Linux Blimp

Red Hat Enterprise Linux (RHEL) 7.5 released. This version includes updates and various improvements such as GNOME rebased to version 3.26, LibreOffice rebased to version 5.3, Support for libva (VA-API) added, GStreamer now supports mp3 and more. RHEL is one of the leading enterprise Linux distribution for both bare metal and cloud platform. It targeted toward the commercial users. RHEL works with x86-64, IBM System z, and other platforms.

From the RHEL 7.5 release note:

The world’s leading provider of open source solutions, today announced the general availability of Red Hat Enterprise Linux 7.5, the latest version of the world’s leading enterprise Linux platform. Serving as a consistent foundation for hybrid cloud environments, Red Hat Enterprise Linux 7.5 provides enhanced security and compliance controls, tools to reduce storage costs, and improved usability, as well as further integration with Microsoft Windows infrastructure both on-premise and in Microsoft Azure.

RHEL 7.5 released

Some new features in RHEL 7.5 release:

1. Securely unlock Network Bound Disk Encrypted (NBDE) devices at boot-time
2. The integration of Red Hat Ansible Automation with OpenSCAP enables ease of automation
3. The introduction of Virtual Data Optimizer (VDO), designed to reduce data redundancy through inline deduplication and compression of primary storage
4. KVM virtualization is now supported on IBM POWER8/POWER9 systems

Update packages in RHEL 7.5

• Linux kernel version 3.10.0-862
• The kernel-alt packages include kernel version 4.14. This kernel version provides support for 64-bit ARM, IBM POWER9 (little endian), and IBM z Systems
• LVM v2.02.177-4
• qemu-kvm v1.5.3-156
• Samba v4.7.1
• Directory server v1.3.7.5
• binutils v2.27
• valgrind v3.13.0
• rsync v3.1.2
• Gnome v3.26
• libreoffice v5.3
• GIMP v2.8.22
• Inkscape 0.92.2
• qt5 5.9.2
• And more here

How to update RHEL 7.4 to 7.5

The procedure to upgrade or update RHEL from version 7.4 to 7.5 is as follows:

1. Login as root user
2. Check for updates using the yum check-update command
3. Update the system using the yum update command
4. Reboot the server/box using the reboot command
5. Verify new kernel and updates

Let us see all steps in details:

Step 1 – Note down the current kernel version

Type the following uname command or cat command to view RHEL kernel version and OS info:
$ uname -a
$ uname -r
$ cat /etc/os-release

Step 2 – Backups

Make a backup – it cannot be stressed enough how important it is to make a backup of your system before you do this. Most of the actions listed in this post are written with the assumption that they will be executed by the root user running the bash or any other modern shell.

Step 3 – Check for updates

Type the following yum command:
$ sudo yum check-update

Step 4 – Apply/install updates

Type the following yum command:
$ sudo yum update -y

Step 4 – Reboot the RHEL 7.4 box

Type the following reboot command or shutdown command:

$ sudo reboot OR

$ sudo shutdown -r now

Step 3 – Verify the RHEL 7.5 update

Type the following commands:

$ uname -a
$ uname -r
$ cat /etc/os-release
$ tail -f /var/log/logfilenames
$ dmesg | grep -i ‘err|warn|cri’
$ ss -tulpn Sample session from version 7.5:

Video demo

Here is a quick video demo showing upgrade procedure.

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin, DevOps engineer, and a trainer for the Linux operating system/Unix shell scripting. Get the latest tutorials on SysAdmin, Linux/Unix and open source topics via RSS/XML feed or weekly email newsletter.

Source

Buy it now!

Read a sample

The internet joke is: I’ve installed Kali, now I’m Hackerman! Just having the tools doesn’t mean you’re an instant expert, but at least it’s a first step…

This issue we’re taking our regular look into the world of hacking and we’re backing it up with Kali Linux on the disc alongside an in-depth look at the core tools you’ll need. We’re not promising to turn you into an expert (white-hat) hacker overnight, but we can at least set you off on the right path.

We’re also keen to get you started with Linux, if you’re not already using it. With this in mind, on the DVD we’ve put the latest release of the cool Feren OS. Based on the popular Mint, it has a classic-styled desktop that everyone will love. As it comes with Wine baked in, people moving from Windows can still hold on to their favourite programs and games. Of course, we’d suggest people hunt out open source alternatives – of which there are plenty – once they’re happily up and running.

Something that comes up in this month’s interview is open data, a kindred spirit for open source. Specifically, we look into a project analysing classic crime data to reveal patterns missed by humans, which is leading to prosecutions and solving cases that have laid dormant at the back of a filing cabinet for decades, in some cases.

