developer Kit
(click image to enlarge)

 

Since the initial Xavier announcements, Nvidia has added AGX to the Jetson Xavier name. This is also applied to the automotive version, which was originally called the

Drive PX Pegasus

when it was announced in Nov. 2017. This Linux-driven development kit recently began shipping as part of the

Nvidia Drive AGX Xavier Developer Kit

, which supports a single Xavier module or else a Drive AGX Pegasus version with dual Xaviers and dual GPUs.

Rogue

CTI’s Rogue carrier board provides 2x GbE, 2x HDMI 1.4a, 3x USB 3.1, and a micro-USB OTG port. Other features include MIPI-CSI, deployable either as 6x x2 lanes or 4x x4 lanes, and expressed via a high-density camera connector breakout that mimics that of the official dev kit. CTI will offer a variety of rugged camera add-on expansion boards with options described as “up to 6x MIPI I-PEX, SerDes Inputs: GMSL or FPD-Link III, HDMI Inputs).”

Rogue, front and back
(click images to enlarge)

 

For storage, you get a microSD slot with UFS support, as well as 2x M.2 M-key slots that support NVMe modules. There’s also an M.2 E-key slot with PCIe and USB support that can load optional WiFi/BT modules.

Other features include 2x CAN 2.0b ports, 2x UARTs, 4-bit level-shifted, 3.3V GPIO, and single I2C and SPI headers. There’s a 9-19V DC input that uses a positive locking Molex Mini-Fit Jr header. You also get an RTC with battery connector and power, reset, and recovery buttons and headers.

Mimic Adapter

The Jetson AGX Xavier Mimic Adapter has the same 105 x 92mm dimensions as the Rogue, but is a simpler adapter board that connects the Xavier to existing CTI Jetson carriers. It provides an Ethernet PHY and regulates and distributes power from the carrier to the Xavier.

Mimic Adapter, front and back
(click images to enlarge)

 

The Mimic Adapter expresses a wide variety of interfaces detailed on the product page, including USB 3.0, PCIe x4, SATA, MIPI-CSI, HDMI/DP/eDP, CAN, and more. Unlike the Rogue, it’s listed with an operating range: an industrial -40 to 85°C.

Further information

The Rogue carrier and Mimic Adapter for the Nvidia AGX Xavier are available now with undisclosed pricing. More information may be found in Connect Tech, Inc.’s Xavier carrier announcement, as well as its Rogue and Mimic Adapter product pages.

Source

ExTiX 18.7 Is Not Quite an ‘Ultimate Linux System’ | Reviews

By Jack M. Germain

Aug 2, 2018 10:27 AM PT

ExTiX 18.7 Is Not Quite an 'Ultimate Linux System'

The latest release of the
ExTiX Linux distro is a major disappointment.

ExTiX 18.7 has several shortcomings that make it troublesome to use. The flaws easily might be fixed in a patched follow-up release. Still, to a new Linux user, the problems inherent in ExTiX 18.7 give the Linux OS in general a black eye.

New releases of any software platform never come with guarantees. Sometimes, an earlier release works almost flawlessly while its upgrade down the line fails to impress. That was my experience revisiting the ExTix distro.

Despite this down slide, the developers can bounce back. The ExTiX distro offers adopters some features not readily available in other Linux distros.

Last month’s release is built around the LXQt 0.12.0 desktop and is based on Debian 9 Stretch and Ubuntu 18.04 Bionic Beaver. This relatively new desktop environment is the product of merging the LXDE-Qt and the Razor-qt projects.

LXQt is an apt replacement of LXDE, the Lightweight X11 Desktop Environment. The more modern Qt tools bring some freshness to LXDE while shifting the emphasis away from running well on more minimal (as in older) hardware.

Meshing traditional LXDE functionality with the added tweaks from Razor-QT is a big step in a better direction for this lightweight desktop environment. Even this latest ExTiX release, despite its troubles, teases the kind of modern lightweight, modular, fast and user-friendly desktop environment that the distro offers.

Development Trails

Developer Arne Exton created ExTiX and dubbed it “the ultimate Linux system.” It is an offshoot of
Exton Linux/Live Systems, a collection of 16 related Exton Linux distributions hosted by the Swedish Linux Society.

