Transcripts

Untitled Linux Show 169 Transcript

Please be advised this transcript is AI-generated and may not be word for word. Time codes refer to the approximate times in the ad-supported version of the show.

00:00 - Jonathan Bennett (Host)
This week we're talking about more Linux mobile hardware. We're talking about Alma Linux and their certification program. It's time for the 6.11 kernel to release and 6.12 to start getting worked on, and a lot more. You don't want to miss it, so stay tuned. Podcasts you love From people you trust.

00:21 - Jeff Massie (Co-host)
This is Twit.

00:45 - Jonathan Bennett (Host)
This is Twit and all kinds of good stuff. We've got the uh, the regular crew here today. We've got rob, we've got ken, we've got jeff. We've got some stories to talk about. Uh, this this weekend, we think, is going to be a kernel weekend, so we'll talk about that a little bit. Uh, but first, rob is trying to stir up some trouble in my marriage by making me spend more money, and I think we've decided that he's not going to succeed this time. But give, give us the pitch, rob. What's this new Linux gizmo that you're trying to get people to pay for?

01:09 - Rob Campbell (Co-host)
Well, before we get started on that, I want to first make a correction on the furry phone that I talked about last week. Jonathan, you were correct. Your guess was correct that I can't read the phone is pronounced fury phone, because the folks over at fury labs let me know that that is the correct pronunciation on mastodon this week I think it was today or yesterday they uh messaged me once they uh saw the little clip, so it is a failed on for, uh, phonics?

01:45
yeah, it is, it is fury like the like, uh, furious, because I suppose maybe because they're furious that there hasn't been a good linux phone made until now you're gonna feel a lot better if you buy one, telling people that you have a fury phone.

02:01 - Jonathan Bennett (Host)
It just it rolls off the tongue easier.

02:02 - Rob Campbell (Co-host)
I don't know, I struggle to say the word fury, that's, it's just so feels, it's just weird to me. I think I see that you and I say fury and it's just, I don't know how I think furious. Yeah, furious is not too bad, but fury, it's like, is it, is it fear?

02:19 - Ken McDonald (Co-host)
is it like?

02:20 - Rob Campbell (Co-host)
fear ear fury. Do I need to put a little curve in that Fury?

02:25 - Jeff Massie (Co-host)
It's like the old car Plymouth Fury.

02:28 - Rob Campbell (Co-host)
Yeah, fury is kind of a weird Fury, I don't know. But how about? If there's no other words on that, let's talk about something else Jonathan's wife might hate me for, and that is the new Linux tablet from Deep Computing. Sure, there are other Linux tablets out there the, the Pine tab, the, I don't know. There's another one that maybe made it like a couple months before they ended it, and who knows, but not many really. This one, though, has something a little more special about it than at least any other tablet I've seen so far, and if you remember our past stories about deep computing, maybe you've guessed already, but this tablet runs on RISC-V and runs with Ubuntu out of the box. So the SoC system on iC, uh, is the same chip set the risk 5 ubuntu laptop uses that we have previously talked about.

03:31
This tablet comes with a 10.1 inch, 1920 by 1200 ips, 10 point touch display, which is the part that jonathan kind of griped about pre-show, because he likes them to be small or something. Memory comes in 4 gig, 8 gig or 16 gig, has 16 gigabit eMMC storage, or, if you have the 16 gigabits of RAM model, you can optionally get 128 gigabit eMMC. It's available. Has a 6,000 milliamp battery I don't know what kind of battery life that is has front and rear cameras, a usb type c 3.0 port with display port, and they had the courage again to add a 3.5 millimeter audio jack and all of this really. You know, I mentioned in the past that I bought a Surface Pro 3 to put Linux on and it was used and I paid $125 for it. All this is only $149 US plus shipping. Pre-ordering is available right now and they're expecting to ship in september.

04:52
So this has all the things that we're interested in. Risk five I mean you got we have that risk five board that we kind of struggled and played and and or maybe didn't do anything with. But this has uber 2 already on that risk 5 board, um, and a tablet doesn't. It supports a mouse and a keyboard. It doesn't come with one. Uh. It'd be nice if they had like a nice little uh keyboard cover available, but maybe something else will fit. I don't know. We'll see.

05:20 - Jonathan Bennett (Host)
Yeah that's an interesting little device. The comment I made before the show is I've already got a 10-inch tablet, but a 7-inch would be useful. I have found with a 7-inch it'll fit on the inside pocket of a suit coat and so those are pretty useful. Just for that, yeah.

05:37 - Rob Campbell (Co-host)
but it's risk.

05:38 - Jeff Massie (Co-host)
five it is risk five and think how cool you'd be whipping that out of your inside pocket during a Dungeons.

05:48 - Ken McDonald (Co-host)
Dragons game.

05:49 - Rob Campbell (Co-host)
That's why it needs to be a 7-inch or maybe a game of Risk.

05:53 - Jonathan Bennett (Host)
There you go. I don't play any games with people in person, though they're all over the internet these days Well as long as you have video on, you can be able to.

06:01 - Rob Campbell (Co-host)
They won't even know. If it really came from your pocket, then yeah.

06:06 - Jonathan Bennett (Host)
So Keith s512 says oh no, this will be so slow. It'll be slower than a kindle fire tablet. You'll just end up throwing it across the room. Um, and I think that's fair. Like these risk 5 chips are not super performant yet. Um, with the with the vision 5, I know that the comment I made was it is just barely good enough to to do what you want, which in this case is compile and test uh software, for we're still kind of in the bootstrapping stage for risk 5 for these kind of devices. Um, but I mean it's cool. It's just it's got the cool factor to have a risk 5 tablet and a tablet that's designed for running like this sort of uh touchscreen linux stuff on, so well, designed for running like this sort of touchscreen Linux stuff on.

06:47 - Jeff Massie (Co-host)
So realistically something like this is probably more of you know people surfing YouTube and TikTok and you know just kind of basic consumption.

06:58 - Ken McDonald (Co-host)
And that's all they do, maybe just for reading an e-book.

07:03 - Jeff Massie (Co-host)
Yeah, I mean there's a lot of uses that I could see that just really don't need much power behind them. Yeah.

07:13 - Jonathan Bennett (Host)
I don't know. I've seen some of these low-power devices really struggle with things like scrolling through a big PDF, or maybe a big e-book in that case, or playing, you know, full HD YouTube videos. I would see this as possibly having some of the same problems.

07:29 - Rob Campbell (Co-host)
and then the other thing is like the, the the touchscreen ubuntu experience, for this is maybe not necessarily the best yet well on the article they did say if you're not an ubuntu fan, uh, the 16 gigabit model, I think later on in the future will support the open source android that's interesting.

07:52 - Jonathan Bennett (Host)
Yeah, no, but I seriously I see this as more of a development platform at this point and it does match the uh the risk 5 uh laptop.

08:01 - Rob Campbell (Co-host)
So if you anything you do for one's going to work on the other and it's a lot cheaper than the juno tab three oh yeah, that's fair.

08:12 - Jonathan Bennett (Host)
Yeah, I, I still see risk very much in in this sort of a form factor as being excellent for development, for risk, um, but like as a general consumer device. I'm just not sure that it's there yet, but I would love to be wrong.

08:26 - Rob Campbell (Co-host)
We'll find out when you give us your review of it.

08:29 - Jonathan Bennett (Host)
Will we find out, Rob? Are you buying one.

08:33 - Rob Campbell (Co-host)
Oh, I may. Actually this might be in the price range. This might be in the price range where I can just throw something at it and see what happens.

08:43 - Jonathan Bennett (Host)
Yeah, I've done that too many times here recently and I'm sort of my wallet is a little light.

08:49 - Ken McDonald (Co-host)
The funds for that sort of thing you don't want a light wallet going into the holidays.

08:53 - Rob Campbell (Co-host)
No no, no, no, no. It's also a pre-order.

