eRacks Systems Tech Blog

Open Source Experts Since 1999

The Ubuntu 20.10 code name Groovy Gorilla, Yes, “Groovy Gorilla” is the development code name chosen for the next stable Ubuntu release, which is currently earmarked for general availability on October 26, 2020.

Now, I probably don’t need to tell you what a gorilla is — and if you don’t know, I don’t believe you !!, and the term groovy is… Well, the dictionary definition of “Groovy” describes it as an informal adjective meaning ‘fashionable and exciting’, e.g., “That’s a groovy new wallpaper!” or generally ‘excellent, e.g., “A groovy release filled with greatness”.

Ubuntu 20.10 establishes another milestone in Canonical’s long-term commitment to delivering a carrier-grade private cloud with “Groovy Gorilla”. The 33rd release of the most popular Linux distribution in the data center space, Groovy Gorilla, brings various improvements that enable easier consumption of the fast-networking stack across both VMs and containers, straightforward compliance with common security benchmarks and a reference telco cloud implementation.

Ubuntu 20.10 “Groovy Gorilla” is a short-term release supported for 9 months until July 2021. So, with its imminent release on 22nd Oct 2020, Ubuntu 20.10 will be getting support from Canonical till July 2021. This includes access to new app releases, bug-fixes, and security patches. This release mostly the testbed for the latest application, Kernel stack to provide users stable packages back to Ubuntu 20.04 LTS.

I personally have been using it for the past couple of days, and it’s reasonably stable. It also feels snappier compared to its predecessor, which isn’t a surprise considering it was primarily focusing on performance enhancements.

That being said, I won’t keep you waiting with the formalities. I know you came here to get a tour of what’s new with Ubuntu 20.10, and I have put together a few new changes in Ubuntu 20.10. Only you can feel the exact changes when you start using it.

let’s what’s new in latest Ubuntu 20.10 “Groovy Gorilla”;

 

Ubuntu 20.10 “Groovy Gorilla” Some Major Features:

Linux Kernel 5.8

When development for Ubuntu 20.10 started, it was based on Ubuntu 20.04 and used the same kernel base – Linux kernel 5.4 LTS. But then, Linus Torvalds released Linux kernel 5.8 in May, and everyone in the Linux community was suspecting that “Groovy Gorilla” will ship with it.

Now, after a long wait, the Linux 5.8 kernel has popped up in the Ubuntu 20.10 archives, and that too only a month ago. This means that the new iteration of the popular Linux distro will benefit from the sweep of features that comes with the new kernel.

Some notable examples include:

  • Airtime Queue limits for better WiFi connection quality
  • Btrfs RAID1 with 3 and 4 copies and more checksum alternatives
  • USB 4 (Thunderbolt 3 protocol) support added
  • X86 Enable 5-level paging support by default
  • Intel Gen11 (Ice Lake) and Gen12 (Tiger Lake) graphics support
  • Initial support for AMD Family 19h (Zen 3)
  • Thermal pressure tracking for systems for better task placement wrt CPU core
  • XFS online repair
  • OverlayFS pairing with VirtIO-FS
  • General Notification Queue for key/keyring notification, mount changes, etc.
  • Active State Power Management (ASPM) for improved power savings of PCIe-to-PCI devices
  • Initial support for POWER10

 

Easy Wi-Fi Hotspot Configuration

The Wi-Fi tab in “Settings” allows you to use your laptop as a Wi-Fi hotspot. If you scan the QR code with a mobile device, like your smartphone or tablet, it will connect to your hotspot.

 

Security Improvements

  • nftables is now the default backend for the firewall.

 

Ubuntu 20.10 Desktop

  • Ubuntu 20.10 is the first Ubuntu release to feature desktop images for the Raspberry Pi 4.

 

GNOME 3.38

Ubuntu 20.10 is shipping with GNOME 3.38 out of the box, released on 16th Sept 2020. It is a welcome upgrade over GNOME 3.34, which is being used in Ubuntu 20.04 by default.

 

GNOME 3.38 brings many excellent features and functionalities to the table. Here is a list going over the most notable ones:

  • Better Fingerprint Support
  • Intelligent Web Tracking Prevention
  • Updated GNOME Maps with Performance and UI Improvements
  • A Redesigned Sound Recorder and Screenshot App
  • Support for QR Code WiFi Hotspot
  • Tons of New Default Wallpaper
  • Folder Support in Application Grid
  • Restart Button Added to System Tray
  • New Icons for Various Apps
  • New Parental Controls Under Settings

Apart from this, you will get to see many more bells and whistles. We have a detailed article covering the best features in GNOME 3.38 if you are looking for more information.

Now, as you know, Ubuntu is not known for shipping with vanilla GNOME. As such, you won’t get the authentic experience that was intended by the GNOME developers. We will talk more about the new interface and overall end-user experience in a later section.

 

ZFS Becomes Less Experimental

The Ubuntu Unity installer hasn’t changed significantly. The installation process is almost the same as it was on Ubuntu 20.04, and the black disk checking screen is the same.

 

One notable change is tucked away in the “Advanced Features” dialog box. The ZFS file system installation option no longer has the word “Experimental” in capital letters beside it. Confidence must be building within Canonical about the durability and readiness of its ZFS implementation as a daily driver file system.

After you install Ubuntu 20.10 and sign in, you’ll see the Groovy Gorilla, positioned prominently amidst the familiar purple hues of the Ubuntu color palette.

He looks like an ape that’s got it together, but let’s see if that’s true.

Updated Applications:

  • Firefox version 81
  • LibreOffice version 7.0.2
  • Thunderbird version 78.3.2

Updated Subsystems:

  • BlueZ 5.55
  • NetworkManager 1.26.2

Noteworthy changes Ubuntu 20.10 Server:

  • squid: the NIS basic authentication helper was removed (LP: #1895694 34)
  • adcli and realmd: many upstream fixes were applied to these packages, improving on the compatibility with current Active Directory changes
  • samba 4.12 40 has switched to GnuTLS for most of its cryptographic operations and that has a huge performance improvement in SMB3 encryption
  • QEMU was updated to the 5.0 release. See the upstream changes 40 for an overview of the many improvements.
  • One noteworthy new feature is virtiofs 42 which allows better sharing of host file systems to the guest compared to the older 9p fs 4 based approach.
  • Libvirt has been updated to version 6.6. See the upstream Changelogs 34 for the many improvements and fixes since version 6.0 that was in Focal.
  • Libvirt 6.6 also supports the new virtiofs that was mentioned in the QEMU section above.

