Learn how to use rsyslog and systemd-journald to get information about what’s happening on your system.
Read More at Enable Sysadmin
3 ways to monitor time on OpenShift nodes
Learn how to monitor OpenShift nodes for NTP inaccuracies, corrections, or time drift occurrences.
Read More at Enable Sysadmin
OpenSSF Announces 15 New Members To Further Strengthen Open Source Software Supply Chain Security
Expands core working groups ahead of OpenSSF Day
SAN FRANCISCO, May 9, 2022 – The Open Source Security Foundation (OpenSSF) a cross-industry organization hosted at the Linux Foundation that brings together the world’s most important software supply chain security initiatives, today announced 15 new members from leading software development, cybersecurity, financial services, communications, and academic sectors.
This round of commitments is led by two new premier members, Atlassian and Sonatype, who will join the OpenSSF governing board. New general member commitments come from Arnica, Bloomberg, Comcast, Cycode, F5 Networks, Futurewei Technologies, Legit Security, Sectrend, SUSE, and Tenable.
“We are thrilled to welcome Atlassian and Sonatype, two companies who play critical roles in modern software development and security, to the OpenSSF governing board”, Brian Behlendorf, General Manager at OpenSSF. “Open source software supply chain attacks threaten the very foundations of innovation that billions of people rely upon. Our 15 new members join a growing community of organizations, developers, researchers, and security professionals that are investing time and resources required to respond in this constantly evolving threat landscape.”
Open source software has become the foundation on which our digital economy is built. As noted in the Linux Foundation’s 2022 Software Bill of Materials (SBOM) and Cybersecurity Readiness report, 98% of organizations use open source regularly. The same study revealed that 72% of organizations are very or extremely concerned about software security. Recent vulnerabilities, such as the one impacting Log4j, have caused many organizations to prioritize software supply chain security and realize the need to be fully abreast of the open source ecosystem, as well as contributing to it. From governments to businesses, open source security has been brought to the top of the agenda as a priority issue to address and as a result, OpenSSF is seeing membership rise at a rapid pace.
The latest commitments follow a productive period for OpenSSF in which the foundation expanded its core working groups to include Securing Software Repositories. This group aims to improve cybersecurity practices where developers download open source packages most often.
Furthermore, on June 20th, the foundation will host a full day of sessions at OpenSSF Day. Presentations, delivered by working group leaders, will include subjects such as Best Practice Badges and Other Good Practices, Three Things Your Open Source Project Must Consider, and Securing Critical Projects. The day will conclude with a panel discussion on the Future of Securing Open Source Software. Registration and attendance are free for all those attending the Open Source Summit conference.
Premier Member Quotes
Atlassian
“Open source software is critical to so many of the tools and applications that are used by thousands of development teams worldwide. Consequently, the security of software supply chains has been elevated to the top of most organizations’ priorities in the wake of recent high-profile vulnerabilities in open source software. Only through concerted efforts by industry, government and other stakeholders can we ensure that open source innovation continues to flourish in a secure environment. This is why we are happy to be joining OpenSSF, where we can collaborate on key initiatives that raise awareness and drive action around the crucial issues facing software supply chain security today. As a premier member, we’re excited to be a key contributor to driving meaningful change and we are optimistic about what we can achieve through our partnership with OpenSSF and like-minded organizations within its membership.” – Adrian Ludwig, Chief Trust Officer, Atlassian
Sonatype
“As the maintainers of the largest repository of open source components in Maven Central, we have a unique view into how great the demand for open source has become in recent years. However, as that demand has grown, bad actors have recognized the power of open source and are seeking to use that against the industry. As these software supply chain attacks become more commonplace, open source developers have become the frontline of this battle. Our key mission at Sonatype is to help people understand their software supply chain, and harness all of the good that open source has to offer, without any of the risk. OpenSSF and its members share a similar vision. I’m excited to play a bigger role in OpenSSF as a board member and collectively work with other members to keep open source ecosystems safe and secure, as we all figure out how to battle both new and old attacks on the community.” – Brian Fox, CTO and co-founder, Sonatype
General Member Quotes
Arnica
“Software supply chain attack vectors have consistently caught the security community off-guard. Based on Arnica’s research across all attacks since 2018, we found two consistent root causes. One, improper access management to source code and two, inability to detect abnormal behavior in the developer toolset. The journey to solve these gaps is long and we are working on perfecting each risk mitigation strategy one-by-one, starting with introducing the first-ever self-service access management for GitHub.” – Nir Valtman, Co-Founder and CEO, Arnica
Bloomberg
“We are incredibly excited to join the Open Source Security Foundation (OpenSSF), whose values of public good, openness and transparency, and diversity, inclusion, and representation, align with those of Bloomberg. As an ‘Open Source First’ organization, we greatly value open source and its use within the finance sector, and we are fully committed to helping secure the open source software supply chain, something we have invested in via an ongoing collaboration between our CTO Office and Engineering organization.” – Gavin McNay, Security Architect in Bloomberg’s CTO Office
