NethServer Version 7.7 to be Released

The release is based on the CentOS 7.7 package base and gives users a web-based interface for managing available server components
07 November 2019   142

The release of the NethServer 7.7 distribution, offering a modular solution for the rapid deployment of servers in small offices or medium-sized enterprises, is presented. The distribution is based on the CentOS 7.7 package base and provides a web-based interface for managing available server components. The size of the installation image is 1.1 GB. An online demo is provided to familiarize yourself with the capabilities of the interface. Project developments are distributed under free licenses.

The user is offered ready-made modules for organizing the work of the mail server (Postfix, Dovecot, Amavis, ClamAV + Roundcube web client), collaboration system (SOGo), firewall (Shorewall), web server (LAMP), file server and Active domain controller Directory (Samba), filtering proxy (Squid, ClamAV and SquidGuard), VPN server (OpenVPN, L2TP), cloud storage (ownCloud), intrusion detection and prevention systems. Installation and commissioning of the required service is carried out in one click and does not require knowledge of the configuration features of each server component. Typical administration work can be done through the web interface.

Key innovations:

  • The new user interface, built on the basis of Cockpit and offering a more modern design, has moved to the beta testing stage and is included in the default delivery. Previously installed systems can test the interface by installing Server Manager in the Software Center. The interface provides tools for managing accounts, DNS, DHCP, FQDN, setting the time, creating backups, setting up the network, applying TLS encryption, managing the system, installing applications, managing storage and SSL certificates;
  • A new interface for setting up a VPN, which allows you to evaluate traffic for each tunnel, track the connection history of each user and quickly send connection parameters by email. Through the interface, you can also define your own routes, change the UDP / TCP protocol, activate or disable the account;

Learn more info at the official website and release notes.

Google Works on Linux Kernel Support in Android

This goal has already been partially achieved - Xiaomi Poco F1 Android smartphone has firmware based on the usual unmodified Linux kernel
21 November 2019   73

At the last Linux Plumbers 2019 conference, Google talked about the development of an initiative to transfer to the main Linux kernel the changes developed in the kernel version for the Android platform. The ultimate goal is to enable Android to use one common core, instead of preparing separate assemblies for each device based on the Android-specific Android Common Kernel branch. This goal has already been partially achieved, and the Xiaomi Poco F1 Android smartphone with firmware based on the usual unmodified Linux kernel was demonstrated at the conference.

After the project is ready, suppliers will be asked to supply a core kernel based on the main Linux kernel. Components for hardware support will be supplied by suppliers only in the form of additional kernel modules, without imposing patches on the kernel. In modules, compatibility with the main core at the level of the kernel symbol namespace must be ensured. All changes affecting the main core will be promoted to upstream. To maintain compatibility with proprietary modules within the framework of LTS branches, it is proposed to maintain stable kernel API and ABI, which will allow to maintain compatibility of modules with updates for each common kernel branch.

Over the year, features such as the PSI (Pressure Stall Information) subsystem for analyzing information on the waiting time for various resources (CPU, memory, input / output), the BinderFS pseudo-file system for the interprocess communication mechanism were transferred to the main Linux kernel from the Android kernel Binder and energy-efficient task scheduler EAS (Energy Aware Scheduling). In the future, it is planned to transfer Android from a specific SchedTune scheduler to the new UtilClamp subsystem developed on ARM, based on cgroups2 and standard kernel mechanisms.

Recall that so far the kernel for the Android platform has gone through several stages of preparation:

On the basis of the main LTS kernels (3.18, 4.4, 4.9 and 4.14), the “Android Common Kernel” branch was created, into which Android-specific patches were transferred (previously the size of the changes reached several million lines, but recently the changes were reduced to several thousand lines of code )
Based on the Android Common Kernel, chip makers such as Qualcomm formed the SoC Kernel, which includes add-ons to support hardware.
Based on SoC Kernel, device manufacturers created Device Kernel, which includes changes related to support for additional equipment, screens, cameras, sound systems, etc.

In fact, for each device its own core was formed, which could not be used on other devices. Such a scheme significantly complicates the delivery of updates with the elimination of vulnerabilities and the transition to new kernel branches. For example, the latest Pixel 4 smartphone released in October comes with the Linux 4.14 kernel, released two years ago. In part, Google tried to simplify maintenance by promoting the Treble system, which allows manufacturers to create universal hardware support components that are not tied to specific Android versions and the used Linux kernel releases. Treble makes it possible to use ready-made updates from Google as a basis, integrating device-specific components into them.