Home Blog Page 81

Rucksack: A Python tool that stores your favorite Linux one-liners

This open source Python tool is like a dictionary for your one-line Linux commands, with autocompletion to make using them easier.

Read More at Enable Sysadmin

How to get started with the Vi editor

Once you’ve committed Vi’s keyboard shortcuts to muscle memory, watch how fast you work.

Read More at Enable Sysadmin

How to get started with the ed text editor

Ed is one of the oldest, smallest, and most powerful text editors available.

Read More at Enable Sysadmin

5 ways to make your Ansible modules work faster

Optimize how you use Ansible modules to speed up your playbooks.

Read More at Enable Sysadmin

8 ways to speed up your Ansible playbooks

Here’s how to optimize your Ansible playbooks to make them run faster.

Read More at Enable Sysadmin

The OpenSSF and the Linux Foundation Address Software Supply Chain Security Challenges at White House Summit

WASHINGTON (January 13, 2022) Today marks an important moment in the Linux Foundation’s history of engagement with public sector organizations. The White House convened an important cross-section of the Open Source developer and commercial ecosystem along with leaders and experts of many U.S. federal agencies to identify the challenges present in the open source software supply chain and share ideas on ways to mitigate risk and enhance resilience.

At the meeting, the Linux Foundation and the Open Source Security Foundation (OpenSSF) represented their hundreds of communities and projects by highlighting collective cybersecurity efforts and sharing their intent to work with the administration across public and private sectors.

Linux Foundation Executive Director Jim Zemlin said, “Safeguarding critical infrastructure includes securing the software that runs its banking, energy, defense, healthcare, and technology systems. When the security of a widely-used open source component or application is compromised, every company, every country, and every community is impacted. This isn’t a problem unique to the US government; it’s a global concern. We applaud the US government’s leadership in facilitating a stronger focus on open source software security and look forward to collaborating with the global ecosystem to make progress. In particular, the OpenSSF is our key initiative to address the broad set of open source software supply chain challenges, and it was very heartening to hear our work identified and endorsed by other participants in the meeting as a basis for further collaboration.” 

Executive Director of the Open Source Security Foundation, Brian Behlendorf commented, “During today’s meeting, we shared a set of key opportunities where, with sufficient commitments from everyone, we could make a substantial impact on the critical endeavors needed to protect and improve the security of our software supply chains. The open source ecosystem will need to work together to further cybersecurity research, training, analysis, and remediation of defects found in critical open source software projects. These plans were met with positive feedback and a growing, collective commitment to take meaningful action. Following the recent log4j crisis, the time has never been more pressing for public and private collaboration to ensure that open source software components and the software supply chains they flow through demonstrate the highest cybersecurity integrity.”

Brian continued, “Through efforts such as our working groups on Best Practices, Identifying Critical Projects, Metrics and Scorecards, Project Sigstore, and more to be announced soon, the OpenSSF has already had an impact on many of the key areas discussed during today’s meeting. We are ready to further these efforts and welcome all new participants and resources that this conversation and further such conversations may bring.”

About the Linux Foundation 

Founded in 2000, the Linux Foundation is supported by more than 1,800 members and is the world’s leading home for collaboration on open source software, open standards, open data, and open hardware. Linux Foundation’s projects are critical to the world’s infrastructure, including Linux, Kubernetes, Node.js, Hyperledger, RISC-V, and more.  The Linux Foundation’s methodology focuses on leveraging best practices and addressing the needs of contributors, users, and solution providers to create sustainable models for open collaboration. For more information, please visit us at https://www.linuxfoundation.org/

About the OpenSSF

The OpenSSF is a cross-industry collaboration that brings together leaders to improve the security of open source software (OSS) by building a broader community, targeted initiatives, and best practices. The OpenSSF brings together open source security initiatives under one foundation.

Media Contacts

Jennifer Cloer

503-867-2304

jennifer@storychangesculture.com

The post The OpenSSF and the Linux Foundation Address Software Supply Chain Security Challenges at White House Summit appeared first on Linux Foundation.

Baumer, Infineon, Qualcomm Innovation Center, Percepio and Silicon Labs Select Zephyr RTOS for their Next Generation of Products and Solutions

SAN FRANCISCO, January 13, 2022 The Zephyr Project announces a major milestone today with Baumer joining as a Platinum member and Infineon Technologies, Qualcomm Innovation Center, Inc., Percepio and Silicon Labs joining as Silver members. These new members have selected Zephyr RTOS as one of the key technologies to build their next generation of connected products and solutions.

