What’s KernelCare?

What’s KernelCare?

This article explains all that you need to know about KernelCare. But before studying about KernelCare, let’s do a quick recap of the Linux kernel. It’ll help you understand KernelCare better. The Linux kernel is the core part of Linux OS. It resides in memory and prompts the CPU what to do.

Now let’s begin with today’s topic which is KernelCare. And if you’re a system administrator this article is going to present valuable information for you.

What is KernelCare?

So, what’s KernelCare? KernelCare is a patching service that offers live security updates for Linux kernels, shared libraries, and embedded devices. It patches security vulnerabilities inside the Linux kernel without creating service interruptions or any downtime. Once you install KernelCare on the server, security updates automatically get applied every 4 hours on your server. It dismisses the need for rebooting your server after making updates.

It is a commercial product and is licensed under GNU GPL version 2. Cloud Linux, Inc developed this product. The first beta version of KernelCare was released in March 2014 and its commercial launch was in May 2014. Since then they have added various useful integrations for automation tools, vulnerability scanners, and others. 

Operating systems supported by KernelCare include CentOS/RHEL 5, 6, 7; Cloud Linux 5, 6; OpenVZ, PCS, Virtuozzo, Debian 6, 7; and Ubuntu 14.04.

Is KernelCare Important?

Are you wondering if KernelCare is important for you or not? Find out here. By installing the latest kernel security patches, you are able to minimize potential risks. When you try to update the Linux kernel manually, it may take hours. Apart from the server downtime, it can be a stressful job for the system admins and also for the clients.

Once the kernel updates are applied, the server needs a reboot. This is usually done during off-peak work hours. And this causes some additional stress. However, ignoring server reboots can cause a whole lot of security issues. It’s seen that, even after rebooting, the server experiences issues and doesn’t easily come back up. Fixing such issues is a trouble for the system admins. Often the system admin needs to roll back all the applied updates to get the server up quickly.

With KernelCare, you can avoid such issues.

How Does KernelCare Work?

KernelCare eliminates non-compliance and service interruptions caused by system reboots. KernelCare agent resides on your server. It periodically checks for new updates. In case it finds any, the agent downloads those and applies them to the running kernel. A KernelCare patch can be defined as a piece of code that’s used to substitute buggy code in the kernel. 

Getting Started with Docker Semi-Self-Hosting on Linode

Getting Started with Docker Semi-Self-Hosting on Linode

With the evolution of technology, we find ourselves needing to be even more vigilant with our online security every day. Our browsing and shopping behaviors are also being continuously tracked online via tracking cookies being dropped on our browsers that we allow by clicking the “I Accept” button next to deliberately long agreements on websites before we can get the full benefit of said site.

Additionally, hackers are always looking for a target and it's common for even big companies to have their servers compromised in any number of ways and have sensitive data leaked, often to the highest bidder.

These are just some of the reasons that I started looking into self-hosting as much of my own data as I could.

Because not everyone has the option to self-host on their own, private hardware, whether it's for lack of hardware, or because their ISP makes it difficult or impossible to do so, I want to show you what I believe to be the next best step, and that's a semi-self-hosted solution on Linode.

Let's jump right in!

Setting up a Linode

First things first, you’ll need a Docker server set up. Linode has made that process very simple and you can set one up for just a few bucks a month and can add a private IP address (for free) and backups for just a couple bucks more per month.

Get logged into your Linode account click on "Create Linode".

Don't have a Linode account?  Get $100 in credit clicking here

On the "Create" page, click on the "Marketplace" tab and scroll down to the "Docker" option. Click it.

With Docker selected, scroll down and close the "Advanced Options" as we won't be using them.

Below that, we'll select the most recent version of Debian (version 10 at the time of writing).

In order to get the the lowest latency for your setup, select a Region nearest you.

When we get to the "Linode Plan" area, find an option that fits your budget. You can always start with a small plan and upgrade later as your needs grow.

Next, enter a "Linode Label" as an identifier for you. You can enter tags if you want.

Enter a Root Password and import an SSH key if you have one. If you don't that's fine, you don't need to use an SSH key. If you'd like to generate one and use it, you can find more information about how to do so here "Creating an SSH Key Pair and Configuring Public Key Authentication on a Server").

You can skip the VLAN section, but I encourage you to check the boxes for Backups and Private IP.

Once you have all your choices made, you can click the "Create Linode" button on the right side of the page.

