by George Whittaker

In an era where cyber threats are evolving rapidly, securing Linux systems goes far beyond basic user permissions. Traditional security mechanisms like Discretionary Access Control (DAC) offer limited safeguards against privilege escalation, compromised applications, and insider threats. To address these limitations, Security-Enhanced Linux (SELinux) offers a powerful, fine-grained framework for Mandatory Access Control (MAC) — and it's not just for Red Hat-based distributions anymore.

In this article, we'll explore how to integrate SELinux into Debian, one of the most widely used and respected GNU/Linux distributions. We'll break down its architecture, setup procedures, policy management, and troubleshooting techniques. Whether you're running a mission-critical server or seeking to harden your desktop environment, this guide will show you how SELinux can elevate your system security to enterprise-grade standards.

Understanding the Foundations of SELinux What Is SELinux?

SELinux is a kernel security module initially developed by the United States National Security Agency (NSA) in collaboration with the open-source community. It introduces the concept of mandatory access controls by enforcing policy-based rules that strictly define how processes and users can interact with files, directories, sockets, and devices.

Unlike DAC, where file owners control access, MAC policies are imposed by the system administrator and enforced by the kernel, regardless of user ownership or permissions.

Core Components of SELinux

• Subjects: Active entities (usually processes).

• Objects: Passive entities (like files, directories, devices).

• Contexts: Security labels assigned to subjects and objects.

• Types/Domains: Used to define access rules and behavior.

• Policies: Written rulesets that determine access control logic.

Enforcement Modes

• Enforcing: SELinux policies are applied and violations are blocked.

• Permissive: Policies are not enforced, but violations are logged.

• Disabled: SELinux is turned off entirely.

SELinux on Debian: A Reality Check

Debian has traditionally favored AppArmor for its simplicity and ease of integration. However, SELinux support is fully present in Debian’s repositories. As of Debian 12 (Bookworm) and later, integrating SELinux is more streamlined and better documented than ever.

Go to Full Article

by George Whittaker Introduction

In today's fast-paced IT environments, performance, reliability, and scalability are critical factors that determine the effectiveness of a network. Advanced Linux networking techniques such as VLAN trunking, interface bonding, and Quality of Service (QoS) are key tools in the hands of system administrators and network engineers who aim to build robust and efficient systems. Whether you're managing a data center, configuring high-availability clusters, or optimizing bandwidth for critical services, these technologies provide the foundation for high-performance networking on Linux.

This article explores each of these advanced networking capabilities, explaining their benefits, configurations, and practical use cases. By the end, you will have a comprehensive understanding of how to implement VLANs, bonding, and QoS effectively on your Linux systems.

Understanding VLAN Trunking in Linux What is VLAN Trunking?

Virtual LANs (VLANs) allow the segmentation of a physical network into multiple logical networks. VLAN trunking is the process of transporting multiple VLANs over a single network link—typically between switches or between a switch and a server. This allows a single network interface card (NIC) to handle traffic for multiple VLANs, optimizing resource usage and simplifying cabling.

Trunking is crucial in virtualized environments where multiple virtual machines (VMs) or containers need to reside in separate VLANs for security or organizational reasons.

Why Use VLAN Trunking?

• Isolation: Separates traffic for security and compliance.

• Efficiency: Reduces the number of physical interfaces needed.

• Scalability: Makes it easy to add or modify VLANs without physical changes.

Linux Support for VLANs

Linux supports VLANs natively via the kernel module 8021q. The modern toolset uses the ip command from the iproute2 package for configuration. Older systems may use the vconfig utility, though it's now deprecated.

Ensure the module is loaded:

sudo modprobe 8021q

Creating VLAN Interfaces

Use the ip command:

sudo ip link add link eth0 name eth0.10 type vlan id 10 sudo ip addr add 192.168.10.1/24 dev eth0.10 sudo ip link set dev eth0.10 up

Persistent Configuration

On Ubuntu (netplan):

Go to Full Article

by George Whittaker

Bash scripting is often seen as a convenient tool for automating repetitive tasks, managing simple file operations, or orchestrating basic system utilities. But beneath its surface lies a trove of powerful features that allow for complex logic, high-performance workflows, and robust script behavior. In this article, we’ll explore the lesser-known but incredibly powerful techniques that take your Bash scripting from basic automation to professional-grade tooling.

Mastering Arrays for Structured Data Indexed and Associative Arrays

Bash supports both indexed arrays (traditional, numeric indexes) and associative arrays (key-value pairs), which are ideal for structured data manipulation.

# Indexed array fruits=("apple" "banana" "cherry") # Associative array declare -A user_info user_info[name]="Alice" user_info[role]="admin"

Looping Through Arrays

# Indexed for fruit in "${fruits[@]}"; do echo "Fruit: $fruit" done # Associative for key in "${!user_info[@]}"; do echo "$key: ${user_info[$key]}" done

Use Case: Managing dynamic options or storing configuration mappings, such as service port numbers or user roles.