Earlier ExTiX releases offered a variety of desktops, including Budgie, Deepin, KDE and LXQt. So far, only one flavor is available in the 18.7 release.

Both the Exton and ExTiX OSes are linked to download ports on SourceForge.net. The Exton OS and ExTiX Linux distros all seem related to the common Debian and Ubuntu bases.

Both divisions use a combination of the Calamares installer and Refracta tools. The combination enables users to select their own unique assortment of software and desktop settings for burning to a USB stick or DVD live session.

ExTiX distro Calamares installer

The ExTiX distro uses the Calamares installer to provide simpler options with a more user-friendly interface.

Fatal Attraction

I last
reviewed ExTiX in 2015 after the developer yanked out GNOME and replaced it with the then-brand-new LXQt desktop. I liked the performance of the next generation of the popular LXDE desktop. It was a stable desktop environment usable on production desktop machines, unlike the latest version of ExTiX.

The release notes for ExTiX 18.7 caught my attention. The description of its features suggested an attractive developmental progress that drew me in.

One of the best features promised the ability to run this OS from a hybrid ISO installation to an encrypted USB stick. In addition, you then could get more speed by transferring the system to RAM.

Even better, you could run it from a USB installation in two ways. The built-in persistence would let you save all your system changes on the stick. Or you could run it as a glorified live session with no persistence.

Less Desirable Approach

The RAM installation option provides a lightning fast performance limited only by the amount of onboard memory. Other Linux distros — Puppy Linux for one — pioneered the concept of putting Linux on a stick. This lets you carry all of your applications and files to run on any computer without leaving a trace of your presence behind.

ExTix sort of reinvents that wheel. Unlike other “portable Linux” systems, you can install the ExTiX on the hard drive fully without using so-called frugal installation tricks. When it works, you get a fully functional Linux distro installation.

*When* is the key qualifier in this description. Keep reading to find out the sorted problems that got in my way evaluating this release.

With ExTiX you have more options for DVD and USB installations. You also get a simpler and more flexible user interface with more control over system settings.

ExTix provides two installation options. One is a simple method that transfers the DVD files to the USB stick. The USB connection is faster than the DVD bus. You do not get persistence with this method, however, so you cannot save system settings or new software installations.

For it to work, you either must install Grub or edit the existing Grub configuration file on the host computer into which you will insert the live USB stick. This eliminates the ability to have a pocket distro that you can plug into any computer.

Of course, you can burn a snapshot of your installation to a DVD or USB drive and run it that way on any computer, much like a live session, with or without persistence.

ExTiX System Tools

Two ExTix distro advantages are the improved LXQt desktop over LXDE, and the specialized tools for installing ExTiX to a DVD or USB to run a complete Linux system with or without persistence.

First Impressions

Unlike most live-session DVDs, ExTiX does not have an install launcher on the desktop screen. Instead, you must run Calamares from the System Tools menu. The developers replaced Ubuntu’s installer, Ubiquity.

If your plan is to create a USB or DVD installation, use one of the two Refracta tools, not Calamares, for the installation. You will find them further down the list in the System Tools menu.

Refracta Snapshot lets you create a live installable snapshot of your system. It creates a bootable image that you can burn to CD or DVD. It stores the image in /home/snapshot. The Refracta Installer is the tool for installing an already-created live CD/DVD to your system.

I like that the live session login is automatic. You do not have to supply a password. It is easy to run the live session in system RAM without having to type special commands in an edit window when the DVD initially loads. Just select boot alternative four (Load to RAM). Your system will need at least 2 GB of RAM for this to work.

You can remove the DVD or USB stick once the system loads. This makes it convenient to access your documents while running in Live session without creating persistence. I also like that the developer patched kernel 4.18.0-rc5-extix. This makes it work with Nvidia’s proprietary graphics driver.

The background images are few and boring — that is, unless you like different views and colors of Porsches.

The login screen is weird. It asks for the username in the first window. Then a second window appears without any label. That is where you enter a password.

Failed User Experience

I was very disappointed with the sluggish, broken performance of the ExTiX 18.7 release. It was anything but an ultimate Linux experience. The OS could not get out of its own way sometimes.