5 Lesser-Known Open Source Web Browsers for Linux in 2022

5 Lesser-Known Open Source Web Browsers for Linux in 2022

If you’re in search of open-source web browsers that are lesser-known to you, this article is written for you. This article takes you through 5 amazing open-source web browsers that are readily available for your Linux system. Let’s find out the options to choose from in 2022.

Konqueror

Konqueror web browser is developed by KDE. Konqueror is one of the lesser-known open-source web browsers that’s been built on top of KHTML. Konqueror has been built for any kind of file previewing and file management. Konqueror makes use of KHTML or KDEWebKit rendering engines. File management is done on ftp and sftp servers using Dolphin’s features including service menus, version-control, and the basic UI. It has a full-featured FTP client. So, you can split views to show remote and local folders and previews on the same window.

For previewing files, the Konqueror browser has in-built embedded applications, such as Gwenview for pictures, Okular and Calligra used for documents, KTextEditor for text-files, etc. You can use its various plugins, such as Service-menus, KPart for AdBlocking, KIO to access files, and others.

The international KDE community does the maintenance of the Konqueror browser. 

GNOME Web

GNOME Web comes next in this list of free and open-source web browsers made for Linux. It’s a clean browser that features first-class GNOME and Pantheon desktop integrations. It also includes a built-in adblocker and Intelligent Tracking Prevention. It primarily follows GNOME’s design philosophy. So, there’s no wasted space or useless widgets.

Despite being a GNOME component, the GNOME Web browser is independent of any GNOME components. The GNOME Web is built on top of the WebKit rendering engine. You can use Flatpak to install Epiphany because Flatpak is the most reliable application distribution mechanism used for Linux. Elementary OS and Bodhi Linux use GNOME Web as their default web browser. Did you know GNOME Web browser’s codename is Epiphany? Why Epiphany? Well, this means a sudden perception or manifestation of the meaning of something. Let’s move on towards our next open-source browser.

Simulating Host Identity Protocol-Based Virtual Private LAN Service Using Mininet Framework

Simulating Host Identity Protocol-Based Virtual Private LAN Service Using Mininet Framework

Introduction

Virtual Private LAN Services (VPLS) provide means for building Layer 2 communication on top of existing IP networks. VPLS can be built using various approaches. However, when building a production-grade VPLS solution one needs to have a clear picture of how such aspects as security, mobility, and L2 issues will be solved.

In this short article, we will demonstrate how to build the VPLS using Host Identity Protocol (HIP). Since our goal is not to build a production-grade implementation of HIP-switches, we will only demonstrate proof of a concept solution that uses Mininet – a framework for simulating L2 and L3 networks. It is worth mentioning that the code we have produced can be also deployed (under certain conditions; for example, our HIP implementation does not feature the NAT traversal mechanisms and does not yet provide an L2 loop prevention mechanism) on the real hardware.

While building HIP-switches (the switches that are deployed at the border of a network) we came across several challenges. First, we understood that HIP-switches need to support the IEEE 802.1D protocol (or its modification - this really depends on the version of the protocol supported by the switches) to avoid L2 loops in the network. This problem was initially addressed in the relevant IETF draft. Second, there were certain issues with MTU and the inability of the Linux kernel to deliver IP packets when those are fragmented in user space and injected into the network stack using raw sockets. And finally, it took us some time to repackage the existing implementation of HIP protocol as a library, so that it will be agnostic about low-level networking (such as raw sockets, etc.). Since the implementation of the IEEE 802.1D protocol for our HIP-switches is still ongoing, we will demonstrate the usage of HIP-based VPLS using loop-free L2 topology.

6 Best Linux Desktop Environments to Try in 2022

6 Best Linux Desktop Environments to Try in 2022

Are you looking for the best Linux desktop environments for your desktop? Then this article is particularly for you. Want to find the notable mentions, the best features, and what you might be fond of? Get to know about the 6 best Linux desktop environments to try in 2022 from here. So, let’s dive in!

Budgie

Budgie is a GNOME-based Linux desktop. It’s developed and used by Solus Linux distribution. With the help of GNOME stack components, the Budgie desktop is written. Budgie offers a unified notification feature and its customization center is called Raven. It gives access to the calendar, system settings, power options, and media player. Elements on the desktop, eg. applications are implemented as Applets.

Budgie is easily customizable. Its developers' team put a lot of effort into modifying Budgie’s desktop elements, such as Budgie Menu that sorts names of categories alphabetically, Icon Tasklist applet which has some new features included. Linux distros including Manjaro and Ubuntu have spins based on this Linux desktop environment. Also, Fedora users can fetch Budgie from the COPR repository.

