Just so you are aware... two days ago a bug was announced in Linux kernels 2.6.17 and above... that will give a local user root access. Here's info with the exploit code:
I have verified that the exploit compiles and works. I was able to get root on stock Fedora, RHEL and CentOS machines running the 2.6.18 or above kernels. Supposedly all distros running a 2.6.17 or later kernel are affected... even those running with the grsecurity patches.
I was unable to get root on an OpenVZ patched kernel but the exploit did cause a kernel panic that locked the machine I tried it on. I didn't want to crash any more machines so I didn't try any more. I've heard (but have not verified) that Linux-Vserver is affected on both the host node and inside of containers although exploits done within containers only get root of the container and are still trapped inside of it. Your milage may vary. Kernels prior to 2.6.17 are not affected. I hope vendors have fixes for this RSN... although I have heard that the current fix is not complete.
Update: The bug got fixed upstream late Sunday... and has found its way into a number of distro updates including Debian, rPath, Fedora, and PCLinuxOS. Red Hat, after the QA process, just released this morning (Tuesday). It seems that distros or kernel releases based on distro release updates will take a bit longer... CentOS and OpenVZ for example.
Update: 02/13/08 CentOS has released updated kernel packages.
First Jeff gave us the history of MythTV, a feature overview, and then he compared it to other DVR software packages that are available. He explained the frontend software and the backend software... and how they didn't have to be on the same machine. He also discussed the TV listing providers.
Justin showed MythTV in operation (both the fancy GUI frontend and the web-based version) and shared some of his recent recordings made using his HDHomeRun network tuner. He mainly uses his setup with broadcast HD and reviewed all of the sources of HD content available in the Bozeman area. I was surprised at the number and high quality of the broadcast channels available although it was pointed out that one needs a good antenna.
Justin gave a complete overview of the HDHomeRun device, how well it works with MythTV and other software and said that he was very happy with the device.
Justin gave a good overview of all of the related signal types and showed that broadcast HD includes a lot of information embedded within the signal. He had to wonder around the building with his laptop and the HDHomeRun device before he was able to find a good broadcast signal... as the EPS building is pretty good at blocking them. He was able to demonstrate broadcast HDTV on his laptop with VLC and it looked fantastic.
Fantastic job guys! Thanks!
Did you hear? A while back SWsoft decided to change its name to that of its partner company, Parallels. Parallels makes a commercial product very similar to VMware Server... but it seems to be most popular on the Mac. With SWsoft's Virtuozzo and their sponsoring of the OpenVZ project, is it any wonder that there would be a hybrid product that tries to compete with VMware ESX?
I haven't had a chance to watch the full video yet, and although it is mostly of a commercial nature, it advances discussion about Virtualization so I'm sharing it. They had it as a Windows Media file on their site and I've converted it to Flash so Linux users will have an easier viewing time.
I recently attended a Linux Installfest and the primary distribution recommended by those heading up the event was Ubuntu. That's all well and good but during their Linux dog-and-pony-show a statement was made regarding Red Hat that struck me. I don't recall the exact wording that was used but it was something along the lines of... Red Hat used to be very popular but not anymore. I wasn't really offended by the statement nor do I completely disagree with it... but a lot remains to be said about the importance of Red Hat within the Linux community. Red Hat is certainly king in the "Enterprise" space with Novell a respectable second... but many still seem to be unaware just how much Red Hat contributes to the development of many projects and the rapid progress of Linux.
Whenever I see any articles about Red Hat on any of the Linux community sites (think Slashdot), the comments will invariably mention a few things that I consider to be myths about Red Hat. They include:
- Red Hat is the "Microsoft of Linux"
- Red Hat abandoned the desktop/home user market
- Red Hat costs a fortune
- Red Hat created "rpm hell" and rpm based distributions suck
I do not want to even attempt to address each individual myth but I do want to make a few points about Red Hat in an effort to educate people to the fact that Red Hat does a lot for the Linux community and is a major (if not THE major) contributor.
Zimbra Collaboration Suite 5.0 GA came out today or was it yesterday / last year? After reading the release notes(PDF) and doing a complete backup, I upgraded both my work and personal Zimbra servers. I have been using Zimbra for as my work and personal email server for... oh... something close to two years now. Over that time there have been a number of upgrades and they have always gone smoothly.
What's new with Zimbra 5.0?
Well, you could read the release notes to see, but I'll give a brief summary of some of the things that stand out in my mind:
- Briefcase - A file storage area with a nice file manager
- Tasks - Create to-do lists and manage tasks through to completion
- Instant Messaging - Beta - User to user chat
- More sharing - Mail folders can be shared, new HTTP calendar sharing, share Briefcase files
- Documents - Now out of beta... online text and spreadsheet documents
- Little touches - folder summaries, public or private calendar entries, updated help system, email priorities, enhanced tagging, and automatic http to https redirection
Training materials for new users has been a topic of discussion lately... especially with the renewed claim that, "2008 will be the year of the Linux desktop" and the seeming rise of Ubuntu as a distribution for new users.
Judy recently wrote to us:
I just wanted to thank, I believe it was Scott and Warren for turning me to Chess Griffin's Podacsts. I have listened to the first 12 so far and am understanding more with each one. Sometimes I have to listen to a podcast twice to get it. I am very computer illiterate, however I am beginning to understand some of the jibberish Ken used to talk about. Bodhi is doing an adult education class in January as well. With what I am learning from Chess will help me with that class.
Thanks again for you help and patience,
You are welcome Judy. Thanks to Charles Griffin for the Linux Reality podcasts. The rest of this posting deals with what training materials are out there and discusses an opportunity for us to give back to the Linux community.
The MissoulaLUG December Meeting will be held on December 6th at 2806 S Garfield, 6:00pm.
Our scheduled presentation and discussion topic this month will be Machine Virtualization.
If someone is not available to open the door at the above address when you arrive, a phone number will be posted on the door that you can call to reach someone inside to come down and let you in.
UPDATE NOTICE: The time has changed from 7:00pm to 6:00pm.
On November 30 and December 1, several groups are working together to help introduce students and the Bozeman community to Linux. Linux is an open-source, community-developed operating system which is an excellent alternative to Windows. With the recent release of Windows Vista, there is significant interest in alternatives, especially Linux.
On November 30 we'll be demonstrating a flexible user environment in Linux called Compiz-Fusion, along with other graphics tools. We're going to be in the new EPS atrium on the MSU campus from 10AM-3PM, showing off Linux on the new plasma monitors.
On December 1, we'll be having several informational presentations in the morning starting at 10AM, showing how Linux can meet the needs of everyday users, such as writing term papers, normal web browsing, and more. That afternoon, we're inviting anyone to bring in their laptop or desktop computers, where a team will help them get started with Linux on their own computer. We're meeting on campus in EPS 108 for the morning, then moving to a computer lab on the second floor in the afternoon.