I installed this release on four computers. I also installed it to a USB drive and virtual machines on two computers. I ran ExTiX 18.7 booted from live session DVD burned from its ISO made from two separate downloads.

The problems I encountered in one instance occurred in other instances as well. The best speed came from running ExTiX in RAM on a computer with 8 GB.

The difficulties I encountered should happen only in a new alpha or beta release. Among them were sluggish menus, applications that locked up, applications that failed to load, and difficulty connecting to the Internet.

Breakdown Rundown

The problems began with my initial installation efforts. Things cascaded from there. Here is a rundown of my installation woes.

The process took 15 minutes to reach 25 percent transfer to the hard drive. Then the process continued to drag on slowly. The installation ultimately failed, according to a screen report at the end of the installation process, due to an error in updating or reinstalling grub. That error repeated on every installation I attempted.

That left the system unable to boot. On several of the computers dealing with the installation, I had a working dual boot configuration. So ExTiX did not load, and the other partitions also were inaccessible.

A few minutes of tinkering with a Boot-Repair-Disk DVD found and fixed the problem. All seemed well when I once again rebooted the computer. I installed ExTIX on a different computer. This time the same problem occurred with the error message regarding a failed Grub installation.

Again, I used the Repair-Boot-Disk to fix that issue. However, that application did not solve the boot problem. No boot manager was installed. So I tried a second boot repair application to no avail.

Scenario Unfolds

Nothing I tried resolved the missing Grub Manager error until I installed another Linux distro to the ExTiX partition on the hard drive. I recently had completed a review of Peppermint Linux without incident, so I installed that distro to replace ExTiX on the second computer. That process supplied the boot manager, and all was well with accessing the second computer.

At that point, it was clear that a problem seemed to exist with the ExTiX ISO. Or maybe it was an error in the process of creating the ISO from the downloaded package. So I got a fresh download and burned a new ISO to DVD. Nothing changed.

I used the ISO file to create a virtual machine. That process worked as a live session. Then I took the next logical step. I installed ExTiX to a VM rather than run it as a live session from the ISO. That actually worked without major glitches.

Yet some of the other troubles detailed above replicated in the VM. Just as with the other installation attempts, the Network Manager was not connected. Some distros balk at making wireless connections if the hardware is not supported, but the network cable should be an automatic connection.

On a few of the computers, I was able to get the Network Manager to work by re-entering the existing settings. That did not work in other cases. Even when the network connection failed, on some of the computers the wireless connection functioned. Go figure!

ExTiX Network Manager

One of the nagging problems with this ExTiX release is the troubled Network Manager, which either cannot connect to a hard-wired Internet connection or keep the connection stable.

Update Hell

Adding and removing software is handled through the Synaptic Package Manager in ExTiX. Guess what? That application refused to load in every installation except on VMs.

I assumed it had something to do with the error message about the initial installation. So I redid the installation. No dice.

The Synaptic application was in the main menu. The files were where they should have been in the correct system directory. The package manager refused to load except when ExTiX ran in a VM.

In this extreme case, I tried to work around the problem by jockeying .deb files for must-have installations such as Dropbox. That is when I discovered that the GDebi package installer is not included in ExTiX by default. I had to resort to terminal commands for manual installation.

Desktop View

The desktop looks neat and clean. It has the look and feel of the LXDE desktop. The real improvements with the LXQt environment are under its hood. These include better-organized menus, more settings options, and more flexibility with configurations. Out of the box, LXQt is ready to go.

The desktop is devoid of icons. You cannot place launchers there by right-clicking an application in the main menu. You can right-click on the desktop to pop up a context menu with limited options.

A panel bar stretches across the bottom of the screen. It is preconfigured with a workplace switcher applet and two virtual workspaces.

Bottom Line

The ExTiX 18.7 release was a disappointment. Given the maturity and variety of the previous Linux distros maintained by the Exton OS and ExTiX developer, I can only conclude that the problems I encountered were an anomaly. No doubt, a fix is in the works.

I hope so. ExTiX and the LXQt desktop have much to offer. This latest release comes with Firefox instead of Google Chrome as the Web Browser. This makes it possible to watch Netflix movies in Firefox while running Linux.