Comcast
“Comcast is committed to open source software. We use it to build products, attract talent, and develop our technology to improve the customer experience. When it comes to open source security, everyone plays a role. We are thrilled to join OpenSSF with the global open-source community to see how we can continue to evolve to make open-source development even more secure.” – Shilla Saebi, Open Source Program Office Lead, Comcast Cable
F5 Networks
“The growth of open source usage has magnified the importance of advancing OSS supply chain security for all, which can only be achieved as a shared priority among the industry. At F5, we are committed to ensuring our customers’ apps are fast, available and secure in any environment. That is why we value the work of the Open Source Security Foundation and its participating members, and look forward to sharing our domain expertise to help advance this important work.” – Geng Lin, EVP and Chief Technology Officer, F5
Futurewei Technologies
“OpenSSF is a premier and leading organization on open source security. Futurewei is very excited to join OpenSSF, and to engage in the conversations on the important topics of open source security and sustainability. We look forward to exciting discussions and collaborations with OpenSSF.” – Chris Xie, Head of Open Source Strategy and Business Development
Legit Security
“Legit Security is pleased to join OpenSSF to advance the security of software supply chains within the open-source ecosystem as well as giving organizations tools to secure the infrastructure that makes up the SDLC – such as pipelines and systems. Attacks on software supply chains are estimated to increase between three to six times per year and are a global threat. We look forward to working with OpenSSF to publish security research and contribute tools and code for more secure software delivery and consumption across the entire community.” – Liav Caspi, CTO of Legit Security
Sectrend
“We feel very excited to be a part of this industry-leading Open Source Security foundation (OpenSSF). Together with other top-notch peers around the globe in various sectors under this initiative, we, Sectrend, are aiming to assist organizations of any size address the security and license compliance risks from open-source software. Securing the software supply chain is very critical for every company. Within the framework of OpenSSF or the Linux Foundation, Sectrend will make a tremendous contribution to this community-driven process in tooling, training, research, best practices, and consulting. Beyond Security, More than Open Source.” – Alex Xue, CEO, Sectrend
SUSE
“According to recent research in an Economist Impact survey, 95% of organizations are practicing open innovation, demonstrating how open source software is critical to business’s infrastructure and applications. With this comes the need for software to be secure and is why SUSE takes a proactive stance against security and compliance risks, leveraging tools for full lifecycle security including vulnerability management, CI/CD pipeline security, run-time security and government security certifications. SUSE is joining OpenSSF to further collaborate with the efforts to ensure the security of the open source software supply chain.” – Brent Schroeder, Head of SUSE’s Office of the CTO
Tenable
“We’re proud to be part of OpenSSF and join so many industry peers who understand the critical importance of securing open-source software and its associated supply chain. Log4j showed the world how pervasive OSS use is and how vulnerable it can be if the proper development and controls are not put in place to protect it. Tenable’s commitment to increasing visibility in attack surfaces includes shifting left to secure software development and helping organizations understand where the risks are throughout their systems.” – Glen Pendley, CTO, Tenable
The foundation also announced new Associate Members, including the Eclipse Foundation, China Academy of Information and Communications Technology (CAICT) and Chinese Academy of Sciences (ISCAS).
Additional Resources
View the complete list of the OpenSSF membersAttend OpenSSF Day at the Linux Foundation’s Open Source Summit on June 20 Contribute efforts to one or more of the active OpenSSF working groupsRead the OpenSSF and Harvard’s Census II Report, shedding light on the most commonly used FOSS packages at the application library level
About OpenSSF
Hosted by the Linux Foundation, the OpenSSF (launched in August 2020) is a cross-industry organization that brings together the industry’s most important open source security initiatives and the individuals and companies that support them. It combines the Linux Foundation’s Core Infrastructure Initiative (CII), founded in response to the 2014 Heartbleed bug, and the Open Source Security Coalition, founded by the GitHub Security Lab to build a community to support open source security for decades to come. The OpenSSF is committed to collaboration and working both upstream and with existing communities to advance open source security for all. For more information, please visit: https://openssf.org/
About the Linux Foundation
Founded in 2000, the Linux Foundation and its projects are supported by more than 1,800 members and is the world’s leading home for collaboration on open source software, open standards, open data, and open hardware. Linux Foundation’s projects are critical to the world’s infrastructure, including Linux, Kubernetes, ONAP, Node.js, Hyperledger, RISC-V, and more. The Linux Foundation’s methodology focuses on leveraging best practices and addressing the needs of contributors, users, and solution providers to create sustainable models for open collaboration. For more information, please visit us at: linuxfoundation.org
Media Contacts
Babel for OpenSSF
The post OpenSSF Announces 15 New Members To Further Strengthen Open Source Software Supply Chain Security appeared first on Linux Foundation.