Zephyr, an open source project at the Linux Foundation that builds a safe, secure and flexible real-time operating system (RTOS) for resource-constrained devices, is

easy to deploy, secure, connect and manage. It has a growing set of software libraries that can be used across various applications and industry sectors such as Industrial IoT, wearables, machine learning and more. Zephyr is built with an emphasis on broad chipset support, security, dependability, longterm support releases and a growing open source ecosystem.

“Zephyr fits where Linux can’t,” said Kate Stewart, Vice President of Dependable Embedded Systems at the Linux Foundation. “It will help these new members with development, delivery, and maintenance across a wide variety of products and models. We look forward to working with our new members to improve the technology their products and solutions are based on.”

Zephyr LongTerm Support (LTS) Release

In October 2021, the Zephyr community of almost 500 contributors made the LTS v2 release available that offers vendors a customizable operating system that supports product longevity, security and interoperability. Product developers aren’t locked into a particular architecture, back-end platform or cloud provider and will have the freedom to choose from an ecosystem of hardware. Additionally, products based on the LTS release will benefit from a maintained code base throughout their development and deployment lifecycle. The LTS will serve as the baseline for the auditable version of Zephyr, which will benefit both the maintained LTS and development branches. Learn more about the LTS v2 here.

Commitment to Zephyr

Baumer, one of the international leading companies for smart sensors, encoders and digital cameras for industrial automation, joins other Platinum members Antmicro, Google, Intel, Meta, Nordic Semiconductor, NXP and Oticon. Roman Kellner, Embedded Software Team Lead at Baumer, will join the Governing Board and its commitment to ensure balanced collaboration and feedback that meets the needs of its community.

“The mission of the Governing Board is to cultivate an innovative relationship among stakeholders to advance the Zephyr Project’s support of new hardware, developer tools, sensors, and drivers, while maximizing the functionality of devices that run applications developed using the Zephyr RTOS,” said Barna Ibrahim, Zephyr Governing Board member and Marketing Committee Chair. “We are ecstatic to welcome Roman to the board and look forward to working more closely with Baumer.”

“Baumer as a sensor manufacturer relies on the capabilities of microcontrollers in a wide performance range for our product portfolio,” said Roman Kellner. “Zephyr was chosen as our next sensor platform for its MCU vendor openness, reliability, high configurability, its added value compared to a pure RTOS scheduler and the future ability to cover non-safe and safe products with the same code base. We are happy to contribute our expertise to attribute Zephyr RTOS as a high performance sensor platform.” 

The Zephyr Project also welcomes Silver members:

Infineon, a world leader in semiconductor solutions that make life easier, safer and greener;Qualcomm Innovation Center, a subsidiary of Qualcomm Technologies, that focuses on enabling and optimizing open source software that work with Qualcomm Technologies’ solutions;Percepio, a leader in visual trace diagnostics for embedded systems and IoT; andSilicon Labs, a leader in secure, intelligent wireless technology for a more connected world.

These members join AVSystem, BayLibre, Eclipse Foundation, Fiware, Foundries.io, Golioth, Laird Connectivity, Linaro, Memfault, Parasoft, Pat-Eta Electronics, RISC-V, SiFive, Synopsys and teenage engineering, and Wind River.

“The Zephyr Project is driving stability to developers which allows them to focus on product innovation and at Infineon, we are happy to be a part of helping customers drive differential value,” said Danny Watson, Principal Product Marketing Engineer at Infineon. “Infineon aims to be a key contributor to the underlying scalable goals of the Zephyr Project and to shape it into providing more performance and intelligent based Open Source Software for Infineon’s PSoC 6 Microcontrollers.”

“The Qualcomm Innovation Center (QuIC) is proud to become a new member of the Zephyr Project community,” said Anthony Scarpino, Senior Director of Engineering at Qualcomm Canada ULC. “QuIC looks forward to contributing to the Zephyr Project to collaborate in building the best-in-class RTOS for secure, connected, resource-constrained devices. QuIC supports the building of micro-controller-based devices as part of the hardware and software ecosystems in upcoming products and sees participation in Zephyr as a path to world- leading innovative solutions.”

“At Percepio, we’ve long recognized the potential of Zephyr RTOS as the leading independent platform for small IoT devices where Linux isn’t an option, yet capable enough for complex embedded IoT/Edge applications,” said Mike Skrtic, Vice President of Sales and Marketing at Percepio. “The latest Zephyr release brings expanded support for software tracing, which facilitates debugging and allows for improved reliability, security, and performance of embedded systems. We’re pleased to have made significant contributions to the new tracing subsystem, to provide full kernel tracing support, enabling the high-end visual trace diagnostics Tracealyzer is known for.”

