Open-source News

Microsoft: KB5014678 Windows Server 2022 update adds WSL2 support  BleepingComputer

Software Engineer (Linux Networking)  IT-Online

In recent years, DevOps, which aligns incentives and the flow of work across the organization, has become the standard way of building software. By focusing on improving the flow of value, the software development lifecycle has become much more efficient and effective, leading to positive outcomes for everyone involved. However software development and IT operations aren’t the only teams involved in the software delivery process. With increasing cybersecurity threats, it has never been more important to unify cybersecurity and other stakeholders into an effective and united value stream aligned towards continuous delivery.

At the most basic level, there is nothing separating DevSecOps from the DevOps model. However, security, and a culture designed to put security at the forefront has often been an afterthought for many organizations. But in a modern world, as costs and concerns mount from increased security attacks, it must become more prominent. It is possible to provide continuous delivery, in a secure fashion. In fact, CD enhances the security profile. Getting there takes a dedication to people, culture, process, and lastly technology, breaking down silos and unifying multi-disciplinary skill sets. Organizations can optimize and align their value streams towards continuous improvement across the entire organization. 

To help educate and inform program managers and software leaders on secure and continuous software delivery, the Linux Foundation is releasing a new, free online training course, Introduction to DevSecOps for Managers (LFS180x) on the edX platform. Pre-enrollment is now open, though the course material will not be available to learners until July 20. The course focuses on providing managers and leaders with an introduction to the foundational knowledge required to lead digital organizations through their DevSecOps journey and transformation.

LFS180x starts off by discussing what DevSecOps is and why it is important. It then provides an overview of DevSecOps technologies and principles using a simple-to-follow “Tech like I’m 10” approach. Next, the course covers topics such as value stream management, platform as product, and engineering organization improvement, all driving towards defining Continuous Delivery and explaining why it is so foundational for any organization. The course also focuses on culture, metrics, cybersecurity, and agile contracting. Upon completion, participants will understand the fundamentals required in order to successfully transform any software development organization into a digital leader.

The course was developed by Dr. Rob Slaughter and Bryan Finster. Rob is an Air Force veteran and the CEO of Defense Unicorns, a company focused on secure air gap software delivery, he is the  former co-founder and Director of the Department of Defense’s DevSecOps platform team, Platform One, co-founder of the United States Space Force Space CAMP software factory, and current member of the Navy software factory Project Blue. Bryan is a software engineer and value stream architect with over 25 years experience as a software engineer  and leading development teams delivering highly available systems for large enterprises. He founded and led the Walmart DevOps Dojo which focused on a hands-on, immersive learning approach to helping teams solve the problem of “why can’t we safely deliver today’s changes to production today?” He is the co-author of “Modern Cybersecurity: Tales from the Near-Distant Future”, the author of the “5 Minute DevOps” blog, and one of the maintainers of MinimumCD.org. He is currently a value stream architect at Defense Unicorns at Platform One. 

Enroll today to start your journey to mastering DevSecOps practices on July 20!

The post Learn the Principles of DevSecOps in New, Free Training Course appeared first on Linux Foundation.

Many software projects are not prepared to build securely by default, which is why the Linux Foundation and Open Source Security Foundation (OpenSSF) partnered with technology industry leaders to create Sigstore, a set of tools and a standard for signing, verifying and protecting software. Sigstore is one of several innovative technologies that have emerged to improve the integrity of the software supply chain, reducing the friction developers face in implementing security within their daily work.

To make it easier to use Sigstore’s toolkit to its full potential, OpenSSF and Linux Foundation Training & Certification are releasing a free online training course, Securing Your Software Supply Chain with Sigstore (LFS182x). This course is designed with end users of Sigstore tooling in mind: software developers, DevOps engineers, security engineers, software maintainers, and related roles. To make the best use of this course, you will need to be familiar with Linux terminals and using command line tools. You will also need to have intermediate knowledge of cloud computing and DevOps concepts, such as using and building containers and CI/CD systems like GitHub Actions, many of which can be learned through other free Linux Foundation Training & Certification courses.

Upon completing this course, participants will be able to inform their organization’s security strategy and build software more securely by default. The hope is this will help you address attacks and vulnerabilities that can emerge at any step of the software supply chain, from writing to packaging and distributing software to end users.

Enroll today and improve your organization’s software development cybersecurity best practices.

The post Free Training Course Teaches How to Secure a Software Supply Chain with Sigstore appeared first on Linux Foundation.

Cardano and Linux Creator Linus Torvalds Meet in Fireside Chat  U.Today

Debian-Based Clonezilla Live 3.0.1 Disk Imaging/Cloning Tool Released with Linux 5.18  9to5Linux

Arm Linux IoT gateway ships with up to 8GB RAM, offers dual GbE, 4G LTE, WiFi 6, BLE 5.3, GNSS connectivity  CNX Software

Rewritten NIR Code For Old Radeon "R600" Linux Driver Improves Performance In 2022  Phoronix

The open-source Mesa "R600" Gallium3D driver for supporting AMD graphics processors prior to the Radeon HD 7000 series, a rewritten NIR back-end has been published that enables better performance and proper FP64 usage...

With the AMD Radeon "HIP" acceleration in Blender 3.2 with the Cycles back-end, an unfortunate early limitation is that this is limited to just AMD RDNA2 (Radeon RX 6000 series) graphics processors while prior generation RDNA1 GPUs have issues with some textures like those used in the benchmarks. This week though AMD did post a new patch for Blender enabling HIP support on Windows and Linux for Vega/GFX9 graphics...