How to manage tuning profiles in Linux
Use Tuned to monitor your Linux system and optimize its performance for specific workloads.
Read More at Enable Sysadmin
Open@RIT: The Birth of an Academic OSPO
This post originally appeared on Linux.com. The author, Stephen Jacobs, is the director of Open@RIT and serves on the Steering Committee of the TODO Group and served as a pre-board organizer of the O3DE Foundation. Open@RIT is an associate member of the Linux Foundation.
What Is An Academic OSPO?
The academic space has begun to see activity around the idea of Open Source Program Offices at colleges and universities. Like their industry counterparts, these offices lead or advise administrative efforts around policy, licensing compliance, and staff education. But they can also be charged with efforts around student education, research policies and practices, and the faculty tenure and promotion process tied to research.
Johns Hopkins University (JHU) soft-launched their OSPO 2019, led by Sayeed Choudhury, Associate Dean for Research Data Management and Hodson Director of the Digital Research and Curation Center at the Sheridan Libraries in collaboration with Jacob Green with MOSS Labs. Other universities and academic institutions took notice.
Case Study: Open@RIT
I met Green at RIT’s booth at OSCON in the summer of 2019 and learned about JHU’s soft launch of their OSPO. Our booth showcased RIT’s work with students in Free and Open Source humanitarian work. We began with a 2009 Honors seminar course in creating educational games for the One Laptop per Child program. That seminar was formalized into a regular course, Humanitarian Free and Open Source Software. (The syllabus for the course’s most recent offering can be found at this link)
By the end of 2010, we had a complete “Course-to-Co-Op lifecycle.” Students could get engaged in FOSS through an ecosystem that included FOSS events like hackathons and guest speaker visits, support for student projects, formal classes, or a co-op experience. In 2012, after I met with Chris Fabian, co-founder of UNICEF’s Office of Innovation, RIT sent FOSS students on Co-Op to Kosovo for UNICEF. We later formally branded the Co-Op program as LibreCorps. LibreCorps has worked with several FOSS projects since, including more work with UNICEF. In 2014 RIT announced what Cory Doctorow called a “Wee Degree in Free,” the first academic minor in Free and Open Source Software and Free Culture.
All of these efforts provided an excellent base for an RIT Open Programs Office. (more on that missing “s” word in a moment) With the support of Dr. Ryne Raffaelle, RIT’s VP of Research, I wrote a “white paper” on how such an office might benefit RIT. RIT’s Provost, Dr. Ellen Granberg, suggested a university-wide meeting to gauge interest in the concept, and 50 people from 37 units across campus RSVP’d to the meeting. A subset of that group worked together (online, amid the early days of the pandemic) to develop a “wish list” document of what they’d like to see Open@RIT provide in terms of services and support. That effort informed the creation of the charter for Open@RIT approved by the Provost in the summer of 2020.
An Open Programs Office
Open@RIT is dedicated to fostering an “Open Across The University” as a collaborative engine for Faculty, Staff, and Students. Its goals are to discover and grow the footprint, of RIT’s impact on all things Open including, but not limited to, Open Source Software, Open Data, Open Science, Open Hardware, Open Educational Resources, and Creative Commons licensed efforts; what Open@RIT refers to in aggregate as “Open Work.” To highlight the wide constituency being served the choice was made to call it an Open Programs Office to avoid being misread as an effort focusing exclusively on software. The IEEE (which Open@RIT partners with), in their SA Open effort , made the same choice.
In academia, there’s growing momentum around Open Science efforts. Open Science (a term that gets used interchangeably with “Open Research” and “Open Scholarship”) refers to a process that keeps all aspects of scientific research, for the formation of a research plan onward, in the Open. This Scientific American Op-Ed (that mentions Open@RIT) points to the need for academia to become more Open. Open Educational Resources (I.E., making course content, texts, etc., Free and Open) is another academic effort that sees broad support and somewhat lesser adoption (for now).
While the academic community favors Open Science and Open Educational Resource practices, it’s been slow to adopt them. This recently released guide from the National Academies of Science, Engineering, and Mathematics, a bellwether organization, adds pressure to academia to make those changes.