“We’ve had our eye on Zephyr for some time and are excited to officially be a member of this RTOS project,” said Benny Chang, Vice President, Platform and Chief of Staff at Silicon Labs. “We appreciate the measures the Zephyr community is taking to build a reliable, well-tested RTOS for the IoT and look forward to ​connecting Zephyr users with ​our industry-leading hardware and connectivity solutions.”

To learn more about Zephyr RTOS, visit the Zephyr website and blog.

About the Zephyr Project

The Zephyr Project is an open source, scalable real-time operating system (RTOS) supporting multiple hardware architectures. To learn more, please visit www.zephyrproject.org.

About the Linux Foundation

Founded in 2000, the Linux Foundation is supported by more than 1,000 members and is the world’s leading home for collaboration on open source software, open standards, open data, and open hardware. Linux Foundation’s projects are critical to the world’s infrastructure including Linux, Kubernetes, Node.js, and more.  The Linux Foundation’s methodology focuses on leveraging best practices and addressing the needs of contributors, users and solution providers to create sustainable models for open collaboration. For more information, please visit us at linuxfoundation.org.

###

The post Baumer, Infineon, Qualcomm Innovation Center, Percepio and Silicon Labs Select Zephyr RTOS for their Next Generation of Products and Solutions appeared first on Linux Foundation.

Understanding Bluetooth Technology for Linux

This article was written by Martin Woolley of the Bluetooth SIG.

Linux has been around in various forms for about 30 years, and the kernel is the basis of other operating systems such as Android and Chrome OS. Supercomputers use it at one end of the computing spectrum and in embedded devices at the other. Linux is used on laptops, desktop computers, and servers in between these extremes.

And it’s also used in single-board computers — this category includes popular devices like the Raspberry Pi.

Figure 1 – Raspberry Pi 4 running Linux

Therefore it’s fair to say that Linux has been widely adopted.

While microcontrollers and lean, mean software frameworks necessarily dominate small electronic products that are generally single-purpose devices and have modest processing requirements, Linux meets the needs of another important subset. Some products have multiple features that need to be available concurrently. Some cases may require significant processor power and need RAM measured in gigabytes rather than the kilobytes of RAM more typically found in microcontrollers. IP security cameras are based on Linux. They can stream live video, respond to motion detection events, identify human faces in video streams in real-time, record video to an SD card, transfer files over FTP, and host a web server for management and configuration purposes. That mix of concurrently available functionality requires both sufficiently powerful hardware and an operating system that supports multiple processes and threads, provides a capable file system, and has a wide selection of applications readily available for it. Linux is a perfect fit. And it’s open source and free.

Bluetooth Technology and Linux

Bluetooth® technology can be used on Linux. The controller part of the Bluetooth stack is typically a system on a chip that is either an integral part of the mainboard or implemented in a peripheral like a USB dongle. The host part of the Bluetooth stack runs as a system service, and the standard Linux Bluetooth host implementation is called BlueZ.

BlueZ supports both the Bluetooth LE Peripheral and Central roles using GAP and GATT and Bluetooth mesh, provided the underlying controller supports dependent Bluetooth features. And its multi-process architecture means that multiple Bluetooth applications can be running simultaneously on a single device, which offers some exciting possibilities.

But for a developer, working with Bluetooth technology on Linux for the first time can be challenging. BlueZ defines a straightforward, logical API, but the way a developer must use it in applications is dissimilar to how a developer works with Bluetooth APIs on most other platforms. This is a consequence of the system’s architecture, which, whilst not unique, is typically very visible to the developer and usually needs to be well understood so that those logical BlueZ APIs can be used.

The Architecture of a Linux System using BlueZ

BlueZ APIs are not called directly by applications. Instead, Linux applications that run as independent processes make inter-process communication (IPC) calls to BlueZ APIs via an IPC broker named D-Bus. D-Bus is a system service and a type of message-oriented middleware which provides IPC support for many Linux applications and services, not just BlueZ.

BlueZ runs as a system daemon, either bluetoothd to provide applications with support for GAP and GATT or bluetooth-meshd when the physical device is to be used to run applications that act as Bluetooth mesh nodes.

Figure 2 – Architecture

Using D-Bus, applications can send messages which cause methods implemented in remote services or applications to be called and the results returned in another message. Applications and system services can also communicate events that have happened in the system to other applications by emitting special messages known as signals.

Figure 3 – DBus messages and signals

Applications work with BlueZ by sending and receiving DBus messages and signals, so developers generally need some knowledge (or perhaps a lot of knowledge) of DBus programming.