It’s this bazaar of topics that makes Linux and open source so constantly interesting. We’re not sure there are many other magazines that could have solving crimes, hacking systems, learning to get started, building honeypots, retro gaming consoles, ebook publishing, system administration and coding all sat naturally together! It’s been a fun issue to put together, so enjoy!

Write in now, we want to hear from you!
lxf.letters@futurenet.com

Send your problems and solutions to:

lxf.answers@futurenet.com

Catch all the FLOSS news at our

evil Facebook page

or follow us on the

Twitters

.

Source

I put together a spreadsheet that summarizes the most popular Linux certifications.

In it, you’ll find:

• How long each certification lasts.
• What exams you’ll have to pass in order to be certified.
• The approximate cost of training required to become certified.

There are a lot of certifications, so here’s my take: I’m a fan of the distro-agnostic Linux Professional Institute LPIC-1 certification. However, if you know you’ll be primarily working with RedHat, the Red Hat Certified System Administrator (RHCSA) certification is a great place to start.

By the way, you can have a successful career as a Linux professional without ever being certified. Being certified is just one step on one path along the way. And there are MANY paths that will take you where you want to go.

I’ll be sharing more about that in a future post…

All the best,

Jason

Source

We’re going to use Puppet to install and configure HAProxy to load balance Apache web services. We’ll also configure Keepalived to provide failover capabilities.

This article is part of the Homelab Project with KVM, Katello and Puppet series. See here for a blog post on how to configure HAProxy and Keepalived manually.

Homelab

We have two CentOS 7 servers installed which we want to configure as follows:

proxy1.hl.local (10.11.1.19) – HAProxy with Keepalived (master router node)
proxy2.hl.local (10.11.1.20) – HAProxy with Keepalived (slave router node)

SELinux set to enforcing mode.

See the image below to identify the homelab part this article applies to.

HAProxy and Virtual IP

We use 10.11.1.30 as a virtual IP, with a DNS name of blog.hl.local. This is the DNS of our WordPress site.

Below is a GIF representing our HA setup using HAProxy (primary and secondary load balancers).

Configuration with Puppet

Puppet master runs on the Katello server.

Puppet Modules

We use the following Puppet modules:

1. arioch-keepalived – to configure Keepalived
2. puppetlabs-haproxy – to configure HAProxy
3. thias-sysctl – to configure kernel parameters

Please see each module’s documentation for features supported and configuration options available.

Firewall Configuration

Configure both proxy servers to allow VRRP and HTTP/S traffic. Port 8080 will be used for HAProxy statistics.

firewall { ‘007 allow VRRP’:
source => ‘10.11.1.0/24’,
proto => ‘vrrp’,
action => accept,
}->
firewall { ‘008 allow HTTP/S’:
dport => [80, 443, 8080],
source => ‘10.11.1.0/24’,
proto => tcp,
action => accept,
}

Kernel Parameters and IP Forwarding

Load balancing in HAProxy requires the ability to bind to an IP address that is nonlocal. This allows a running load balancer instance to bind to a an IP that is not local for failover.

In order for the Keepalived service to forward network packets properly to the real servers, each router node must have IP forwarding turned on in the kernel.

sysctl { ‘net.ipv4.ip_forward’: value => ‘1’ }
sysctl { ‘net.ipv4.ip_nonlocal_bind’: value => ‘1’ }

Install HAProxy

This needs to be applied for both proxy servers.