Among many other programs included are LibreOffice, Thunderbird, GParted, Brasero, SMPlayer, Gimp, Flash and win32 codecs. In addition, Java and all necessary additions are supplied to let you install programs from source.

Want to Suggest a Review?

Is there a Linux software application or distro you’d like to suggest for review? Something you love or would like to get to know?

Please
email your ideas to me, and I’ll consider them for a future Linux Picks and Pans column.

And use the Reader Comments feature below to provide your input!

Jack M. Germain has been an ECT News Network reporter since 2003. His main areas of focus are enterprise IT, Linux and open source technologies. He has written numerous reviews of Linux distros and other open source software.
Email Jack.

Source

Has your password been leaked?

How websites store data

When you create an account on a website, the website stores your registration details on it’s SQL databases. Very few people, even within the company/website have direct access to the databases.

In a naive world, the database would contain your plaintext passwords. However, since there are hackers doing SQL injection attacks to dump the database data, it’s helpful to

keep the password hashed/ encrypted

. This would mean that even

if someone has access to the table

, he would see your username, email address, and

hashed password, but not the plain-text password

.

Those who don’t know about hashing may wonder how does the website check if you are typing the correct password during login, if the site itself doesn’t know you password. Well, to understand that, you must understand what hashing is. You can read it up on wikipedia for a technical idea, but I’ll (grossly over-)simplify it for you.

Hashing is any operation which is easy in one direction, and difficult in reverse. For example, mixing two colors is easy, while finding out the constituent colors of a color mixture isn’t quite that easy. Multiplying two large (prime) numbers is easy, but given a huge prime number, it isn’t easy to find the two prime factors which multiplied result in that number.

 

Hashing example

Let’s say your password is “pass”, and there’s a hashing function f(x). Then,

f(“pass”) = d@A2qAawqq21109 (say).

Going the forward way is quite simple. On the other hand, figuring out the plain-text password from the hash (d@A2qAawqq21109) is almost impossible.

So, when you create an account and you type the password as “pass”, d@A2qAawqq21109 is stored in the database.When you login and type password as “pass”, the server hashes it, and it becomes “d@A2qAawqq21109”, which is matched with the SQL database. If you typed out some other password, say “ssap”, then the hash generated would be different, and you won’t be able to log in. Note that while the hashing function gives different outputs for most strings, every once in a while, there may be collisions (two strings may have the same hash). This is very very very rare, and shouldn’t be of any concern to us.

Forgot Your Password – Ever wondered why almost all websites give you a new password when you forget your old one, instead of just telling you your password. Well, now you know, it turns out that they themselves don’t know your password, and hence can’t tell you. When they offer you a chance to change your password, they just change the corresponding hash in their tables, and now your new password works.

How hashes are cracked – I wrote earlier that hash functions are easy to go one way, but almost impossible to go the other. The task of going the other way can be accomplished by bruteforce method. Basically, suppose someone had the password “pass”. Now, a hacker who only has access to the hashes can hash all the passwords in alphabetical order and then check which hash matches. (assume hacker knows password has length four and only alphabets).

He tries ‘aaaa’,’aaab’, ‘aaac’,……’aaba’, ‘aabb’ ,’aabc’,…..’aazz’ , ‘abaa’, ……………. ‘paaa’,’paab’,.. ,’pass’. When he tries ‘aaaa’, the hash is not d@A2qAawqq21109, it is something else. Till he reaches ‘pass’, he gets a hash which doesn’t match d@A2qAawqq21109. But for ‘pass’, the hash matches. So, the hacker now knows your password.

Website leaks

Due to the above reason, website leaks are bad, but not that bad. If the passwords are sufficiently complex, the hashing algorithm is secure, and salt (explained later) is used, then it’s quite unlikely that the hackers would be able to get many passwords from the database dump. So, even if Facebook DB is leaked, your passwords are most probably safe. Unfortunately, most probably is not something one can work with, especially when you have so much to loose in case the 0.1% chance of password being compromised is the one that materializes. So, after a DB leak, the website often asks all it’s users to change their passwords (eg. dropbox leak, linkedin leak, myspace leak etc.). Also, since you might be using the same password on different websites, it’s important that you change your password everywhere.

