Plaintext
Best of a decade on
Opensource.com
2010–2019
In celebration of our
10-year anniversary
Opensource.com/yearbook
FROM THE
. ........
... .. ...
E D I T O R .. .. .. ....
. .
Dear reader,
As we celebrate 10 years of publishing, our focus is on the people from all over the globe, in
various roles, from diverse backgrounds, who have helped us explore the multitude of ways in
which open source can improve our lives—from technology and programming to farming and
design, and so much more.
We are celebrating you because we’ve learned that growing this unique storytelling site demands
that we do one thing better than all the rest: listen to and talk with our readers and writers.
Over the years, we’ve gotten better at it. We regularly hold meetings where we review how articles
performed with readers from the week before and discuss why we think that’s so. We brainstorm
and pitch new and exciting article ideas to our writer community on a weekly basis. And we build
and nurture close relationships with many writers who publish articles for us every month.
As an editor, I never would have imagined my biggest responsibility would be community
management and relationship building over copy editing and calendar planning. I’m so grateful
for this because it’s made being a part of Opensource.com a deeply rewarding experience.
In December, we closed out a decade of publishing by reaching a new, all-time record of over
2 million reads and over 1 million readers. For us, this validates and affirms the value we’ve
learned to place on relationships with people in a world swirling with metrics and trends.
We truly believe that openness is a better way to work, so I’d like to share some of best practices:
• If anyone out there in the big, wide world has something to share about how they use
open source, got started with open source, learned best practices to get a job done
or operate in a community (and the list goes on...), they can share it with us. We have
hundreds of writers and writers-to-be who come to our door and generate thousands
of published articles each year.
• Our lean-mean editorial team reviews and responds to all submissions, provides
professional editorial services, nurtures each of our writer communities, and attends
conferences and events around the world. Our goal is to care for the articles that come
in to us, support and encourage our writers, and meet and know the open source
communities that are important to our readers.
• T
he rest is all about learning and open lines of communication. What can we learn from
the response we see from our readers? How can we best deliver the guides, tutorials,
and stories we have to share with them? Who are the writers and writers-to-be coming
to our door and what can we learn about them? How can we inspire and encourage
them on their journeys?
“The Opensource.com community is open, kind, and inquisitive. Each person who writes for us
brings their own individual experiences and expertise to the table. When we launched the first
version of the Correspondent program in 2013—three years after our first article went live on
January 25, 2010—we began with a handful of dedicated individuals. Over the past five years,
that group has grown and become the heartbeat of our contributor community. They provide
us with feedback on what’s going on in the world of open source, they reach out to leaders and
members of open source communities and projects, and they pen articles that truly change lives,”
says Jason Hibbets, former community manager for Opensource.com.
As we celebrate a decade, we invite you to share with us. How do you meet the challenges of
your life with open source? What could you contribute to the conversation?
— Jen Wike Huger
Chief Editor
OPEN SOURCE YEARBOOK 2010-2019 . CC BY-SA 4.0 . OPENSOURCE.COM 3
CONTENTS
..............
.. ... .
.. .. .....
THROUGH THE YEARS
6 Welcome
First Article Ever
to the conversation on Opensource.com
Jim Whitehurst
7 2014
Favorite Linux distributions through the years
— 2019
8 2013
Open source news timeline
— 2019
9 Open Source Alternatives Cheat Sheet
10 Open Source Cheat Sheets
https://opensource.com/downloads/cheat-sheets
11 How
A Word from Christine Peterson
I coined the term ‘open source’
Christine Peterson
S TAND-OUT AR TICLES OF THE YEAR
Stand-out Article of the Year — 2010
14 Cooperative success: Understanding the co-op business model
Rebecca Fernandez
Stand-out Article of the Year — 2011
16
The DRM graveyard: A brief history of digital rights management
in music
Ruth Suehle
Stand-out Article of the Year — 2012
18 Three tips for working with open source diagrams
Máirín Duffy
Stand-out Article of the Year — 2013
19 How one parent fosters open source at home through DIY projects
Carolyn Fox
Stand-out Article of the Year — 2014
20 Top 3 open source business intelligence and reporting tools
Robin Muilwijk
Article of the Year — 2015
22 Stand-out
8 Linux file managers to try
David Both
4 OPEN SOURCE YEARBOOK 2010-2019 . CC BY-SA 4.0 . OPENSOURCE.COM
S TAND-OUT AR TICLES OF THE YEAR
Article of the Year — 2016
26 4Stand-out
open source tools for Linux system monitoring
David Both
Article of the Year — 2017
32 5Stand-out
projects for Raspberry Pi at home
Ben Nuttall
Stand-out Article of the Year — 2018
35 Linux vs. Unix: What’s the difference?
Phil Estes
Stand-out Article of the Year — 2019
38 Create your own video streaming server with Linux
Aaron J. Prisk
S TAND-OUT AR TICLES BY TOPIC
42 What
Stand-out Linux Article
you probably didn’t know about sudo
Peter Czanik
45 Pylint:
Stand-out Python Article
Making your Python code consistent
Moshe Zadka
47 How
Stand-out Raspberry Pi Article
to set up a personal web server with a Raspberry Pi
RaspberryPiGuy
52 You
Stand-out DevOps Article
can’t have DevOps without open source
Jen Krieger
Stand-out Kubernetes Article
54 Why is Kubernetes so popular?
Anurag Gupta
Stand-out Kids Article
56 Four Linux distros for kids
Aseem Sharma
58 6Stand-out Non-technical Article
remarkable features of the new United Nations open source initiative
Frank Karlitsche
All lead images by Opensource.com or the author under CC BY-SA 4.0 unless otherwise noted.
OPEN SOURCE YEARBOOK 2010-2019 . CC BY-SA 4.0 . OPENSOURCE.COM 5
FIRS T AR TICLE EVER
Welcome to the conversation
on Opensource.com
BY JIM WHITEHURST
AS THE CEO OF RED HAT, this is a day I’ve been
looking forward to for quite some
time. In my travels, I often find myself talking to people from
This will not be a site for Red Hat, about Red Hat. Instead this
will be a site for open source, about the future.
What you see today is only a beginning. In the spirit of
all walks of life who see opportunities for the lessons of open open source, we are releasing the site early. We will grow
source to be applied broadly to the world around us. its functionality and content over time based on ideas we
At Red Hat, we’ve used open source principles as the create together [1].
backbone of a successful technology company. We know With your help, this will be a place that connects people,
there are opportunities to apply the open source way broad- creates dialog, and—if we dare to dream—maybe even
ly in business, in government, in education, in the law, and changes the world a little bit for the better.
throughout our lives. Good to have you here. Let’s get started.
This site is one of the ways in which Red Hat gives some-
thing back to the open source community. Our desire is to Links
create a connection point for conversations about the broad- [1] https://opensource.com/should-be/10/1/what-should-
er impact that open source can have—and is having—even opensourcecom-be
beyond the software world. [2] https://youtu.be/J-63D6h0e38
We think of this site as a “Red Hat community service.” Mean-
ing: all ideas are welcome, and all participants are welcome.
Author
Jim Whitehurst is President and Chief Executive Officer of
Red Hat, the world’s leading provider of open source en-
terprise IT products and services. With a background in
business development, finance, and global operations,
Whitehurst has proven expertise in helping companies flour-
ish—even in the most challenging economic and business
environments. Since joining Red Hat in 2008, Whitehurst
has grown the company, and its influence on a variety of
industries, by reaching key milestones—the most notable in
2012 when Red Hat became the first $1 billion revenue open
source software company.