file {‘/etc/pki/tls/private/hl.pem’:
ensure => ‘file’,
source => ‘puppet:///homelab_files/hl.pem’,
path => ‘/etc/pki/tls/private/hl.pem’,
owner => ‘0’,
group => ‘0’,
mode => ‘0640’,
}->
class { ‘haproxy’:
global_options => {
‘log’ => “127.0.0.1 local2″,
‘chroot’ => ‘/var/lib/haproxy’,
‘pidfile’ => ‘/var/run/haproxy.pid’,
‘maxconn’ => ‘4096’,
‘user’ => ‘haproxy’,
‘group’ => ‘haproxy’,
‘daemon’ => ”,
‘ssl-default-bind-ciphers’ => ‘kEECDH+aRSA+AES:kRSA+AES:+AES256:!RC4:!kEDH:!LOW:!EXP:!MD5:!aNULL:!eNULL’,
‘ssl-default-bind-options’ => ‘no-sslv3’,
‘tune.ssl.default-dh-param’ => ‘2048 ‘,
},
defaults_options => {
‘mode’ => ‘http’,
‘log’ => ‘global’,
‘option’ => [
‘httplog’,
‘dontlognull’,
‘http-server-close’,
‘forwardfor except 127.0.0.0/8’,
‘redispatch’,
],
‘retries’ => ‘3’,
‘timeout’ => [
‘http-request 10s’,
‘queue 1m’,
‘connect 10s’,
‘client 1m’,
‘server 1m’,
‘http-keep-alive 10s’,
‘check 10s’,
],
‘maxconn’ => ‘2048’,
},
}
haproxy::listen { ‘frontend00’:
mode => ‘http’,
options => {
‘balance’ => ‘source’,
‘redirect’ => ‘scheme https code 301 if !{ ssl_fc }’,
},
bind => {
‘10.11.1.30:80’ => [],
‘10.11.1.30:443’ => [‘ssl’, ‘crt’, ‘/etc/pki/tls/private/hl.pem’],
},
}->
haproxy::balancermember { ‘web1_web2’:
listening_service => ‘frontend00’,
ports => ‘443’,
server_names => [‘web1.hl.local’,’web2.hl.local’],
ipaddresses => [‘10.11.1.21′,’10.11.1.22’],
options => ‘check ssl verify none’,
}->
haproxy::listen { ‘stats’:
ipaddress => $::ipaddress,
ports => [‘8080’],
options => {
‘mode’ => ‘http’,
‘stats’ => [‘enable’,’uri /’,’realm HAProxy Statistics’,’auth admin:PleaseChangeMe’],
},
}

Note how we forward all HTTP traffic to HTTPS. We also enable HAProxy stats.

There are several HAProxy load balancing algorithms available, we use the source algorithm to select a server based on a hash of the source IP. This method helps to ensure that a user will end up on the same server.

Install Keepalived

Apply the following to the master node proxy1.hl.local:

include ::keepalived
keepalived::vrrp::script { ‘check_haproxy’:
script => ‘/usr/bin/killall -0 haproxy’,
}
keepalived::vrrp::instance { ‘LVS_HAP’:
interface => ‘eth0’,
state => ‘MASTER’,
virtual_router_id => ’51’,
priority => ‘5’,
auth_type => ‘PASS’,
auth_pass => ‘PleaseChangeMe’,
virtual_ipaddress => ‘10.11.1.30/32’,
track_script => ‘check_haproxy’,
}

Apply the following to the slave node proxy2.hl.local:

include ::keepalived
keepalived::vrrp::script { ‘check_haproxy’:
script => ‘/usr/bin/killall -0 haproxy’,
}
keepalived::vrrp::instance { ‘LVS_HAP’:
interface => ‘eth0’,
state => ‘SLAVE’,
virtual_router_id => ’51’,
priority => ‘4’,
auth_type => ‘PASS’,
auth_pass => ‘PleaseChangeMe’,
virtual_ipaddress => ‘10.11.1.30/32’,
track_script => ‘check_haproxy’,
}

HAProxy Stats

If all goes well, we should be able to get some stats from HAProxy.

WordPress Site

Our WordPress site should be accessible via https://blog.hl.local.

Source

The 9th monthly report of 2018 of the Sparky project:
– Sparky’s Linux kernel updated up to version 4.18.11 & 4.19-rc5
– Sparky 5.5 “Nibiru” released
– Sparky 5.5 “Nibiru” Special Editions released
– Lumina desktop stoped working on Sparky5/Debian testing (still works fine on stable)
– updated Italian and some French of sparky tools locales
– updated all sparky-desktop-* meta packages; and removed –no-install-recommends option from desktop installer of Advanced Installer and APTus, what should improve working a few desktops installed via the tools.

Source

A security researcher says Linux vendors wait too long to patch the kernel.

Linux is known for a rapid response on fixing problems with the kernel, but the individual distros often take their time with pushing changes to users. Now, one of the researchers for Google Project Zero, Jann Horn, is warning that major distros like Debian and Ubuntu are leaving their users vulnerable.

“Linux distributions often don’t publish distribution kernel updates very frequently. For example, Debian stable ships a kernel based on 4.9, but as of 2018-09-26, this kernel was last updated 2018-08-21. Similarly, Ubuntu 16.04 ships a kernel that was last updated 2018-08-27,” he wrote in a blog post.

According to Horn, the delay means that users of these distributions remain vulnerable to known exploits. Horn describes a case in which, “a security issue was announced on the oss-security mailing list on 2018-09-18, with a CVE allocation on 2018-09-19, making the need to ship new distribution kernels to users more clear. Still: As of 2018-09-26, both Debian and Ubuntu (in releases 16.04 and 18.04) track the bug as unfixed.”