08:57 - Jonathan Bennett (Host)
If it was an order, I probably would have, but To be able to push the button and get it, like two or three days later. Yeah, I don't want to push the button and wait a month. Amazon's Prime shipping has just ruined us all. It has All right. Let's talk about AlmaLinux, one of our favorite enterprise distros. Ken, what's new there?

09:22 - Ken McDonald (Co-host)
Well, according to an article by Christine Hall for FOSS Force, amalynx announced this week that not only do they have a newly formed certification special interest group, but that the new SICK has already put together a hardware certification program to certify that Amalynx works as it should on specific hardware. The hardware certification program is a feather in AmaLinux's cap, as it makes the distro the first Red Hat Enterprise Linux clone to offer hardware certification, which has long been available to Red Hat Enterprise Linux. This will be a big deal for server makers, since accreditation is important to potential enterprise customers who often run the same operating system across numerous servers. Jonathan Wright, as the Amalynx infrastructure lead and the new SIG's first chairperson, wrote. First chairperson wrote.

10:23
This SIG was born out of a desire to prove that Amalynx works in all places that our community needs it to. The members already helping are from all over the world and have gotten engagement from some of the most respected hardware providers in the world. Our most active engagement has been with Supermicro and we are so grateful to them for helping us improve and expand the hardware certification program. Supermicro has already certified its 2U rack-mounted servers through this new program. The hardware certification process takes advantage of an open-source certification toolkit developed by the Amalynx OS Foundation, which borrows from various open source hardware and software testing projects and tools. It is available on the Amalynx certification GitHub repo.

11:19
Jonathan Wright also wrote we'll be working on spinning up a software certification program over the coming months to provide software validation and certification that our users can trust. The SIG is also interested in finding folks interested in working with it. If that's, you just join the SIG at any of its meetings or in the chat room. You can find a link to the AlmaLynx blog post in Christine's article. The blog post also has links to the GitHub repo as well as to the meeting minutes and the chat room that I was talking about.

11:59 - Jonathan Bennett (Host)
This is pretty interesting. I wonder if AlmaLynx is charging anything for this certification. I wonder if AlmaLinux is charging anything for this certification, because there is some effort it takes to do that. I'm just curious if they're making any money from this, if this is a way that they're making a little bit of income, but this is useful. I have built a couple of servers. It's been years ago since this was a thing, but I've built a couple of servers and thought, oh yeah, surely Linux will run on there there, no problem. And then you get it and you find out that like one of the chip sets inside is some weird nvidia thing and you have non-working usb ports. Like really why?

12:35 - Ken McDonald (Co-host)
would they have problems with nvidia chips?

12:39 - Jonathan Bennett (Host)
there are some nvidia. Was it the north bridge at the south bridge chips? This was way, way back in the day. This was when we actually had north bridge and south bridge. Yeah, this has been, that's been a few um, but that, like those nvidia chips just never, ever got supported and so your, your usb support on them was just a it might work, um, and there are some things like that in linux. So the fact that this you know, they look at it and they go, okay, all these things are actually going to work when you install them in Linux, like that's pretty valuable.

13:14 - Jeff Massie (Co-host)
Yeah, I was going to say I think they made them back, you know, for about one generation, maybe two, and then decided, yeah, we're getting out of the chipset business.

13:28 - Ken McDonald (Co-host)
But getting back to your original question on whether or not this may be a way to make money, it could be. If companies contract with AlmaLinux to do the hardware certification, it also gives companies, with them doing it open source, the opportunity to do self-certification, with them doing it open source the opportunity to do self-certification, so there's a hardware certification suite that they can run.

13:50 - Jonathan Bennett (Host)
Oh, interesting, that might even be useful for end users, like if you build your own computer. You might want to run this before you do a full install with all your setup, just to make sure that there's not anything broken that you didn't realize in general, that tool might be useful for non-alma users, just because if Alma runs on it, probably most any other, at least mainstream one's going to work too.

14:17 - Ken McDonald (Co-host)
So then most of the uh other red hat clones probably would run on it as well.

14:24 - Rob Campbell (Co-host)
Well, definitely, but I think even Ubuntu or Arch or any of them. And anything, gen 2. For the most part.

14:34 - Jonathan Bennett (Host)
So this might be interested to run on even a Fedora machine or something else, right? Because I doubt there's anything in the script that is particularly AlmaLinux specific. I wonder if there is something like that out there. That's just a. We're going to check and see if all the things work the way you expect them to. Is this open source? It is. The hardware certification suite is out there. It's on GitHub. Hmm, yeah, it'd be interesting to try. I would say I bet the only.

15:08 - Jeff Massie (Co-host)
The biggest hiccup I would see is just if it's looking for a specific file or something and it's in a different location.

15:14 - Jonathan Bennett (Host)
You know just some basic yeah, there could be some around stuff but, like it might check for you know, slash, slash ETC, slash, alma release, or you know whatever, and if that's not there, oh no, so who knows? But it's a, it's a fascinating idea and I I don't know, I'm not aware of anything else like that, but I think that's a really interesting, like this idea of run this script and it goes through and it checks and it makes sure that your system is doing all the things it's supposed to. You know, you've got network, you've got usb, like that's.

15:45 - Rob Campbell (Co-host)
That's kind of an interesting idea so this is just a script, so you already have to have linux um, yes, now it may have well so like it's from a live usb probably. I'm saying somebody should just make an iso, a live boot ISO, with this on it and have it just be your checker before you go and install. I mean on distros too.

16:12 - Jonathan Bennett (Host)
So, issue number 19,. Just so you know, is created by Benny Vasquez, which Benny is the leader of AlmaLinux, and it is create a live USB image for certification. So there you go, go all kinds of fun yeah, benny yourself.

16:31 - Rob Campbell (Co-host)
Well, I'm just as smart as benny, because I just heard about this a few minutes ago on art.

16:35 - Jonathan Bennett (Host)
I okay, maybe I'm not that's not necessarily how that works. How that works I, I'm uh not necessarily.

16:41 - Jeff Massie (Co-host)
I wouldn't throw that gauntlet down.

16:42 - Rob Campbell (Co-host)
Rob, come on, benny, bring it on, come on.

16:49 - Jonathan Bennett (Host)
I'd pay to see that.

16:51 - Ken McDonald (Co-host)
Maybe you can get Vinny as the guest.

16:53 - Jonathan Bennett (Host)
I've had Vinny as the guest. It's been several months ago now, but we had her on and had a fun time. It was a good conversation. All right, jeff, we're probably going to get a 6.11 kernel this weekend and that means that it's about time for 6.12 stuff to really start. Yes, it is. You've got some news about that.

17:14 - Jeff Massie (Co-host)
And stuff that's even started before that. That's going to wind up in 6.12. We've talked about this in the past but Intel is making a change so they can get past the family 6 series of CPUs. Intel has been using the family 6 designation for a long time, like since the mid 90s. Now, while that seems okay, it can cause issues. There is specific code for different generations of CPUs so we can get the most out of them. Well, currently Intel has to look at the model ID to decide which code they need to run.

17:47
You know, basically defining what the chip can do. You know, and if you think back to the mid nineties CPUs, you know in a current model there's big differences. You know, in just like cache and the old single core to multi core. And now we've got, you know, with performance and efficiency cores mixed in and not to mention just the variations of the series, because different core count. Maybe some don't have efficiency cores, they only have efficiency cores. You know there's a lot going on here. So in the past it caused some issues and they had to go back in and always tweak the way it would look at the model to decide how the CPU was going to be defined by the features and capabilities. And I'm bringing this topic up again because, like I said, we talked about it probably about six months ago because with the 612 kernel they should have their new solution in there. So the new method is VFM, which stands for vendor, family and model. Now this is something that's going to be transparent to the end user, so we're not going to notice a difference, but it will make support for future CPUs easier for the maintainers.