 

System Requirements for Ubuntu 20.04:

  • 2 GHz dual-core processor
  • 4 GiB RAM (but 1 GiB can work)
  • 25 GB of hard-drive space
  • VGA capable of 1024×768 screen resolution
  • Either of the two: a CD/DVD drive or a USB port for the installer media

Note: Optionally, Internet access is helpful.

 

Download Ubuntu 20.10

You can download Ubuntu 20.10 for 64-bit computers using the link below:

As the Ubuntu 20.10 desktop image is 2.9GB in size do make sure you’re on a decent internet connection before you hit the download button!

When the download completes you need write the Ubuntu 20.10 ISO image to a USB stick using a tool like Etcher. Then pop the USB in an empty port, reboot your computer, and choose to boot from the USB.

You can also upgrade to Ubuntu 20.10 from an earlier version.

 

November 2nd, 2020

Posted In: Linux, New products, News, Open Source, Operating Systems, Reviews, ubuntu

Tags: , , , , , ,

Leave a Comment

The latest Linux Mint release, 19.3, codenamed ‘Tricia’, is now available on eRacks Desktop  and Laptop systems.

Simply select the ‘Linux Mint 19 latest’ choice from the OS dropdown, and we’ll get it done for you.

If you want the slightly older 19.2 release, or any other custom installation, just let us know in the “Notes” field, and we’ll do it.

Also, FYI, Linux Mint is mostly a Desktop system, but we’ll be happy to install it on any system you choose – just let us know and we’ll do a custom quote for you. (Or, again, just put it in the “Notes” field when you place your order).

j

January 1st, 2020

Posted In: Linux, Mint, News, Operating Systems, ubuntu, Uncategorized

Tags: , , , ,

Leave a Comment

Fedora 31 is now available on all eRacks systems.

Simply select “Fedora 31” in the OS dropdown – if you don’t see it on the system you want, let us know and we’ll see if it’s available / compatible.

FWIW, The performance reviews have been underwhelming:

https://www.phoronix.com/scan.php?page=article&item=fedora-31-benchmarks&num=1

But for decades, software executives have ignored better/faster in exchange for bloated/slower, with the excuse that since the hardware is faster now, it’s OK :-/

Grr.

j

 

November 5th, 2019

Posted In: Fedora, Linux, News, Operating Systems, Uncategorized

Tags: , , ,

Leave a Comment

The latest (non-LTS) Ubuntu 19.10, Eoan Ermine is now available on all eRacks systems.

Here are the Release Notes for it.

Simply select it from the OS choices in the “Operating System” dropdown while configuring your eRacks system.

UPDATE Feb 2020

As always, we can also install the pre-release / beta version of the next Ubuntu release, code-named Focal Fossa, which will indeed be an LTS release, and is scheduled for April 23, 2020 –

Just say you want Ubuntu 20.04 Focal Fossa in the “Notes” field when you pace your order.

j

October 25th, 2019

Posted In: Linux, News, Operating Systems, ubuntu, Upgrades

Tags: , , , ,

Leave a Comment

Red Hat Enterprise Linux 8

Red Hat Enterprise Linux 8 (RHEL 8) is now available on all eRacks Systems with lots of developer-friendly capabilities.

Red Hat Inc. announced the official release of Red Hat Enterprise Linux (RHEL) 8 on May 7, 2019.

Red Hat Enterprise Linux 8 (RHEL 8) comes with new features and improvements as compared to the predecessor – RHEL 7. Some of the new features of RHEL 8 are as described below.

Kernel & OS

Red Hat Enterprise Linux 8.0 is based on Fedora 28 and upstream kernel 4.18. This provides users with a secure, stable and consistent foundation across hybrid cloud and Data Center deployments with tools needed to support all levels of workloads.

 

Storage and File systems

Stratis is the new local storage manager for RHEL 8. It provides managed file systems on top of pools of storage with additional features to the user. Stratis provides ZFS/Btrfs-style features by integrating layers Linux’s device mapper subsystem, and the XFS filesystem.

Stratis supports LUKSv2 disk encryption and Network-Bound Disk Encryption (NBDE) for more robust data security that can also be used for email security SaaS also, since there is threat of data loss in every digital medium as the technology progresses to a new level everyday. The OT cybersecurity solutions is the one companies are opting for these days to protect data.

  • With Stratis, you can easily perform storage tasks such as:
  • Maintain file systems
  • Manage snapshots and thin provisioning
  • Automatically grow file system sizes as needed

Pools are created from one or more storage devices, and volumes are created from a pool. The file system is created on top of a volume, hence resizing a volume automatically resize FS as well. The default file system used by Stratis is XFS.

Other notable Storage features are:

  • The XFS file system now supports shared copy-on-write data extent functionality. This enables two or more files to share a common set of data blocks. Creating shared copies does not utilize disk I/O nor consume additional disk space. The files sharing common blocks act like regular files.
  • The shared copy-on-write data extents are now enabled by default when creating an XFS file system, starting with the xfsprogs package version 4.17.0-2.el8.
  • Support for Virtual Data Optimizer (VDO) on all of the architectures supported by RHEL 8.
  • LUKS2 is now the default format for encrypting volumes. This replaces the legacy LUKS (LUKS1) format distributed in RHEL 7. LUKS2 provides encrypted volumes with metadata auto-recovery and redundancy if partial metadata corruption is encountered.

 

Virtualization

  • Red Hat Enterprise Linux 8 is distributed with qemu-kvm 2.12 with – Q35 guest machine type support, UEFI guest boot support, vCPU hot plug and hot unplug, NUMA tuning and pinning in the guest and guest I/O threading
  • The QEMU emulator introduces the sandboxing feature. QEMU sandboxing provides configurable limitations to what systems calls QEMU can perform, and thus makes virtual machines more secure
  • KVM virtualization now supports the User-Mode Instruction Prevention (UMIP) feature, which can help prevent user-space applications from accessing to system-wide settings
  • KVM virtualization now supports the 5-level paging feature, which significantly increases the physical and virtual address space that the host and guest systems can use.
  • NVIDIA vGPU is now compatible with the VNC console
  • Ceph storage is supported by KVM virtualization on all CPU architectures supported by Red Hat
  • Q35, a more modern PCI Express-based machine type is supported by RHEL 8 Virtualization. All virtual machines created in RHEL 8 are set to use Q35 PC machine type by default

 

eRacks/INTELLINATOR22

Configure your Own eRacks/INTELLINATOR Server With Red Hat Enterprise Linux 8 (RHEL 8).