6 OPEN SOURCE YEARBOOK 2010-2019 . CC BY-SA 4.0 . OPENSOURCE.COM
FAVORITE LINUX DIS TRIBUTIONS THROUGH THE YEARS
Favorite Linux distributions
through the years
1200
1000 2014
800
600
400
200
0
Mint Fedora Debian Ubuntu Mageia openSUSE PCLinuxOS SparkyLinux elementary Arch
2000
2015
1500
1000
500
0
Mint Ubuntu Debian Fedora openSUSE PCLinuxOS elementary Android-x86 Deepin CentOS
2500
2000 2016
1500
1000
500
0
Mint Ubuntu Debian Fedora openSUSE Mageia Manjaro CentOS Arch Android-x86 Other
2000
1500
2017
1000
500
0
Arch CentOS Debian elementary Fedora Manjaro Mint openSUSE Ubuntu Zorin Other
3000
2500 2018
2000
1500
1000
500
0
Mint Debian Manjaro Ubuntu Antergos openSUSE Solus Fedora elementary Zorin deepin TrueOS CentOS Arch PCLinuxOS Other
1500
1200
2019
900
600
300
0
Antergos Arch CentOS Debian Elementary Fedora Kali Manjaro Mint MX Linux openSUSE ReactOS Solus Ubuntu Zorin Other
OPEN SOURCE YEARBOOK 2010-2019 . CC BY-SA 4.0 . OPENSOURCE.COM 7
OPEN SOURCE NEW S TIMELINE
Open source news timeline
2013 IBM pledges $1 billion
for Linux Motorola announces
open hardware phones 2013
2013 The Weather Channel
goes open source NASA to release
source code for
software projects
2014
GitHub releases Atom
2014 text editor under MIT Google reveals new
license container orchestration
tool, Kubernetes
2014
2014 Microsoft open sources
more of .NET Rust version 1.0.0
now available 2015
2015 Wordpress.com
goes open source
Perl 6 released
2016
2016 Raspberry Pi 3
announced
Code.gov shares US
government open
2016
source code
2016 Microsoft joins the
Linux Foundation Run Linux on your
Samsung phone 2017
2017 Linux dominates
supercomputing
Julia 1.0 released
2018
2018 Tim Berners-Lee building
a decentralized internet Alibaba launches the
fastest open source CPU 2019
GNOME and KDE
2019 partner on the
Linux Desktop
System76 will ship
2 Linux laptops with
Coreboot-powered open 2019
source firmware
8 OPEN SOURCE YEARBOOK 2010-2019 . CC BY-SA 4.0 . OPENSOURCE.COM
OPEN SOURCE ALTERNATIVES CHEAT SHEET
Opensource.com: Open Source Alternatives Cheat Sheet
Use this guide to help you find an open source alternative to common proprietary software tools.
Creative Tools
Photoshop GIMP, Pinta, Krita https://opensource.com/life/12/6/design-without-debt-five-tools-for-
designers
Dreamweaver Aptana Studio, BlueGriffon, NetBeans, https://opensource.com/alternatives/dreamweaver
SeaMonkey, Aloha Editor
AutoCAD BRL-CAD, FreeCAD, LibreCAD https://opensource.com/alternatives/autocad
Video Editing Pitivi, OpenShot, Cinelerra, KDEnlive, Blender https://opensource.com/article/18/4/new-state-video-editing-linux
Microsoft Publisher Scribus, LibreOffice, LaTeX or other markup https://opensource.com/alternatives/microsoft-publisher
languages
Chat Tools
Slack IRC, Let’s Chat, Mattermost, Rocket.Chat, Riot.im https://opensource.com/alternatives/slack
WhatsApp Line, Riot.im, Signal, Threema, Viber, Wire, https://opensource.com/article/19/3/open-messenger-client
Skype Jami, Jitsi, Linphone, Riot, Wire, Pidgin https://opensource.com/alternatives/skype
Office Tools
Microsoft Access LibreOffice Base, DB Browser for SQLite, Kexi, https://opensource.com/alternatives/access
nuBuilder Forte
Gmail Roundcube, Zimbra, SquirrelMail, Rainloop, Cypht https://opensource.com/alternatives/gmail
https://opensource.com/article/19/1/productivity-tool-cypht-email
Google Docs CryptPad https://opensource.com/article/19/1/productivity-tool-cryptpad
Google Sheets EtherCalc https://opensource.com/article/19/7/get-going-ethercalc
Project Management Tools
Project MyCollab, Odoo, Taiga, Phabricator, Tuleap Open https://opensource.com/business/16/3/top-project-management-
Management ALM, Agilefant, Redmine, Gitlab, OpenProject, tools-2016
Tools LibrePlan, ProjectLibre
Trello Taiga, Kanboard, Wekan, Restyaboard, Taskboard https://opensource.com/alternatives/trello
Notetaking Tools
Evernote Joplin, Turtl, Paperwork, Laverna, Permanote, https://opensource.com/article/17/12/joplin-open-source-evernote-
Brainstorm alternative
https://opensource.com/article/17/12/using-turtl-open-source-
alternative-evernote
https://opensource.com/alternatives/evernote
News and Social Media
Pocket Wallabag https://opensource.com/article/18/7/wallabag
Social Media Mastodon, Textile, PixelFed https://opensource.com/article/19/1/open-source-social-media-
alternatives
Filesharing
Dropbox ownCloud, NextCloud, Seafile, OnionShare, Pydio https://opensource.com/alternatives/dropbox
Cells
CRM Tools
Salesforce Corteza https://opensource.com/article/19/8/corteza-open-source-
alternative-salesforce
CRM Tools EspoCRM, SuiteCRM, Oro CRM, CiviCRM, https://opensource.com/business/16/2/top-6-open-source-crm-
Fat Free CRM, Zurmo tools-2016
Security
LastPass Bitwarden https://opensource.com/article/18/3/managing-passwords-bitwarden
https://opensource.com/life/14/7/managing-passwords-open-source-
way
Personal Finance
Personal Finance GnuCash, HomeBank, KMyMoney, Money https://opensource.com/life/17/10/personal-finance-tools-linux
Tools Manager Ex, Skrooge, Spreadsheets
Gaming
Minecraft, Steam Lutris, Minetest, Terasology, Voxel.js, TrueCraft, https://opensource.com/alternatives/minecraft
Craft https://opensource.com/article/18/10/lutris-open-gaming-platform
More
More open source alternatives https://opensource.com/tags/alternatives
https://opensource.com/alternatives
OPEN SOURCE YEARBOOK 2010-2019 . CC BY-SA 4.0 . OPENSOURCE.COM 9
Open Source Cheat Sheets
Visit our cheat sheets collection
(https://opensource.com/downloads/cheat-sheets)
for free downloads, including:
Raspberry Pi: See what you need to boot your Pi, how to install the operating
system, how to enable SSH and connect to WiFi, how to install software and
update your system, and links for where to get further
help.
Python 3.7: This cheat sheet rounds up a few built-in
pieces to get new Python programmers started.
Linux Common Commands: Keep common tasks
top of mind with this handy Linux commands cheat
sheet.
Markdown: With this cheat sheet, you’ll find yourself
ready to write advanced READMEs on GitLab
and GitHub.
Bash: Bash tricks and shortcuts to help you
become more efficient at the command line.
SSH: Most people know SSH as a tool for remote
login, which it is, but it can be used in many other
ways.
Linux Networking: In this downloadable PDF cheat sheet, get a list of
Linux utilities and commands for managing servers and networks.
Ansible Automation for SysAdmins: This guide
is a primer to help you get started using Ansible to
give you a better understanding of the capabilities
and show you how to automate everyday
sysadmin tasks.
Getting Started with Kubernetes: Like
Kubernetes, dump trucks are an elegant solution
to a wide range of essential business problems.
Download this e-book to learn more.
DevOps Hiring Guide: This free download
provides advice, tactics, and information about
the state of DevOps hiring for both job seekers
and hiring managers.
A WORD FROM CHRIS TINE PETERSON — 2018
How I coined the term
‘open source’
BY CHRISTINE PETERSON
Christine Peterson finally publishes her account of that fateful day, 20 years ago.
IN A FEW DAYS, on February 3, the 20th anniversa-
ry of the introduction of the term “open
source software” is upon us. As open source software
respect to software prior to 1998 has not been confirmed.
The account below describes how the term open source
software [2] caught on and became the name of both an in-
grows in popularity and powers some of the most robust and dustry and a movement.
important innovations of our time, we reflect on its rise to
prominence. Meetings on computer security
I am the originator of the term “open source software” [1] In late 1997, weekly meetings were being held at Foresight
and came up with it while executive director at Foresight In- Institute to discuss computer security. Foresight is a non-
stitute. Not a software developer like the rest, I thank Linux profit think tank focused on nanotechnology and artificial
programmer Todd Anderson for supporting the term and pro- intelligence, and software security is regarded as central
posing it to the group. to the reliability and security of both. We had identified free
This is my account of how I came up with it, how it was software as a promising approach to improving software
proposed, and the subsequent reactions. Of course, there security and reliability and were looking for ways to pro-
are a number of accounts of the coining of the term, for ex- mote it. Interest in free software was starting to grow out-
ample by Eric Raymond and Richard Stallman, yet this is side the programming community, and it was increasingly
mine, written on January 2, 2006. clear that an opportunity was coming to change the world.