18:56
The family 6 designation isn't going away, though, just not just yet. The next CPU and up to the Clearwater Forest CPUs which have the Darkmont cores will carry the Family 6 designation, so the next couple series are coming out with still Family 6. Now I should mention this isn't something that happens on the AMD side. Amd has been adjusting their Family ID regularly, such as Zen and Zen 2 being family 23, zen 3 and Zen 4 being family 25, and now Zen 5 is family 26. So only on the Intel side has this been an issue. Now this started with kernel 6.9 and it's taken 74 patches to get things ready. So it's taken some time to get all things lined up without breaking anything. You know they don't want to cause issues with existing stuff. So you kind of have to work it in there carefully.

19:52
A little speculation that this might be in preparation for the x86s series of CPUs. The S is for simplifying the CPU. They're going to simplify the chip by removing support for 16-bit and 32-bit operating systems. So x86 is a big step forward with dropping legacy mode, five-level paging improvements and other modernization improvements for the x86 underscore 64. There's also Intel FRED, which is flexible return and event delivery, which changes how transitions are done between privileged levels. You know the CPU rings. So there's already been some work in the kernel for these hardware changes. And because it would be such a huge change, they want better CPU identification. I'm talking about the x86s and the FRED. They've been sprinkling stuff in for a couple kernels now. Future cpus are possibly going to be going a lot of different directions, so they want to really make sure they can properly identify everything.

20:54
Now, little caveat here. I do want to state that what I'm saying, you know, with the technologies here is not insider information. This is not anything I got from work. This was all gathered through public places. So no, no, no, no insider stuff there. So just just in case anybody's curious or wondering so uh, we'll 6, 6, 12. We should see, uh, the new model vendor. Not that we'll see it, but let's look at the code.

21:25 - Jonathan Bennett (Host)
So this means that Intel has been shipping 686 processors for 30 years now. Yeah, well, that's literally what Family 6 is. It's the P6. It's 686. Yeah, and think about it, though, like the tail that your processor family is going to have. So Intel is not going to want to ship one of these out until, like this change, this kernel lands in the latest Red Hat release. Just thinking about it, because so many Linux installs are going to be Red Hat or Red Hat derivative, and so you don't want to break that. You don't want to break that, you don't want to limit yourself. Yeah, we'd like to use your newest processor, but we're still stuck on kernel 6.whatever. So it's going to be a little bit still before they're willing to do that, I'm sure, and break all the things.

22:17 - Jeff Massie (Co-host)
Right, and we don't have an exact timeline for x86s or FRED, but we know it's coming sometime in the future.

22:28 - Jonathan Bennett (Host)
Yeah, yeah, interesting stuff x86 s or fred, but we we know it's coming sometime in the future. Yeah, yeah, interesting stuff now with with 86 s, that is still going to retain, I think, because we've talked about this before that's still going to retain the ability to run 32-bit code, just not a 32-bit os right it's it's not going to have the uh, you know, like the legacy stuff and the, the special hardware modes where you kind of kick into that lower mode.

22:50 - Jeff Massie (Co-host)
It's, it's going to be, it can. It can handle 32-bit, but not at the metal level. So it's not. You're not going to be able to get deep in like an os would. But, uh, like steam, it should be able to run Steam where it's just a 32-bit program.

23:08 - Jonathan Bennett (Host)
And that kind of implies that they can then remove all of their 16-bit handling altogether. So I think Linux is like Windows in that that you cannot run 16-bit code in 64-bit OS.

23:20 - Jeff Massie (Co-host)
And we actually talked, I think a couple of weeks ago, about I'd read some articles about people theorizing you know how these newer chips, you know the the risk chips, and some of these are more efficient because they're not carrying all that extra old legacy baggage behind, and that X86 could be a lot more efficient if they really dumped a lot of this old stuff and so they could focus just on the 60 by 64 instructions, and this is possibly one where they can do it, not to mention the simplification and I know a lot of security issues they they worry about through a bunch of that old code. That stuff was a little more uh, hacked together back then. Yeah, yeah all right.

24:04 - Rob Campbell (Co-host)
Well, speaking of old code, is it my turn to go? It's rob's turn. So debian and ubuntu users all know the importance of apt and, like most other software in the world, it relies on other components and libraries, and unfortunately, some of those components that app relies on are old, long since abandoned, and well, that isn't good. So, although Ubuntu and Debian, they've been patching it on their own over and over throughout the years, so that still works for them. Their design or the design of these components, translations, features are stuck in the past, causing small issues for the distro maintainers paper cuts, as some might say. But you know, linux Mint is no stranger to forking and maintaining old code, as they they forked GNOME three and been running cinnamon for years. So so they have decided to fork and maintain some other old code, and that would be the old apt components that aren't maintained anymore. Some of these are GW and apt-url, which were merged into a single utility called captain and apt-daemon. They were merged into captain. And then you also have apt-daemon and mint-common, apt-daemon. These were merged into a library called apt-kit. These were merged into a library called apt-kit. All the tools which previously used apt-daemon, semantic or apt-ur will now use apt-kit and captain.

25:58
So you know I often like to give Mint a hard time for being old, outdated. But sometimes there is a use for that old, outdated code. But sometimes there is a use for that old, outdated code and maybe this fork will actually do the community some good and maybe updating some of this old code can. Maybe I'll speed up app so it's a little faster, a little more modern. Keep things going, keep things secure and patched. So as much as I love to poke fun at Mint, I guess they're doing something for some good things for the overall community after all kind of surprised this is meant to doing this.

26:35 - Jonathan Bennett (Host)
Um, oh no, no, I'm thinking uh, never mind, I'm not surprised, it's meant doing this. I shouldn't be surprised that it's meant doing this because mint is on, based on either debian or ubuntu. I said, I said mint and I was thinking of uh, open suza it would.

26:52 - Rob Campbell (Co-host)
It would be surprising if it was open suza doing this. The default mint is based on ubuntu, but they do have a debian version also yeah, um yeah at one time they had a kde version. They used to have quite a few, I don't know yeah, and they realized that was just scuba too, so someone else already covered that niche.

27:12 - Ken McDonald (Co-host)
Yeah, now here's my question for those of us that use the app front end nala, what impact will that have? Will using that.

27:22 - Rob Campbell (Co-host)
Well, that's only you, so we don't know.

27:28 - Jonathan Bennett (Host)
But I mean.

27:29 - Rob Campbell (Co-host)
Nala is just a front-end app. So I mean, if there were ever any security vulnerabilities in those upstream packages, they would affect Nala, I guess, just the same as anyone else.

27:43 - Jeff Massie (Co-host)
Yeah, I tried Nala for a bit. It always wanted to clean out my old stuff and sometimes, when you load a program it's got you disappeared.

27:51
Yeah, okay, but you know, sometimes, because that's something you got to be careful of when you clear out some of these you'll say, oh, it's not required anymore. Sometimes you may have installed a program that had some of these old libraries or other programs in there that are an older version, that require is required, and you clean those out and it'll suddenly break certain programs, and so I'm always a little leery of cleaning out the old stuff, depending on what the the machine is.

28:23 - Rob Campbell (Co-host)
I just like the default works just fine for me, so I never bothered getting another wrapper. If Nala became the default, I'd maybe start to use it. It had to become the default in all Debian-based distros. I don't want to.

28:39 - Ken McDonald (Co-host)
Well, if you remember, it was the default for Rhino Linux.

28:46 - Jeff Massie (Co-host)
Yeah, that's another thing, only you are using I I will, I'm gonna since it's just the four of us here, just the four of us, I'm gonna confess something. I'm gonna be vulnerable here lately. I just click on the little discover icon when it shows up and I let discover update everything. I haven't even been doing it by the command line.

29:08 - Rob Campbell (Co-host)
Whatever distro I'm in, that thing pops up in in. You know, katie, wherever I'm at, it pops up and says you have updates. I could just click that. I don't. I go and open my terminal or hit F12. If I have like a YachtWake or something, and then I do sudo apt because I want to see all those things when I update for updating the stuff from the repo my flat packs, my snaps, my Rust items that are installed. Snaps. Another thing only you're running.