 

Networking

Below are the new changes in the Networking Level:

  • RHEL 8 is distributed with TCP networking stack version 4.16, which provides higher performances, better scalability, and more stability.
  • The networking stack upgraded to upstream version 4.18
  • Iptables has been replaced by the nftablesframework as the default network packet filtering facility.
  • The nftables framework is the designated successor to the iptables, ip6tables, arptables, and ebtables tools. This provides a single framework for both the IPv4 and IPv6 protocols
  • The firewalld daemon now uses nftables as its default backend.
  • Support for IPVLAN virtual network drivers that enable the network connectivity for multiple containers.
  • Network Manager now supports single-root I/O virtualization (SR-IOV) virtual functions (VF). Network Manager allows configuring some attributes of the VFs, such as the MAC address, VLAN, the spoof checking the setting and allowed bitrate

 

Content Distribution

Red Hat Enterprise Linux 8 has two modes of Content distribution and will only need two repositories enabled.

  1. BaseOS repository – The BaseOS repository provides the underlying core OS content in the form of traditional RPM packages. BaseOS components have a life cycle identical to that of content in previous Red Hat Enterprise Linux releases.
  2. AppStream repository – The Application Stream repository provides all the applications you might want to run in a given userspace. Other software that has special licensing are available on a Supplemental repository.

 

Web servers, Web Tools, Web Management – Cockpit, Compilers, Languages & Databases, Software Management

Red Hat Enterprise Linux 8 includes Application Streams of multiple versions of databases, languages, compilers, and other tools available for your use.

RHEL 8 comes with Cockpit automatically installed and firewall ports required by Cockpit are automatically opened. Cockpit interface can be used to apply Policy-Based Decryption (PBD) rules to disks on managed systems.

RHEL 8 YUM package manager is now based on the DNF technology and it provides support for modular content, increased performance, and a well-designed stable API for integration with tooling. The version of RPM is 4.14.2 and it validates the whole package contents before it starts the installation.

 

Desktop Environment

RHEL default Desktop Environment is GNOME. The GNOME Project is supported by the GNOME Foundation. Gnome version 3.28 shipped in RHEL 8 which has automatic downloading of operating systems in Boxes. Other new features include:

  • New on-screen keyboard
  • New GNOME Boxes features
  • Extended devices support, most significantly integration for the Thunderbolt 3 interface
  • Improvements for GNOME Software, dconf-editor and GNOME Terminal
  • GNOME Software utility, which enables you to install and update applications and gnome-shell extensions.
  • GNOME Display Manager (GDM) use Wayland as their default display server instead of the X.org server

Features of Wayland display server

    • Stronger security model
    • Improved multi-monitor handling
    • Improved user interface (UI) scaling
    • The desktop can control window handling directly.

 

Security

RHEL 8 comes with support for OpenSSL 1.1.1 and TLS 1.3. This enables you to secure customer’s data with the latest standards for cryptographic protection.

RHEL 8 comes with System-wide Cryptographic Policies which helps you with the management of cryptographic compliance. No need to modify and tune specific applications.

OpenSSH has been rebased to version 7.8p1– with no support for SSH version 1 protocol, Blowfish/CAST/RC4 ciphers, hmac-ripemd160 message authentication code.

 

Red Hat Developer Subscriptions

Red Hat Developer members have been enjoying no-cost developer subscriptions for 3+ years now, and RHEL 8 is now automatically part of that. If your company wants developer support, there are several Red Hat Enterprise Linux Developer Subscriptions options with Red Hat support, too.

For more detail please contact eRacks Systems or visit Red Hat Enterprise Linux 8 official Page.

May 12th, 2019

Posted In: Linux, New products, News, Open Source, Operating Systems, virtualization

Tags: , , , , ,

Leave a Comment

fedora30Fedora 30 is now available on all eRacks systems.

Fedora is a community-driven Linux distro that’s sponsored by the open source giant Red Hat. As Fedora is the upstream source of the company’s commercial RHEL distro, it’s also used as a testing ground for RHEL. As Linux enthusiasts might already know, Fedora is known as an innovative Linux distro that doesn’t hesitate when it comes to testing new technologies and helping other distros by making changes upstream for all distros. Shipping with many useful open source software, it’s known for providing a GNOME-based fluid desktop experience.

 

 

 

Fedora community recently released Fedora 30 just after about the 6 months from the version release as Fedora 29. On Fedora magazine they wrote about the early release of Fedora 30.

It seems like it was just six months ago that we announced Fedora 29, and here we are again. Today, we announce our next operating system release. Even though it went so quickly, a lot has happened in the last half year, and you’ll see the results in Fedora 30.

Many desktop users love Red Hat’s community Linux Fedora. They have good reason. Fedora is a great Linux desktop. But Fedora’s far more than just a desktop. It comes in three major versions: One for the workstation, another for containers, and still another that works as a server both on your server hardware and on the cloud.

 

About many changes, “Matthew Miller”, the Fedora Project Leader, explained in a statement:

Computing scenarios don’t remain static and neither does Fedora. With the updates around Fedora 30, we’re providing an evolving spectrum of operating system editions to better meet diverse IT challenges. From containerized developer workspaces with Flatpak and Silverblue to expanded server and container infrastructure options in Fedora 30 Cloud and Fedora CoreOS, the Fedora Project remains focused on Linux innovation.

 

 

New features in Fedora 30

The biggest change in Fedora 30 is the new GNOME 3.32 desktop environment. Over the course of past few releases, GNOME desktop has made many changes to reduce its memory consumption; GNOME 3.32 takes things further and makes things more fluid and snappier by making enhancements in the core GNOME libraries.

On the visual front, the desktop environment adds a refreshed visual style that makes the overall look more polished. Moreover, the application icons, user icons, buttons, switches, etc., are also redesigned.

Talking about different packages that are included in the distro, you get the latest GCC 9, PHP 7.3, Bash 5.0, Ruby 2.6, and other apps.

This release is powered by the latest Linux 5.0, which brings better hardware support and display performance. You also get new features like support for energy-aware scheduling, Btrfs swap file, AMDGPU FreeSync, etc.

With the Fedora 30 release, the cloud and server releases are being combined into the Fedora Server Edition. Also, Fedora CoreOS is replacing Fedora Atomic Host as the container-focused offering. There are other variants as well, including Fedora Spins and Labs.

 

Fedora 30 Workstation

fedora_30_workstation

 

Fedora 30 Workstation includes the latest version of the GNOME interface, GNOME 3.32. Fedora also supports the other major Linux desktop environments, including Cinnamon, KDE, LXDE, MATE, and Xfce. It also includes fractional scaling, a refreshed visual style, animation improvements, and new icons. The net effect is to make a more visually pleasing desktop, which works well on high-end monitors.

Fedora Workstation now uses the “flicker-free boot” system, so the display does not turn on and off during the boot process.