One of the multi-year efforts in the GNOME Wayland camp has been on deep color support and it's been of interest to Ubuntu developers among other parties. After not hearing about any progress on GNOME Wayland deep color support in a while, some progress is now being made...

Merged yesterday into Linux 5.19 as a post merge window change is making the kernel's signature verification code FIPS compliant...

Leading Arch Linux derivative Manjaro puts out version 21.3  The Register

AMD today released a new update to AMDVLK, their official open-source Radeon Vulkan driver for Linux systems that is derived from their internal Vulkan driver sources while plumbed to use the open-source LLVM AMDGPU shader compiler back-end. For Linux gamers this driver doesn't remain as popular as Mesa's RADV but the update today does deliver on some game performance optimizations...

Privilege Escalation Attacks: Types, Examples and Defence  Security Boulevard

FoundriesFactory® Supports Arm's Project Cassini for Secure Production Edge Deployments  PR Newswire

The post 8 Best MySQL/MariaDB GUI Tools for Linux Administrators first appeared on Tecmint: Linux Howtos, Tutorials & Guides .

MySQL is one of the most widely-used open-source relational database management systems (RDBMS), that has been around for a long time. It is an advanced, fast, reliable, scalable, and easy-to-use RDBMS intended for mission-critical,

The post 8 Best MySQL/MariaDB GUI Tools for Linux Administrators first appeared on Tecmint: Linux Howtos, Tutorials & Guides.

Open-Source Technologies, Issues on Display at Linux Foundation Summit  LinuxInsider.com

30 years later, Linus Torvalds is still delighted by Linux  TechRadar

Manage your Rust toolchain using rustup Gaurav Kamathe Wed, 06/22/2022 - 03:00 2 readers like this 2 readers like this

The Rust programming language is becoming increasingly popular these days, used and loved by hobbyists and corporations alike. One of the reasons for its popularity is the amazing tooling that Rust provides making it a joy to use for developers. Rustup is the official tool used to manage Rust tooling. Not only can it be used to install Rust and keep it updated, it also allows you to seamlessly switch between the stable, beta, and nightly Rust compilers and tooling. This article will introduce you to rustup and some common commands to use.

Default Rust installation method

If you want to install Rust on Linux, you can use your package manager. On Fedora or CentOS Stream you can use this, for example:

$ sudo dnf install rust cargo

This provides a stable version of the Rust toolchain, and works great if you are a beginner to Rust and want to try compiling and running simple programs. However, because Rust is a new programming language it changes fast and a lot of new features are frequently added. These features are part of the nightly and later beta version of the Rust toolchain. To try out these features you need to install these newer versions of the toolchain, without affecting the stable version on the system. Unfortunately, your distro’s package manager can’t help you here.

Installing Rust toolchain using rustup

To get around the above issues, you can download an install script:

$ curl --proto '=https' --tlsv1.2 \
-sSf https://sh.rustup.rs > sh.rustup.rs

Inspect it, and then run it. It doesn’t require root privileges and installs Rust accordingly to your local user privileges:

$ file sh.rustup.rs
sh.rustup.rs: POSIX shell script, ASCII text executable
$ less sh.rustup.rs
$ bash sh.rustup.rs

Select option 1 when prompted:

1) Proceed with installation (default)
2) Customize installation
3) Cancel installation
> 1

After installation, you must source the environment variables to ensure that the rustup command is immediately available for you to use:

$ source $HOME/.cargo/env

Verify that the Rust compiler (rustc) and Rust package manager (cargo) are installed:

$ rustc --version
$ cargo --version

Programming and development Red Hat Developers Blog Programming cheat sheets Try for free: Red Hat Learning Subscription eBook: An introduction to programming with Bash Bash shell scripting cheat sheet eBook: Modernizing Enterprise Java See installed and active toolchains

You can view the different toolchains that were installed and which one is the active one using the following command:

$ rustup showSwitch between toolchains

You can view the default toolchain and change it as required. If you’re currently on a stable toolchain and wish to try out a newly introduced feature that is available in the nightly version you can easily switch to the nightly toolchain:

$ rustup default
$ rustup default nightly

To see the exact path of the compiler and package manager of Rust:

$ rustup which rustc
$ rustup which cargoChecking and Updating the toolchain

To check whether a new Rust toolchain is available:

$ rustup check

Suppose a new version of Rust is released with some interesting features, and you want to get the latest version of Rust. You can do that with the update subcommand:

$ rustup updateHelp and documentation

The above commands are more than sufficient for day-to-day use. Nonetheless, rustup has a variety of commands and you can refer to the help section for additional details:

$ rustup --help

Rustup has an entire book on GitHub that you can use as a reference. All the Rust documentation is installed on your local system, which does not require you to be connected to the Internet. You can access the local documentation which includes the book, standard library, and so on:

$ rustup doc
$ rustup doc --book
$ rustup doc --std
$ rustup doc --cargo

Rust is an exciting language under active development. If you’re interested in where programming is headed, keep up with Rust!

Rustup can be used to install Rust and keep it updated. It also allows you to seamlessly switch between the stable, beta, and nightly Rust compilers and tooling.

Image by:

Opensource.com

Rust Programming What to read next 5 Rust tools worth trying on the Linux command line 5 signs you might be a Rust programmer This work is licensed under a Creative Commons Attribution-Share Alike 4.0 International License. Register or Login to post a comment.