29:50 - Ken McDonald (Co-host)
I beg to differ, right, Jeff?

29:53 - Jeff Massie (Co-host)
Yeah, he's wrong on that one, but the reason is Go ahead, ken.

29:59 - Ken McDonald (Co-host)
I just go ahead, like Rob said, go to the terminal, but I just type top grade.

30:07 - Jeff Massie (Co-host)
Yeah, a lot of aliasing in there. But see, that's the reason I clicked to discover anymore is because it will do the snaps and the flat packs and everything, because apt won't update everything. You'll update through apt and you look and there's like still things in there, everything you'll update through apt and you look and there's like still things in there. So it saves me from having to go in and use the command line to update the snaps and does it do your firmware updates?

30:32
oh, it does everything, yeah, yeah. So I just, I just I just say update it just handles it all. But I had to do a little research like why aren't these matching?

30:42 - Rob Campbell (Co-host)
and it's because apt is not pulling in some of these other packages, because they're the containerized packages I haven't run a debian ubuntu based gui on my desktop for a while, so the only place I have been running like ubuntu usually actually in production, I guess is on server, so it's only command line there anyway. So I don't remember.

31:04 - Jeff Massie (Co-host)
Yep, I'm really doing Zipper. That's why Ken and I make fun of you.

31:10 - Jonathan Bennett (Host)
So I really like the last note of the release notes here, and it's all in all. This is a lot of work, and you as a user won't really see much difference on your desktop. The paper cuts are gone, though, and if you find new ones this time, we'll be able to fix them. It's like we fixed all the bugs, but there's probably more there, but we'll fix them. I like it All. Right, ken, let's talk about a new Steam client.

31:37 - Ken McDonald (Co-host)
What's up there. I'm actually going to be covering two stories that are on Valve. First, as you mentioned, we heard from Arias Nestor about Valve recently releasing a new, stable Steam client update that brings numerous improvements and some new functionality to further enhance your gaming experience on Steam and bring compatibility for more Linux desktops. The new Steam Client Update makes the Steam Families feature available for all users as a replacement for the Steam Family Sharing and Steam Family View, providing users with new and existing family-related features. If you have large game libraries, it improves startup and library performance. It also improves the reliability of the games and common collections in your Steam library, improves detection of the Nintendo Switch Pro controller which I'm hoping will take care of mine once I get the update and revamps the shortcut key binding and settings user interface with the ability to unbind a hotkey.

32:50
The screenshots manager has been redesigned to make it easier to share screenshots directly from steam by copying them to the clipboard, sending them to a friend or chat group via Steam Chat, sending them to your phone via the Steam mobile app or exporting screenshots as a new file on your computer. You can now share multiple screenshots at once by multi-selecting from the grid view, as well as searching within the app filter down, drop. The new Steam Client update also improves the overall performance and reliability of the screenshots manager and lays the ground for future support for recordings. For linux users, the new steam client update improves the system display scale detection to make it compatible with more linux deskt, fixes a crash in the GL driver query component that occurred when using the latest NVIDIA graphics drivers and fixes another crash that could occur when exiting the Steam client.

33:57
Mario's article includes a link to the full release notes if you want more detail about the numerous bug fixes. Now we also hear from leon da about steam turning 21 this year. Yes, valve launched its steam client on september 12 2003. To celebrate this birthday, valve has a 64 gigabit and 512 gigabyte Steam Deck LCD models on sale. These models are being phased out, so you will be able to get 15% off the 512 gigabyte Steam Deck LCD. This cell runs through September 26th, if supplies last that long.

34:54 - Jonathan Bennett (Host)
Yeah, interesting.

34:59 - Ken McDonald (Co-host)
Jeff, you ready to get a Steam Deck?

35:02 - Jeff Massie (Co-host)
No, you know, I'm kind of a snob at that. I want a high-resolution screen. I want a monster machine.

35:10 - Rob Campbell (Co-host)
You can hook it up to a resolution screen. I guess you won't get the monster machine.

35:15 - Jeff Massie (Co-host)
Yeah. I'm running a pretty good beefy machine for the games.

35:19 - Ken McDonald (Co-host)
Just get the Steam Deck dock for hooking it up to that high resolution screen for only $75 more.

35:28 - Rob Campbell (Co-host)
I would recommend not getting those lower, smaller storage ones. I think I got the 512 or I don't remember, but maybe it was something even lower than that. It wasn't enough. I wish I would have got more.

35:44 - Ken McDonald (Co-host)
It might have been the 256.

35:46 - Rob Campbell (Co-host)
Yes, you know, I think it was the 256. Now that I think about it.

35:50 - Ken McDonald (Co-host)
Well, here's a chance to upgrade to the 512 LCD for about the same price as the 256, if not less.

35:59 - Rob Campbell (Co-host)
Oh yeah, I think those are like very fixable, moddable. You could take them apart, I think, and swap all parts pretty easily. I believe that's what I think I've heard. I've never opened mine up yet.

36:15 - Jeff Massie (Co-host)
If it's surface mount, you might be able to send it to me and I can fix it for you.

36:18 - Jonathan Bennett (Host)
Jeff, are you actually a surface mount pro? Is that?

36:24 - Jeff Massie (Co-host)
actually in your wheelhouse? No, I'm not, but I have people that work for me.

36:27 - Jonathan Bennett (Host)
Okay, I was going to say I was about to be surprised by a hidden talent of Jeff's. I have a surface pro, but not a surface mount pro.

36:35 - Ken McDonald (Co-host)
He can touch people who have that talent.

36:37 - Jonathan Bennett (Host)
Yeah, he has a surface mount pro. Yeah, I've got a lot of very smart and talented people that work for me that make me look good, that I can believe yes yeah, like you're gonna slide them over something.

36:53 - Rob Campbell (Co-host)
Hey, just gotta take care of this for me the nice thing is I fix it.

36:57 - Ken McDonald (Co-host)
Still got that repair kit out, which can make any of us look good at maintaining the steam decks oh, I love those.

37:04 - Jeff Massie (Co-host)
I got the big one I like.

37:06 - Jonathan Bennett (Host)
I like the I fix it kit, but that is not magical enough to give you the ability to do surface mount soldering.

37:11 - Ken McDonald (Co-host)
That is that is an art form in and of itself.

37:15 - Jonathan Bennett (Host)
I've tried to do it and it is extremely difficult, like there are. There are ways, like there are expensive tooling that if you have it all, it's much easier.

37:24 - Jeff Massie (Co-host)
But yeah, like a reballer it's not that I fix it, though I'm doing a surface mount, installing of discrete components can you solder under a microscope? Can?

37:38 - Ken McDonald (Co-host)
like I said, discrete components yeah, I mean surface mount.

37:42 - Jonathan Bennett (Host)
You can get some real small, discreet surface mount components that are a pain to put on. I'm really good at through-hole. I can do through-hole all day yeah.

37:51 - Jeff Massie (Co-host)
I can do through-hole, yeah, but we've got people that, yeah, they literally solder under microscopes. Yeah, yeah.

38:00 - Jonathan Bennett (Host)
It's impressive. I know there are easier ways to do that, like if you have the the mask, like the solder paste mask, to where you can. Just you smear the paste on there, you pull the mask up, you drop the chip in place and then you heat it up. You're good, um, but anything more than that. It's like that's an art form. Uh, for all right, do we want to talk about? Uh amd and a uh attack vector control?