Deepin DE

The Deepin DE Linux desktop is developed by the Deepin Linux distribution. It’s based on WebKit and HTML5. Deepin uses Go and QML for designing its components. Besides the desktop, Deepin components make use of the dock and control center and the application launcher. Deepin DE’s tweakable parameters can be accessed using a hidden panel.

The Deepin desktop almost replicates the aesthetics and usability of Mac OS X. It has a neat and clean interface having only the dock at the bottom. The touch-screen gestures are also supported by the desktop. The Deepin desktop offers configurable hot corners that allow you to access the control panel and the applications menu. With this, all of the aspects of the desktop can be managed. The desktop can be fetched through the third-party repositories while installing.

GNOME

GNOME is a very popular Linux desktop environment. Many Linux distros use GNOME. GNOME is simple to use and can be customized. The modern and touch-feature-enabled user interface provides an amazing experience. Also, the GNOME desktop can extend its functionalities via GNOME Shell extensions.

However, GNOME isn’t a good choice for older computers or systems having less than 4GB RAM. Some major Linux distributions that use GNOME as their preferred desktop environment are Fedora, Pop!_OS, OpenSUSE, Debian, and Ubuntu. So, those of you who are looking for something different than the traditional Windows layout, try GNOME.

Creating a Modern Website with Ghost

Creating a Modern Website with Ghost

Authors: Brandon Hopkins, Suparna Ganguly

What is Ghost?

Ghost is free and open-source web server software that you can use to host a website. It’s a unique and elegant web publishing platform. Ghost provides a modern and sleek interface where you can publish articles, newsletters, and subscription-based content. It offers advanced features for monetizing your content. So, with Ghost, you can charge your subscribers a monthly fee similar to Patreon.

Ghost’s Similarities to Medium

Thinking if Ghost is anyhow similar to the blogging platform Medium? Well, both have almost identical content writing features. Both Medium and Ghost are dedicated to blogging and writing clean, easy to read content. Unlike Medium you have full control of all aspects of your platform. WordPress is often preferred for its flexibility and overall wide adoption. However, Ghost is a much simpler format for simple blogging, newsletters, and subscription services.

Content Delivery: When it comes to content delivery, both Ghost and Medium are very similar. Just write your content, add images including alt text, do some SEO, then Publish. Have you been using some clumsy content delivery platforms that caused nothing but frustrations? Then go for Ghost or Medium as they are made purely for writing purposes.

Block for Editing: Medium and Ghost have amazing visual editors. And it’s a pleasure to use such blogging platforms for any writer or reader. Medium’s most admired feature is Block for editing. Ghost has the same. Both allow you to use their in-built content blocks. And these are very easy to get started with.

Ghost’s Subscription Feature

Ghost’s native subscriptions turn your free readers into paying subscribers. You can generate recurring revenue from your content. Once you have members signed in to your website, you can ask them for supporting your work financially. Let’s take a look at Ghost’s subscription features.

Ghost has an in-built integration with Stripe. It connects your Stripe account to Ghost. Once connected to Ghost you receive Apple Pay and credit card payments. Customer information pulled up from your site gets securely stored and automated with the help of Ghost. If you're not a fan of using Stripe there are other options. With a Zapier integration, you can connect to any other payment gateways. If you’re or have a developer, you can use Ghost’s API to directly connect to those payment gateways.

Simple Network Management Protocol – Not As Simple As You Would Suggest

Simple Network Management Protocol

The Simple Network Management Protocol (SNMP) has been an integral part of monitoring network environments since its introduction in 1988. It has established itself as the de facto standard in network monitoring. Many manufacturers support the protocol and have implemented an SNMP agent on their network devices. These agents allow monitoring solutions to query various data, such as bandwidth, CPU load, network interfaces, etc., without installing an additional agent on network equipment. 

Especially with the increasing number of devices on a network, a simple and established method such as SNMP sounds like a great help to include components in monitoring quickly. Unfortunately, SNMP has a few flaws. The first part of this article will explain how SNMP works, while the second part will drill deeper into the issues with SNMP and how to deal with them.

The protocol offers two methods to retrieve data from devices: polling and traps. With SNMP polling, a monitoring solution queries the data at user-specified time intervals from the SNMP agent. This active polling is used for status-based monitoring and is generally the recommended method. However, the disadvantage of SNMP polling is that the administrator does not notice if an event occurs between two queries, such as a brief change in the network interface status.