Indirect Expansion and Parameter Indirection

Ever needed to reference a variable whose name is stored in another variable? Bash allows this with indirect expansion using the ${!var} syntax.

user1="Alice" user2="Bob" var="user1" echo "User: ${!var}" # Outputs: Alice

Use Case: When parsing dynamically named variables from a configuration or runtime-generated context.

Process Substitution: Piping Like a Pro

Process substitution enables a command’s output to be treated as a file input for another command.

diff <(ls /etc) <(ls /var)

Instead of creating temporary files, this technique allows on-the-fly data streaming into commands that expect filenames.

Use Case: Comparing outputs of two commands, feeding multiple inputs to grep, diff, or custom processors.

Using Traps for Cleanup and Signal Handling

Traps let you capture signals (like script termination or interruption) and execute custom handlers.

temp_file=$(mktemp) trap "rm -f $temp_file" EXIT # Do something with $temp_file

Common signals:

• EXIT: Always triggered when the script ends

• ERR: Triggered on any command failure (with set -e)

• INT: Triggered by Ctrl+C

Use Case: Cleaning up temporary files, resetting terminal states, or notifying external systems on exit.

Go to Full Article

by George Whittaker

In an age where data breaches and cyber threats are growing both in frequency and sophistication, securing your Linux system is more important than ever. Ubuntu, one of the most popular Linux distributions, comes with a powerful security tool that many users overlook — AppArmor. Designed to provide a robust layer of defense, AppArmor enhances Ubuntu's built-in security model by confining programs with access control profiles.

This article will walk you through the ins and outs of AppArmor, explain why it's a crucial part of a hardened Ubuntu system, and teach you how to leverage it to protect your environment.

Understanding AppArmor: What It Is and Why It Matters

AppArmor (Application Armor) is a Mandatory Access Control (MAC) system that supplements the traditional Discretionary Access Control (DAC) provided by Linux file permissions. While DAC relies on user and group ownership for access control, MAC goes a step further by enforcing rules that even privileged users must obey.

AppArmor operates by loading security profiles for individual applications, specifying exactly what files, capabilities, and system resources they are allowed to access. This approach prevents compromised or misbehaving applications from harming the rest of the system.

AppArmor vs. SELinux

While SELinux (Security-Enhanced Linux) is another MAC system popular on Red Hat-based distributions, AppArmor is often preferred in Ubuntu environments for its ease of use, human-readable syntax, and simple profile management. Where SELinux can be daunting and complex, AppArmor offers a more user-friendly approach to strong security.

Core Concepts of AppArmor

Before diving into how to use AppArmor, it's important to understand its core concepts:

Profiles

A profile is a set of rules that define what an application can and cannot do. These are usually stored in the /etc/apparmor.d/ directory and loaded into the kernel at runtime.

Modes

• Enforce: The profile is actively enforced, and actions outside the defined rules are blocked.

• Complain: The profile logs rule violations but doesn’t enforce them, which is useful for debugging.

Profile Components

Profiles specify permissions for:

• File access (read, write, execute)

• Capabilities (e.g., net_admin, sys_admin)

• Network operations

• Signals and inter-process communications

Go to Full Article

by George Whittaker

Ubuntu has long relied on APT and DEB packages for software management, with Snap becoming increasingly prevalent in recent releases. However, a third contender has risen to prominence in the Linux world: Flatpak. Designed as a universal software packaging and distribution framework, Flatpak offers a fresh, sandboxed approach to application management that works seamlessly across distributions. In this article, we’ll dive into how to manage software with Flatpak on Ubuntu, providing everything you need to get started, optimize your workflow, and compare it with existing solutions.

What is Flatpak?

Flatpak is a modern application packaging system developed by the Free Desktop Project. Its goal is to enable the distribution of desktop applications in a sandboxed environment, ensuring greater security, consistency, and compatibility across Linux distributions.

Key Benefits of Flatpak

• Cross-distribution compatibility: A single Flatpak package works on any Linux distribution with Flatpak support.

• Sandboxing: Applications run in isolation, reducing the risk of affecting or being affected by other software or the host system.

• Bundle dependencies: Flatpak packages include all necessary dependencies, reducing compatibility issues.

• Version control: Developers can ship and maintain multiple versions easily.

Limitations

• Storage overhead: Applications may use more disk space due to bundled runtimes.

• Redundancy: Ubuntu users already have Snap, which can lead to confusion or duplication.

Installing Flatpak on Ubuntu

Although Flatpak isn't pre-installed on Ubuntu, setting it up is straightforward.

Step 1: Install Flatpak

Open a terminal and run:

sudo apt update sudo apt install flatpak

Step 2: Install GNOME Software Plugin (Optional)

To integrate Flatpak apps into the Ubuntu Software GUI:

sudo apt install gnome-software-plugin-flatpak

This step allows Flatpak apps to appear alongside APT and Snap apps in GNOME Software.