38:25 - Jeff Massie (Co-host)
We do, and I was just kind of looking at the stories and I didn't really put it together, but I'm doing a lot of security this week. Yeah, Security, I'm taking Jonathan's focus, that's all right. Lots of love here on this show. David Kaplan, who's a senior fellow at AMD, centers his work around security technologies, and he's published an initial set of patches, which are attack vector controls. Now this sounds like there's going to be a lot of new security features that we're going to see in the AMD CPUs. That's not the case, though. The patches are just like they sound. They are ways to better control the security features that are already found in the hardware. Basically, they make things much simpler, so the level of security needed can be easily adjusted. To sort of quote David and I'm going to edit a little to leave out some long file paths and make things a little easier sounding leave out some long file paths and make things a little easier sounding.

39:26
This RFC reconstructs and proposes new command line option to make it easier to control which CPU mitigations are applied. These options select relevant mitigations based on chosen attack vectors, which are hopefully easier for users to understand. The rest of the patch has defined new attack vector command line options to make it easier to select appropriate mitigations based on the usage of the system. While many users may not be intimately familiar with the details of these CPU vulnerabilities, they are likely better able to understand the intended usage of their system. As a result, unneeded mitigations may be disabled, allowing users to recoup more performance. New documentation is included with the recommendations on what to consider when choosing which attack vectors to enable or disable.

40:16
So kind of to restate what David said and simplify it. You can select the use case and it will apply the probable security that you need. You know, if I have it on my home game machine, I don't need near the security that the same CPU in a professional server setting which might be handling sensitive data such as credit card information or personal information, would need. I should say these are in the RFC or the request for comments phase and will also be discussed at next week's LPC or Linux Plumbers Conference.

40:47
Take a look at the article in the show notes for a link to the patch series which is being talked about, and there's also a charge that is showing different security measures based on what the CPU is doing. New vulnerabilities and security measures would also be able to be added and controlled by the command line. So as things progress they can easily add more things and keep the menu system up to date. Take a look at the article in the show notes and you can dig in as deep as you so desire to learn more about this. Rfc Details are in the documentation there.

41:31 - Jonathan Bennett (Host)
I really like this, because not every user needs every mitigation, some of these just. You cannot pull off on anything other than, say, a malicious virtual machine, or you've got to have something malicious running on the machine, which, at that point, who cares? You've already got malware.

41:50 - Ken McDonald (Co-host)
I think this makes a lot of sense and it helps if you've got a cloud-based VM that you just want to set everything down, shut everything down on.

42:03 - Jonathan Bennett (Host)
Yeah, like if you've got, if you've got untrusted virtual machines, that's.

42:06 - Jeff Massie (Co-host)
That's a totally different uh scenario um versus a personal gaming machine exactly exactly right, that's not even connected to the internet well, I'm not sure you can do much gaming these days without the internet access, but yeah, but but you're not a target right, you know other other than like script kiddies or someone wanting to screw around, the big professional services are not going after you know, your machine to find out oh, ken's playing minecraft, we're going to go after him and hack, hack his account. You know it's like yeah, they're going after the big money, the the really hard for advertisers, you know.

42:42
Hire hackers to find out what games you're playing might yeah, right, yeah no this is cool I'm I'm curious, I'm curious to see what uh the response is to it uh and there's some, there's some uh charts in there too, kind of showing some examples, and but it's still, you know, mostly in the early talking stage. So you know, it's nothing, nothing set in stone yet, but I I like it too because it's it's going to be a lot easier for people to actually say, hey, I really need this. Or I'm not running multiple virtual machines where someone could you, you know hack into one to to get into the other, to leak stuff.

43:26 - Ken McDonald (Co-host)
There's the big question Would you need to reboot to toggle the owner off, or could you toggle them at runtime?

43:33 - Jonathan Bennett (Host)
Some of them you would probably have to reboot, I would assume I would really think some of them are so deep in the system you'd have to reboot to be able to change it.

43:43 - Jeff Massie (Co-host)
Some of them are so so, so deep in the system you'd have to reboot to be able to change it. Yeah, I think it's going to depend what exactly you're you're changing as to whether you have to reboot or not.

43:52 - Ken McDonald (Co-host)
Yeah, and some of those you'd probably. It's probably going to just set it once and not worry about it ever again, right?

43:59 - Jonathan Bennett (Host)
yeah depending on your circumstances in fact, I would think, I would think that would be the. That would be the default. Most people are not going to be changing their their vulnerability mitigation stance yeah, you know what I'm gaming tomorrow.

44:12 - Jeff Massie (Co-host)
Yeah, this week I'm gaming tomorrow.

44:13 - Rob Campbell (Co-host)
I'm just going to hook to the enterprise cloud server with credit card information and you know whenever you hook up to the internet, you have a script that turns up the security and connects to the internet. Oh Well, that's.

44:29 - Ken McDonald (Co-host)
Whenever?

44:29 - Rob Campbell (Co-host)
you hit your dial-up.

44:33 - Ken McDonald (Co-host)
So NAT security is not.

44:35 - Jonathan Bennett (Host)
Oh my goodness, that kind of hurts. All right, Rob. Apparently there's a job opening. Are you going to apply?

44:45 - Rob Campbell (Co-host)
You know I might. You've got those three degrees you could put to work. Yeah, I'm a little missing out on the non-profit requirements. If they can look past that, I'm good. It sounds pretty slick.

45:01 - Jonathan Bennett (Host)
Rob Campbell for BDFL, for GNOME, I'd buy it, I'd buy it, I'd buy it and I'd vote for you.

45:06 - Ken McDonald (Co-host)
Is that a part-time job?

45:07 - Rob Campbell (Co-host)
Thanks for the support. No, it's full-time. Well, they do have unlimited PTO or unlimited sick days, I mean. So I guess you can be part-time. Anyway, are you looking for a job in the open source community? But maybe you don't actually have the skills.

45:27
The Gnome Foundation announced this week they have opened their search for a new executive director to lead the Gnome project moving forward. In this job role you would play a critical role in shaping the strategic direction of the foundation and work closely with staff, community members and partners to extend our reach and impact. The ideal candidate will have professional experience working with nonprofits, which you know. I guess. I've worked with some nonprofits a little bit. I've fixed their computers and installed some you know software for them, so I guess maybe I do. Also a strong passion for open source, and you know what. That's why I'm here. A deep commitment to their community values and I use GNOME and the vision to drive the next phase of GNOME's growth and development. You know, at the beginning I didn't think I fit, but you know what. I think I might fit, exactly what they need. But I'm not going to hog it to myself If this job is something you think you can handle and you're interested. Here are the benefits that you can expect Salary in US dollars $120,000 to $150,000 annually.

46:53
Obviously 30 days of PTO. That's paid time off, vacation days or whatever, if you're not familiar with that lingo. Also including federal holidays, so you get all the federal holidays off too, and there's unlimited sick days. So if you're sick, you're sick. There's also comprehensive healthcare coverage for US applicants, because the rest of the world doesn't have to worry about that. Along with a 401k retirement plan Also I believe that is a US thing they said so a pretty decent package. I mean I know it's not the half a million multi-million that you're getting at like Firefox, but I mean it's GNOME and it, I don't know, sounds pretty good to me. You know the job posting. It is open until September 20th, so act now, because you got six more days as we're recording. This, if you're interested, should be pretty easy to do. I mean, especially considering if anyone paid attention to the last short lived executive director they had. I think anyone can do it.

48:16 - Jeff Massie (Co-host)
I'm just curious about are they unemployed on unlimited six days?

48:23 - Jonathan Bennett (Host)
I don't think they're paid six days yeah I was gonna say I bet they're, they're not unpaid, uh that would be unpaid time off yeah, so pto, yeah I. I am hopeful that the next person that comes to lead gnome is willing to clean house there, because I really feel like that's what needs to happen. I'm curious is the existing uh bureaucracy going to pick the next leader, or is the community going to vote?

48:54 - Rob Campbell (Co-host)
oh, you know, they didn't say anything about that's probably for the community.

48:56 - Ken McDonald (Co-host)
They have a board, don't they?

48:57 - Rob Campbell (Co-host)
that's probably for the community. They have a board, don't they? That's probably who will hire them.