It has never been published, until today. However, just how to do this was unclear, and we were
The introduction of the term “open source software” was groping for strategies.
a deliberate effort to make this field of endeavor more un- At these meetings, we discussed the need for a new term
derstandable to newcomers and to business, which was due to the confusion factor. The argument was as follows:
viewed as necessary to its those new to the term “free
spread to a broader com- software” assume it is refer-
munity of users. The prob- ring to the price. Oldtimers
lem with the main earlier la- must then launch into an ex-
bel, “free software,” was not planation, usually given as
its political connotations, follows: “We mean free as in
but that—to newcomers— freedom, not free as in beer.”
its seeming focus on price At this point, a discussion on
is distracting. A term was software has turned into one
needed that focuses on the about the price of an alco-
key issue of source code holic beverage. The problem
and that does not immedi- was not that explaining the
ately confuse those new to meaning is impossible—the
the concept. The first term that came along at the right problem was that the name for an important idea should not
time and fulfilled these requirements was rapidly adopted: be so confusing to newcomers. A clearer term was needed.
open source. No political issues were raised regarding the free software
This term had long been used in an “intelligence” (i.e., term; the issue was its lack of clarity to those new to the
spying) context, but to my knowledge, use of the term with concept.
OPEN SOURCE YEARBOOK 2010-2019 . CC BY-SA 4.0 . OPENSOURCE.COM 11
A WORD FROM CHRIS TINE PETERSON — 2018
Releasing Netscape used the term in a sentence on another topic—just dropped
On February 2, 1998, Eric Raymond arrived on a visit to work it into the conversation to see what happened. I went on
with Netscape on the plan to release the browser code under alert, hoping for a response, but there was none at first. The
a free-software-style license. We held a meeting that night discussion continued on the original topic. It seemed only he
at Foresight’s office in Los Altos to strategize and refine our and I had noticed the usage.
message. In addition to Eric and me, active participants in- Not so—memetic evolution was in action. A few minutes
cluded Brian Behlendorf, Michael Tiemann, Todd Anderson, later, one of the others used the term, evidently without no-
Mark S. Miller, and Ka-Ping Yee. But at that meeting, the ticing, still discussing a topic other than terminology. Todd
field was still described as free software or, by Brian, “source and I looked at each other out of the corners of our eyes
code available” software. to check: yes, we had both noticed what happened. I was
While in town, Eric used Foresight as a base of opera- excited—it might work! But I kept quiet: I still had low status
tions. At one point during his visit, he was called to the phone in this group. Probably some were wondering why Eric had
to talk with a couple of Netscape legal and/or marketing staff. invited me at all.
When he was finished, I asked to be put on the phone with Toward the end of the meeting, the question of termi-
them—one man and one woman, perhaps Mitchell Baker— nology [3] was brought up explicitly, probably by Todd or
so I could bring up the need for a new term. They agreed in Eric. Maddog mentioned “freely distributable” as an earlier
principle immediately, but no specific term was agreed upon. term, and “cooperatively developed” as a newer term. Eric
Between meetings that week, I was still focused on the listed “free software,” “open source,” and “sourceware” as
need for a better name and came up with the term “open the main options. Todd advocated the “open source” mod-
source software.” While not ideal, it struck me as good el, and Eric endorsed this. I didn’t say much, letting Todd
enough. I ran it by at least four others: Eric Drexler, Mark and Eric pull the (loose, informal) consensus together
Miller, and Todd Anderson liked it, while a friend in marketing around the open source name. It was clear that to most of
and public relations felt the term “open” had been overused those at the meeting, the name change was not the most
and abused and believed we could do better. He was right important thing discussed there; a relatively minor issue.
in theory; however, I didn’t have a better idea, so I thought I Only about 10% of my notes from this meeting are on the
would try to go ahead and introduce it. In hindsight, I should terminology question.
have simply proposed it to Eric Raymond, but I didn’t know But I was elated. These were some key leaders in the
him well at the time, so I took an indirect strategy instead. community, and they liked the new name, or at least didn’t
Todd had agreed strongly about the need for a new term object. This was a very good sign. There was probably not
and offered to assist in getting the term introduced. This much more I could do to help; Eric Raymond was far bet-
was helpful because, as a non-programmer, my influence ter positioned to spread the new meme, and he did. Bruce
within the free software community was weak. My work in Perens signed on to the effort immediately, helping set up
nanotechnology education at Foresight was a plus, but not Opensource.org and playing a key role in spreading the
enough for me to be taken very seriously on free software new term.
questions. As a Linux programmer, Todd would be listened For the name to succeed, it was necessary, or at least
to more closely. highly desirable, that Tim O’Reilly agree and actively use it
in his many projects on behalf of the community. Also helpful
The key meeting would be use of the term in the upcoming official release of
Later that week, on February 5, 1998, a group was assembled the Netscape Navigator code. By late February, both O’Reilly
at VA Research to brainstorm on strategy. Attending—in ad- & Associates and Netscape had started to use the term.
dition to Eric Raymond, Todd, and me—were Larry Augustin,
Sam Ockman, and attending by phone, Jon “maddog” Hall. Getting the name out
The primary topic was promotion strategy, especially After this, there was a period during which the term was
which companies to approach. I said little, but was looking promoted by Eric Raymond to the media, by Tim O’Reilly
for an opportunity to introduce the proposed term. I felt that to business, and by both to the programming community. It
it wouldn’t work for me to just blurt out, “All you technical seemed to spread very quickly.
people should start using my new term.” Most of those at- On April 7, 1998, Tim O’Reilly held a meeting of key lead-
tending didn’t know me, and for all I knew, they might not ers in the field. Announced in advance as the first “Freeware
even agree that a new term was greatly needed, or even Summit,” [4] by April 14 it was referred to as the first “Open
somewhat desirable. Source Summit.” [5]
Fortunately, Todd was on the ball. Instead of making an These months were extremely exciting for open source.
assertion that the community should use this specific new Every week, it seemed, a new company announced plans
term, he did something less directive—a smart thing to do to participate. Reading Slashdot became a necessity, even
with this community of strong-willed individuals. He simply for those like me who were only peripherally involved. I
12 OPEN SOURCE YEARBOOK 2010-2019 . CC BY-SA 4.0 . OPENSOURCE.COM
A WORD FROM CHRIS TINE PETERSON — 2018
strongly believe that the new term was helpful in enabling [5] https://www.oreilly.com/pub/pr/796
this rapid spread into business, which then enabled wider [6] https://ipfs.io/ipfs/QmXoypizjW3WknFiJnKLwHCnL72
use by the public. vedxjQkDDP1mXWo6uco/wiki/Alternative_terms_for_
A quick Google search indicates that “open source” ap- free_software.html
pears more often than “free software,” but there still is sub-
stantial use of the free software term, which remains useful Author
and should be included when communicating with audiences Christine Peterson writes, lectures, and briefs the media on
who prefer it. coming powerful technologies, especially nanotechnology,
artificial intelligence, and longevity. She is Cofounder and
A happy twinge Past President of Foresight Institute, the leading nanotech
When an early account [6] of the terminology change written public interest group. Foresight educates the public, techni-
by Eric Raymond was posted on the Open Source Initiative cal community, and policymakers on coming powerful tech-
website, I was listed as being at the VA brainstorming meet- nologies and how to guide their long-term impact.
ing, but not as the originator of the term. This was my own She serves on the Advisory Board of the Machine Intel-
fault; I had neglected to tell Eric the details. My impulse was ligence Research Institute, and has served on California’s
to let it pass and stay in the background, but Todd felt oth- Blue Ribbon Task Force on Nanotechnology and the Editori-
erwise. He suggested to me that one day I would be glad to al Advisory Board of NASA’s Nanotech Briefs.
be known as the person who coined the name “open source She has often directed Foresight Conferences on Molecu-
software.” He explained the situation to Eric, who promptly lar Nanotechnology, organized Foresight Institute Feynman
updated his site. Prizes, and chaired Foresight Vision Weekends.
Coming up with a phrase is a small contribution, but I ad- She lectures on technology topics to a wide variety of au-
mit to being grateful to those who remember to credit me diences, focusing on making complex fields understandable.
with it. Every time I hear it, which is very often now, it gives Her work is motivated by a desire to help Earth’s envi-
me a little happy twinge. ronment and traditional human communities avoid harm and
The big credit for persuading the community goes to Eric instead benefit from expected dramatic advances in tech-
Raymond and Tim O’Reilly, who made it happen. Thanks nology. This goal of spreading benefits led to an interest in
to them for crediting me, and to Todd Anderson for his role new varieties of intellectual property including open source
throughout. The above is not a complete account of open software, a term she is credited with originating.
source history; apologies to the many key players whose Wearing her for-profit hat, she chairs the Personalized
names do not appear. Those seeking a more complete ac- Life Extension Conference series. In 1991 she coauthored
count should refer to the links in this article and elsewhere Unbounding the Future: the Nanotechnology Revolution
on the net. (Morrow, full text online), which sketches nanotechnology’s
potential environmental and medical benefits as well as pos-
Links sible abuses. An interest in group process led to coauthoring
[1] https://opensource.com/resources/what-open-source Leaping the Abyss: Putting Group Genius to Work (knOw-
[2]
https://opensource.org/osd here Press, 1997, full text online) with Gayle Pergamit.