The alternative to SNMP polling is an event-based variant called SNMP traps. If a certain event occurs on the monitored device, it sends an error message to the monitoring instance. One of the disadvantages of SNMP traps is that the data packets transmitted via UDP can be lost. Since UDP does not acknowledge receipt of network packets, the administrator does not even know that an alert was sent if the packets containing the trap data are dropped. Thus, ironically, a problem on the network prevents the detection of another issue with a network device.

Another disadvantage of SNMP traps can be the flood of triggered messages. For example, suppose a core switch is no longer available. In that case, in large network environments, it can lead to thousands of switches sending traps. Even if it does not have an upstream filter mechanism, the trap receiver can collapse under such a load of error messages. Monitoring is then unavailable in an emergency. In addition, the administrator must re-reconfigure all components in the network if the IP address of the trap receiver changes.

17 Important Linux Interview Questions with Answers

17 Important Linux Interview Questions with Answers

Are you prepping up for an interview where you may face Linux-related questions? Then read through. This article takes you through 17 important Linux questions with answers that will make you interview-ready. So, let’s begin!

  1. Who invented the Linux operating system?

The Linux operating system was invented by Finnish software engineer Linus Torvalds along with the Free Software Foundation in 1991.

  1. Briefly explain the history of Linux

Linus Torvalds was a student at the University of Helsinki in Finland. He wanted to create an academic version of Unix OS for free. Linus began writing the code. Later his very own operating system became well known as the Linux kernel.

  1. How can you access the command line to put commands?

To access the command line, press Ctrl+Alt+T. Or, you can search from the dash by pressing the Meta/Super/Windows button and then type “terminal”.

  1. How do you open Terminal in GNOME?

In GNOME, Terminal is under Accessories in the Application menu.

GNOME-terminal

  1. What are symbolic links?

Symbolic links are similar to shortcuts in Windows. These links point to files, directories, or programs. It also gives you instant access to it. And you don’t need to go to the entire pathname.

  1. What’s IEEE 1284?

IEEE 1284 is a port that defines bi-directional communications between your computer and other devices, such as printers. It was invented in the 1970s by Centronics, and hence was called Centronics Port, after the name of the company. Later it was standardized with IEEE and got the name IEEE 1284.

  1. Mention about three advantages of using Linux over Windows

Three advantages of using Linux over Windows are:

  • Linux is free but Windows isn’t. Even the applications used for Linux cost $0.

  • Linux is open source. It means the source code is available for everyone to view, modify, or edit.

The org-mode LaTeX exporter: LaTeX for non-TEXers

The org-mode LaTeX exporter: LaTeX for non-TEXers

By: Pedro A. Aranda Gutiérrez This article shows how to configure and use the org-mode provided by Emacs to produce pretty documents. org is a multi-purpose structured text file format and Emacs can translate it to LaTeX files which, in turn, can be translated into pretty PDF documents, taking advantage of all the typesetting facilities provided by LaTeX. This is a compendium of tricks evolved out of the experience of working with Emacs, org-mode and LaTeX.

1 Introduction

I got exposed to Emacs in the 1990’s when I used Unix mainframes and VT220 terminals for work. At the beginning, it was just my programmer’s editor and when I got used to it, I looked for ports to use at home. Initially a dream, it became a reality, first with a port[10] and them, when I installed my first Linux (from a floppy-disk set). Much later, I started to be exposed to LaTeX. It wasn’t until I was working on my PhD that I fully understood its potential when my Office suite collapsed on a last minute template change for a conference. It took me less time to install the full texlive distribution, export my paper to LaTeX, clean up the result and change the template than to fix the original document after changing the template. What I have always liked in LaTeXis that what you write is what you mean. The use of tags is a minor inconvenience for me.

The next step in what you write is what you mean path after LaTeXwas org-mode. Initially a hint from my PhD advisor as a nice way to produce slides, it took me some time to realize its full potential both for presentations and documents. org-mode is included in the stock Emacs code.

You can always be in the forefront and get the most recent public version of org-mode from the repositories, but a fairly recent version of Emacs guarantees a nice, up-to-date feature set in org-mode. In my case I use an Emacs 28.0.9x, a pre-release of the next stable Emacs which I compile myself once a week, both on Ubuntu 20.04 and macOS. If you want to produce a nice PDF file from org-mode, you rely on its LaTeXexporter and use a TEX distribution like texlive in Linux or MacTeX in macOS for typesetting and output generation.

To prove my case, I keep this article in an org file that I use to explore org mode features. It is a living demo of how nicely you can write things using org-mode and then generate PDFs using LaTeX. My main sources of inspiration are the org-mode documentation[8] and an oldish Cookbook[4] and all those moments where I’m working on a document and feel that something is missing.