You can also now run the Fedora desktop as a containerized desktop, Fedora Silverblue, with rpm-ostree at its heart. This replaces the traditional RPM package management with atomic upgrade/rollback. In this model, Fedora provides ready-made base operating system image. When you install a program, using either rpm-ostree or Flatpak, it creates essentially a restore point. These are then tracked, and if something goes wrong, you can reset to your restore point with minimal harm done.

 

Fedora 30 Server

fedora_30_server

 

Fedora 30, released April 30, 2019, has the following new and improved features:

The product definitions for Fedora’s “Editions” have been revamped. Fedora Cloud and Fedora Server editions are now a single product, simply called Fedora Server. Fedora Atomic Host has been replaced with Fedora CoreOS, in the wake of Red Hat’s acquisition of that container-based Linux distribution. Fedora Workstation remains mostly the same.

Fedora Server now supports Linux System Roles, created by Ansible to provide consistent ways to configure common Linux subsystems such as the network, the email system (Postfix), SELinux, and a few others. The list of roles is constantly being expanded.

Almost all Python 2 packages have been removed from the system, as part of Fedora’s switch from Python 2 to Python 3.

MongoDB has been removed from Fedora, as its licensing (the Server-Side Public License v1) is not believed to be compatible with other free software licenses.

Support for many deprecated cryptography standards is being removed: DES, 3DES, CRC32, and MD4. RC4 and MD5 are being marked as deprecated.

As with each edition of Fedora, many individual software components have been upgraded:

  • Bash 5.0
  • Boost 1.69
  • Erlang 21
  • FreeIPA 4.8 (which now uses Python 3.6)
  • GCC 9
  • glibc 2.29
  • Golang 1.12
  • GNOME 3.32
  • Haskell GHC 8.4
  • java-openjdk JDK12
  • PHP 7.3
  • Ruby 2.6
  • Vagrant 2.2

For more details please visit the official Fedora Releases/30/ChangeSet.

 

To upgrade your existing Fedora 29 installation to Fedora 30, you need to run the following commands in terminal one by one:

sudo dnf upgrade --refresh

sudo dnf install dnf-plugin-system-upgrade

sudo dnf install dnf-plugin-system-upgrade

sudo dnf system-upgrade reboot

You can also perform a clean installation of the Fedora 30 by visiting its download page and download the ISO file. Or click the link below:

If you feel like doing so, do give it a try or ask for the help from eRacks Systems’ experts.

May 4th, 2019

Posted In: Fedora, Linux, New products, News, Open Source, Operating Systems, Upgrades

Tags: , , , ,

Leave a Comment

Ubuntu 18.10, aka ‘Cosmic Cuttlefish’, is available now on all eRacks systems.

 

cosmic_cuttlefish

 

Ubuntu 18.10 ‘Cosmic Cuttlefish’ supported with 9 months of security updates, bug fixes and select app upgrades. Users of it will be able to upgrade to Ubuntu 19.04 when it’s released in April, 2019.

When the release of a new version as Ubuntu 18.10 ‘Cosmic Cuttlefish’, the first question arrives in mind, “What are updated comparing with the current Ubuntu 18.04 LTS version?”

Linux Kernel

 

The most important update in ‘Cosmic Cuttlefish’ is, it has updated Linux Kernel. Ubuntu 18.10 has Linux Kernel 4.18. This Kernel version has some improvements for AMD and Nvidia GPU, USB Type-C and Thunderbolt, and performance optimizations in CPUfreq among several other features.

 

Another important thing is having faster installation and boot with new compression algorithms. Working with new compression algorithms like LZ4 and ztsd, ‘Cosmic Cuttlefish’ is supposed to have around 10% faster boot. The installation will be slightly faster as well. Which is definitely the good news for all Ubuntu users.

 

As always Ubuntu 18.10 will have this new GNOME version. Most of the visual and under the hood changes in GNOME 3.30 will be seen in Ubuntu 18.10 as well.

 

GNOME 3.30

 

Taking cue from Fedora 28, Canonical is also working to improve battery life for laptops. Linux kernel has options to switch HDD controllers, USB controllers and other such devices to a low power state when not in use. This lowers the overall power consumption and thus improves the battery life.

Ubuntu 18.04 was supposed to have a new look with the community developed Community theme. This theme could not be completed in time for the 18.04 release. But Ubuntu 18.10 has it. The ‘Cosmic Cuttlefish’ has the Yaru Community theme installed by default, giving it a ravishing fresh look.

 

Some other changes in the Ubuntu 18.10 ‘Cosmic Cuttlefish’ are as follows:

  • Support for fingerprint scanner.
  • Startup time boost and XDG Portals support for Snap applications.
  • 32-Bit support diminishing from flavors.
  • UI and UX improvements to GNOME Software (possibility).
  • DLNA support for connecting Ubuntu with DLNA supported Smart TVs, tablets and other devices.
  • A new and improved installer (less likely to be completed before 18.10 release).
  • Ubuntu Software removes dependencies while uninstalling software.
  • Ubuntu Software will show a green verified tick for Snap applications developed by the owner of the brand. The same can be found on the recently redesigned Snap store website.

 

Ubuntu 18.10 ‘Cosmic Cuttlefish’ is a modest update compared to 18.04. The vast majority of notable improvements are tucked away out of sight, ‘under the hood’. Ubuntu 18.10 feels faster than 18.04, But you can’t “see” the changes that shape Ubuntu 18.10 ‘Cosmic Cuttlefish’, you almost certainly will feel them.

October 24th, 2018

Posted In: Linux, New products, News, Open Source, Operating Systems, ubuntu

Tags: , , , , ,

Leave a Comment

Fedora 28 is now available on all eRacks systems.

Choose Freedom. Choose Fedora.

    Surprised! Well this tag line is directly from the Fedora 28 official website, a complete Linux based Operating System. Fedora released their ‘Fedora 28 Final version‘ on ‘2018-05-01‘. It is very well known that ‘Fedora’ is always free for anyone to use, modify, and distribute. It is built and used by people across the globe who work together as a community known as ‘The Fedora Project’. Under the tagline Fedora offers,

Less setup, more innovation. Choose a flavor of Fedora
streamlined for your needs and get to work right away.

    Fedora 28 provides software to suit a wide variety of applications. The storage, memory and processing requirements vary depending on usage. For example, a high traffic database server requires much more memory and storage than a business desktop, which in turn has higher requirements than a single-purpose virtual machine.

 

Fedora28

Fedora 28

 

Fedora 28 is offered in 3 different streamlined flavors as,

    As flavor Fedora Workstation is a polished, easy to use operating system for laptop and desktop computers, with a complete set of tools for developers and makers of all kinds.

    Fedora Server is a powerful, flexible operating system that includes the best and latest datacenter technologies. It puts you in control of all your infrastructure and services.