Step 3: Reboot or Log Out

Restart your session to apply system changes and enable Flatpak integration fully.

Adding the Flathub Repository

Most Flatpak applications are hosted on Flathub, the central repository for Flatpak packages.

To add Flathub:

Go to Full Article

by Nawaz Abbasi

The Linux boot process is a sequence of events that initializes a Linux system from a powered-off state to a fully operational state. The knowledge of Linux boot process is essential when it comes to technical interviews, but sometimes it becomes difficult to remember or recall the key steps in the process. This article discusses a quick and easy way to remember it - Best Geeks Know It! Yes, you only need to remember that.

Best Geeks Know It -> B – G – K – I -> BIOS – GRUB – KERNEL – INIT

This BGKI acronym provides a high-level overview of the Linux boot process. Each step builds upon the previous one, gradually bringing the system to a fully operational state. Of course, there are more detailed processes within each step, but this simplified version should give you a good foundation for understanding and remembering the Linux boot sequence.

 

Here's a concise expansion of B-G-K-I:

B - BIOS/UEFI

• Performs Power-On Self-Test (POST)
• Checks hardware: CPU, RAM, storage
• Loads MBR (Master Boot Record) or GPT (GUID Partition Table)
• Transfers control to bootloader

G - GRUB

• Located in first 512 bytes of boot drive
• Reads /boot/grub/grub.conf
• Shows menu with kernel options
• Loads selected kernel + initramfs (temporary root filesystem) into RAM
• Passes boot parameters to kernel
• Can handle multiple OS boot options

K - KERNEL

• Decompresses itself into RAM
• Initializes hardware and drivers
• Mounts root filesystem, loads initramfs
• Sets up memory management
• Starts device detection
• Creates kernel threads

I - INIT (systemd in modern systems)

• PID 1 (first process)
• Reads /etc/inittab (traditional) or unit files (systemd)
• Sets default runlevel/target
• Starts essential services in order:
  • System services
  • Network services
  • Display manager
  • User interface (CLI/GUI)
• Reaches default target state

 

Key files to remember

/boot/grub/grub.conf  - GRUB configuration

/etc/systemd/system/  - systemd unit files

/etc/inittab                  - Init configuration (traditional)

Go to Full Article

by George Whittaker Introduction

In a world teeming with Linux distributions — from Ubuntu to Arch, Debian to Fedora — the idea of building your own may seem daunting, if not redundant. Yet, for many technologists, enthusiasts, and developers, creating a custom Linux distribution isn't just an exercise in reinvention; it's an act of empowerment. Whether your goal is to tailor a lightweight OS for embedded devices, create a secure workstation, develop an education-focused system, or simply understand Linux more intimately, building your own distribution is one of the most fulfilling journeys in open-source computing.

This guide walks you through every stage of creating your own Linux distribution — from selecting core components to building, customizing, and distributing your personalized operating system.

Understanding the Basics What is a Linux Distribution?

A Linux distribution (or "distro") is a complete operating system built on the Linux kernel. It includes:

• Kernel – The core interface between hardware and software.

• Init System – Handles booting and service management (e.g., systemd, OpenRC).

• Userland Tools – Basic utilities from projects like GNU Coreutils and BusyBox.

• Package Manager – Tool to install, upgrade, and remove software (e.g., APT, Pacman, DNF).

• Optional GUI – A desktop environment or window manager (e.g., GNOME, XFCE, i3).

Why Create Your Own Distribution?

Reasons vary, but common motivations include:

• Learning – Deepen your understanding of system internals.

• Performance – Remove bloat for a leaner, faster system.

• Branding – Create a branded OS for an organization or product.

• Customization – Tailor software stacks for specific use-cases.

• Embedded Applications – Create firmware or OS images for hardware devices.

Planning Your Custom Linux Distro Define Your Goals

Start by asking:

• Who is the target user?

• What hardware should it support?

• Will it be a desktop, server, or headless system?

• Should it boot live or be installed?

Choose a Foundation

You can either:

• Build from scratch: Using projects like Linux From Scratch (LFS).

Go to Full Article

by George Whittaker

Data loss is a nightmare for any computer user, and Linux users are no exception. Despite the robust architecture of Linux operating systems, disasters can strike in the form of accidental deletions, corrupted partitions, or failing storage devices. Whether you're a system administrator, developer, or everyday Linux user, understanding how to recover data can be the difference between a minor inconvenience and a major setback.

This guide will walk you through the practical strategies and essential tools for recovering lost or corrupted files on Linux.

Understanding Data Loss on Linux Common Causes of Data Loss

Data loss can occur for various reasons:

• Accidental Deletion: Files removed with rm or cleared trash.

• Filesystem Corruption: Caused by improper shutdowns, power failures, or software bugs.

