urn:uuid:ec81d1e2-6017-59c2-9835-df4da308b003 Topic: Linux – Ctrl blog Daniel Aleksandersen https://www.daniel.priv.no/ Copyright © 2021 Daniel Aleksandersen. https://www.ctrl.blog/assets/favicon/favicon.svg 2021-04-09T23:49:00Z weekly 10 urn:uuid:7138a7fa-7087-4144-a077-5da2b7902c4a 2021-04-03T15:07:00Z 2021-04-09T23:49:00Z GNU Parallel can do anything, but scripting may be the better option GNU Parallel is a powerful Linux parallelization tool for local and remote jobs. Its unique command syntax and complex requirements makes it difficult to use. <p>GNU Parallel is a utility that lets you run command jobs in parallel; on local and on remote hosts over the network. It’s incredibly powerful when you need something more flexible than <code>xargs</code>, and it’s especially useful with small computer clusters.</p> <p><a href="https://www.ctrl.blog/entry/not-gnu-parallel.html#src=feed">Read more …</a></p> urn:uuid:bbf047a2-7c3a-49af-b794-db70a04d186e 2021-02-12T20:02:00Z 2021-02-12T20:02:00Z systemd application firewalls by example <code translate=no>systemd</code> application firewalls by example Restrict Linux services’ network traffic with per-service systemd firewall rules. <p>An application firewall, unlike a gateway (router) or system level firewall, is meant to limit the networking of a single application. It can be used to prevent a compromised service from seeing into the local network, prevent programs from calling home, plug metadata leaks, or more tightly control a program’s network access.</p> <p><a href="https://www.ctrl.blog/entry/systemd-application-firewall.html#src=feed">Read more …</a></p> urn:uuid:16597654-c539-4070-9e0e-4492d3665cfd 2021-01-23T14:10:00Z 2021-01-23T14:10:00Z What’s with cp --reflink: failed to clone: Invalid argument? What’s with <samp translate=no>cp --reflink: failed to clone: Invalid argument</samp>? What would case a file-cloning attempt using the copy command to return “invalid argument”? It can be hard to identify the underlying issue. <p>Most modern copy-on-write file systems, such as Btrfs and XFS, support file cloning. (OpenZFS being the notable exception.) However, the tools that support this space-saving innovation can be difficult to use. Here’s an example situation detailing how the simple copy (<code>cp</code>) command on Linux can make it hard to understand what’s going on.</p> <p><a href="https://www.ctrl.blog/entry/cp-reflink-einval.html#src=feed">Read more …</a></p> urn:uuid:8196ab26-fbe3-4cd0-a963-4214bc28a087 2020-11-13T04:45:00Z 2020-11-13T04:45:00Z How to resize ZRAM (compressed swap) managed by systemd/zram-generator How to resize ZRAM (compressed swap) managed by <code translate=no>systemd/zram-generator</code> zram-generator’s default configuration is 50% of RAM or 4 GB. You may want to explore increasing these limits if you’re throttled by low memory or swap performance. <p>Fedora Linux 33 was released last week with some interesting changes like switching the default file system to BtrFS, handing DNS resolution over to systemd-resolved, and enabling ZRAM instead of a swap partition by default. I’ll focus on the latter feature in this article.</p> <p><a href="https://www.ctrl.blog/entry/how-to-systemd-zram-generator.html#src=feed">Read more …</a></p> urn:uuid:7b2cbb43-ea0c-4d8e-84a0-a47c6dd87146 2020-11-02T15:50:00Z 2020-11-02T15:50:00Z TeamViewer RPM repo left door open for malicious packages A configuration error made the TeamViewer RPM repository vulnerable to an attacker-in-the-middle substituting TeamViewer with its own GPG keys and software. <p>Three months ago, I discovered a security vulnerability in TeamViewer RPM auto-updates on Linux. The vulnerability allowed an attacker-in-the-middle (AITM) to subvert the TeamViewer RPM package repository to install and execute arbitrary software with root permissions.</p> <p><a href="https://www.ctrl.blog/entry/teamviewer-rpm-repo-security.html#src=feed">Read more …</a></p>