49:01 - Ken McDonald (Co-host)
Yeah that probably doesn't bode well that's probably the problem.

49:07 - Jonathan Bennett (Host)
I think it's like if you applied rob.

49:11 - Jeff Massie (Co-host)
yeah, if you applied rob and said, all right, I'm gonna come in and clean house and do all that and they're going to go, yeah, I'd like my job where it is.

49:20 - Rob Campbell (Co-host)
I'm going to leave the board alone, which I don't think. The executive director has much say over the board anyway Usually not.

49:31 - Jonathan Bennett (Host)
Usually it's the other way around.

49:33 - Ken McDonald (Co-host)
Yeah, yeah, and from looking at the job description, he's basically just the front man.

49:43 - Rob Campbell (Co-host)
I mean, that's all. Any executive director is President, CEO, executive director. They're just a pretty face for the company.

49:51 - Jeff Massie (Co-host)
Well, they should be setting a good one, should be setting direction, yeah, and large initiatives that they then hand to their subordinates, to work on the details.

50:03 - Jonathan Bennett (Host)
I think a lot of picking of high-position people falls to the executive too Picks the VPs and some of that stuff.

50:13 - Rob Campbell (Co-host)
Yeah, stuff, yeah. And then the vps pick the directors or managers and they pick the supervisors and then the people at the bottom of the chain as actually do the work. Yeah, yeah, and that person at the top doesn't know what they're doing. They just hope that each person down the chain is, uh, following the vision yeah, see, I would.

50:36 - Jeff Massie (Co-host)
I would argue, though, that you could really, as long as you only had a basic understanding. You don't have to know all the details, because that's where, if you can pick smart people that you can trust because you know, one of the leadership things is if you have a team and you should be the dumbest person in the room. You should have smarter people than you working for you, so that you can trust what they're saying.

51:03 - Rob Campbell (Co-host)
And that's really kind of my point. I mean, you don't need to know how to program, you don't need to necessarily know how to code the desktop.

51:12 - Ken McDonald (Co-host)
You know what, rob, maybe you are the most qualified candidate for this position.

51:18 - Jonathan Bennett (Host)
Well done, Ken. I was thinking that and trying to figure out how to put it. You got him.

51:27 - Rob Campbell (Co-host)
I got three votes here at least. Yeah, all right, I was voting for you. Three KDE users voted for me.

51:36 - Jonathan Bennett (Host)
What's that mean? All right, Ken, let's talk about some Rust. Have we talked about Redux? Have we talked about Redux OS on the show? Oh, we have.

51:45 - Ken McDonald (Co-host)
We've touched on it, and since we have touched on this Rust-based OS in the last few episodes, I thought it only fitting to talk about Redux this week, especially since Michael Larrabelle wrote about their latest release. I am talking about Redox OS 0.9. Release 0.9 is a big update, with it being quite a while since their prior release. Redox OS 0.9 integrates various apps from the Cosmic Desktop environment being developed by System76. It also has massive performance and stability improvements compared to prior versions. There is also improved process thread lifecycle and signaling cleanups across its codebase and huge improvements to Linux and BSD program portability. Some key improvements include faster system calls and context switching, improved virtual and physical memory management and improved LISIS file system performance. Redox OS 0.9 now supports the Unix path format, replacing the previous URI format used, improving compatibility with POSIX Linux libraries and programs. It also has ports of the first HTTP web server and the GNU, nano and Helix editors. It is recommended to try Redux OS in a virtual machine before trying it on real hardware.

53:24
Redux OS 0.9 supports Intel and AMD 64-bit and 32-bit CPUs. It even supports ARM 64-bit, with limitations. Now ACPI and PCI interfaces are supported. No USB hardware interface is currently supported yet, though it does support USB keyboard, mouse and touch pad. For input. You have VGA, gop and LLVM pipe video support. For sound, it supports the Intel and Realtek chipsets and, of course, the PC speaker. Now IDE, sata and NVMe storage are supported and you have support for the Intel Gigabit, intel 10 Gigabit and Realtek Ethernet chipsets. Wi-fi support is expected soon. Redox does have integration with QEMU and VirtualBox. Now Michael's article includes a link to redox-osorg. Now Michael's article includes a link to redox-osorg, where you can find more about Redox OS 0.9 and learn how to run Redox images in a virtual machine, which is what I would recommend. Don't use it on your production machine.

54:54 - Jonathan Bennett (Host)
How many years did it take for Linux to finally land good support for pretty much all of the Wi-Fi cards out there?

55:02 - Rob Campbell (Co-host)
Oh, I don't know how many years has Linux been 33 years.

55:08 - Jonathan Bennett (Host)
Yeah, it took a long time, can we say we're there. We're pretty much there, because now when companies put out new Wi-Fi cards, they go and they port it to Linux, like it's pretty much just part of the process.

55:23 - Rob Campbell (Co-host)
Now we are there with current generation. I think where it fails still is a lot of people try to use Linux to bring life back to old computers, and that's when Some of those aren't supported.

55:39 - Ken McDonald (Co-host)
Yeah, where Redux has the advantage is it can just try to rewrite some of the drivers that Linux is using for Redux.

55:50 - Jonathan Bennett (Host)
Yeah, and you could even see them doing something like making a wrapper, a wrapper for wireless drivers. Boy, there's an interesting idea why didn't nobody think of? Oh, indus, wrapper is a thing it's a painful thing that I've tried to use before. Anyway, I forgot about that. Yeah, I'm sorry. I'm sorry to have reminded you of the pain of trying to make hardware work on linux, oh my goodness.

56:13
So kudos to them for trying. It's. One of the fun things about redox is, uh, you know, with the, with the whole rust in the kernel thing, there's been a few people that say, well, if you really want rust in a kernel, why don't you go write your own? And there's at least one developer on twitter that is like we are writing our own.

56:30 - Ken McDonald (Co-host)
It's called redox the way I see it, we're here yeah if you're getting tired of the shenanigans politics in the Linux kernel, then try Redux.

56:50 - Jonathan Bennett (Host)
Yeah, so I guess that's the big question. So that's a valid point, and that's kind of what the dude on Twitter was saying. The question to ask yourself, though, is where is the politics coming from in the kernel? Is it coming from the old school kernel guys, or is it coming from the Rust developers? And if it's the Rust devs that are the problem, then going to Redux is not going to help with that. Not to throw shade on either group, but that is what comes to mind.

57:17
I think it's a generational problem um, it might be to some extent. I think there's also just always going to be friction when you do something that big and that new and in something that's been around for a long time, like friction, friction between groups, is it's part of it's part of working on stuff.

57:40 - Ken McDonald (Co-host)
Yeah, they'll work it out. Oh, what Friction between family members.

57:46 - Jonathan Bennett (Host)
Yeah, that's true. You hope you work it out. What about friction with permissions in things like Ubuntu 2410?

57:54 - Jeff Massie (Co-host)
We're trying to get rid of it. So Ubuntu is bringing some security control to 2410 in the way of permissions prompting. The information comes from an Ubuntu discourse article which is linked in the show notes and this is actually part five in the 24.10 development cycle, the document. So there's more reading for those who want to learn more about what's coming and some thoughts behind why. So back to our article that again is linked.

58:23
The permission prompting is to better understand what a program is doing, but also to control it. I'm sure there's a lot of us who have smartphones and when we've added an application, the OS would then prompt and say this app needs access to your contacts and your camera and microphone. We would then say yes to those, depending on what kind of app and what we're doing with it. You know the app to change your background color probably doesn't need your contacts permission, while the message a meme, a day application. It would make sense to have it Now. I just made those apps up, so any app that does that is strictly coincidental. But the way the control works is in the article. They give an example in the form of a snap and its permission. You know it's Ubuntu, we got to talk about snaps. So when creating a snap, there's a set of interfaces, and an interface is the connection that an app needs to talk to other apps or parts of the file system for the information it needs, or even the network however you're connected to the outside world. Then, two, when a snap is installed, an AppArmor profile is generated and it specifies the interfaces it needs. In the AppArmor profile when the snap requests access to a particular piece of information or communicate with another program, it then checks the AppArmor profile to see if it has permission to access the interface. Previously, if AppArmor profile said it doesn't have permission, it would just be denied. Now it can prompt and let the user decide if they will allow access or not.