• Partition Issues: Misconfigured or overwritten partition tables.

• Hardware Failures: Hard drive degradation, bad sectors, or failing SSDs.

How Deletion Works on Linux

Linux filesystems like ext4 don’t immediately erase data when a file is deleted. Instead, the filesystem marks the file's space as free. Until that space is overwritten, the data may be recoverable. This behavior is the cornerstone of most recovery techniques.

First Steps After Data Loss

The most critical step is to minimize system activity on the affected drive. Any write operation can potentially overwrite recoverable data.

Disconnect and Mount Read-Only

If the loss happened on a secondary drive, physically disconnect it and mount it read-only on another machine:

sudo mount -o ro /dev/sdX1 /mnt/recovery

Create a Disk Image

Use tools like dd or ddrescue to create a complete image of the drive for analysis:

sudo dd if=/dev/sdX of=/mnt/external/backup.img bs=4M status=progress

Or with ddrescue, which handles read errors more gracefully:

sudo ddrescue /dev/sdX /mnt/external/recovery.img /mnt/external/logfile

Work from the image to preserve the original drive.

Boot from a Live Environment

To avoid using the target system, boot into a Live Linux distribution like:

• SystemRescueCD – tailored for system repair.

• Ubuntu Live CD – user-friendly and widely available.

Go to Full Article

by George Whittaker Introduction

Email remains a cornerstone of modern communication. From business notifications to personal messages, having a robust and reliable mail server is essential. While cloud-based solutions dominate the mainstream, self-hosting a mail server offers control, customization, and learning opportunities that managed services can't match.

In this guide, we will explore how to set up a secure and efficient mail server using Dovecot on an Ubuntu Server. Dovecot is a lightweight and high-performance IMAP and POP3 server that provides secure access to mailboxes. When paired with Postfix, it forms a powerful mail server stack capable of sending and receiving messages seamlessly.

Whether you're a system administrator, a DevOps enthusiast, or simply curious about running your own mail infrastructure, this article provides a deep dive into configuring Dovecot on Ubuntu.

Prerequisites

Before we dive into configuration and deployment, ensure the following requirements are met:

• Ubuntu Server (20.04 or later recommended)

• Root or sudo access

• Static IP address assigned to your server

• Fully Qualified Domain Name (FQDN) pointing to your server

• Proper DNS records:

  • A record pointing your domain to your server IP

  • MX record pointing to your mail server’s FQDN

  • Optional: SPF, DKIM, and DMARC for email authentication

You should also ensure that your system is up-to-date:

sudo apt update && sudo apt upgrade -y

Understanding the Mail Server Stack

A modern mail server is composed of several components:

• Postfix: SMTP server responsible for sending and routing outgoing mail.

• Dovecot: Handles retrieval of mail via IMAP/POP3 and secure authentication.

• SpamAssassin / ClamAV: For filtering spam and malware.

• TLS/SSL: Provides encrypted communication channels.

Here's how they work together:

1. Postfix receives email from external sources.

2. It stores messages into local mailboxes.

3. Dovecot lets users access their mail securely using IMAP or POP3.

4. TLS/SSL encrypts the entire process, ensuring privacy.

Step 1: Installing Postfix and Dovecot Install Postfix

sudo apt install postfix -y

During installation, you will be prompted to choose a configuration. Select:

Go to Full Article

by George Whittaker

Debugging and profiling are critical skills in a developer's toolbox, especially when working with low-level system applications. Whether you're tracking down a segmentation fault in a C program or understanding why a daemon fails silently, mastering tools like GDB (GNU Debugger) and strace can dramatically improve your efficiency and understanding of program behavior.

In this guide, we’ll dive deep into these two powerful tools, exploring how they work, how to use them effectively, and how they complement each other in diagnosing and resolving complex issues.

The Essence of Debugging and Profiling What is Debugging?

Debugging is the systematic process of identifying, isolating, and fixing bugs—errors or unexpected behaviors in your code. It’s an integral part of development that ensures software quality and stability. While high-level languages may offer interactive debuggers, compiled languages like C and C++ often require robust tools like GDB for line-by-line inspection.

What is Profiling?

Profiling, on the other hand, is about performance analysis. It helps you understand where your application spends time, which functions are called frequently, and how system resources are being utilized. While GDB can aid in debugging, strace provides a view of how a program interacts with the operating system, making it ideal for performance tuning and root cause analysis of runtime issues.

Getting Hands-On with GDB What is GDB?

GDB is the standard debugger for GNU systems. It allows you to inspect the internal state of a program while it’s running or after it crashes. With GDB, you can set breakpoints, step through code, inspect variables, view call stacks, and even modify program execution flow.

Preparing Your Program

To make your program debuggable with GDB, compile it with debug symbols using the -g flag:

gcc -g -o myapp myapp.c

This embeds symbol information like function names, variable types, and line numbers, which are essential for meaningful debugging.

