With Bedrock Linux you are longer restricted to any single Linux distro’s userland. Mix CentOS, Arch, Debian, Ubuntu and more all on the same installation! You can have your cake and eat it too! Want X11 from Debian and Chromium from Arch? No problem! We’ll show you how Bedrock Linux makes it all possible.
Plus: A new round of SSL vulnerabilities strike Linux, the FSF helps you encrypt your emails and a quick steam roundup…
AND SO MUCH MORE!
All this week on, The Linux Action Show!
— Show Notes: —
Brought to you by: System76
- Bedrock Linux 1.0alpha4 Flopsie
Bedrock Linux is a Linux distribution created with the aim of making most of the (often seemingly mutually-exclusive) benefits of various other Linux distributions available simultaneously and transparently.
If one would like a rock-solid stable base (for example, from Debian or a RHEL clone) yet still have easy access to cutting-edge packages (from, say, Arch Linux), automate compiling packages with Gentoo\’s portage, and ensure that software aimed only for the ever popular Ubuntu will run smoothly – all at the same time, in the same distribution – Bedrock Linux will provide a means to achieve this.
brc (\”BedRock Chroot\”)
_brc__provides the ability to run commands in clients, properly chrooting to
avoid conflicts. Once Bedrock Linux is properly set up, it will allow the user
to transparently run commands other__wise not available in a given client. For
_firefox__is installed in a Arch client but not in a Debian client,
and a program from the Debian client tries to execute _
_firefox_, the Arch
_firefox__will be executed as though it were installed locally in Debian.
_firefox__is installed in multiple clients (such as Arch and Fedora), and
the user would like to specify which is to run (rather than allowing Bedrock
Linux to chose the default), one can explicitly call _
_brc_, like so:
If no command is given,
brcwill attempt to use the user\’s current
If the value of
$SHELLis not available in the client it will fail.
The audio from the Bedrock Linux presentation at the Ohio Linuxfest 2012 was recorded; however, the video was not. For convenience this is played over the slides here. Sadly, no demos are visible here.
— Picks —
OPI is your private cloud with no third party eyes on your information. Still OPI will also allow you to share information with others, on your conditions.
Desktop App Pick
Otter Browser, project aiming to recreate classic Opera (12.x) UI using Qt5.
— NEWS —
The latest flaw is less of a risk than Heartbleed, because it would require hackers to locate themselves between computers communicating, such as over a public Wi-Fi network.
The new attack does have other limitations: It can only be used when both ends of a connection are running OpenSSL. Most browsers use other SSL implementations and so aren’t affected, says Ivan Ristic, director of engineering at the security firm Qualys, though he adds that Android web clients likely do use the vulnerable code. Among servers, only those using more recent versions of SSL are affected–about 24 percent of the 150,000 servers that Qualys has scanned. He also warns that many VPNs may use OpenSSL and thus be vulnerable. “VPNs are a very juicy target,” Ristic says. “People who really care about security use them, and there’s likely to be sensitive data there.”
A new flaw has been discovered in the GnuTLS cryptographic library that ships with several popular Linux distributions and hundreds of software implementations. According to the bug report, \”A malicious server could use this flaw to send an excessively long session id value and trigger a buffer overflow in a connecting TLS/SSL client using GnuTLS, causing it to crash or, possibly, execute arbitrary code.\” A patch is currently available, but it will take time for all of the software maintainers to implement it.
A lengthy technical analysis is available. \”There don\’t appear to be any obvious signs that an attack is under way, making it possible to exploit the vulnerability in surreptitious \”drive-by\” attacks. There are no reports that the vulnerability is actively being exploited in the wild.\”
Today, we’re adding to that list the alpha version of a new tool. It’s called End-to-End and it’s a Chrome extension intended for users who need additional security
Chromebooks with Chrome OS run a linux kernel – the only missing piece to use them as full-featured linux distro was gcc and make with their dependencies. Well, the piece isn\’t missing anymore. Say hello to chromebrew!
That is one heck of a milestone isn\’t it? 500 Linux compatible games are now on Steam which is a pretty great number to point anyone at. No longer will people keep stating \”but Linux has no games\”
— Feedback —
- June 13-14th
- q5sys will be giving away two RPi.
- Check in on the LAS sub thread, and say hi to q5sys at SELF.
- One on Friday, and one on Saturday.
Also catch his talk 5:15-6:15: Puppy Linux Deconstructed: About all the technical wizardry behind puppy which makes it work like it does.
Tech Talk Today launched!
— Chris\’ Stash —
Hang in our chat room:
— What’s Matt Doin? —
- Check out LINUX Unplugged
+Are Ubuntu Derivatives a Bad Idea?
+BattleBlock Theater – Part 3 | Geek And The Gamer