59:57
In the article in the show notes they show images of how granular the permission can be. In their example, firefox is asking for write access to the downloads directory for a specific file. Now you can run this in two modes in this example. So in the simplified version, you can give access to everything in the downloads folder, everything in a subfolder, that's, you know, inside the downloads folder, or even just specific file, along with read access.

01:00:23
In the power version there are custom path names that can be set. You know. You can again set only the specific file or even file type, such as allow only access to png files in that directory, and you can set the duration from once to always. You know whatever you feel that is needed. So take a look at the article in the show notes, as it is a long article with images of the current and new permission flow charts, along with deeper detail on what's going on, you know, and including what is still to come, as the feature isn't finished yet and they're looking for feedback on how things are working, both good and bad, and suggestions for improvements. So just kind of a side note. You know I'm kind of really looking forward to 24.10 as it looks to be a large step forward for the Ubuntu family. So as soon as I can try it, I will load it up and I will give feedback on what I think about 24.10. But lots of good stuff coming.

01:01:24 - Jonathan Bennett (Host)
It's almost time for that. It is September already, and that is coming up soon before you know it.

01:01:32 - Jeff Massie (Co-host)
I need to load up the daily build and give it a shot.

01:01:37 - Jonathan Bennett (Host)
You know, I think this ability to have more in-depth permissions is one of the most interesting things about Snap. You don't think you can do it with app images, but I think you can do it with the other containers. Flatpak, yeah, flatpak. I think it's one of the most interesting things about it is to be able to have those fine-grained permissions. So I like the fact that Ubuntu is kind of leaning into that and trying to make it work even more with better controls.

01:02:06 - Jeff Massie (Co-host)
And to me the biggest analogy is, like you said, your phone. Oh yeah, hey, it wants to do this, and sometimes you're like sure, and you're going, other times, no, you can't have my contacts, or you know.

01:02:18 - Jonathan Bennett (Host)
This flashlight app really does not need to be able to see all of your files.

01:02:23 - Rob Campbell (Co-host)
I'm pretty much saying no, you can't see my contacts all the time.

01:02:27 - Ken McDonald (Co-host)
Yeah, or to access your.

01:02:31 - Jonathan Bennett (Host)
Wi-Fi Indeed, indeed, yeah, indeed, yeah. And just just a general note when you find an application that asks for one of those really weird and unexplained um permissions, just just uninstall it, go find something else. But no, like seriously, if you find a flashlight app that wants to be able to look at your files, look at your pictures, uninstall it and look for something else, yeah any of those, any of those things that just don't make any sense for what it's trying to do, and it may not be malicious.

01:03:01 - Rob Campbell (Co-host)
It could just be not a very good developer who doesn't know how to properly request their permissions.

01:03:09 - Jeff Massie (Co-host)
Well, yeah, or it's how you have to it's a template that requests everything, why not use it?

01:03:15
No, a long time ago there was a. I had question everything why not use it? No, long long time ago there was a fact I had a flashlight app before flashlights were common and built-in phones and it had to have camera access and it even described it had to have camera access to be able to control the led to to give the light. So sometimes that stuff can be bundled together but, like in this app and I did a whole bunch of research and verified that it wasn't uh, malicious, but you know, it's just kind of like well, we need access to this one piece, but I have to ask for access in this whole sub section yeah, you see something similar with, like bluetooth access is um, it's location on android To be able to access Bluetooth.

01:03:57 - Jonathan Bennett (Host)
That is also location, and it's the weirdest thing, until you realize that Google considers the ability to map out the other Bluetooth devices that, in effect, it gives you somebody's location and Google makes use of that. So there are some of those that there are surprising but good explanations, but then there's some of them that just there is no good explanation for this.

01:04:21
And there are malicious apps, like there are malicious apps even right now on the Google Play Store, because there's basically a billion apps and it is not possible for Google to actually check all of them.

01:04:33 - Jeff Massie (Co-host)
Well, there is a good reason. It's malicious and it's trying to rip you off.

01:04:38 - Jonathan Bennett (Host)
Well, it's not good, but it's a reason.

01:04:41 - Jeff Massie (Co-host)
Yeah, yep, yep, yep. It's a good reason with a bad outcome. I suppose, I suppose, or maybe I should say valid reason.

01:04:49 - Jonathan Bennett (Host)
There you go. All right, let's get into some command line tips. We're going to let Rob go first with hard info.

01:04:57 - Rob Campbell (Co-host)
Hard info. Yes, to let rob go first with, uh, hard info. Hard info, yes, that is. Uh, that's describing my workout routine. No, uh, so that is not a command line. It is a a simple little app to display a whole bunch of info about your system. So sudo, apt, install hardinfo is all you gotta do if you're on like Debian and Ubuntu, and here is one of the test machines that I have it on for demonstration purposes here. This is, as you can see, it's an Ubuntu 2310. I should update that, but it is just a test VM.

01:05:45
You know, it's the CPU. It says the RAM, so the graphics storage, printer audio, if I go on, you know. If I go into summary, it kind of says all that too. Operating system kernel mode boots has the boot dates, languages, info on the file systems hey, look at all these stupid Snap loop file systems in here. This is why I hate Snap. This is what makes Rob crazy. If Snaps did not have this stupid thing right here, I would be all in. Fix that one stupid thing. Okay, anyway, sorry for that.

01:06:33
Let's go on. Displays, information, environmental variables, development users, groups that let's go on. Displays, information, environmental variables, development users groups, ms groups, groups. There's devices you know you can processor and information memories, PCI devices, usb let's skip down has a whole bunch of stuff about hardware battery printers, network stuff. There's a little benchmarks section here so you can hit the cpu blowfish and it's going to give you some some numbers. There there's a cpu, crypto, hash, fibonacci and queens zlib, different cpu. There's a fpu. There there's a GPU drawing did that earlier and this is a VM with nothing. It gave me like the lowest score ever after drawing a whole bunch of things on the screen. But no, I guess I can, you know, get that started here. But that is just a quick little app if you want on your system to easily get a really good graphical view of all your hardware very cool.

01:07:44 - Jonathan Bennett (Host)
I I'm not sure if I was aware of hard info or not, but I like it. Um all, right up next we've got ken with fine mount. Part two ken is muted.

01:08:01 - Ken McDonald (Co-host)
Yes, we do. And we're going to start off part two with demonstrating what we'd previously done, which was use findMount with the dash in dash, dash, source label equals tumbleweed, and then use giving you at the target and the source as the output, which is just simply that now you can also use fine mount to get put in the device itself, which is what I'm doing here, and that's going to be the same thing for the tumbleweed storage device. I've got hooked up and now we're going to our my passport and use it and we go ahead and put it back up and and it should be once it's mounted, own sb, once it's mounted on SB SDB one, and it is. But here's the problem If I unmount it and in between putting it back on I put another USB drive in, well, there's the other drive and there's my passport and I mount that. If I do a search for SPD, it doesn't find it because SPD one is not mounted. There's a way around that and what I've got is where I take and encapsulate the find FS command with label equals my passport and use that to identify the source for find now, which works fine.

01:10:45
Now, one other thing that you can do with find mount is dash P and it's just going to sit there until the status of a device changes. Yes, it is. And now if I unmount my passport, it gives that. Since I don't have any files that I'm using on Tumbleweed, I can unmount that and you'll see that. So you've got that. And in the show notes I've also got a little script. If you're finished watching, just control C and it'll go back out. And in the show notes I've got a little script that I ran. I wrote up that I just called test here, where you can put the label you're looking for and it comes back with either that.

