Hi everyone!

I hope you all had a nice holiday got to spend it whichever way you prefer (behind a computer, obviously)!

It’s once again a pretty big issue, as I’ve had a few weeks of stockpiled bookmarked & news to share. Don’t let the scrollbar scare you. 😉

Wishing you all the best in 2020, successes wherever you need them and enough free time to keep learning & reading.

Enjoy!

News & general

Strong words from Linus Torvalds regarding Oracle’s licensing policy on ZFS: “Don’t use ZFS. It’s that simple. It was always more of a buzzword than anything else, I feel, and the licensing issues just make it a non-starter for me.”

I don’t like pointing to status pages or downtime as it feels very “finger pointing” to me, but I wanted to share this incident regardless. Gandi lost a storage device and couldn’t recover data for their customers, asking them to “use their own backups”. This is a good reminder that you don’t want to put all your eggs in one basket!

Is it faster to do the grep before the count , or after? This post looks into the nitty gritty performance details of shell pipelines!

Early in December, a security vulnerability in npm & yarn (the javascript package manager) was publicly disclosed. This post looks at how this vulnerability works. As a Linux sysadmin, you’ll be happy to read that it’s all about $PATH and symlinks!

SHA-1 is broken. If you still use SHA-1 anywhere and you think it’s keeping your stuff private, guess again.

By default, reads from /dev/random are blocking (meaning: your program will hang until there is sufficient entropy (“random data”) to give back) and calls to /dev/urandom would never block (more on that here). Work is now being done to make /dev/random non-blocking as well, while still keeping it a secure cryptographic random-number generator (CRNG).

Arch is switching their package compression scheme from from xz (.pkg.tar.xz) to zstd (.pkg.tar.zst). The biggest motivation was not better compression (that’s about the same), but a whopping 1300% speed up in decompressing.

Python 2.7 will not be maintained past 2020. If you use Red Hat (and I presume CentOS as well), it seems to be supported until June 2024 though. So much for EOL …

For years now, Kali has inherited the default root user policy from BackTrack. As of January 2020 they will change this and move Kali to a “traditional default non-root user” model.

There was a bit of commotion around Ubuntu’s default MOTD behaviour, where it sends more data than you’d expect back to Canonical-owned servers every time you log in. In this blogpost, I look at the details of what is being sent and why you should care.

Well there you have it, systemd remains (I’m not complaining though, it might be Stockholm Syndrome but I’ve come to like systemd).

An embedded systems engineer created a business card that runs a version of Linux with a kernel sized at 1.6MB, the entire root filesystem at 2.4MB and a boot-loader that fits in 256KB.

We built the Oh Dear monitoring service because there’s a gap in current uptime monitors: they all look at a single page (usually your homepage) and report on that. What about the other 100+ pages of your site? Ours routinely crawls your entire site (like Google) and reports broken links & pages and mixed content alerts. Give it a try, there’s a 10-day free trial!

Scalene is a high-performance CPU and memory profiler for Python that does a few things that other Python profilers do not and cannot do. It runs orders of magnitude faster than other profilers while delivering far more detailed information.

Lucidity is a new way of understanding what programs are doing as they execute. It looks really powerful and gives you visual insights into the state changes of your application. The video is worth a watch!

With Snowpack you can build modern web apps (using React, Vue, etc.) without a bundler (like Webpack, Parcel, Rollup). No more waiting for your bundler to rebuild your site every time you hit save. Instead, every change is reflected in the browser instantly.

Parcel uses worker processes to enable multicore compilation, and has a filesystem cache for fast rebuilds even after a restart. Parcel has out of the box support for JS, CSS, HTML, file assets, and more - no plugins needed.

Get an overview of a directory at the CLI (even really big ones) in a way that you can still navigate them. It cleverly collapses large directories.

This is an alternative to the popular jq tool to query json data at the command line. jql has a more lispy syntax to it.

Jellyfin is a free program that lets you collect, control, and stream all your favorite media. It holds your entire movie collection, and displays a beautiful collection of posters. Could be an alternative to the popular Plex, but it seems to be lacking mobile clients at the moment.

This is a CLI utility for displaying current network utilization by process, connection and remote IP/hostname. bandwhich sniffs a given network interface and records IP packet size, cross referencing it with the /proc filesystem on linux or lsof on macOS.

A serverless email server on AWS using S3 and SES. Pretty crazy actually, when you look at all the parts involved.

Apache Pulsar is an open-source distributed pub-sub messaging system originally created at Yahoo and now part of the Apache Software Foundation. Built from the ground up as a multi-tenant system. Supports Isolation, Authentication, Authorization and Quotas.

Inject a shared library (i.e. arbitrary code) into a live linux process, without ptrace.

Bash-my-AWS is a simple but extremely powerful set of CLI commands for managing resources on Amazon Web Services. They harness the power of Amazon’s AWSCLI, while abstracting away verbosity.

Rhasspy is an open source, fully offline voice assistant toolkit for many languages that works well with Home Assistant, Hass.io, and Node-RED.

Publish is a static site generator built specifically for Swift developers. It enables entire websites to be built using Swift, and supports themes, plugins and tons of other powerful customization options.

Checkov is a static code analysis tool for infrastructure-as-code. It scans cloud infrastructure provisioned using Terraform and detects security and compliance misconfigurations.

A Kafka GUI for topics, topics data, consumers group, schema registry, connect, … It will start a Kafka node, a Zookeeper node, a Schema Registry, a Connect, fill with some sample data, start a consumer group and a kafka stream & start KafkaHQ.

A fully featured Firefox Send client, entirely from the CLI.

A simple, modern and secure encryption tool with small explicit keys, no config options, and UNIX-style composability.

An open, extensible, wiki for your team built using React and Node.js.

A blazing-fast static site generator using Laravel’s Blade templating engine.

Hippy is a cross-platform development framework, aiming to help developers write once, run on three platforms(iOS, Android and Web). Hippy is quite friendly to web developers, especially who are familar with React or Vue.

Glow can render markdown on the CLI, super convenient!

Exploring Python through counter-intuitive snippets. If you think you know Python, think once more!

Guides & Tutorials

Below are some simple methods for exiting vim. (It’s mostly funny though :-))

A collection of useful links & resources to help get you started with Ansible.

I’ve always loved performance, be it on the server, the code in the backend or the frontend. I think it’s good to be aware of all areas so I wanted to share this huge list of performance tips for front-end devs.

This is a complete beginner guide to what Prometheus is, what it does and how to use it.

This is a good summary of the HTTP protocol, even if you’ve been configuring web servers for a few years. Most of HTTP is abstracted away in frameworks or layers, but the nitty gritty details are still interesting.

A good back-to-the-basics on using the vi text editor. Even though I only use 0.1% of its features, it’s still my favorite editor at the CLI.

This is a good collection of tmux tips to configure it just the way you want, with the panes & windows you choose.

This book can be read entirely online and gives a really good introduction to the Python programming language.

If you want to try out object storage (“S3”) on your own, you can give Minio a try. This post gives you all the install instructions on Ubuntu 18.04.

This is a 6-part guide on how to set up your own Jenkins instance to run your own CI/CD pipelines.

Another good step-by-step guide on running your own Galera cluster.