[3]
https://wiki2.org/en/Alternative_terms_for_free_software Peterson holds a bachelor’s degree in chemistry from MIT.
[4]
https://www.oreilly.com/pub/pr/636 Follow her at @lifeext
OPEN SOURCE YEARBOOK 2010-2019 . CC BY-SA 4.0 . OPENSOURCE.COM 13
S TAND-OUT AR TICLE OF THE YEAR — 2010
Cooperative success:
Understanding the
co-op business model
BY REBECCA FERNANDEZ
THERE ARE A FEW THINGS you should know about
democratically run “cooperative”
businesses. First, they’re not all that unusual. They’re also
Cooperative businesses take this idea of employee own-
ership and engagement one step further: employees actual-
ly own and operate the business. Besides the profit motive,
respectably profitable. And working in one doesn’t require cooperative models assume that workers value a more hu-
you to be a Marxist or wear patchouli. manized workplace, where the input of ground-level employ-
ees can improve the business. Most cooperative businesses
Something old, something new are founded on the democratic principle of “one worker, one
Last December, the United Nations declared 2012 to be “The vote,” and no two are alike.
International Year of Cooperatives,” encouraging countries
around the world to promote the establishment of these The many faces of the cooperative
types of businesses. And with good reason. Isthmus Engineering employs around 45 people, who are
From Spain’s seventh-largest business, Mondragon eligible to become worker-owners of the company after
Corporation [1], a federation of worker cooperatives that two years of service. According to controls engineer Ole
employs over 90,000 peo- Olson, worker-owners “get
ple, to Wisconsin’s Isthmus to decide how our company
Engineering [2], with its 29 runs, what we build, what
co-owners, cooperative busi- we don’t build.” The wait-
nesses are thriving. Arguably ing period gives employees
the most well known, Mon- time to experience the busi-
dragon is now 54 years old ness model, get acclimated
and has outperformed private to the environment, and
sector companies on employ- understand the corporate
ee compensation and, during culture.
several bleak recession Nearby Union Cab [3] oper-
years, unemployment rates. ates a bit differently, creating
Still, when people hear new owners almost immedi-
the word “cooperative,” most ately, as long-time member
have difficulty envisioning anything beyond a crunchy Fred Schepartz explained to The Workers’ Paradise [4]:
granola health food store. That’s perhaps not surprising,
considering the closest thing to employee-ownership most “All employees who pass probation are members
corporate workers experience is an Employee Stock Own- of Union Cab Cooperative. Period. [...] There
ership Plan, where they can purchase (or are granted) is no caste system. Structurally, there are no
stock in their company. These programs are designed to members that are more equal than others. Yes,
incentivize workers to be more productive, as they now
we have managers, but they have to answer to
benefit directly from the business’s success. They are built
the board of directors, which is elected from the
around the assumption that monetary reward is the best
membership, by the membership. Essentially,
motivation for workers.
14 OPEN SOURCE YEARBOOK 2010-2019 . CC BY-SA 4.0 . OPENSOURCE.COM
S TAND-OUT AR TICLE OF THE YEAR — 2010
management works for the employees though recession, exploring new business models probably isn’t
they are given the authority to do their jobs. a bad idea.
Retired steelworker Rick Kimbrough told SolidarityEcon-
[E]verybody who works at Union Cab who
omy.net that he’s all for the initiative. “Ever since they shut
has passed probation is a full-fledged member.
down our mill, I’ve always thought, ‘Why shouldn’t we own
Drivers, dispatchers, phone answerers, them?’ If we did, they wouldn’t be running away.”
mechanics, IT staff, accounting staff. Everybody.”
Meanwhile, New York City’s Cooperative Home Care Asso- Links
ciates [5], which provides services like light housekeeping [1] https://opensource.com/business/10/7/cooperative-
and personal care to a number of elderly and disabled indi- success-understanding-co-op-business-model
viduals, focuses on transforming what are traditionally low [2] https://madison.com/wsj/business/article_6b218ae8-b911-
income, entry-level, part time jobs [6] into full time positions 11de-a44a-001cc4c03286.html
with training, full benefits, higher wages, and guaranteed [3] https://www.unioncab.com/
hours. The company offers a number of special services [4] https://www.givemethisoffer.com/wim/static/wi/main3.
tailored to the needs of these workers, including no-inter- html?tp=iw&cid=8502&v=23&gnum=6&clickid=
est loans up to $250, free tax preparation, and savings 77661227104&cachecode=HAyZFRX6td7Y%2F8fq
programs toward the $1,000 required to become a work- SvcrnA%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA
er-owner. Meanwhile, operating decisions are made by a %3D%3D&q=cooperativeconsult+KW+cooperativeconsult.
14-member Board of Directors, eight being elected from com+cooperative+consultants&dkw=cooperativeconsult.
among all worker-owners. The Worker Council, composed com&g=US&cc2=HAyZFRX6td7Y%2F8fqSvcrnA
of 12 home care workers, serves as a liason between the %3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D
Board of Directors and the employees, explaining decisions %3D&geo=US
and advocating for needs. Each worker-owner votes to ap- [5] http://www.chcany.org/
prove or deny the annual allocation of net profit determined [6] https://geo.coop/node/433
by the Board. [7] http://www.usworker.coop/home/
There are many more stories of profitable cooperatives, [8] https://ncbaclusa.coop/
from bakeries to retailers. There are also a number of orga- [9] https://www.ica.coop/en
nizing bodies, including the US Federation of Worker Coop-
eratives [7], National Cooperative Business Organization [8],
and the International Co-operative Alliance [9]. Author
Rebecca Fernandez is a Principal Program Manager at Red
Learning from success Hat, leading projects to help the company scale its open cul-
Even Pittsburgh’s United Steel Workers Union is getting ture. She’s an Open Organization Ambassador, contributed
in on the (cooperative) action. The union is partnering to The Open Organization book, and maintains the Open
with Mondragon to explore the possibility of steel worker Decision Framework. She is interested in the intersection
cooperatives. With over 40,000 manufacturing facilities of open source principles and practices, and how they can
closed throughout the United States during the economic transform organizations for the better.
OPEN SOURCE YEARBOOK 2010-2019 . CC BY-SA 4.0 . OPENSOURCE.COM 15
S TAND-OUT AR TICLE OF THE YEAR — 2011
The DRM graveyard:
A brief history of digital rights
management in music
BY RUTH SUEHLE
THERE ARE MORE than a few reasons digital rights man-
agement (DRM) has been largely unsuccessful.
But the easiest way to explain to a consumer why DRM doesn’t
have intended this software for. I want to make a point with this
software, and if you use it for purposes of violating copyrights,
the message stands a very good chance of getting lost.”
work is to put it in terms he understands: “What happens to the
music you paid for if that company changes its mind?” It was May 2002
one thing when it was a theoretical question. Now it’s a histori- Shuman Ghosemajumder proposes the Open Music
cal one. Rhapsody just had the next in a line of DRM music ser- Model [2], which states that subscription services free
vices to go—this week the company told its users than anyone of DRM are the only successful model to beat piracy. It
with RAX files has unil November 7 to back them up in another requires open file sharing, open file formats, open mem-
format or lose them the next time they upgrade their systems. bership, open payment, and open competition.
The Electronic Frontier Foundation summarizes the battle [1]:
Corporations claim that DRM is necessary to fight copy-
April 21, 2003
RealNetworks (known for RealAudio, RealVideo and Re-
right infringement online and keep consumers safe from
alPlayer) acquires Listen.com, owner of Rhapsody and of-
viruses. But there’s no evidence that DRM helps fight
fers streaming downloads for a monthly fee.
either of those. Instead DRM helps big business stifle
innovation and competition by making it easy to quash
“unauthorized” uses of media and technology.
April 28, 2003
One week later, the iTunes store launches with its songs en-
Unfortunately, the side effect in this less-than-successful at- crypted with FairPlay DRM. It restricts users to accessing songs
tempt to fight piracy is the hours it takes users to retrieve, from only three (later five) computers and making no more than
rip, and back up their music when a services shuts down, ten (later seven) copies of a CD playlist. Apple does not license
is sold, or simply decides DRM wasn’t the right way to go its encryption, so only Apple devices can play iTunes music.
(sometimes in as little as five months). The following is a
brief history of the rise and fall of DRM in music services. November 2003
FairPlay is cracked by Jon Lech Johansen (“DVD Jon”), pre-
October 1998 viously known for his part in the DeCSS software, which was
The Digital Millennium Copyright Act makes DRM circum- released four years earlier for decrypting DVDs.
vention and circumvention tools illegal.