Basic GDB Commands

Here are some fundamental commands you'll use frequently:

gdb ./myapp # Start GDB with your program run # Start the program inside GDB break main # Set a breakpoint at the 'main' function break filename:line# Break at specific line next # Step over a function step # Step into a function continue # Resume program execution print varname # Inspect the value of a variable backtrace # Show the current function call stack quit # Exit GDB

Go to Full Article

by George Whittaker

Package management is at the heart of every Linux system. It’s what makes installing, updating, and managing software on Linux-based distributions not just possible but streamlined and elegant. For users of Debian and its popular derivative Ubuntu, two powerful tools often stand at the center of debate: apt-get and aptitude. Though both are capable of managing packages effectively, they have unique characteristics that make them better suited to different use cases.

This article provides a comparison of apt-get and aptitude, helping you understand their roles, differences, and when to use one over the other.

Understanding the Debian Package Management Ecosystem

Before diving into the specifics, it's helpful to understand the ecosystem in which both tools operate.

What is a Package Manager?

A package manager is software that automates the process of installing, upgrading, configuring, and removing software packages from a computer. In Debian-based systems, packages are distributed in .deb format.

The APT System

APT, or Advanced Package Tool, is the foundation of package management in Debian-based systems. It works with core components such as:

• dpkg – the base tool that installs and manages .deb files

• apt-get / apt – command-line front-ends for retrieving and managing packages from repositories

• apt-cache – used for searching and querying package information

• aptitude – a higher-level package manager that interacts with APT and dpkg under the hood

What is apt-get? A Brief History

apt-get has been a trusted part of Debian since the late 1990s. It was designed to provide a consistent command-line interface to the APT system and has been widely used in scripts and system automation.

Core Features

• Handles package installation, upgrade, and removal

• Fetches and resolves dependencies automatically

• Interacts directly with APT repositories

Common Commands

Here are some frequently used apt-get commands:

Go to Full Article

by George Whittaker

Ubuntu is one of the most popular Linux distributions, renowned for its ease of use, extensive community support, and frequent updates. While the core of Ubuntu remains consistent, the desktop environment—what users interact with visually—can vary. Two prominent options for Ubuntu users are Unity and GNOME. Each offers a distinct experience with unique design philosophies, features, and workflows.

Whether you're a seasoned Linux user or a curious newcomer, understanding the differences between Unity and GNOME can help you tailor your Ubuntu setup to better suit your needs. This article explores both environments to help you make an informed choice.

A Tale of Two Desktops: History and Evolution Unity: Canonical's Custom Vision

Unity was first introduced by Canonical in 2010 with the release of Ubuntu 10.10 Netbook Edition. It was developed to create a consistent user experience across desktop and mobile devices, long before convergence became a buzzword.

Unity became Ubuntu’s default desktop starting with Ubuntu 11.04. Its vertical launcher, global menu, and Dash search aimed to improve efficiency and streamline user interaction. However, despite its innovation, Unity had its critics. Performance issues on lower-end hardware and resistance to change from GNOME users caused friction in the community.

In 2017, Canonical made the unexpected decision to abandon Unity development and return to GNOME, starting with Ubuntu 17.10. But Unity didn’t disappear—it was adopted by the open source community and lives on in the form of Ubuntu Unity, an official Ubuntu flavor.

GNOME: The Linux Standard

GNOME is one of the oldest and most respected desktop environments in the Linux ecosystem. Launched in 1999, it focuses on simplicity, accessibility, and ease of use. The release of GNOME 3 in 2011 marked a major redesign, introducing GNOME Shell, which departed from the traditional desktop metaphor in favor of a more modern and minimal interface.

GNOME became the default Ubuntu desktop again in 2017 and has since seen continuous refinement. With support from major distributions like Fedora, Debian, and Ubuntu, GNOME enjoys a broad user base and robust development activity.

Interface Design and User Experience Unity: Efficiency Meets Innovation

Unity's interface is distinct and immediately recognizable. Here are some key components:

• Launcher (Dock): Positioned vertically on the left side, the Launcher holds pinned and running applications. It’s space-efficient and easily navigated via mouse or keyboard.

Go to Full Article

by George Whittaker

If you're working in a Linux environment, chances are you've encountered environment variables—even if you didn’t realize it at the time. They quietly power much of what goes on behind the scenes in your shell sessions, influencing everything from what shell prompt you see to which programs are available when you type a command. Whether you're an experienced sysadmin or a new Linux user, mastering environment variables is essential for customizing and controlling your shell experience.

In this guide, we'll take a dive into environment variables in the Linux shell. By the end, you'll not only know how to view and set these variables, but also how to persist them, use them in scripts, and troubleshoot issues effectively.

What Are Environment Variables?

At a basic level, environment variables are dynamic named values that affect the behavior of running processes on your Linux system. Think of them as configuration settings that your shell (like Bash or Zsh) and applications refer to in order to understand how they should operate.