What’s Open@RIT Done Since The Founding?
Drafting Policies and Best Practices Documents
Policy creation in academia is and should be slow and thoughtful. Open@RIT’s draft policy on Open Work touches every part of the research done at the university. It’s especially involved as it needs to cover three different classes of constituents. Students own their IP at RIT (a rarity in academia) except when the university pays them for the work that they do (research assistance ships, work-study jobs, etc.), Staff (the University owns their IP in most cases), and Faculty. The last are a special case in that researchers and scientists are expected to publish their work but may need to work with the university to determine commercialization potential. It also needs to address Software, hardware, data, etc.
Our current draft is making the rounds to the different constituencies and committees, and that process will be completed at some point in academic year 21-22. In the meantime, parts of it will be published as Open@RIT’s best practices in our playbook, targeted for release before the end of Fall semester. Our recommendations for citing and supporting Open Work in Tenure and Promotion will also be part of the playbook and its creation is supported by the Alfred P. Sloan Foundation grant and by the LFX Mentorship program.
Faculty and Staff Professional Development
In October of 2020, The Alfred P. Sloan Foundation funded a proposal by Open@RIT funding some general efforts of the unit and, in particular, a LibreCorps team to support what we’re now calling the Open@RIT Fellows Program. We’re charged with supporting 30 faculty projects over two years and already have twenty-one that have registered, with about one-third of those project support requests completed or in progress. In many ways, the Open@RIT Fellows program could be considered an “Inner Source” effort.
This Zotero curated collection of articles, journal papers, book chapters, and videos on various aspects of Open Work and Open scholarship is the first step in our professional development efforts. It includes links to drafts of our recommendations around releasing Open Work and on building your evaluation, tenure and promotion cases with Open Work. We hope to offer professional development-related workshops in late fall or early spring of the coming AY.
Student Education
Open@RIT is wrapping up our “Open Across the Curriculum” efforts. While we’ve had several courses and a minor in place, they mostly were for juniors and seniors. Those classes were modified to begin accepting sophomores, and some new pieces are being brought into play.
At RIT, students are required to take an “Immersion,” a collection of three courses, primarily from liberal arts, designed to broaden students’ education and experiences outside of their majors. The Free Culture and Free and Open Source Computing Immersion does just that and opens to students this fall.
Within the month, Open@RIT will distribute a set of lecture materials to all departments for opt-in use in their freshman seminars that discuss what it means for students to own their IP in general and, specifically, what Opening that IP can mean in science, technology, and the arts.
Once the last pieces fall into place, students will be able to learn about Open as Freshmen, take one or both of our foundational FOSS courses Humanitarian Free and Open Source Software and Free and Open Source Culture as Sophomores and then go on to the Immersion (three courses) or the Minor (five courses) should they so choose.
Advisory Board and Industry Service
Open@RIT meets three times/year with our advisory board, consisting of our alums and several Open Source Office members from Industry and related NGOs.
Open@RIT is active in FOSS efforts and organizations that include IEEE SA Open, Sustain Open Source’s Academic and Specialized Projects Working Group and CHAOSS Community’s Value working group.
Next Steps
By the end of 2022, Open@RIT will complete all of the points in its charter, hold a campus conference to highlight Open Work being done across the university, and complete a sustainability plan to ensure its future.
The post Open@RIT: The Birth of an Academic OSPO appeared first on Linux Foundation.
Writing Ansible inventory files, troubleshooting Linux, and more sysadmin tips
Check out Enable Sysadmin’s top 10 articles from April 2022.
Read More at Enable Sysadmin
Pstore, The Linux Kernel Persistent Storage File System
Linux kernel pstore, the Linux kernel pe
Click to Read More at Oracle Linux Kernel Development
An Ansible playbook for solving a new problem from scratch
Automation means spending time upfront to save a lot more time in the future.
Read More at Enable Sysadmin
How to install RHEL 9
Red Hat Enterprise Linux 9 offers significant new features for hybrid cloud organizations. Here’s how to install it so you can start testing.
Read More at Enable Sysadmin
Classic SysAdmin: How to Install and Use Wine to Run Windows Applications on Linux
This is a classic article written by Jack Wallen from the Linux.com archives. For more great SysAdmin tips and techniques check out our Essentials of Linux System Administration course!
Back in the mid 90s and early 00s, Linux, being a fledgling operating system, suffered from a severe lack of useful applications. This issue was especially critical in the world of business ─ where Windows desktop applications could make or break productivity. To overcome this weakness, a compatibility layer called WINE was created. The name originally stood for Wine Is Not an Emulator (because everyone mistook the tool for a Windows emulator). The name is now simply Wine.
