Be Social

Follow

Hot Products

Shopping cart

 x 

Cart empty

Linux Journal

Articles in Linux Journal cover the range from desktop how-tos to kernel hacking, always balanced to give both newcomers and long-term Linux users maximum enjoyment. See our Web site for an author's guide and list of upcoming topics and deadlines: http://linuxjournal.com/author/index.

  1. Keep Smart Assistants from Spying on You with Alias, Security Advisory for Old scp Clients, Major Metasploit Framework Release, Mozilla Working on a New Browser for Android and VirtualBox 6.0.2 Is Out

    News briefs for January 16, 2019.

    A new open-source hardware project called Alias will keep Amazon and Google smart assistants from spying on you. According to the project's GitHub page, "Alias is a teachable 'parasite' that is designed to give users more control over their smart assistants, both when it comes to customisation and privacy. Through a simple app the user can train Alias to react on a custom wake-word/sound, and once trained, Alias can take control over your home assistant by activating it for you."

    A security advisory from Harry Sintonen was issued this week concerning the scp clients in OpenSSH, PuTTY and more. LWN quotes the advisory: "Many scp clients fail to verify if the objects returned by the scp server match those it asked for. This issue dates back to 1983 and rcp, on which scp is based. A separate flaw in the client allows the target directory attributes to be changed arbitrarily. Finally, two vulnerabilities in clients may allow server to spoof the client output."

    A new major release of the open-source Metasploit Framework is now available. According to the Rapid7 blog post, version 5.0 of the penetration-testing tool is the first milestone update since version 4.0 came out in 2011. Along with a new release cadence, "Metasploit's new database and automation APIs, evasion modules and libraries, expanded language support, improved performance, and ease-of-use lay the groundwork for better teamwork capabilities, tool integration, and exploitation at scale."

    Mozilla is working on a new Android browser called Fenix. According to ZDNet, this "new non-Firefox browser for Android is apparently targeted at younger people, with Mozilla developers on GitHub tagging the description, 'Fenix is not your parents' Android browser'." In addition, mockups suggest that Fenix developers are "currently toying with the idea of putting the URL bar and home button down at the bottom of user interface."

    VirtualBox 6.0.2 was released yesterday, the first maintenance release of the 6.0 series. This release fixed a conflict between Debian and oracle build desktop files, fixed building drivers on SLES 12.4, fixed building shared folder driver with older kernels and much more. See the changelog for all the details.

  2. Bash's Built-in printf Function

    bash

     

    Even if you're already familiar with the printf command, if you got your information via "man printf" you may be missing a couple of useful features that are provided by bash's built-in version of the standard printf(1) command.

  3. Where There's No Distance or Gravity

    The more digital we become, the less human we remain.

    I had been in Los Angeles only a few times in my life before the October day in 1987 when I drove down from our home in the Bay Area with my teenage son to visit family. The air was unusually clear as we started our drive back north, and soon the San Gabriel Mountains—Los Angeles' own Alps (you can ski there!)—loomed over the region like a crenelated battlement, as if protecting its inhabitants from cultures and climates that might invade from the north. So, on impulse, I decided to drive up to Mount Wilson, the only crest in the range with a paved road to the top.

    I could see from the maps I had already studied that the drive was an easy one. Our destination also was easily spotted from below: a long, almost flat ridge topped by the white domes of Mount Wilson Observatory (where Hubble observed the universe expanding) and a bristle of towers radiating nearly all the area's FM and TV signals. The site was legendary among broadcast engineering geeks, and I had longed to visit it ever since I was a ham radio operator as a boy in New Jersey.

    After checking out the observatory and the towers, my son and I stood on a promontory next to a parking lot and surveyed the vast spread of civilization below. Soon four visiting golfers from New York came over and started asking me questions about what was where.

    I answered like a veteran docent, pointing out the Rose Bowl, Palos Verdes Peninsula, Santa Catalina and other Channel Islands, the Hollywood Hills, the San Fernando Valley, the Jet Propulsion Laboratory, Santa Anita Park and more. When they asked where the Whittier Narrows earthquake had happened a few days before, I pointed at the Puente Hills, off to the southeast, and filled them in on what I knew about the geology there as well.

    After a few minutes of this, they asked me how long I had lived there. I said all this stuff was almost as new to me as it was to them. "Then how do you know so much about it?", they asked. I told them I had studied maps of the area and refreshed my knowledge over lunch just before driving up there. They were flabbergasted. "Really?", one guy said. "You study maps?"

    Indeed, I did. I had maps of all kinds and sizes at home, and the door pockets of my car bulged with AAA maps of everywhere I might drive in California. I also added local and regional Southern California maps to my mobile inventory before driving down.

  4. Participate in Fedora Test Day Today, Netrunner Announces Netrunner 19.01 Blackbird, Security Patch for GNOME Bluetooth Tools in Ubuntu 18.04, New Giant Board SBC from Groboard and Linspire Posts Development Roadmap for 2019-2020

    News briefs for January 15, 2019.