    And Fedora Atomic provides the best platform for your Linux-Docker-Kubernetes (LDK) application stack.

What’s New in Fedora 28!

    It’s a great thing that Fedora 28 Accepted System Wide Changes Proposals and these changes have been made by the Fedora Engineering Steering Committee for the Fedora 28 Release as System Wide Changes.

Fedora 28 Boost 1.66 upgrade

    This change brings ‘Boost 1.66.0’ to Fedora 28. This will mean F28 ships with a recent upstream Boost release.

The aim is to synchronize Fedora with the most recent Boost release. Because ABI stability is one of explicit Boost non-goals, this entails rebuilding of all dependent packages. This has also always entailed yours truly assisting maintainers of client packages in decoding cryptic boost-ese seen in output from g++. Such care is to be expected this time around as well.

AArch64 Server Promotion

    Fedora community promoted Aarch64 server technologies to Primary Architecture status. This would include the Server installer, the DVD installer ISOs, the Cloud (qcow2 images) and Docker base images to the same status as other primary Server architectures. This would NOT currently include other components such as Workstation images/installs, any of the various spins, or Fedora Atomic components.

Though Fedora developers are looking to promote their AArch64 / ARM64 / ARMv8 server offerings to being a “primary architecture” for this next Fedora release but The Fedora AArch64 server installer, Cloud images, and Docker base images would be the same status then as the other primary server architectures like x86_64.

This promotion wouldn’t affect Fedora Workstation 28 with 64-bit ARM not being a primary architecture on that front for the time being. Additionally, it wouldn’t affect Fedora Atomic either.

The Red Hat / Fedora developers are confident in their AArch64 support now and believe on the server front it’s ready to be a primary architecture.

Among the supported AArch64 platforms by Fedora include the 96Boards HiKey, 96Boards Dragonboard, ARM Juno, Rapberry Pi 3, Pine64, and others.

GNOME 3.28

    Fedora 28 will also feature the latest version of GNOME desktop environment, GNOME 3.28. GNOME 3.28 has some improvements to the Calendar, Contacts and Clock apps. The default Cantarell font has been updated as well. Default video and music players of GNOME now support more media formats.

 

GNOME3.28

GNOME 3.28

 

A new Usage application has been introduced in GNOME 3.28 for examining CPU and memory consumption.

You can find the new features in GNOME 3.28 on its official website.

Anaconda modularization

    Anaconda installer splits into several modules those communicate over DBus using stable API.

 

Anaconda modularization

Anaconda Modularization

 

When talking about the Fedora/RedHat Anaconda installer it still brings back bad memories from the Anaconda fallout a few years ago when they went through some painful transitions that also led to release delays. In 2018, Fedora/RedHat developers are taking up the initiative of modularizing the Anaconda installer.

For the Fedora 28 release due out this spring, the plan is to split the Anaconda installer into several modules that in turn will communicate with eachother using a DBus API. The modularization effort sounds nice as long as it goes smoothly and doesn’t lead to any fallout like with past Anaconda overhaul initiatives (though admittedly Anaconda has been playing nicely the past number of releases and no complaints on my end currently).

Annotated Binaries

    This change causes extra information to be stored in binary files compiled by gcc. This information can be used by scripts to check on various features of the file, such as the hardening options used or potential ABI conflicts.

A new feature being considered for Fedora 28 is Annobin as a new GCC plugin that would implant extra information into generated binaries.

The GCC Annobin plugin would store extra information within binary files. Among the possibilities are storing ABI details, hardening options, or other build information into binaries that in turn could be picked up by used by other scripts for e.g. detecting potential ABI conflicts or embedding unit test results.

Annobin stores information in Fedora’s toolchain watermark format and currently this plugin is just for GCC.

The proposal for incorporating Annobin by default in Fedora 28 is outlined on the Fedora Wiki while this change more broadly outlines their toolchain watermark work.

Already this proposal has received some criticism, namely that embedded extra information into binaries will increase the file size but this embedded information isn’t relevant to all users, so perhaps it may be better kept into the debug-type builds.

Cloud-base and Container images for s390x

    This change is to bring s390x architecture closer to other Fedora architectures by adding widely used Fedora variants. This includes container images and Cloud-base images (qcow2 and raw format).

Deprecate TCP wrappers

    TCP wrappers is a simple tool to block incoming connection on application level. This was very useful 20 years ago, when there were no firewalls in Linux. This is not the case for today and connection filtering should be done in network level or completely in application scope if it makes sense. After recent discussions I believe it is time to go for this package, if not completely, then at least as a dependency of modern daemons in system by default.

Add-On Modularity

    Beginning in Fedora 28, Fedora will provide a new set of repositories for software and updates with alternative versions from those shipped in the default release.

Improved Laptop Battery Life

    No more manual tweaks! Fedora 28 will deploy several tweaks on its own to provide improved battery life. Improve Fedora (Workstation) Battery Life by enabling various hardware power-saving features by default.

 

Improved Laptop Battery Life

Improved Laptop Battery Life

 

    Fedora 28 will have the following power management tweaks:

  • Enabling auto-suspend for Intel HDA codecs saves around 0.4 W.
  • Enabling SATA ALPM by default saves up to 1.5 W.
  • Enabling i915 Panel Self Refresh by default saves around 0.5 W.

With these tweaks in place, some laptop models will see up to 30% of battery life improvements. While ‘power users’ can do these tweaks manually and achieve the same result, the idea is to provide an out of the box experience to every Fedora user. Indeed, a good thinking there.

Drop TCP wrappers support, OpenLDAP defaults to use only Shared System Certificates

    TCP wrappers are being deprecated in Fedora. Also, upstream discourages its usage in favour of other means of protection (e.g. firewall). After this change OpenLDAP will no longer be affected by TCP wrappers configuration.

In order to go forward with adoption of SharedSystemCertificates after this change OpenLDAP clients and server will default to use only the system-wide certificates store.

Switch OpenLDAP from NSS to OpenSSL

    Currently, OpenLDAP in Fedora is compiled with NSS (aka MozNSS) for crypto. OpenLDAP is going to be compiled with OpenSSL, instead.

Reduce Initial Setup Redundancy

    Currently there is a high level of redundancy between the Anaconda installer and gnome-initial-setup. This change aims to eliminate these redundancies and streamline the initial user experience in Fedora Workstation.

To make Fedora more beginner friendly, Fedora 28 Workstation will have fewer ‘questions’ to answer at the install time. There will be no root password anymore and the user password itself will be sufficient for the root actions, same as Ubuntu.

There will be some more code changes to reduce the redundancy between Anaconda installer and gnome-initial-setup.