For example:

• The PATH variable tells the shell where to look for executable files.

• The HOME variable stores the path to your home directory.

• The LANG variable defines your system’s language and character encoding.

Environment Variables vs Shell Variables

There is an important distinction between shell variables and environment variables:

• Shell variables are local to the shell session in which they are defined.

• Environment variables are shell variables that have been exported, meaning they are inherited by child processes spawned from the shell.

Viewing Environment Variables

Before you can modify or use environment variables, it's important to know how to inspect them.

View All Environment Variables

printenv

or

env

Both commands list environment variables currently set for the session.

View a Specific Variable

echo $HOME

This will display the current user's home directory.

View All Shell Variables

set

This command displays all shell variables and functions. It's broader than printenv.

Setting and Exporting Environment Variables

You can define your own variables or temporarily change existing ones within your shell.

Go to Full Article

by George Whittaker

Version control is a fundamental tool in modern software development, enabling teams and individuals to track, manage, and collaborate on projects with confidence. Whether you're working on a simple script or a large-scale application, keeping track of changes, collaborating with others, and rolling back to previous versions are essential aspects of development. Among various version control systems, Git has emerged as the most widely used and trusted tool — especially on Linux, where it integrates seamlessly with the system's workflow.

This guide will walk you through the basics of Git on Linux, explaining what Git is, how to install it, and how to start using it to manage your projects efficiently. Whether you're a new developer or transitioning from another system, this comprehensive introduction will help you get started with Git the right way.

What Is Git and Why Use It?

Git is a distributed version control system (DVCS) originally created by Linus Torvalds in 2005 to support the development of the Linux kernel. It allows developers to keep track of every change made to their source code, collaborate with other developers, and manage different versions of their projects over time.

Key Features of Git:

• Distributed Architecture: Every user has a full copy of the repository, including its history. This means you can work offline and still have full version control capabilities.

• Speed and Efficiency: Git is optimized for performance, handling large repositories and files with ease.

• Branching and Merging: Git makes it easy to create and manage branches, allowing for efficient parallel development and experimentation.

• Integrity and Security: Every change is checksummed and stored securely using SHA-1 hashing, ensuring that your project’s history cannot be tampered with.

Compared to older systems like Subversion (SVN) or CVS, Git offers far greater flexibility and is better suited to both small personal projects and large collaborative efforts.

Installing Git on Linux

Installing Git on Linux is straightforward thanks to package managers available in every major distribution.

For Ubuntu/Debian-based Systems:

sudo apt update sudo apt install git

For Fedora:

sudo dnf install git

For Arch Linux:

sudo pacman -S git

After installation, verify it with:

git --version

Go to Full Article

by George Whittaker

In the world of Linux, where multi-user systems and server security are foundational principles, understanding file permissions and ownership is crucial. Whether you're a beginner exploring your first Linux distribution or a seasoned system administrator managing critical servers, knowing how permissions work is key to ensuring the integrity, privacy, and functionality of your system.

This guide will take you deep into the core of Linux file permissions and ownership—what they are, how they work, how to modify them, and why they matter.

Why File Permissions and Ownership Matter in Linux

Linux is built from the ground up as a multi-user operating system. This means:

• Multiple users can operate on the same system simultaneously.

• Different users have different levels of access and control.

Without a permissions system, there would be no way to protect files from unauthorized access, modification, or deletion. File permissions and ownership form the first layer of defense against accidental or malicious activity.

Linux Permission Basics: Read, Write, Execute

Each file and directory in Linux has three basic types of permissions:

• Read (r) – Permission to view the contents of a file or list the contents of a directory.

• Write (w) – Permission to modify a file or create, rename, or delete files within a directory.

• Execute (x) – For files, allows execution as a program or script. For directories, allows entering the directory (cd).

Permission Categories: User, Group, Others

Permissions are assigned to three distinct sets of users:

• User (u) – The file's owner.

• Group (g) – A group associated with the file.

• Others (o) – Everyone else.

So for every file or directory, Linux evaluates nine permission bits, forming three sets of rwx, like so:

rwxr-xr--

This breakdown means:

• rwx for the owner

• r-x for the group

• r-- for others

Understanding the Permission String

When you list files with ls -l, you’ll see something like this:

-rwxr-xr-- 1 alice developers 4096 Apr 4 14:00 script.sh

Let’s dissect it:

Go to Full Article

by George Whittaker

In Linux, groups play a central role in managing user permissions and access control. Whether you're an experienced system administrator or a curious new user, understanding how to list and analyze group information is a fundamental skill. This guide explores everything you need to know about listing groups in Linux, using a variety of tools and techniques to get exactly the information you need.

What Are Groups in Linux and Why Do They Matter?

Linux is a multi-user operating system, and one of its strengths lies in the fine-grained control it offers over who can do what. Groups are a way to organize users so that multiple people can share access to files, devices, or system privileges.