    Today is Fedora Test Day for kernel 4.20. To participate, you just need to be able to download the test materials (which include some large files) and read and follow directions. See the wiki page for more information on how to participate.

    Netrunner yesterday announced the release of Netrunner 19.01 Blackbird. This desktop distro is based on Debian Testing, and updates with this version include KDE Plasma 5.14.3, KDE Frameworks 5.51, KDE Applications 18.08, Qt 5.11.3 and many more. It also sports a new look and feel called "Netrunner Black" among other changes. You can get the Netrunner 19.01 ISO from here.

    Canonical yesterday released a security patch for the GNOME Bluetooth tools to address a security vulnerability with Ubuntu 18.04. Softpedia News reports that security researcher Chris Marchesi discovered the vulnerability in the BlueZ Linux Bluetooth stack, "which made it incorrectly handle disabling Bluetooth visibility, allowing a remote attacker to possibly pair to Bluetooth devices." All Ubuntu 18.04 LTS users should update immediately to the gnome-bluetooth 3.28.0-2ubuntu0.1 and libgnome-bluetooth13 3.28.0-2ubuntu0.1 packages from the official repos. See the wiki for detailed instructions.

    Groboards has launched a new "tiny, Adafruit Feather form-factor 'Giant Board' SBC that runs Linux on Microchip's SiP implementation of its Cortex-A5-based SAMA5D SoC and offers 128MB RAM, micro-USB, microSD and I/O including ADC and PWM", Linux Gizmos reports. There's no pricing or availability information yet, but see the OSH Park blog and the Groboards site for specs and more info.

    Linspire recently posted its development roadmap for Linspire and Freespire releases for 2019 and 2020. The Linspire CE 8.0 Office 365 Edition is planned for February 21, 2019, with Linspire Server on April 14, 2019. Freespire 4.5 is planned for May 5, 2019 and Freespire 5.0 is scheduled for November 15, 2019.

  5. Linux Thursday - Jan 13, 2019 - Lingering Cough Edition

    Please support Linux Journal by subscribing or becoming a patron.

  6. Purism Announces Version 4 of Its Laptops, KDE Frameworks 5.54.0 Now Available, Debian 10 Default Theme Chosen, Linux Kernel 5.0-rc2 Is Out and Mozilla to Disable Flash in Firefox 69

    News briefs for January 14, 2019.

    Purism announced the fourth version of its Librem laptops today. The Librem 13 and 15 will be "now be upgraded with a 7th Gen Intel Core i7-7500U Processor with integrated HD Graphics that still works with coreboot. In addition, the Librem 15 display will be upgraded to 4K resolution. Upgraded models are available now for purchase whether you pick Librem 13: the road warrior or Librem 15: the desktop replacement." Note that the base cost will remain the same despite these updates (the Librem 15 is $1599, and the Librem 13 is $1399).

    KDE announced the release of KDE Frameworks 5.54.0. This release is part of a series of planned releases for the 80 addon libraries for Qt that make up KDE Frameworks. See the announcement for the full list of changes/fixes and download links.

    The Debian team announced that "futurePrototype" by Alex Makas will be the default theme for Debian 10 "Buster". The theme was selected via survey from 11 submitted themes; 3,646 people participated in the voting.

    Linux kernel 5.0-rc2 is out. Linus wrote, "Were there some missing commits that missed the merge window? Yes. But no more than usual. Things look pretty normal." For the full message, see the LKML.

    Mozilla plans to disable Adobe Flash Player in Firefox 69, which should launch in September 2019. According to Softpedia, "The next step for Mozilla is then to remove support for Flash Player entirely, so starting with early 2020, consumer versions of Firefox would no longer work with Adobe's plugin."

  7. Python Testing with pytest: Fixtures and Coverage

    Python

    Improve your Python testing even more.

    In my last two articles, I introduced pytest, a library for testing Python code (see "Testing Your Code with Python's pytest" Part I and Part II). pytest has become quite popular, in no small part because it's so easy to write tests and integrate those tests into your software development process. I've become a big fan, mostly because after years of saying I should get better about testing my software, pytest finally has made it possible.

    So in this article, I review two features of pytest that I haven't had a chance to cover yet: fixtures and code coverage, which will (I hope) convince you that pytest is worth exploring and incorporating into your work.

    Fixtures

    When you're writing tests, you're rarely going to write just one or two. Rather, you're going to write an entire "test suite", with each test aiming to check a different path through your code. In many cases, this means you'll have a few tests with similar characteristics, something that pytest handles with "parametrized tests".

    But in other cases, things are a bit more complex. You'll want to have some objects available to all of your tests. Those objects might contain data you want to share across tests, or they might involve the network or filesystem. These are often known as "fixtures" in the testing world, and they take a variety of different forms.