Horn is also critical of Android, which only ships security updates once a month. “…when a security-critical fix is available in an upstream stable kernel, it can still take weeks before the fix is actually available to users – especially if the security impact is not announced publicly,” he wrote.

Greg Kroah-Hartman has also been critical of distributions that don’t push these changes to users. Horn warned, “The fix timeline shows that the kernel’s approach to handling severe security bugs is very efficient at quickly landing fixes in the git master tree, but leaves a window of exposure between the time an upstream fix is published and the time the fix actually becomes available to users – and this time window is sufficiently large that a kernel exploit could be written by an attacker in the meantime.”

Source

Linux Mint is a very well known desktop version of Linux that’s suitable for the everyperson as a drop-in replacement for a Windows or Mac computer. At the time of writing this article, Linux Mint has been the number one Linux distro for over a year according to DistroWatch. Mint is a derivative of Ubuntu, although you’d hardly know it.

In the following article, we have a video howto, showing you how to install it onto a PC, alongside Windows 10, which is an absolute breeze thanks to the installer. The video also shows you how to install apps with the Mint Software Manager and finally install Google Chrome (which is not available by default due to software licensing restrictions).

What’s different about Mint?

Linux Mint 18.3 Cinnamon Desktop

Mint uses a desktop environment called Cinnamon. The default desktop of Ubuntu (and many other distros) is GNOME3, so straight away it’s different, however that’s not where it stops. The best features about Mint are:

• Stability: It’s a no-nonsense distribution which works well. It seems to work with so much hardware right out of the box, even compared with Ubuntu.
• Ease of use: Although Mint is feature rich, it has a feeling which will make you right at home if you are coming from another platform, especially Windows.
• Aesthetically pleasing: Cinnamon looks more like GNOME2, but still pulls off a good aesthetic. It has some unique features such as Desklets which are single-purpose applications that can be added to your desktop, kind of like those widgets you got in Windows Vista – imagine weather applets and the like. There are multiple workplaces,
• Speed: Cinnamon feels pretty fast and it works on older hardware too. If you have really old hardware, Mint also offers a MATE desktop version, which is even more lightweight, whilst still allowing you access to the same apps.
• Software Manager apps: The software manager offers some everyday apps that you wouldn’t expect to see ‘out-of-the-box’ availability with most Linux distributions. However, these things are often considered staples of normal family users, apps including Skype, WhatsApp, Steam for gaming, DropBox, Google Earth and many more hot titles. This latest version of Linux Mint (18.3), provides Flatpak support. With Flatpak, you can install bleeding-edge applications even if they are not compatible with Linux Mint.

Video Howto

Check out our howto video to show you the simple steps of installing Linux Mint 18.3, which was released in December 2017. It is the ‘stable’ release of Mint, which will receive Long Term Support (LTS) until 2021, meaning that security updates and feature updates will be provided until at least then. Linux Mint 19 will be released around June 2018 but will not be an LTS release.

Before you get started

Before you get started with installing Linux Mint 18.3, you’ll need the following:

• A spare 4GB+ USB stick or blank DVD-R for the ISO image.
• A spare 15+ GB storage space on your computer (20+ GB recommended).
• 2GB + RAM.
• 64bit PC with UEFI or BIOS. 32bit installation only works with BIOS. Note that almost all computers sold since 2007 are 64 bit. If your computer is older than this, then check this guide out.
• A decent internet connection to download the ISO from www.linuxmint.com.
• Ability to ‘Burn’ the ISO image to USB or DVD. See our guide on chapter 5 for more information on this.

More goodies?

Aside from the flatpak system and the updated Software Manager, Linux Mint 18.3 provides a few more goodies that are not available in previous versions of 18.x.

Backups & Snapshots

Linux Mint Personal Backup tool

Mint 18.3 comes with a brand new backup tool, which backs up your home directory and archives it into one simple archive file, which can be restored at a snap.

Kind of like the Time Machine software in MacOS, there’s a tool called Timeshift which creates complete system snapshots.

System Reports

In addition to crash reports, the System Reports tool is also able to show information reports.

Unlike the release notes which show the same generic information to everybody, information reports are targeted at particular users, particular hardware, particular cases. Each report is able to detect its own relevance based on your environment, the desktop you’re using, your CPU, your graphic cards…etc, providing great ability for the Mint authors to fix more issues with the software and provide better enhancement.

Xed Texteditor

Xed’s minimap navigation

Xed, the text editor, now features a minimap to help with navigation, like the Atom text editor.