Each group has:

• A group name

• A Group ID (GID)

• A list of users who are members of the group

Types of Groups:

• Primary group: Each user has one primary group defined in /etc/passwd. Files the user creates are associated with this group by default.

• Secondary (or supplementary) groups: Users can belong to additional groups, which allow access to other resources.

How to List All Groups on a Linux System

To see every group that exists on the system, you can use the following methods:

getent group

getent group

This is the preferred method on modern systems because it queries the system’s name service switch configuration (NSS). It includes local and possibly remote group sources (like LDAP or NIS).

Example output:

sudo:x:27: docker:x:999:user1,user2 developers:x:1001:user3

cat /etc/group

cat /etc/group

This command prints the content of the /etc/group file, which is the local group database. It’s simple and fast, but it only shows local groups.

Each line is formatted as:

group_name:password_placeholder:GID:user1,user2,...

compgen -g (Bash built-in)

compgen -g

This command outputs only the group names, which is helpful for scripting or cleaner views.

How to List Groups for a Specific User

You might want to know which groups a particular user belongs to. Here’s how:

groups username

groups john

Outputs a space-separated list of groups that john belongs to. If no username is given, it shows groups for the current user.

id username

id alice

Go to Full Article

Image

A new initiative, called "EU OS," has been launched to develop a Linux-based operating system tailored specifically for the public sector organizations of the European Union (EU). This community-driven project aims to address the EU's unique needs and challenges, focusing on fostering digital sovereignty, reducing dependency on external vendors, and building a secure, self-sufficient digital ecosystem.

What Is EU OS?

EU OS is not an entirely novel operating system. Instead, it builds upon a Linux foundation derived from Fedora, with the KDE Plasma desktop environment. It draws inspiration from previous efforts such as France's GendBuntu and Munich's LiMux, which aimed to provide Linux-based systems for public sector use. The goal remains the same: to create a standardized Linux distribution that can be adapted to different regional, national, and sector-specific needs within the EU.

Rather than reinventing the wheel, EU OS focuses on standardization, offering a solid Linux foundation that can be customized according to the unique requirements of various organizations. This approach makes EU OS a practical choice for the public sector, ensuring broad compatibility and ease of implementation across diverse environments.

The Vision Behind EU OS

The guiding principle of EU OS is the concept of "public money – public code," ensuring that taxpayer money is used transparently and effectively. By adopting an open-source model, EU OS eliminates licensing fees, which not only lowers costs but also reduces the dependency on a select group of software vendors. This provides the EU’s public sector organizations with greater flexibility and control over their IT infrastructure, free from the constraints of vendor lock-in.

Additionally, EU OS offers flexibility in terms of software migration and hardware upgrades. Organizations can adapt to new technologies and manage their IT evolution at a manageable cost, both in terms of finances and time.

However, there are some concerns about the choice of Fedora as the base for EU OS. While Fedora is a solid and reliable distribution, it is backed by the United States-based Red Hat. Some argue that using European-backed projects such as openSUSE or KDE's upcoming distribution might have aligned better with the EU's goal of strengthening digital sovereignty.

Conclusion

EU OS marks a significant step towards Europe's digital independence by providing a robust, standardized Linux distribution for the public sector. By reducing reliance on proprietary software and vendors, it paves the way for a more flexible, cost-effective, and secure digital ecosystem. While the choice of Fedora as the base for the project has raised some questions, the overall vision of EU OS offers a promising future for Europe's public sector in the digital age.

Source: It's FOSS

European Union

Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight

Linux kernel lead developer Linus Torvalds has admitted to forgetting to release version 6.14, attributing the oversight to his own lapse in memory. Torvalds is known for releasing new Linux kernel candidates and final versions on Sunday afternoons, typically accompanied by a post detailing the release. If he is unavailable due to travel or other commitments, he usually informs the community ahead of time, so users don’t worry if there’s a delay.

In his post on March 16, Torvalds gave no indication that the release might be delayed, instead stating, “I expect to release the final 6.14 next weekend unless something very surprising happens.” However, Sunday, March 23rd passed without any announcement.

On March 24th, Torvalds wrote in a follow-up message, “I’d love to have some good excuse for why I didn’t do the 6.14 release yesterday on my regular Sunday afternoon schedule,” adding, “But no. It’s just pure incompetence.” He further explained that while he had been clearing up unrelated tasks, he simply forgot to finalize the release. “D'oh,” he joked.

Despite this minor delay, Torvalds’ track record of successfully managing the Linux kernel’s development process over the years remains strong. A single day’s delay is not critical, especially since most Linux users don't urgently need the very latest version.

The new 6.14 release introduces several important features, including enhanced support for writing drivers in Rust—an ongoing topic of discussion among developers—support for Qualcomm’s Snapdragon 8 Elite mobile chip, a fix for the GhostWrite vulnerability in certain RISC-V processors from Alibaba’s T-Head Semiconductor, and a completed NTSYNC driver update that improves the WINE emulator’s ability to run Windows applications, particularly games, on Linux.