January 2004
December 2001 RealNetworks announces sale of DRM-restricted music in
Rhapsody unlimited music streaming subscription service the RealPlayer Music Store.
launches with songs restricted by the company’s Helix DRM.
August 2004
October 2001 Microsoft begins certifying devices and providers with the Plays-
“Beale Screamer” cracks the Microsoft Windows Media DRM ForSure mark, noting that they had been tested and certified for
and posts a how-to on the sci-crypt Usenet board along with compatibility with files encrypted with Windows Media DRM.
code for stripping the DRM from Windows Media files. In his
message, he writes to music companies, “Give us more op- February 2005
tions, not fewer. If you try to take away our current rights, and Yahoo! Music offers unlimited music as a rebrand of
dictate to us what we may or may not do, you’re going to get a LAUNCH Media at the Open Music Model’s recommended
lot of resistance.” To users he writes, “Please respect the uses I $5 subscription price point, but using DRM.
16 OPEN SOURCE YEARBOOK 2010-2019 . CC BY-SA 4.0 . OPENSOURCE.COM
S TAND-OUT AR TICLE OF THE YEAR — 2011
October/November 2005 their songs on any computer they do not authorize by
Consumers of Sony CDs discover the Sony rootkit in its Se- August 31—songs definitely no longer “play for sure.”
cuROM DRM. Removing it leaves some forced to reinstall
Windows [3]. Sony settles in December. (Read a timeline of June 2008
the Sony rootkit story [4].) Microsoft responds to customer outrage and agrees that
MSN Music Store songs will continue to be transferrable
July 2006 through the end of 2011.
The eMusic subscription service, which sells songs DRM-
free, becomes the second-largest digital music service, September 2008
though with an 11% market share to iTunes’ 67%. Yahoo! Music Unlimited shuts down and merges into
Rhapsody. It encourages users to burn their music to CDs by
September 2006 the end of the month, as the move to Rhapsody does not include
Steve Jobs announces that Apple has 88% of the legal US the continued ability to access license keys for purchased music.
music download market—still locked under DRM. Wal-Mart decides to shut down its DRM system,
ending support for protected files from the five months
November 2006 when they chose to use it.
Microsoft abandons the PlaysForSure strategy in fa-
vor of a more Apple-esque approach with the Zune player January 2009
tightly tied to the Zune Marketplace. PlaysForSure music will Apple agrees with the four major music companies
not play on the Zune. that all music sold via iTunes will be sold DRM-free.
February 2007 April 2009
Steve Jobs writes in “Thoughts on Music” [5] that it is the music Apple announces availability of DRM-free versions of all mu-
companies who force Apple to use DRM in iTunes contracts, sic in the iTunes store (but keeps it on video, audiobooks, and apps).
and he calls on them to relax the demand. “DRMs haven’t
worked, and may never work, to halt music piracy,” he writes. April 2010
Rhapsody spins off from RealNetworks.
April 2007
EMI’s music library becomes available DRM-free on September 2010
iTunes for a premium charge through “iTunes Plus.” Nokia Music Store (Ovi Music) decides to go DRM-free.
May 2007 November 2011
Amazon announces it will sell DRM-free music for 99 Rhapsody tells its users that anyone with its older RAX
cents/song. Shortly thereafter, Apple drops the DRM-free premi- format files has unil November 7 to back them up in another
um price. Customers soon discover that each of these tracks format or lose them the next time they upgrade their systems.
downloaded from iTunes—even the new, DRM-free ones—
has the user’s personal information embedded [6]. Links
[1] https://www.eff.org/issues/drm
August 2007 [2] https://en.wikipedia.org/wiki/Open_music_model
Wal-Mart begins offering DRM-restricted mp3 downloads. [3] https://www.theregister.co.uk/2005/11/01/sony_rootkit_drm/
Nokia Music Stoore launches to provide Nokia phones with [4] https://boingboing.net/2005/11/14/sony-anticustomer-te.html
an on-phone music store using DRM that allowed music to [5] https://macdailynews.com/2007/02/06/apple_ceo_steve_
be played only on the phone. jobs_posts_rare_open_letter_thoughts_on_music/
[6] https://arstechnica.com/gadgets/2007/05/eff-drm-free-itunes-
February 2008 files-carry-more-than-just-names-and-e-mail-addresses/
Wal-Mart decides to offer only DRM-free mp3s.
Author
April 2008 Ruth Suehle is the community leadership manager for Red Hat’s
Apple becomes the largest music seller in the US, followed Open Source and Standards team. She’s co-author of Raspber-
by Wal-Mart and Best Buy. ry Pi Hacks (O’Reilly, December 2013) and a senior editor at
GeekMom, a site for those who find their joy in both geekery and
March 2008 parenting. She’s a maker at heart who is often behind a sewing
Microsoft announces that the MSN Music Store will machine creating costumes, rolling fondant for an excessively
no longer be supported and users will not be able to play large cake, or looking for the next great DIY project.
OPEN SOURCE YEARBOOK 2010-2019 . CC BY-SA 4.0 . OPENSOURCE.COM 17
S TAND-OUT AR TICLE OF THE YEAR — 2012
Three tips for working with
open source diagrams
BY MÁIRÍN DUFFY
IF YOU’RE A BIG-TIME OPEN SOURCE FANATIC like me,
you probably get questions about
open source alternatives to proprietary tools rather frequent-
October 2000. In mid 2010, the Calligra project [6] split off [7] of
the KOffice project; not long after, Flow maintainer Yue Liu got
to work [8] improving the stencil system and included stencils.
ly. From the ‘Alternatives to Microsoft® Visio®’ department, From my initial experimentations of creating sample dia-
here are three tips that should help designers who use Visio grams with it, Calligra Flow looks to be a pretty promising
in an open source environment. If you need an open source diagramming tool, so give it a shot!
option for opening Visio files, a revived open source appli-
cation for creating diagrams, or a lesser-known open source 3. Converting Visio stencils (.VXD) to .SVG
tool for converting Visio® stencils, these tips are for you. Converting Visio-format stencils to .SVG involves a pretty kludgy
workflow that doesn’t always work. Depending on how complex
1. Opening Visio files the stencils are, though, it’s possible to extract the shapes from
Open source tools haven’t been able to open Visio (.VSD format) a .VXD stencil file and use them as .SVGs. It involves using
diagrams for a pretty long time. The format is commonly used an old and seemingly abandoned project, so not much is new
for infrastructure and architecture documentation and planning— here, but now that you know how to open .VSD files, it may be
and less commonly, for user interface design and planning. of more interest to know how to also open .VXDs files [9].
Thankfully, Summer of Code students Eilidh McAdam and Remember, this process can be really buggy and may
Fridrich Strba implemented support for opening .VSD format need some love. For example, you have to move the in-
files in LibreOffice Draw last summer. This support is now cluded ‘chunks_parse_cmds.tbl’ file to the directory you run
available in Fedora 17’s version of LibreOffice. the command from, in order for it to work. Even then it fails
If you prefer to use Inkscape or any other open source sometimes, but, it’s a start!
SVG editor (such as Karbon14 or Xara,) Eilidh McAdam pro- The format for Calligra Flow stencils is open and it is ODG-
duced libvisio which works with the libwpd tools for convert- based, so with some effort it is possible to manually convert
ing .VSD files to .SVG—making it possible to open them in VXDs to Calligra Flow stencils [10], and the project has an
any SVG editor in Fedora. For Fedora 17, you’ll need the open call for help on that front. If you’d like to get involved, it
libvisio and libvisio-tools packages that are now available. seems like a great place to start. Have fun!
These two projects are covered in detail in Libre Graphics
World, including full instructions on VSD-to-SVG conversion [1]. Links
Note: There isn’t a solution yet for writing out to .VSD format, but [1] http://libregraphicsworld.org/blog/entry/the-ultimate-quest-
you can write out to .PDF, of course, which may serve your needs of-bringing-visio-support-to-libreoffice
in sharing your modified and originally .VSD-format diagrams. [2] https://wiki.gnome.org/action/show/Apps/
Dia?action=show&redirect=Dia
2. Creating diagrams in a Visio-like environment [3] https://inkscape.org/
Traditionally, Dia [2] has been the best game in town for [4] http://www.calligra.org/flow/
open source diagramming, but it hasn’t changed much over [5] http://www.koffice.org/kivio/
the years and requires a lot of tweaking and extra work to [6] https://www.calligra.org/
produce beautiful diagrams. For example, diagram graphics [7] https://mail.kde.org/pipermail/calligra-devel/2011-
are not anti-aliased by default in Dia .9.7.1. June/001663.html
Inkscape [3] is another option—my preferred one—but as [8] https://www.calligra.org/news/calligra-suite-the-first-three-
a general vector graphics editing tool, it doesn’t have the months/
specialized niceities and workflow of a tool specifically fo- [9] http://freshmeat.sourceforge.net/projects/vsdump
cused on diagramming and takes a bit of experience to use [10] https://community.kde.org/Calligra/Build_Stencils_for_Flow
it effectively for creating diagrams.