Effectively, what Wine did was to allow Windows applications to run on the Linux platform. It wasn’t perfect, and the supported apps were limited. If you wanted Notepad, Calculator, or Solitaire…you were good to go.
But then something interesting happened. Over time more and more applications were supported until Wine became a must-have tool for many users and businesses (and especially Linux gamers). To date there are thousands of fully supported applications that now run on Wine (check out the application database for a full list) and that list is ever growing. Granted most of the Wine work is focused on games, but you’ll still find a healthy list of productivity apps available.
You might think, because of the complexity of bringing such a tool to life, that Wine would be complicated to install and use. That assumption would be incorrect. In fact, the developers of Wine have gone out of their way to make the compatibility layer as user-friendly as possible. What exactly does that mean? To make this easier, let’s walk through the process of installing Wine and then installing and running a Windows application with the tool.
I will demonstrate the process on Elementary OS Freya and install the latest version of Wine.
Installation
If you are running an Ubuntu derivative, you’ll find Wine located in the Software Center. Chances are, however, that version is outdated. Because of that, we want to avoid installing the “out of the box” version offered. To do this, we must add the official Wine repository. This can be done one of two ways, via command line or GUI. Since our goal is running Windows applications, let’s use the GUI method.
Here’s how:
Click on the Applications menu
Type software
Click Software & Updates
Click on the Other Software tab
Click Add
Enter ppa:ubuntu-wine/ppa in the APT line section (Figure 2)
Click Add Source
Enter your sudo password
Click Authenticate
Click Close
When prompted, click Reload
Open the Software Center
Search for Wine
Click the Wine entry and then click Install
Allow the installation to complete.
That’s it. Wine is now ready to help you install and run Windows applications. Remember, however, that not every application will work. Most will, but if you’re looking to get your in-house, proprietary solution up and running, you might hit a few snags.
Installing and running an app
Let’s install a very popular programmers notepad—Notepad++. You’ll want to download the file from a location that doesn’t include third-party app install options (which can cause the application installation to fail). To be safe, download the Notepad++ installer from Filehippo. You will find .exe file for Notepad in your Downloads directory. Right-click that file and select Open in Wine Windows Program Loader (Figure 3).
Upon first run, the Wine configuration for ~/.wine will be updated. This can, depending upon the speed of your machine, take a bit of time. Allow this to finish and then the all-too-familiar Windows installation wizard will start up and walk you through the installation of Notepad++.
Click Next and walk through the installation process. When the second screen pops up (Figure 4), you will notice a rather un-Linux Folder path.
Linux doesn’t contain a C drive as does Windows. Is this wrong? No. If you look in the ~/.wine folder, you will notice a folder called drive_c. Within that folder lies three familiar sub-folders:
Program Files
users
windows.
As you might expect, this is your C drive. All of that is to say, leave the Folder path as-is during installation.
You will eventually come to the Choose Components section of the installation (Figure 5). Here you can select options for the installation. If your particular desktop environment allows desktop icons (and that is your preference for launching apps), you might want to select Create Shortcut on Desktop (to make the launching of the newly installed app easier—more on this in a moment).
The installation will complete and present you with the Finish screen. Leave the Run Notepad box checked and click Finish. Notepad++ will run (Figure 1).
What happens, if you didn’t add the app icon to your desktop, when you want to run the software again? This is one issue that can easily trip users up. Remember that Program Files sub-directory? If you venture into that folder, you’ll see a folder for Notepad++ which contains the notepad++.exe file. Guess what? Right-click that file, select Open in Wine Windows Program Loader, and Notepad++ will run.
Notepad++ is a simple example of how Wine works. When you dive into more complicated applications, your results may vary. The best thing to do is to go back to the Wine application database, locate the app you want to install, click on it, and check the current app status. You will find every app lists the version of Wine tested, if it installs, if it runs, and gives it a rating. There are:
Platinum: Applications which run flawlessly out of the box.
Gold: Applications which run with some modifications necessary.
Silver: Applications which run with minor issues that do not affect usage.
You will also find some apps listed as Garbage, which means they won’t install and/or run.
If you have a Windows app that simply doesn’t have a Linux equivalent, never fear ─ Wine is here to assist you. Even though not every Windows app will run under Wine, the collection of apps that do is seriously impressive. And considering most everything we do nowadays is handled within a web browser, with a little help from Wine, you should be covered from every angle.
Ready to continue your Linux journey? Check out our Essentials of Linux System Administration course!
The post Classic SysAdmin: How to Install and Use Wine to Run Windows Applications on Linux appeared first on Linux Foundation.