Video: LFNW2015 - Linux Troubleshooting

| |

Alex Juarez, Rackspace's Principal Engineer Linux Support, discussed troubleshooting beyond ps and top.

Video: LFNW2015 - Let's Encrypt

| | |

Seth Schoen, Senior Staff Technologist at the Electronic Frontier Foundation in San Francisco, discussed the upcoming Let's Encrypt project... fast and free SSL/TLS certificates for your servers.

Video: LFNW2015 - OpenVZ, Virtuozzo, and Docker

| |

There are a few bad spots in the video that I attribute to an SDcard going bad... and yeah, there is some hiss in the audio (internal mic rather than a wireless one)... but overall, very watchable. Enjoy!

Looking forward to LinuxFest Northwest 2015


Wow, I haven't posted anything new in a quite a while. Been working on remixing Fedora 22 since slightly before the Alpha was released. The Beta was released today. Been remixing EL6 and EL7 (CentOS, Scientific Linux and even OEL)... but enough about that.

This post is to state what presentations I plan to attend at the upcoming LFNW in Bellingham, WA (this weekend). How many LFNWs in a row have I attended? I can't recall.

10:00 - 11:00 AM - G-103, Linux Troubleshooting: Digging Deeper and Understanding the Data
11:30 - 12:30 PM - G-103, Thinking in Git
1:30 - 2:30 PM - G-103, The Dark Arts of SSH
3:00 - 4:00 PM - CC-236, OpenVZ, Virtuozzo Core, and Docker

10:00 - 11:00 AM - CC-114, Introducing new Features for MariaDB 10.1
11:30 - 12:30 PM - G-103, Alan Turing & Friends
1:30 - 2:30 PM - Haskell 104, The Bare-Metal Hypervisor as a Platform for Innovation
3:00 - 4:00 PM - CC-115, Let's Encrypt: A Free Robotic Certificate Authority

I hope to record all of those presentations (presenters willing) and make them available shortly after the event.

There are five of us going this year. One from Glendive, two from Billings, and two from Bozeman. It should be a lot of fun. I've got all of the directions / maps printed out... yeah, I'm old. :) Oh, wait... there is a third person from Bozeman but he is taking a plane and staying with his family... as opposed to driving with us in one vehicle with shared lodging.

Video: FOSDEM 2015 - What's new in systemd

| | |

Quite a bit was written about this talk when it was first given (Feb 1st, 2015) but the FOSDEM folks just released the video today as a non-streamable MP4 file. They say a webm file will come later. I downloaded it and uploaded it to YouTube but they still haven't converted it to webm yet either. Update: They have webm'ed them now.

Anyway, here's a lower quality (not much to see) webm for you.

Video: Raspberry Pi 2 Hands-On


Just in case you haven't seen it yet:

They recommend a power supply that can deliver 2 amps.

Update: I ordered one a couple days after the release from Newark. I just got an email the other day (Feb. 19th) saying that it has shipped. I ordered a case later but I think it is coming from the UK and will take a bit longer. I also found a way to get Fedora 21 running on it.

Update 2: See also this.

Video: systemd as a sitcom from Canada


I just discovered this sit-com from Canada done by CTV... who obviously don't mind sharing their show on YouTube because they have (at a quick glance) every episode of all six seasons posted. Watching the first episode of season 1... for some reason I was reminded of systemd. Have a look for yourself. Enjoy, eh? :)

Oh, and... you're welcome!

Videos: UNIX and Linux Ancient History

| |

I'm a sucker for history videos... and I enjoyed the trip back in time that these were. While I was aware of the feuds that existed in UNIX-land and UNIX-GUI-land back from the early days I didn't witness it personally... so the first two expose some of that. The third video shows what moving from Windows 95 to Windows 98 was like... including the Linux alternative with an interview with Linus himself. Enjoy!

The Computer Chronicles: UNIX (1985)

The Computer Chronicles: UNIX (1989)

Computer Chronicles: Windows 98 and Linux

Video: Citizen Four Documentary Playing in Bozeman

| |

I stole this from a press release.

Over the past ten years, documentary film has undergone a renaissance, and the art form is more vital than ever. Hosted and curated by local award-winning documentary filmmaker Jason Burlage, The Bozeman Doc Series aims to bring the year's best films from around the world to the Emerson Center, from environmental dramas to political profiles to intimate personal films.