Calligra Flow [4], which is part of the Calligra suite of productiv- Author
ity applications, is now available in Fedora 17. The lineage of this Máirín is a principal interaction designer at Red Hat. She is pas-
application can be traced back to the KOffice Kivio [5] diagram- sionate about software freedom and free & open source tools, par-
ming tool, which according to Wikipedia was initially released in ticularly in the creative domain: her favorite application is Inkscape.
18 OPEN SOURCE YEARBOOK 2010-2019 . CC BY-SA 4.0 . OPENSOURCE.COM
S TAND-OUT AR TICLE OF THE YEAR — 2013
How one parent fosters open
source at home through
DIY projects
BY CAROLYN FOX
THIS YEAR I MADE A NEW YEAR RESOLUTION to foster a
more open education at home by
joining a growing subculture of society. To start, I began
that comes from realizing you can ditch a more expensive
commercial product for one you’ve made yourself, and
bubble down to future generations. Already, though, there
replacing some commercial household products, such as are kid’s sites such as DIY.org [2] that are flourishing. They
toothpaste, with ‘open source’ ones. After all, there is no pat- bargain that children are more involved in digital technol-
ent on or trademark for baking soda (2/3 cup), salt (4 tea- ogy at a younger age than previous generations and bill
spoons), mint oil (1 tablespoon), or melted coconut oil (2-3 themselves as a place where kids can build, make, hack,
tablespoons)—what you need to make homemade tooth- grow, and earn skills—an updated digital version of the
paste. They are readily available and accessible, except for Boy Scouts. And there are future plans for a membership
the mint oil perhaps (but you can substitute it with cinnamon subscription and options for children to sell their own in-
or vanilla extract, or other possibilities if you just use your ventions (another thing Marx might not have imagined, or
creative, open mind). Robert Baden-Powell who was founder and Chief Scout of
Once I had the necessary ingredients to make my own the Scout Movement).
toothpaste, I spent less time to make it than I had previously DIY.org is free and open to all children age 7 and older,
spent in the supermarket checkout queue to buy it. It costs though it seems to be primarily aimed at boys. Good thing
less money too. No fluoride, preservatives, or other chemical then that making toothpaste (for one) is, by contrast, univer-
substances either. sal and gender neutral. Perhaps this is an alternative way to
Nearly everyone uses some kind of toothpaste on a daily connect underrepresented girls with STEM (science, tech-
basis, but how many of us question the futility of a commer- nology, engineering, and mathematics) and open source,
cial brand toothpaste for something that we can easily make since at the moment, digital technology and the type of cre-
ourselves and with an open source concept? How many of ative tinkering that DIY tends to foster is still initially focused
us would like our children to get excited about math, science, on boys.
and history or live a simpler, greener, and healthier lifestyle Furthermore, I think girls may be more readily interested
by making their own toothpaste? in creative tinkering if they were first involved in something
Plus, making your own toothpaste or shampoo, or even like making their own toothpaste. It would foster a sense
laundry detergent, doesn’t require some special skill. It isn’t of empowerment, autonomy, and agency. (Read: Wendy
laborious or time consuming or some mysterious process. Priesnitz’s idea of economic success [3] that questions a tra-
When I first started to find out about the growing do-it-your- dition of well-being based on economics alone.)
self (DIY), or homemade, movement I was a bit intrigued and All in all, allowing children to make their own toothpaste
baffled—that is, until I made an analogy with open source. not only becomes a principle of economics and self-reliance,
Then it dawned on me that this movement is an outgrowth but maybe a slightly subversive act too.
or extension of the open source movement, and a way to
overcome a crisis in education. And I am far from alone in my Links
thoughts here. In September a technology reporter for the [1]
http://www.bbc.co.uk/news/technology-19347120
BBC News wrote about how Karl Marx predicted [1] a revo- [2]
https://diy.org/
lution would come, but Marx probably didn’t envision it being [3]
http://www.educationrevolution.org/blog/unschooling-and-
a bunch of do-it-yourselfers and members of a homemade feminism/
movement brigade. Without digital technology, it’s true that
such efforts would be minimal, but with digital technology, it Author
has taken root. Carolyn Fox is an educator, librarian, historian, and an
Time will tell how much this movement will affect the larg- un/homeschooling mother. She lives in Massachusetts with
er open source movement, generate a type of questioning her UK husband and son.
OPEN SOURCE YEARBOOK 2010-2019 . CC BY-SA 4.0 . OPENSOURCE.COM 19
S TAND-OUT AR TICLE OF THE YEAR — 2014
Top 3 open source business
intelligence and reporting tools
BY ROBIN MUILWIJK
THIS ARTICLE REVIEWS three top open source
business intelligence and re-
porting tools. In economies of big data and open data, who
ports primarily to web. It lacks a true Report Server, but
by using the Viewer on a Java application server, you
can provide end users with a web interface to render and
do we turn to in order to have our data analysed and present- view reports.
ed in a precise and readable format? This list covers those If you are looking for support, you can either check out the
types of tools. The list is not exhaustive—I have selected BIRT community [4] or the Developer Center [5] at Actuate.
tools that are widely used and can also meet enterprise re- The project also provides extensive documentation [6] and
quirements. And, this list is not meant to be a comparison— a Wiki [7].
this is a review of what is available. BIRT is licensed under the Eclipse Public License. It’s
latest release 4.3.2, which runs on Windows, Linux and
BIRT Mac, can be downloaded here [8]. Current development is
BIRT [1] is part of the open source Eclipse project and was shared through it’s most recent project plan [9].
first released in 2004. BIRT is sponsored by Actuate, and
recieves contributions from IBM and Innovent Solutions. JasperReport
BIRT consists of several components. The main compo- TIBCO recently acquired [10] JasperSoft, the company for-
nents being the Report Designer and BIRT Runtime. BIRT merly behind JasperReport [11]. JasperReport is the most
also provides three extra components: a Chart Engine, popular and widely used open source reporting tool. It is
Chart Designer, and Viewer. With these components you used in hundreds of thousands production environments.
are able to develop and publish reports as a standalone JasperReport is released as Enterprise and Community
solution. However, with the use of the Design Engine API, editions.
which you can include in any Java/Java EE application, Similar to BIRT, JasperReport consists of several com-
you can add reporting features in your own applications. ponents such as the JasperReport Library, iReport Report
For a full description and overview of it’s architecture, see Designer, JasperReport Studio, and JasperReport Server.
this overview. [2] The Library is a library of Java classes and APIs and is the
The BIRT Report Designer has a rich feature set [3], core of JasperReport. iReport Designer and Studio as the
is robust, and performs well. It scores high in terms of report designers where iReport is a Netbeans plugin and
usability with it’s intuitive user interface. An important standalone client, and Studio an Eclipse plugin. Note: iRe-
difference with the other tools is the fact it presents re- port will be discontinued in December 2015, with Studio
becoming the main designer component. For a full over-
view and description of the components, visit the homep-
age of the JasperReport community [11].
A full feature list of JasperSoft (Studio) can be viewed
here [12]. Different from BIRT, JasperReport is using a
pixel-perfect approach in viewing and printing it’s reports.
The ETL, OLAP, and Server components provide Jasper-
Report with valuable functionality in enterprise environ-
ments, making it easier to integrate with the IT-architec-
ture of organisations.
JasperReport is supported by excellent documenta-
tion [13], a Wiki [14], Q&A forums, and user groups [15].
20 OPEN SOURCE YEARBOOK 2010-2019 . CC BY-SA 4.0 . OPENSOURCE.COM
S TAND-OUT AR TICLE OF THE YEAR — 2014
Based on Java, JasperReport runs on Windows, Linux, porting tool, with a full suite of components (data mining
and Mac. It’s latest release 5.5 is from October 2013, and and integration).
is licensed under GPL.