Ruby 2.5

    Ruby 2.5.0 is the latest stable version of Ruby. Many new features and improvements are included for the increasingly diverse and expanding demands for Ruby. With this major update from Ruby 2.4 in Fedora 26 to Ruby 2.5 in Fedora 28, Fedora becomes the superior Ruby development platform.

 

Ruby 2.5.0

Ruby 2.5.0

 

Packaging Rust applications/libraries

    Added required tools/instructions for packaging applications/libraries written in Rust. Rust is a systems programming language that runs blazingly fast, prevents segfaults, and guarantees thread safety.

Enabling Python Generators

    This change enables the ability to choose to use the Python module dependency generator for packages that provide Python Egg/Wheel metadata.

Django 2.0

    This change is about upgrading python-django to version 2.0. The latest Django release drops support for Python 2, but a few Django apps packaged in Fedora do not yet support Python 3. A compatibility package will be provided for those.

 

Python 3.6 + Django2.0 on Fedora 28

Python 3.6 + Django2.0 on Fedora 28

 

Kerberos in Python modernization

    Replace usage of python-krbV and pykerberos with python-gssapi in all Fedora packages to enable their removal from Fedora. rharwood will author all necessary code changes; no new code from maintainers is required.

VirtualBox Guest Integration

    VirtualBox is popular, easy to use virtual-machine software. The purpose of this change is to ship the VirtualBox guest-drivers and -tools by default in the Fedora workstation product.

Fedora 28 will see the addition of guest-drivers to the Fedora kernel package, packaging the userspace-tools (VirtualBox Guest Additions) and adding the VirtualBox Guest Additions package to the default package list for the Workstation product.

This means using Fedora in VirtualBox will have a better experience.

Stratis Storage

    Add initial support for Stratis, a local storage management solution. This will allow initial testing and user feedback that will guide Stratis’s development and stabilization.

VA-API 1.0.0

    This change is about upgrading libva and others to version 2.x. This change affects several multimedia players as there are both API and ABI changes. This will allow some VA-API backends to be updated, improving support for recent hardware.

librealsense2

    A new version of librealsense has been released, which does not support older camera versions. Bump librealsense to the new release and add the old library as librealsense1.

java-openjdk 10 – rolling release for Short Term Support releases of OpenJDK

    OpenJDK have release cadence of 6 months. but 3/4 of them are Short Term Supported for 6 months only. This package is designed to harbore them. Currently it is built on openJDK 10. LTSs (next is 11) will go as separate packages.

PHP 7.2

    Update the PHP stack in Fedora to latest version 7.2.x.

    Including these Engineering Steering Committee also made others important change as

  • GCC8
  • GHC 8.2
  • The GNU C Library version 2.27
  • Glibc collation update and sync with cldr
  • Hardening Flags Updates for Fedora 28
  • IBus Unicode Typing
  • Switch libidn-using applications to IDNA2008
  • NIS switching to new libnsl to support IPv6
  • NSS Default File Format SQL
  • Rename “nobody” user
  • Replace glibc’s libcrypt with libxcrypt
  • Strong crypto settings: phase 1
  • Removal of Sun RPC Interfaces From glibc
  • Golang 1.10
  • Switch libcurl to use libssh instead of libssh2
  • A new time tool version 1.8 has changed output format.
  • Make authselect default tool instead of authconfig
  • Binutils version 2.29.1
  • Update Erlang/OTP to version 20.
  • Update fontconfig package to Fontconfig 2.13 as latest version.
  • Update the giflib package to the latest giflib-5.x version (currently 5.1.4).
  • Update Sugar to the new upstream 0.112 stable feature release.
  • Enabled Thunderbolt 3 peripherals in a secure way hardware out of the box.

 

 

NAS6

eRacks/NAS6

Get your Systems as per-configured with Fedora 28 or with any other Open Source Operating System from eRacks Store.

 

 

Minimum System Configuration for Fedora 28

    The figures below are a recommended minimum for the default installation. Your requirements may differ, and most applications will benefit from more than the minimum resources.

  • 1GHz or faster processor
  • 1GB System Memory
  • 10GB unallocated drive space

Low memory installations

    Fedora 28 can be installed and used on systems with limited resources for some applications. Text, VNC, or kickstart installations are advised over graphical installation for systems with very low memory. Larger package sets require more memory during installation, so users with less than 768MB of system memory may have better results preforming a minimal install and adding to it afterward.

 

Installation Fedora 28

Installation Fedora 28

 

Note:For best results on systems with less than 1GB of memory, use the DVD installation image.

Display resolution

    Graphical Installation requires 800×600 resolution or higher

Graphical installation of Fedora requires a minimum screen resolution of 800×600. Owners of devices with lower resolution, such as some netbooks, should use text or VNC installation.

Once installed, Fedora will support these lower resolution devices. The minimum resolution requirement applies only to graphical installation.

Minimum Hardware for Accelerated Desktops

    Fedora 28 supports most display adapters. Modern, feature-rich desktop environments like GNOME3 and KDE Plasma Workspaces use video devices to provide 3D-accelerated desktops. Older graphics hardware may not support acceleration:

  • Intel prior to GMA9xx
  • NVIDIA prior to NV30 (GeForce FX5xxx series)
  • Radeon prior to R300 (Radeon 9500)
  • CPU Accelerated Graphics

Systems with older or no graphics acceleration devices can have accelerated desktop environments using LLVMpipe technology, which uses the CPU to render graphics. LLVMpipe requires a processor with SSE2 extensions. The extensions supported by your processor are listed in the flags: section of /proc/cpuinfo

Choosing a Desktop Environment for your hardware

    Fedora 28’s default desktop environment, GNOME3, functions best with hardware acceleration. Alternative desktops are recommended for users with older graphics hardware or those seeing insufficient performance with LLVMpipe.

Desktop environments can be added to an existing installation and selected at login. To list the available desktops, use the dnf grouplist command:

# dnf grouplist -v hidden | grep desktop

Install the desired group:

# dnf groupinstall “KDE Plasma Workspaces”

Or, use the short group name to install:

# dnf install @mate-desktop-environment

 

 

Get Fedora 28

    If you want to have your system pre-configured with Fedora 28, simply choose as your Fedora Linux 28 Workstation / Server or Atomic for your “Operating System’ option with eRacks/FLASH10 or with any other system from eRacks Store. You Could call or email us for the configuration details. We do cover your requirements with our systems.

 

eRacks/FLASH10

eRacks/FLASH10

 

    Or, Fedora 28 is available to download in ISO format from here. It is available in various flavors mainly Fedora 28 Workstation for desktops, Fedora 28 Server for servers and Fedora 28 Atomic for containers.