The toolbar of the PDF reader, Xreader, was improved. The history buttons were replaced with navigation buttons (history can still be browsed via the menubar). The two zoom buttons were switched and a zoom reset button was added to make Xreader consistent with other Xapps.

More information

For more information on this release, head over to the official website.

Source

Papirus suite is specifically designed for KDE desktop but now the icon theme is available for other desktops as well which includes: Unity, Gnome, Mate, Cinnamon and others. Previously we had a ported version of Papirus KDE icons in the PPA but now it is directly supported and maintained by creator. There are two variants in this icon pack with light and dark panel icons, it has more than 3500 icons for different applications and still counting, if you find any missing icon then directly report it creator via

Github page

. There was an official PPA but discontinued back in November 2016 and now these icons can be installed via wget method. You can use

Unity Tweak Tool

,

Gnome-tweak-tool

to change themes/icons.

For Gnome, KDE, Unity Cinnamon, Xfce, Lxde, Mate desktops
To install Papirus Icons in Ubuntu/Linux Mint open Terminal (Press Ctrl+Alt+T) and copy the following commands in the Terminal:To install Papirus Icons using PPA in Ubuntu/Linux Mint open Terminal (Press Ctrl+Alt+T) and copy the following commands in the Terminal:To Uninstall Papirus Icons use one of these commands (Make sure to use relevant one):
For sh installer:

For PPA:

Did you like it?

Source

Twice per year, The Coaching Fellowship selects between 50 and 75 young high potential women leaders each time in the social impact sector to become our fellows. Fellows receive executive level coaching at a massively reduced rate so they may focus deeply on personal and leadership development, attaining their goals, and changing the world in the process. In addition, fellows join our network of 400+ women impact leaders around the world.

APPLICATIONS ARE NOW OPEN

Why should you apply?

Having access to a coach can be a significant influence on professional and personal development. Through The Coaching Fellowship we are proud to offer coaching to amazing young women leaders intent on transforming our planet. If you want greater understanding of your strengths, if you need to make a change or a complex decision, if you want to step deeply into your leadership, if you are seeking balance and purpose, one of our coaches can help you.

Application deadline is August 10, 2018.

APPLY NOW

Source

How to delete lines from Vim? How to delete ranges of lines? How to delete lines by a given pattern? Let’s cover in this article different ways to delete lines in Vim editor.

1. 1. Delete a single line
   2. Delete all lines
   3. Delete multiple lines
   4. Delete a range of lines
   5. Delete lines by a given pattern

Install Vim in Ubuntu/Debian distributions

# sudo apt install vim

Install Vim in RHEL/CentOS distributions

# yum install vim

1) Delete a single line

To delete a single line in Vim editor, follow the steps below

1. Place the cursor to the beginning of the line
2. Press the ESC key.
3. Next, press dd i.e quick press letter ‘ d ‘ twice in quick succession.

In the example below, pressing dd at the beginning of line 6 as shown below will delete the entire line.

2) Delete all lines

Below are the two ways to delete all lines.

:1,$d

or

:%d

3) Delete multiple lines

To delete multiple lines

1. place the cursor at the beginning of a line.
2. Prefix the dd command with the number of lines you want to delete below it. For example, if you want to delete 3 consecutive lines below line 3 press
   # 3dd

4) Delete a range of lines

If you want to delete a range of lines, say from line 3 to line 5, the syntax is as shown below

:[start_line_no],[end_line_no]d

In this case, Press ESC Then type the command below and hit Enter.

:3,5d

To delete the last line

:$d

To delete all lines before the current line

:1,.-1d

To delete all lines after the current line

:.+1,$d

5) Delete lines by a given pattern

Finally, you can delete lines following a given pattern.

For instance, to delete lines that contain a certain word, press ESC and run

:g /word/d

In our case, to delete lines that contain the word “lazy”

:g /lazy/d

To delete every line that doesn’t contain the word “lazy”

:%g!/lazy/d
or
:v/lazy/d

To delete lines that begin with a certain letter, say ‘A’

:g/^A/d

If you want to delete lines that begin with a special character like $ sign, prefix the character with a backslash as shown

:g/^$/d

To get rid of all blank lines

:g/^$/d

Do you have any tips to delete vim lines? Hope this article helped you and please leave your comments.

Read Also:

• AMP – Fully Featured Text Editor for Linux Terminal
• How to Install Atom Text Editor in Linux
• Suplemon – Modern CLI Text Editor with Multi Cursor Support
• Top Best HTML Editors in the World of Linux

Source