Links
Pentaho [1] http://www.eclipse.org/birt/
Unlike the previous two tools, Pentaho is a complete busi- [2] http://www.eclipse.org/birt/about/architecture.php
ness intelligene (BI) Suite, covering the gamut from report- [3] http://www.eclipse.org/birt/phoenix/project/notable4.3.php
ing to data mining. The Pentaho BI Suite encompasses [4] https://www.eclipse.org/birt/community/
several open source projects, of which Pentaho Reporting [5] https://www.opentext.com/products-and-solutions/
is one of them. products/ai-and-analytics/analytics-developer-
Like the other tools, Pentaho [16] Reporting has a rich community/?utm_source=ai-analytics&utm_
feature set, ready for use in enterprise organisations. From medium=redirect&utm_source=actuatedev&utm_
visual report editor to web platform to render and view re- medium=redirect
ports to end users. And report formats like PDF, HTML and [6] https://www.eclipse.org/birt/documentation/
more, security and role management, and the ability to email [7] https://wiki.eclipse.org/BIRT_Project
reports to users. [8] https://download.eclipse.org/birt/downloads/
The Pentaho BI suite also contains the Pentaho BI Server. [9] https://www.eclipse.org/birt/about/project-organization/
This is a J2EE application which provides an infrastructure [10] https://community.jaspersoft.com/founders-message-tibco
to run and view reports through a web-based user interface. [11] https://community.jaspersoft.com/
Other components from the suite are out of scope for this [12] https://community.jaspersoft.com/wiki/jaspersoft-studio-
article. They can be viewed on the site from Pentaho [17], features
under the Projects menu. Pentaho is released as Enterprise [13] https://community.jaspersoft.com/
and Community editions. documentation?version=10870
The Pentaho project provides it’s community with a forum, [14] https://community.jaspersoft.com/wiki/jaspersoft-
Jira bug tracker, and some other collaboration options. It’s community-wiki-0
documentation can be found on a Wiki [18]. [15] https://www.meetup.com/pro/tibco
Pentaho runs on Java Enterprise Edition and can be used [16] https://community.hitachivantara.com/s/article/pentaho-
on Windows, Linux, and Mac. It’s latest release is version reporting
5.0.7 from May 2014, and is licensed under GPL. [17] https://community.hitachivantara.com/s/pentaho
[18] https://wiki.pentaho.com/display/COM/
Summary Community+Wiki+Home
All three of these open source business intelligence and
reporting tools provide a rich feature set ready for enter- Author
prise use. It will be up to the end user to do a thorough Former Opensource.com and Open Organization modera-
comparison and select either of these tools. Major differ- tor/ambassador.
ences can be found in report presentations, with a focus Robin writes and is active on social media to promote and
on web or print, or in the availability of a report server. advocate for open source in our businesses and lives.Follow
Pentaho distinguishes itself by being more than just a re- him on Twitter @i_robin or on LinkedIn.
OPEN SOURCE YEARBOOK 2010-2019 . CC BY-SA 4.0 . OPENSOURCE.COM 21
S TAND-OUT AR TICLE OF THE YEAR — 2015
8 Linux file managers
to try
BY DAVID BOTH
ONE OF THE MOST COMMON administrative tasks
that end users and administra-
tors alike need to perform is file management. Managing
agers justice. I hope to have some future articles that provide
a more detailed look at two or three of these powerful tools.
Each of these file managers is configurable, with Kru-
files can consume a major sader and Konqueror being
portion of your time. Locat- the most configurable of the
ing files, determining which GUI-based file managers.
files and folders (directories) Midnight commander, the
are taking the most disk lone text-based file manager,
space, deleting files, mov- is also quite configurable.
ing files, and simply open- None of the file managers
ing files for use in an appli- look by default like they do in
cation are some of the most this document. I have config-
basic—yet frequent—tasks ured them to look like this on
we do as computer users. my systems. Except for Mid-
File management programs night Commander, the colors
are tools that are intended are managed in the “Appli-
to streamline and simplify those necessary chores. cation Appearance” section of the KDE System Settings
application and are not configurable within the applications
Many choices themselves.
Many people aren’t aware of the wide array of choices avail-
able in file managers, nor do they realize the full capabili- Default File Manager
ties of the ones they do know about. As with every aspect Like most Linux distributions, Fedora has a default file man-
of Linux, there are many options available for file managers. ager, which is currently Dolphin. The Linux desktop usually
The most common ones provided by my favorite distribution, has an icon that looks like a little house—that’s your home
Fedora, are: directory/folder. Click on the Home icon and the default file
• M idnight Commander manager opens with your home directory as the PWD, or
• K onqueror Present Working Directory. In current releases that use KDE
• D olphin 4.1 or above, the Home icon is located in the Desktop Folder
• K rusader along with the Trash icon, as shown below.
• N autilus
• Thunar
• P CmanFM
• X FE
I have used each of these at various times for various rea-
sons and they all have qualities to recommend them. Rang-
ing from very simple to feature-packed, there is a file manag-
er available that will meet your needs. Midnight Commander
and Krusader are my favorite file managers, and I use both
quite frequently, but I also find myself using Dolphin and
Konqueror.
This article looks briefly at each of the file managers listed
above and compares a few of their main features. Unfortu-
nately, there is not enough space to do each of these file man-
22 OPEN SOURCE YEARBOOK 2010-2019 . CC BY-SA 4.0 . OPENSOURCE.COM
S TAND-OUT AR TICLE OF THE YEAR — 2015
In KDE, the default file manager can be changed using file manager. Krusader allows you to use the same key-
System Settings > Default Applications > File Manager. board navigation and command structure as Midnight Com-
mander, and also allows you to use the mouse or trackball
Midnight Commander to navigate and perform all of the standard drag and drop
Midnight Commander [1] is a text-based Command Line In- operations you would expect on files.
terface (CLI) program. It is particularly useful when a GUI is
not available, but can also be used as a primary file manager
in a terminal session even when you are using a GUI. I use
Midnight Commander frequently because I often need to in-
teract with local and remote Linux computers using the CLI.
It can be used with almost any of the common shells and
remote terminals through SSH.
The primary user interface for Krusader, much like that of
Midnight Commander, is two text-mode panes—left and
right—which each display the contents of a directory. The
top of each pane contains the name of the current directo-
ry for that pane. In addition, tabs can be opened for each
pane and a different directory can be open in each tab.
Navigation is accomplished with the arrow and tab keys
or the mouse. The Enter key can be used to enter a high-
lighted directory.
You can start Midnight Commander from the CLI with the mc Each tab and pane can be configured to show files in one
command. The above image shows Midnight Commander of two different Modes. In the illustration above, files are dis-
in one tab of the Konsole program. The user interface for played in the detailed view that—in addition to the file name
Midnight Commander is two text mode panes, left and right, and an icon or preview—shows the file size, the date it was
which each display the contents of a directory. The top of last modified, the owner, and the file permissions.
each pane displays the name of the current directory for Along the very top of the Krusader GUI are a menu bar
that pane. Navigation is accomplished with the arrow and and toolbar containing menu items for configuring Krusad-
tab keys. The Enter key can be used to enter a highlighted er and managing files. The bottom portion of the interface
directory. displays a line of function key labels; you can simply press
Along the very top of the Midnight Commander inter- the function key on your keyboard that corresponds to the
face is a menu bar containing menu items for configuring function you want to perform. At the bottom of the interface
Midnight Commander, the left and right panes, and for is- is a command line.
suing various file commands. The bottom portion of the Krusader automatically saves the current tab and directory
interface displays information about the file or directory locations as well as other configuration items so that you will
highlighted in each pane, a hint feature and a line of func- always return to the last configuration and set of directories
tion key labels; you can simply press the function key on when restarting the application.
your keyboard that corresponds to the function you want
to perform. Between the hint line and the function keys is Konqueror
a command line. Konqueror [3] is another powerful and flexible file man-
ager with many features. It has one feature that none of
Krusader the other file managers do: it doubles as a web browser.
Krusader [2] is an exceptional file manager that is modeled Just type the URL of the web site you want to view in the
after Midnight Commander. It uses a similar two-pane in- location bar.
terface, but it’s graphical instead of text-based. Krusader The main thing that sets Konqeuror apart from the crowd
provides many features that enhance its functionality as a is the ability to open multiple tabs, each of which can have
OPEN SOURCE YEARBOOK 2010-2019 . CC BY-SA 4.0 . OPENSOURCE.COM 23
S TAND-OUT AR TICLE OF THE YEAR — 2015
one or more directory navigation panes. In the image below,
one tab has been divided into three panes; one on the left
side and two on the right. The sidebar at the far left is used to
provide rapid navigation of the entire filesystem.
The primary user interface for Dolphin can be configured
to be very similar to Konqueror and Krusader. Using two
panes which each display the contents of a directory, it
does not support splitting the panes. Navigation is accom-
plished with the arrow and tab keys or the mouse. The En-
One thing I particularly like about Konqueror is that it pro- ter key can be used to enter a highlighted directory. Dolphin
vides an excellent high-level view of your directory structure, also supports expanding the directory trees (folders) in both
both in the sidebar and in the directory panels. This makes the sidebar navigation pane and the directory panes.
it easier to locate and delete files and directory trees that Although Dolphin does support tabs, when restarted it al-
are no longer needed. It also enables easier navigation and ways reverts to the default of one pair of directory panes that
reorganization of the directory structure. display your home directory.