On Thursday, January 22nd, the Bozeman Doc Series will present the most highly acclaimed documentary of the past year, Citizen Four. A real life thriller, unfolding by the minute, Citizen Four gives audiences unprecedented access to filmmaker Laura Poitras and journalist Glenn Greenwald’s encounters with Edward Snowden in Hong Kong, as he hands over classified documents providing evidence of mass indiscriminate and illegal invasions of privacy by the National Security Agency (NSA).

Citizen Four places you in the room with Poitras, Greenwald, and Snowden as they attempt to manage the media storm raging outside, forced to make quick decisions that will impact their lives and all of those around them.

The film not only shows you the dangers of governmental surveillance - it makes you feel them. After seeing Citizen Four, you will never think the same way about your phone, email, credit card, web browser, or profile, ever again.

The New York Times calls the film "Tense & frightening... a primal political fable for the digital age."

One of Time magazine's ten best movies of 2014, Citizen Four is a rare snapshot of history in the making.

Doors open at 6:30 PM, and the films begins at 7:00. Tickets are available at the door or before the show at Cactus Records and Movie Lovers. Tickets are also available online at, where you can buy season passes and 7 film punch cards, learn more about the series, and view trailers for upcoming films. The series will continue on Thursdays through April with one screening every two weeks. The Bozeman Doc Series. Real people. Real life. Come see the world.

I just wanted to mention that a lot of the information gathering done by the NSA is also done by commercial entities like Google and other advertising and tracking networks. I'd like to see a documentary film about that too. And now the trailer.

Don't Fear the firewalld

| | |

firewall-configfirewall-config GUIUpdate: Somehow I forgot to mention a GUI for firewalld named firewall-config. Be sure to check that out if you prefer a GUI.

I have run across a few people who are perplexed by firewalld and I must admit that I was for a while until I did some reading and experimentation. What is firewalld? It is basically a replacement for the ancient iptables service on RHEL and Fedora systems. So many of us were just used to manually editing /etc/sysconfig/iptables and then coping that file from system to system as desired, that the switch to firewalld was a bit scary. I mean, who wants to learn something new, right?

Another thing that is scary about firewalld is the complexity of the rules it shows when you do something like: iptables -L

While the configuration, tools and output has dramatically changed... really firewalld makes things easier and more manageable. Really. One of the problems with Linux across distros is that there really hasn't been a standardized way to handle the host-based firewall. Each distro seems to have their own way of doing it... and popular packages like Shorewall have been around for years. I think firewalld tries for a happy medium somewhere between simple and complex and a standard that distros can choose to adopt.

Anyway, here are some basics (as root or via sudo) but if you want more be sure and check out the documentation:

Main documentation:
Fedora Documentation:
RHEL Documentation:

firewall-cmd --list-all (shows human readable firewall settings)

firewall-cmd --add-service=sshd --permanent (opens up port 22 which is sshd and saves to config)
firewall-cmd --add-service=http --permanent (opens up port 80 which is http and saves to config)
firewall-cmd --add-service=https --permanent (opens up port 443 which is https and saves to config)
firewall-cmd --remove-service=https --permanent (closes port 443 and saves to config)

If you want don't want your changes saved just leave off --permanent.

Want to open arbitrary ports for some service (like voxelands-server for example)? That is easy too:

firewall-cmd --add-port=30000/tcp --permanent

Want UDP? Ok:

firewall-cmd --add-port=30000/udp --permanent

After your changes it doesn't hurt to verify again with:

firewall-cmd --list-all

Want to manage firewalld via a config management system? There is a formula for SaltStack here and supposedly Ansible also supports firewalld.

Want to edit a file instead of running firewall-cmd? That's possible too. firewalld stores everything somewhere under /etc/firewalld/. In particular the changes listed above would get written to /etc/firewalld/zones/public.xml. Yeah, it's an "xml" file but make a change or two via firewall-cmd and see what it adds or removes from it and you'll see that it is very easy to monkey-see-monkey-do for those that want to edit the file directly. After updating or replacing any of firewalld's configuration files you want to make firewalld aware of the change with:

systemctl reload firewalld

If you are brave enough to manually edit the config just be aware that you are responsible for your typos.

I've only touched the tip of the iceburg for the most common stuff. Need more info? Yeah, there is a ton of documentation including a couple of man pages.