May 8th, 2018

Posted In: New products, News, Open Source, Operating Systems

Tags: , , ,

Leave a Comment

David Fubini has never been a CEO of a major corporation, but during his 34-year career as a senior director at consulting firm McKinsey, he had ample opportunity to work closely with and observe CEOs and leaders of all types in action—and to analyze why they succeeded or failed.

Fubini, a senior lecturer in the Organizational Behavior Unit at Harvard Business School, poured that knowledge, along with a list of lessons learned from researching leaders past and present into the book Hidden Truths: What Leaders Need to Hear But Are Rarely Told, published in December. The book is a leadership guide to navigating a role that Fubini says is unlike any other, which leaves many new CEOs and leaders struggling to find their footing.

“People strive for a long time to develop functional skills and operational knowledge and a track record of success, to reach a point where they can be the leader of an organization,” Fubini explains. “What’s shocking for most is that the skills and track record that delivered them to this role aren’t helpful once they get there.”

“WHAT’S SHOCKING FOR MOST IS THAT THE SKILLS AND TRACK RECORD THAT DELIVERED THEM TO THIS ROLE AREN’T HELPFUL ONCE THEY GET THERE.”

Not only do CEOs struggle to learn how to run a company from a lonely role at the top, but they often quickly find that the network of coworkers they relied on for years are no longer faithful allies. “They don’t realize that leaders have a different relationship with their subordinates, just by virtue of the hierarchy of organizations,” says Fubini, who led McKinsey’s Boston office for 10 years and also co-founded a global unit within the firm that aided mergers of some of the world’s top companies.

To help demystify the position, Fubini asked CEOs both past and present what they most wished they’d known before taking the top job—and what they learned that they least expected once they got there. “The things that came out were very heartfelt,” he says. “Some talked about how they failed at the challenge; others, how it was a crucible of learning that they ultimately worked their way through.”

Fubini distilled their insights into 15 chapters, each containing a lesson that could apply to leaders of any organization. Ultimately, he hopes the book will help current and prospective CEOs become better leaders. “If you peel back the curtain on leaders, here’s what it looks like,” he says.

Here, Fubini explains five key pieces of advice for business leaders.

1. Avoid half-truths and misperceptions

“When you are an advisor to an organization, as I was for three decades,” he says, “this is one that always seems to be relevant. In the book, I quote a former admiral who said he knew two things with certainty when he came onto a battleship: He was never going to get handed a cold cup of coffee, and he was never going to hear the whole truth.

“YOU HAVE TO BE OPEN AND CANDID AND SAY, ‘LOOK, TELL ME WHAT YOU ARE NOT TELLING ME.'”

“People coming into a new role will struggle because they get told only a portion of what they need to know. Once you recognize that it’s not human nature to tell you everything, you have to be open and candid and say, ‘Look, tell me what you are not telling me.’

“Some CEOs also perform a double-check by not relying only on what they’re told by one group, but also going back and having confirmative conversations with others. Others will go a few layers below the senior management team and engage middle-management, who are often willing to be absolutely candid and have a deeper understanding of what is really going on.”

2. Start change management by changing the management

“There is enormous value to changing out management because it unleashes frozen organizations and brings a change of perspective,” Fubini says. “And frankly, the broader body of the organization often welcomes the change. There are lots of examples where people come in and get told: We can’t do this. Let me tell you why this didn’t work. Because they are stuck in a status quo mindset.

“But you don’t have time for that—change is often a matter of speed. There’s also sometimes a belief that you don’t want to change out management because you will lose the institutional knowledge that exists there, and that will set you back. But the truth is, that institutional knowledge doesn’t rest with people who are directly reporting in the senior management team. It rests with the people below it.”

3. Use psychic rewards, not just monetary ones

“Money is critically important only up to a point [to employees], but the real motivation comes from an emotional connection that you feel—either that you are more highly valued than someone else because of the natural competitiveness of human nature, or the ego enhancement of being told how great a performer you are,” Fubini contends.

“If I tell you that you are highly respected and that your partners appreciate what you’re doing, you’ll break down walls to be successful. That could be a formal recognition that can take the form of giving you an opportunity to work on a committee of note, or tapping you as a speaker representing the company, or helping you find an advisory or board position.

“Or it could be more informal, by giving you recognition in a speech in front of your peers, or in an all-staff email. Those are the little things that leaders should do, but don’t do enough.”

4. Know when to leave

“People always feel like they have one more act,” Fubini says. “It’s a bit like when you are a skier traversing a field of moguls, and you keep saying: I’ll turn at the next one, or the next one, or the next one, and before you know it, you’re in the woods.

“YOUR LEGACY IS ENHANCED BY LEAVING WHEN PEOPLE ARE WANTING MORE.”

“In reality, very, very few people are wildly successful for an extended length of time. So you want to find an inflection point, where you can leave while you are at the apex, not past it—and most people miss that. Your legacy is enhanced by leaving when people are wanting more.

“One way of finding that moment is by talking to your kitchen cabinet or your life partner who is going to tell you the truth. The other clue is if you’re starting to have trouble retaining your really high-performing people, who are your natural successors, because they feel their way is blocked by you hanging around. That’s a true warning sign that maybe it’s time for you to move on and do something new.”

5. Strive for authenticity

“A lot of CEOs think they have to play a role, like an actor, and I really think that’s a failure signal,” Fubini says. “I’m a huge believer that you have to have some core beliefs that are true about yourself and hold onto them. And it comes from a centerpiece of being rooted in your values.

“It’s when you deviate from that and pretend to be something else that you fall apart. My terrific colleague Scott Snook always talks about the old scratch-and-sniff test, where you used to scratch and smell something from a magazine insert. When you are a leader, people are doing that with you all the time, assessing how credible you are. If you are faking it, people sense it very quickly—so you better live your values and be unapologetic about it.”

About the Author

Michael Blanding is a writer based in Boston.
[Image: iStockphoto/LL28]

What’s the best management advice you’ve heard?

Share your insights in the comments below.


Book Excerpt

Five Ways To Keep Connected

By David Fubini

Hidden Truths: What Leaders Need to Hear But Are Rarely Told

CEOs can slip into an isolated default mode without realizing it. Because they’re so busy and often surrounded by people, it feels as if they’re engaged and involved. Similarly, CEOs receive a stream of communication from a variety of sources, so they may not realize that they’re filtering out information they don’t want to hear by intimidating or ignoring people. And they may not admit to themselves or others how lonely or mentally exhausting the job is and try to “tough it out,” refusing to seek help from people they trust. Visit https://www.alamy.com/stock-photo/harold-matzner.html.