Although the 6.14 release went smoothly aside from the delay, Torvalds expressed that version 6.15 may present more challenges due to the volume of pending pull requests. “Judging by my pending pile of pull requests, 6.15 will be much busier,” he noted.

You can download the latest kernel here.

Linus Torvalds kernel

Image

AerynOS 2025.03 has officially been released, introducing a variety of exciting features for Linux users. The release includes the highly anticipated GNOME 48 desktop environment, which comes with significant improvements like HDR support, dynamic triple buffering, and a Wayland color management protocol. Other updates include a battery charge limiting feature and a Wellbeing option aimed at improving user experience.

This release, while still in alpha, incorporates Linux kernel 6.13.8 and the updated Mesa 25.0.2 graphics stack, alongside tools like LLVM 19.1.7 and Vulkan SDK 1.4.309.0. Additionally, the Moss package manager now integrates os-info to generate more detailed OS metadata via a JSON file.

Future plans for AerynOS include automated package updates, easier rollback management, improved disk handling with Rust, and fractional scaling enabled by default. The installer has also been revamped to support full disk wipes and dynamic partitioning.

Although still considered an alpha release, AerynOS 2025.03 can be downloaded and tested right now from its official website.

Source: 9to5Linux

AerynOS

Image

Xojo has just rolled out its latest release, Xojo 2025 Release 1, and it’s packed with features that developers have been eagerly waiting for. This major update introduces support for running Xojo on Linux ARM, including Raspberry Pi, brings drag-and-drop functionality to the Web framework, and simplifies app deployment with the ability to directly submit apps to the macOS and iOS App Stores.

Here’s a quick overview of what’s new in Xojo 2025r1:

1. Linux ARM IDE Support

Xojo 2025r1 now allows developers to run the Xojo IDE on Linux ARM devices, including popular platforms like Raspberry Pi. This opens up a whole new world of possibilities for developers who want to create apps for ARM-based devices without the usual complexity. Whether you’re building for a Raspberry Pi or other ARM devices, this update makes it easier than ever to get started.

2. Web Drag and Drop

One of the standout features in this release is the addition of drag-and-drop support for web applications. Now, developers can easily drag and drop visual controls in their web projects, making it simpler to create interactive, user-friendly web applications. Plus, the WebListBox has been enhanced with support for editable cells, checkboxes, and row reordering via dragging. No JavaScript required!

3. Direct App Store Publishing

Xojo has also streamlined the process of publishing apps. With this update, developers can now directly submit macOS and iOS apps to App Store Connect right from the Xojo IDE. This eliminates the need for multiple steps and makes it much easier to get apps into the App Store, saving valuable time during the development process.

4. New Desktop and Mobile Features

This release isn’t just about web and Linux updates. Xojo 2025r1 brings some great improvements for desktop and mobile apps as well. On the desktop side, all projects now include a default window menu for macOS apps. On the mobile side, Xojo has introduced new features for Android and iOS, including support for ColorGroup and Dark Mode on Android, and a new MobileColorPicker for iOS to simplify color selection.

5. Performance and IDE Enhancements

Xojo’s IDE has also been improved in several key areas. There’s now an option to hide toolbar captions, and the toolbar has been made smaller on Windows. The IDE on Windows and Linux now features modern Bootstrap icons, and the Documentation window toolbar is more compact. In the code editor, developers can now quickly navigate to variable declarations with a simple Cmd/Ctrl + Double-click. Plus, performance for complex container layouts in the Layout Editor has been enhanced.

What Does This Mean for Developers?

Xojo 2025r1 brings significant improvements across all the platforms that Xojo supports, from desktop and mobile to web and Linux. The added Linux ARM support opens up new opportunities for Raspberry Pi and ARM-based device development, while the drag-and-drop functionality for web projects will make it easier to create modern, interactive web apps. The ability to publish directly to the App Store is a game-changer for macOS and iOS developers, reducing the friction of app distribution.

How to Get Started

Xojo is free for learning and development, as well as for building apps for Linux and Raspberry Pi. If you’re ready to dive into cross-platform development, paid licenses start at $99 for a single-platform desktop license, and $399 for cross-platform desktop, mobile, or web development. For professional developers who need additional resources and support, Xojo Pro and Pro Plus licenses start at $799. You can also find special pricing for educators and students.

Download Xojo 2025r1 today at xojo.com.

Final Thoughts

With each new release, Xojo continues to make cross-platform development more accessible and efficient. The 2025r1 release is no exception, delivering key updates that simplify the development process and open up new possibilities for developers working on a variety of platforms. Whether you’re a Raspberry Pi enthusiast or a mobile app developer, Xojo 2025r1 has something for you.

Xojo ARM