This isn’t even the worst part though. Some websites don’t hash your passwords, and store them in plain-text instead. If their database is leaked, the hacker has immediate access to millions of accounts on that website, plus possibly 10s of millions of accounts on other websites which use the same email/username – password combination.For example, 000webhost database had plain-text passwords, and it was leaked. I personally hosted a site there once, and my account was compromised as well.

But this still isn’t the worst part. The hackers often dump the databases publicly. The responsible ones let the website know that their security sucks, and asks them to inform their customers about the leak and get their passwords changed. After sufficient time is given to the website to act, the hacker would often dump the database publicly. To see the extent of this, take 000webhost’s example. The first search result for “000webhost leak” gives you the database, which you can download and see the passwords. The password I was using 3-4 years ago is there in the database. That very password is probably still there on some of the websites that I signed up for 3-4 years ago but haven’t you them since then (and hence didn’t update the password).

Problem 1 : Suppose there’s an hashing scheme X. Under that scheme, “pass” becomes d@A2qAawqq21109. Now this is a very secure scheme and every website uses it. Now, there’a guy who has a lot of computational power and he computes the hashes of all possible letter combinations under the scheme X. Now, given a hashed value, he can simply lookup/search his table and see what password does it correspond to. He makes this table of word to hash available online. Now, it’s quite easy to get the passwords from a database dump.

Problem 2 : Alternatively, even if the scheme isn’t common, what one can do is that he can take a common password, say “password”, then hash it, and then search all the users in the 100 million users password dump and see if any hash matches. If it does, then that means that the given user has the password “password”. By using 1 million common password, he’ll probably get 10% of the users password among the 100 million users.

Solution : Hashing Salt –

To prevent that, each user chooses a password, and is given a random string, the hashing salt. The hashing function operates on both the password and the salt. So, if two users have same password, but different salts, then they’ll have different hashes. This renders both the above techniques/problems useless. Now, to get the correct hash, the hacker has to input the correct password and the correct salt to the hashing function. This means that –

  1. The first problem where someone else pre-computed the password-hash table is solved, since now that person has to make password-salt-hash table (for every password and every salt combination, what’s the hash), which is going to be too many possible combinations. If there are 10 million possible passwords, and 10 million possible salts, there would be 100 million million combinations (I don’t even know what million million even is). If there are 10 common salts which are used very often, then the person can make a table with all the 10 million passwords hashed for the 10 common salts. Alternatively, the person can hash the 10 most common password with 10 million possible hashes. Thus, it’s important to have both strong passwords and random salts.
  2. The second problem is also kind of solved, since the person would have to solve the hash of common passwords with each salt in the table (note that he doesn’t have to do it for all 10 million combinations, only the ones present in the table). Again, not using easy generic password like “password”,”hello”, etc. would solve this issue.

Weak salts?

One of the flaws with hashing is that it could have weak salts. WPA/WPA-2 is quite robust, but since it used the SSID of the network as salt, the routers which use default SSID’s (“linksys”,”netgear”,etc.) are more vulnerable than others since

rainbow tables

exist which have hashes for most common passwords and most common SSIDs. That said, I’d like to re-iterate, WPA/WPA-2 is still quite damn secure, and I pointed this out only as a relevant example.


Are you compromised?

Out of all the leaks so far, I had accounts in 4 of the leaks. My account was there in the Myspace leak, the LinkedIn leak, the dropbox leak, and the 000webhost leak. I had to change my password on multiple sites on multiple occasions.

One way to find out if you’re compromised is to look for all the dumps and check manually if you’re in them. However, that’s practically impossible (not all dumps are public, and looking for your name/email in a huge file takes the computer more time than you’d guess). Fortunately, there’s a website which specifically exists for this purpose, known as

LeakedSource

. You can search using your email free of cost. They offer some extra functionality for pretty affordable rates ($4 paypal, $2 bitcoin).

 

I am compromised

If you find out that your account is indeed compromised, then I suggest you quickly change your password on all services that you use which have the same password. Better yet, change all your passwords. It’s good practice to keep changing your passwords regularly anyway. Also, if a website has the two step authentication feature, then it’s suggested that you use it.

Source

WP2Social Auto Publish Powered By : XYZScripts.com