    In pytest, you define fixtures using a combination of the pytest.fixture decorator, along with a function definition. For example, say you have a file that returns a list of lines from a file, in which each line is reversed:

    
    def reverse_lines(f):
       return [one_line.rstrip()[::-1] + '\n'
               for one_line in f]
    
    

    Note that in order to avoid the newline character from being placed at the start of the line, you remove it from the string before reversing and then add a '\n' in each returned string. Also note that although it probably would be a good idea to use a generator expression rather than a list comprehension, I'm trying to keep things relatively simple here.

    If you're going to test this function, you'll need to pass it a file-like object. In my last article, I showed how you could use a StringIO object for such a thing, and that remains the case. But rather than defining global variables in your test file, you can create a fixture that'll provide your test with the appropriate object at the right time.

    Here's how that looks in pytest:

  8. Weekend Reading: All Things Bash

    Bash shell

    Bash is a shell and command language. It is distributed widely as the default login shell for most Linux distributions. We've rounded up some of the most popular Bash-related articles for your weekend reading.

     

    Writing More Compact Bash Code

    By Mitch Frazier

    In most programming languages, non-scripting ones at least, you want to avoid uninitialized variables. In bash, using uninitialized variables can often simplify your code.

     

    Normalizing Filenames and Data with Bash

    By Dave Taylor

    URLify: convert letter sequences into safe URLs with hex equivalents.

     

    Roman Numerals and Bash

    By Dave Taylor

    Fun with retro-coding a Roman numeral converter—Dave heads back to his college years and solves homework anew! 

    Also read Dave's followup article, More Roman Numerals and Bash.

     

    Create Dynamic Wallpaper with a Bash Script

    By Patrick Wheelan

    Harness the power of bash and learn how to scrape websites for exciting new images every morning.

     

    Developing Console Applications with Bash

    By Andy Carlson

    Bring the power of the Linux command line into your application development process.

     

    Parsing an RSS News Feed with a Bash Script

    By Jim Hall

    I can automate an hourly job to retrieve a copy of an RSS feed, parse it, and save the news items to a local file that the website can incorporate. That reduces complexity on the website, with only a little extra work by parsing the RSS news feed with a Bash script.

     

    Hacking a Safe with Bash

    By Adam Kosmin

    Being a minimalist, I have little interest in dealing with GUI applications that slow down my work flow or application-specific solutions (such as browser password vaults) that are applicable only toward a subset of my sensitive data. Working with text files affords greater flexibility over how my data is structured and provides the ability to leverage standard tools I can expect to find most anywhere.

     

    Graph Any Data with Cacti!

    By Shawn Powers

  9. Episode 12: Vendor Lock-in

    Episode 12: Vendor Lock-in cover

    Katherine Druckman and Doc Searls talk to Linux Journal's Technical Editor, Kyle Rankin, about vendor lock-in.

    Links mentioned:

    Lessons in Vendor Lock-in: Shaving

    Lessons in Vendor Lock-in: Messaging

  10. Keeping Your Episodic Contributors to Open-Source Projects Happy

    open source

    Community managers have long been advised to nurture top contributors, but it is also important to consider infrequent and casual (episodic) contributors. There are more potential episodic contributors than habitual ones, and getting the most out of your episodic contributors can require reconsidering your strategies for retaining and incorporating contributors.

    There are several reasons you should care about episodic contributors, other than just numbers. Getting more people involved can help more people learn about a project, and new people also bring new ideas. Furthermore, many tasks can be done effectively by episodic contributors, freeing habitual contributors to perform other work. Smaller communities might benefit from contributions to documentation or translations, while communities of all sizes can use extra temporary help when running an event.

    Greater benefits are realized when the contributors know something about the community and the work because of their previous engagement, and thus require less time to understand their role. An upcoming scientific study looked at what factors are associated with episodic contributors continuing to return to a community to participate (the article will be available starting in February 2019; see the Resources section at the end of this article). This article describes the key findings of the research.

    The Design

    Five factors were expected to positively influence an episodic contributor's intention to continue participating, as shown in Figure 1.

    Figure 1. Proposed Model of Factors Associated with Retention

    Contributor Benefit Motivations

    Contributor benefit motivations describes contributor motives that benefit the contributor, such as learning new skills, having fun and improving job prospects. In free and open-source software, these motivations are generally linked to retention.

    Social Norms

    Social norms describes how the people the participant interacts with on a daily basis—friends, family, co-workers and neighbors—view contributing to free software and open-source software projects. Earlier work found this factor to be relevant for people volunteering for a number of non-profit organizations.

    Psychological Sense of Community

    Psychological sense of community describes the motivation stemming from the affinity a person experiences when meeting and engaging with a group. Previous research has shown that this factor is relevant for both habitual and episodic participants.

    Satisfaction