01:11:59
Or if it's actually plugged in something different and just waiting for the device to be found. Now I'll mount it. There we go, cool, you notice what device it is now. It's no longer SD-B, it's a C one.

01:12:39 - Jonathan Bennett (Host)
Yep Cool, super useful. All right, jeff, what do you have for us?

01:12:47 - Jeff Massie (Co-host)
I have Planify, which is kind of like it sounds. It's an open source tool that will help you plan. Now in the show notes it's Planify Task Manager. This is not your operating system task manager, it's basically a to-do list application so it can be set to give you pop-up reminders. You can add sections to a project and even break things into higher and lower priority subsections of that project.

01:13:16
It know it's just kind of a note-taking device and reminder device. So there's a bunch of preferences and you can customize on how it looks. And it can interface with CalDAV C-A-L-D-A-V, which is an extension of WebDAV and that provides a standard for clients to access calendar information on a remote server. For example, google provides a CalDAV interface you can use to view and manage calendars using CalDAV protocol. So, which means you can either host this program yourself or you can use it with other services. So you know if you need something to organize yourself, this might be the tool for you. It's available as a snap or in the flat hub store, so pretty much any distro should have access. Take a look at the article linked in the show notes for several pictures of how the interface looks and you can better decide if this is something you need if you need a little organization in your life and some reminders of tasks you have to do.

01:14:13 - Rob Campbell (Co-host)
I assume this is more for personal task management and not quite project manager level.

01:14:19 - Jeff Massie (Co-host)
No, no, no, not project manager. You can say you know plan Thanksgiving supper and you can go okay, I got to make sure I get the turkey, I got to make sure I make the dessert. You know, make sure Aunt Becky brings her famous. You know sure, aunt becky brings her famous, you know mashed potatoes, and so it's. It's more for that level of project, it's not I, I do use some of my own.

01:14:45 - Rob Campbell (Co-host)
I have used various ones for my own uh personal list, just so I I don't forget to do things. But uh, I should see if there's a good project management one out there. I'd be. I'd be interested in that also. Yeah, I could see that.

01:15:00 - Jeff Massie (Co-host)
Microsoft Project.

01:15:02 - Rob Campbell (Co-host)
Yeah, I said a good project management one Microsoft Project's fine, but open source is really what I mean.

01:15:09 - Jonathan Bennett (Host)
Yeah, open source is really nice. I'm sure there is.

01:15:13 - Jeff Massie (Co-host)
And for anybody that hasn't used Project, it looks kind of like Excel. It acts nothing like it and is also one of the. It's kind of like Vim Very, very powerful once you get over the learning curve of how to use it.

01:15:28 - Jonathan Bennett (Host)
Makes sense. All right, I've got a command line tip and it's audit D and audit CTL Something I think not many of us have messed around with, but it's actually really pretty powerful. On Fedora and Red Hat systems it seems to be installed and running by default. It's available on Ubuntu and derivatives and you have to install the audit D package there and get it started. But basically what this does is it is real-time auditing rules where you can say any time this thing happens, I want you to write it to the audit log, and so just a couple of examples here.

01:16:06
So auditctl-l will list the rules that you have. I think you have to run all this with sudo. Auditctl-l will list the rules that are there On my machine. When I first did this, I had a never comma task rule at the top and that needed to get removed before I could do much of anything else. So audit CTL dash capital D clears the list, and then you could do things like audit CTL dash W and give it a file. So in this case it was slash, etc. Slash, ssh, slash, sshd, underscore config and then a dash pwrx which says I want to know when someone writes, accesses, reads or executes, and then dash k for sshd config and what this will do is anytime that file is touched on the computer, you get a several actually line messages going to the audit CT of the audit daemon and you can do things like system calls. You can get all of those.

01:17:11
You set your system calls so you could say, any times the time change system, time change system call is used, I want it audited and so like this could actually be really really useful for running down bugs as well as like security auditing. Um, it's really again, it's not something that I've ever really used before, but it it. It looks to me like it is a super powerful tool and definitely when you're in a particularly niche. Well, I could see, on one hand, set this up on a server and be able to go back and check has anybody messed with my SSH keys, just, for instance, or has anybody read the shadow password file while I've been away?

01:17:54
But also, if you've got a bug and you're trying to figure out like okay, why is this happening? Is this system call being made by anything? You set up an audit rule and then you can go oh, this application is what makes this system call every 30 minutes, and so super useful there. Cool yeah, are you guys familiar? Have you used the audit D and audit CTL? The auditing stuff is built right into the kernel, apparently.

01:18:19 - Jeff Massie (Co-host)
I didn't know it existed.

01:18:23 - Ken McDonald (Co-host)
And it does require running it as sudo only apparently.

01:18:26 - Jonathan Bennett (Host)
Yes, all of your interactions with this has to be as root or sudo. In fact, if you try to run it without, it just says please run this command with sudo.

01:18:36 - Ken McDonald (Co-host)
On my case it said you must be rude to run this program, yeah yeah, yeah, basically same thing.

01:18:42 - Jonathan Bennett (Host)
Yeah, same thing. All right. Well, fun, it's been a good show. I will let each of the guys get their plugs in or, if they want to, uh get the ending ending word on something. We'll let rob go first. I bet rob's gonna beg for some coffee.

01:18:55 - Rob Campbell (Co-host)
Yes. So, like every week, I'm thirsty because I'm all out Empty. So for those who want to help fill my palate, you can go to my website that way RobertPCampbellcom Right there, and from there you can find this link right here. So it looks like a coffee cup. That is where you click on and there you click donate and just select a whole bunch of coffees and then just finish filling it out. But if you've already given me coffees, you can still get me more. But I'd also enjoy just connecting with you on the social medias and professionally.

01:19:41
I got the linkedins so you can connect with me there. See all my professional ramblings. I got the twitters I I I don't do a whole lot there, but it's there if you want. And I have the Mastodon. That's the other place I am more active. I'm probably fairly equal on uh, on Mastodon and LinkedIn and depending on the topic, I guess. So come there, connect with me, donate a coffee and hey, you know we could, we could uh, connect up on a LinkedIn video and I could drink that coffee and we could chat. Wait, is LinkedIn that video? I don't know. I don't know. I believe it does.

01:20:27 - Ken McDonald (Co-host)
All right, Ken. Well, I just want to give you a teaser for next week. Everybody's probably used mount at one time or another to mount devices. I'm going to show another tool besides mount that time or another to mount devices. I'm going to show another tool besides mount that can be used to mount devices oh fun, all right, and jeff uh, not much on social media.

01:20:49 - Jeff Massie (Co-host)
I do have a twitter or I guess, x. Now I have a instagram, I am on linkedin, but I'm not very active. So, in in light of that, I'm just going to leave with a little poem. Won't you please observe a brief moment of silence for the dead server? Thank you everyone. Have a great week.

01:21:11 - Jonathan Bennett (Host)
Touching. All right, and as far as my stuff goes, of course I'm going to plug Hackaday. You can find the security column there. You can also find Floss Weekly there. This past week we talked with Andreas Kling about Lady Bird. We called it Champagning the Lady Bird Browser Because Aaron told me he goes. No, no, you shouldn't call it dog fooding, where a company uses their own software. They're not eating their own dog food, they're drinking their own champagne. So that is what we called that episode, just for fun. But you can find Floss there. It records on Tuesdays and we make the post live on Hackaday on Wednesdays. The security column goes live on Friday and so, yeah, check those out.

01:21:51
Appreciate the guys being here. Thank you for your time and coming along with us, and we appreciate everybody being here, those that watch us live and on the download, and we will see you next week on the Untitled Linux Show. Hey folks, do you need more Twit in your life? Do you really wish you could be part of the conversation on Discord? Well, you need to be part of Club Twit. It's not much more than the price of a cup of coffee per month. You get access to the Discord, add free shows and more. Come check out club twit.

 

All Transcripts posts