You may have noticed that we are not making the most definite statements here. Why did we say that the developer usually needs to have a solid understanding of the architecture rather than always? Why do they generally need some knowledge of DBus programming and sometimes a lot of knowledge? The answer lies in the very nature of Linux and of the Linux ecosystem.

Developers of Android or iOS applications typically use one or two programming languages favored by the operating system (o/s) owner, in this example, either Google or Apple. The APIs are designed and documented by the o/s owner, and there’s a wealth of supporting information to help developers achieve results. But the world of Linux is not like that. It’s very modular and open, which means there’s an enormous choice in programming languages that can be used. There may be a choice of different APIs for the exact same purpose provided by different supporting libraries from different originators for any given language.

The degree to which the architecture is abstracted by the APIs for different languages, hiding details so that an application developer feels they’re working directly with BlueZ APIs rather than making remote method calls using DBus messages varies. Still, it’s not uncommon for the developer to have to deal directly with DBus from their code and to need to have a thorough understanding of DBus IPC.

Some BlueZ or DBus APIs are well documented, while some do not add to the learning curve developers need to ascend. And, in some cases, there’s no documentation at all, leaving the developer to figure things out through searching the web, scrutinizing library source code, and so on. This is fine if you like that kind of thing and OK if you have the luxury of all the time in the world to finish your project. But for most people, life’s not like that.

The Bluetooth Technology for Linux Developers Study Guide

To help Linux developers quickly ascend the BlueZ learning curve, we’ve created an educational resource known as a study guide to add to our growing collection.

It’s modular and includes hands-on exercises so you can test your growing understanding of the theory by writing code and testing the results.

Figure 4 – Hands-on coding exercises included
Figure 5 – Testing

If you’re completely new to Bluetooth® Low Energy (LE), there’s a primer module that will explain the key concepts to get you started. Subsequent modules explain how Bluetooth technology works on Linux, DBus programming concepts and techniques, how to develop LE Central devices, and how to develop LE Peripheral devices, in both cases using BlueZ and Python. The appendix provides step-by-step instructions for configuring your Linux kernel and for building and installing BlueZ from the source.

After completing the work in this study guide, you should:

  • Be able to explain basic Bluetooth LE concepts and terminology such as GAP Central and GATT client
  • Be able to explain what BlueZ is and how applications use BlueZ in terms of architecture, services, and communication
  • Understand the fundamentals of developing applications that use DBus inter-process communication
  • Be able to implement key functionality, typically required by GAP Central/GATT client Bluetooth devices

Download the Bluetooth for Linux Developers Study Guide today.

Git hooks: How to automate actions in your Git repo

Protect your Git repository from mistakes, automate manual processes, gather data about Git activity, and much more with Git hooks.

Read More at Enable Sysadmin

Please Join Us In The January 2022 SPDX Community SBOM DocFest

SPDX was designed for tools to produce and consume SBOM documents. A decade of experience has shown us that tools may interpret fields differently – a file may be a valid syntactic SPDX SBOM,  but different tools may fill in different values.

By coming together as a community to examine the output of multiple tools and to compare/contrast the results, we can refine the guidance to tool vendors and improve the robustness of the ecosystem sharing SPDX documents.   Historically, these events were called Bake-offs, but we’ve evolved them into “DocFests.”

After a successful SPDX 2.2 DocFest in September of 2021, the SPDX community has decided to host another DocFest on January 27th from 7-11 AM PST. The purpose of this event is to bring together producers and consumers of SPDX documents and discuss differences between tool output and understanding for the same software artifacts.

Specifically, the goals of this DocFest are to:

  • Come to agreement on how the fields should be populated for a given artifact
  • Identify instances where different use cases might lead to different choices for fields and structures of documents
  • Assess how well the NTIA SBOM minimum elements are covered
  • Create a set of reference SPDX SBOMs as part of the corpus for further tooling evaluation.

This event will require “sweat equity” – participants who can produce SPDX documents are expected to have generated at least one SPDX document from the target set (either source, built from source, or an image/container equivalent). Participants who consume SPDX documents are expected to run at least two SPDX documents through their tooling and share any analysis results.

Those who have signed up and have submitted files by January 21, 2022, will receive a meeting invite to the DocFest.

To indicate interest to participate, please fill in the following form no later than January 16, 2022: https://forms.gle/Mq7ReinTY6gDL4cs9

The post Please Join Us In The January 2022 SPDX Community SBOM DocFest appeared first on Linux Foundation.