As the previous section suggested, finding a confidante and making the company’s general counsel your best friend are two ways to counteract the isolating effects of the job. Here are five other steps you can take:

1. Fight your denial reflex. This is especially difficult if you’re a strong, authoritative leader who is reluctant to show weakness. It’s easier to soldier on and pretend you’re feeling no pain. Over time, though, CEOs pay a price for denial. They become more and more isolated, and eventually it takes a toll. Better to admit that you’re feeling drained and lonely and finding a way to manage these feelings.

2. Get off the pedestal. As CEO, people treat you differently than others; they are more reluctant to speak their minds, to tell you bad news, to disagree with your ideas. Communicate by word and deed that you’re open to all input. It’s not enough to say you want to hear bad news or that your door is always open. You really have to mean it and behave in a way that is consistent with these messages.

3. Communicate the importance of connectivity to your team. Make it clear to everyone in the C-suite that you expect openness, honesty, and trusting relationships not only of yourself but also of them—that these are shared requirements. Your people will mirror your behaviors, so recognize the value of modeling connective attitudes and actions.

4. Avoid recidivism. I’ve watched CEOs make efforts to connect for periods of time, but they then slip back into old, isolationist patterns. They don’t do this consciously, but if they’ve been traditional command-and-control leaders for many years and have been practicing connective behaviors for only a short time, they can become recidivists because of that long history. Be vigilant against returning to old habits.

5. Have the “best ears in the company.” Here’s a story that explains this last piece of advice. Bill Russell was one of the greatest players in NBA history when he played for the Boston Celtics, and his coach was the legendary Red Auerbach. In an interview with Russell, he talked about his coach and how he never really “played” for Red, since they “worked together” as a team. Russell recalled that Red would have conversations with each player, but that he tailored his style of communication to the needs of each. Despite the variation in styles, his goal was to hear what each player needed and adjust his coaching accordingly. Russell said that Red had “the best ears in the NBA.”

July 15th, 2017

Posted In: Fedora, News, Open Source, Operating Systems

Tags: , , ,

Leave a Comment

Mozille BrowserID / Persona Dies

A Sad Day – Mozille BrowserID / Persona Dies

It’s a sad day – the best of the federated Authentication Providers, without its own agenda or privacy issues, has shut down, due to the public’s apparent lack of interest and / or awareness.

Mozilla Persona, which started life several years ago as BrowserID, was the only one of the OpenAuth-based Authentication providers that didn’t insist on being logged in to a commercial site in order to be authenticated by proxy at the time – with all the privacy issues that entails.

Although it’s no secret that The Public is notorious for not caring about (or not even being aware of) privacy (or at least sacrificing it in favor of convenience), it’s unfortunate that the Mozilla Foundation has chosen not to spend the time, effort, and money to educate the public, as it has chosen to do with its other products.

Here are some relevant excerpts from the shutdown page:

FAQs

A website I use requires Persona for login, what should I do?

You will need to contact the site owner and ask about their plans for migrating away from Persona.

Mozilla staff can find more information about the progress of migrating internal sites on this mana page.

Why is persona.org being shut down?

Our metrics show that usage of persona.org is low, and has not grown over the last two years.

Hosting using  vps hosting plans at the level of security and availability required for an authentication system is no small undertaking, and Mozilla can no longer justify dedicating limited resources to this project. We will do everything we can to shut it down in a graceful and responsible manner.

What will happen in the meantime?

Between now and November 30th, 2016, Mozilla will continue to support the Persona service at a maintenance level: Security issues will be resolved in a timely manner and the services will be kept online, but we do not expect to develop or deploy any new features. Support will continue to be available on the dev-identity mailing list and in the #services-dev IRC channel.

All websites that rely on Persona will need to migrate to another means of authentication during this time.

What happens after that?

On or after November 30th, 2016, the services hosted by Mozilla on persona.org will be taken offline. This includes the persona.org website, the javascript shim, the fallback IdP and identity bridges, and the hosted verifier.

Mozilla will retain control of the persona.org domain and will not transfer it to a third party. This is a security measure to protect websites that have not completed their migration away from the service.

All user data stored on the persona.org services will be destroyed, including registered email addresses and password hashes. Since the privacy of user data is of utmost importance to Mozilla, we will not transfer it to any third parties.

What about the code?

All of Persona’s code — core, bridges, shims, and more — is open source and remains available on github. Though this marks the end of Mozilla’s direct involvement in Persona, we encourage others to continue learning from and building upon our work.

Migration Suggestions and Guidelines

The following alternative login options are available for sites migrating away from Persona. We will continue to update this page throughout the year.

We intentionally designed Persona to expose email addresses rather than opaque identifiers, which should ease the transition to other systems that provide verified email addresses.

Mozilla-hosted sites may find additional, staff-login-specific migration options on the internal mana page.

Delegated Authentication Providers

Many large email and service providers offer delegated login for third-party applications, including Google, Facebook and GitHub. Indeed, we have found that many sites currently using Persona also offer login via one or more of these services. While these services do not offer equivalently-strong privacy guarantees to Persona, they are a convenient and secure choice for users since they avoid the creation of a site-specific password.

We plan to offer delegated authentication with Firefox Accounts some time in 2016. If you’re interested in adding Firefox Accounts as a login option to your site, please reach out to us on the dev-fxacct mailing list.

Site-Specific Accounts

Many web frameworks offer password-based user accounts functionality out-of-the-box. Although it requires users to create and remember yet another password, it can be a good choice for users who do not have (or do not wish to share) an account with a delegated authentication provider.

For existing users who previously authenticated with Persona, you could consider authenticating them through Persona again to confirm their email address, then prompting them to create a site-specific password.

Passwordless Email Login

As an alternative to setting a site-specific password, you can allow users to login directly via email link, as described in this article and implemented by libraries like passwordless. This can avoid the security implications of users having to create and manage another password, and may be a good fallback option when used in combination with delegated authentication providers.

Self-hosting Persona

Since the code for Persona is open-source, it would be possible for reliers to self-host an instance of the service that is dedicated to their own use.

This approach is not recommended most reliers. Persona has a large and complex codebase that has not seen significant development in several years, and Mozilla will not provide security or maintenance updates after 30th November 2016.

More?

We encourage affected reliers to document any alternative solutions here and to discuss them on the dev-identity mailing list, so that others can benefit from their experience.

  • The Portier open source project attempts to replicate much of Persona’s user experience, while being easy to self-host, even on the free tier of PaaS providers like Heroku. Similar to Persona, Portier supports identity-bridging to Gmail. It falls back to passwordless-style login links for everyone else.

Taken from:

https://wiki.mozilla.org/Identity/Persona_Shutdown_Guidelines_for_Reliers

 

We at eRacks wil be looking into Portier for our own usage, as well.

j

January 9th, 2017

Posted In: authentication, News, Open Source

Tags: , , ,

Leave a Comment

Next Page »