The primary user interface for Konqueror, much like
that of Midnight Commander and Krusader, is text-mode Nautilus
panes that display the contents of a directory. Konquer- Nautilus [5] has a single directory pane with which to work.
or, however, allows multiple panes, and the default single It also has a sidebar for navigation. Nautilus is a simple, de-
pane can be split both horizontally and vertically as many cent file manager that is good for many beginners due to
times as it makes sense to do so. Konqueror also sup- its simplicity. Nautilus is typically found in systems where
ports multiple tabs (at the top of the directory panes this GNOME is the desktop, but it can also be installed and used
time) and a different set of directories can be open in each with KDE.
tab. Navigation is accomplished with the arrow and tab
keys or the mouse. The Enter key can be used to enter a
highlighted directory. The Location widget near the top of
the Konqueror GUI contains the full path of the currently
selected pane.
Each tab and pane can be configured to show files in one
of two different Modes. In the above image, files are dis-
played in the detailed view which, in addition to the file name
and an icon or preview, shows the file size, the date it was
last modified, the owner, and the file permissions.
Along the very top of the Graphical User Interface are a
menu bar and tool bar containing menu items for configuring
Konqueror and managing files. Once you have the tabs and
panes set up the way you want them, you can save it so that
Konqueror will always start with that configuration.
Dolphin
Dolphin [4] is very much like Konqueror and Krusader. It has The primary user interface for Nautilus is fairly simple with
two directory navigation panes and a sidebar that allows for a navigation sidebar and a single directory window in which
easy filesystem navigation. It supports tabs. to work. It does not support multiple tabs or splitting the
24 OPEN SOURCE YEARBOOK 2010-2019 . CC BY-SA 4.0 . OPENSOURCE.COM
S TAND-OUT AR TICLE OF THE YEAR — 2015
panes. Navigation is accomplished with the arrow and tab ble choices and one will most likely meet most of your needs.
keys or the mouse. The Enter key can be used to enter a If your favorite does not meet your needs for a particular
highlighted directory. task, you can always use the one that does.
All of these file managers are free of charge and dis-
Thunar tributed under some form of open source license. All are
Thunar [6] is another lightweight file manager. It is so much available from common, trusted repositories for Fedora
like Nautilus in the way it looks and works and that there is and CentOS.
nothing else to say about it. I plan to write some additional articles that cover some of
these file managers in a bit more detail. Please leave your
PCmanFM comments to let me know which ones you would like to know
The PCManFM [7] file manager is intended to replace more about.
Nautilus and Thunar. In fact, based on the way they look
and work so much alike, they may actually share some Links
common code. These three file managers have the few- [1] https://www.midnight-commander.org/
est configuration options and all share the same simple [2] http://www.krusader.org/
interface. [3] https://konqueror.org/
[4] https://www.kde.org/applications/system/dolphin/
XFE [5] https://wiki.gnome.org/action/show/Apps/
XFE [8] is one of the more interesting of the file managers as Nautilus?action=show&redirect=Nautilus
it has an interface all its own and is a bit more flexible than [6] https://wiki.archlinux.org/index.php/Thunar
Nautilus, Thunar, and PCManFM. [7] http://wiki.lxde.org/en/PCManFM
[8] http://roland65.free.fr/xfe/
Author
David Both is an Open Source Software and GNU/Linux ad-
vocate, trainer, writer, and speaker who lives in Raleigh North
Carolina. He is a strong proponent of and evangelist for the
“Linux Philosophy.”
David has been in the IT industry for nearly 50 years. He
has taught RHCE classes for Red Hat and has worked at MCI
Worldcom, Cisco, and the State of North Carolina. He has
been working with Linux and Open Source Software for over
20 years.
David prefers to purchase the components and build his own
computers from scratch to ensure that each new computer
meets his exacting specifications. His primary workstation is an
XFE may be configured to display one or two directory ASUS TUF X299 motherboard and an Intel i9 CPU with 16 cores
panes, and the navigation bar is optional. It performs all the (32 CPUs) and 64GB of RAM in a ThermalTake Core X9 case.
expected drag and drop functions, but it requires some man- David has written articles for magazines including, Linux
ual configuration to associate the correct applications like Magazine, Linux Journal. His article “Complete Kickstart,”
LibreOffice with specific file types. It has a reasonable set of co-authored with a colleague at Cisco, was ranked 9th in the
configuration options, but nowhere near those of Konqueror Linux Magazine Top Ten Best System Administration Articles
or Krusader. list for 2008. David currently writes prolifically for OpenSource.
XFE is also quite difficult about retaining its own set of com and Enable SysAdmin.
“themes” and has no option to use the desktop color scheme, David currently has one book published, “The Linux Phi-
icons, decorations, or widgets. losophy for SysAdmins.” and is now is working on his next
project, “Using and Administering Linux: Zero to SysAdmin,” a
Recommendations self-study training course in three volumes that is scheduled
I know that there are other file managers, one of which may for release in late 2019.
be your favorite. Your choice of file manager should be the David can be reached at LinuxGeek46@both.org or on
one that works best for you. GNU/Linux provides several via- Twitter @LinuxGeek46.
OPEN SOURCE YEARBOOK 2010-2019 . CC BY-SA 4.0 . OPENSOURCE.COM 25
S TAND-OUT AR TICLE OF THE YEAR — 2016
4 open source tools for
Linux system monitoring
BY DAVID BOTH
INFORMATION IS THE KEY to resolving any
computer problem, including
problems with or relating to Linux and the hardware on
the 1 (or 5 or 10) minute load average is 4.04, for example?
Load average can be considered a measure of demand for
the CPU; it is a number that represents the average num-
which it runs. There are many tools available for and in- ber of instructions waiting for CPU time. So this is a true
cluded with most distributions even though they are not all measure of CPU performance, unlike the standard “CPU
installed by default. These tools can be used to obtain huge percentage” which includes I/O wait times during which the
amounts of information. CPU is not really working.
This article discusses some of the interactive command For example, a fully utilized single processor system
line interface (CLI) tools that are provided with or which CPU would have a load average of 1. This means that
can be easily installed on the CPU is keeping up ex-
Red Hat related distribu- actly with the demand; in
tions including Red Hat En- other words it has perfect
terprise Linux, Fedora, Cen- utilization. A load average
tOS, and other derivative of less than one means
distributions. Although there that the CPU is underuti-
are GUI tools available and lized and a load average
they offer good information, of greater than 1 means
the CLI tools provide all of that the CPU is overutilized
the same information and and that there is pent-up,
they are always usable be- unsatisfied demand. For
cause many servers do not example, a load average
have a GUI interface but all of 1.5 in a single CPU sys-
Linux systems have a command line interface. tem indicates that one-third of the CPU instructions are
This article concentrates on the tools that I typically use. forced to wait to be executed until the one preceding it
If I did not cover your favorite tool, please forgive me and let has completed.
us all know what tools you use and why in the comments This is also true for multiple processors. If a 4 CPU sys-
section. tem has a load average of 4 then it has perfect utilization. If
My go to tools for problem determination in a Linux envi- it has a load average of 3.24, for example, then three of its
ronment are almost always the system monitoring tools. For processors are fully utilized and one is utilized at about 76%.
me, these are top, atop, htop, and glances. In the example above, a 4 CPU system has a 1 minute load
All of these tools monitor CPU and memory usage, and average of 4.04 meaning that there is no remaining capacity
most of them list information about running processes at the among the 4 CPUs and a few instructions are forced to wait.
very least. Some monitor other aspects of a Linux system as A perfectly utilized 4 CPU system would show a load aver-
well. All provide near real-time views of system activity. age of 4.00 so that the system in the example is fully loaded
but not overloaded.
Load averages The optimum condition for load average is for it to equal
Before I go on to discuss the monitoring tools, it is important the total number of CPUs in a system. That would mean that
to discuss load averages in more detail. every CPU is fully utilized and yet no instruction must be
Load averages are an important criteria for measuring forced to wait. The longer-term load averages provide indi-
CPU usage, but what does this really mean when I say that cation of the overall utilization trend.
26 OPEN SOURCE YEARBOOK 2010-2019 . CC BY-SA 4.0 . OPENSOURCE.COM
S TAND-OUT AR TICLE OF THE YEAR — 2016
Linux Journal has an excellent article [1] describing load This program simply counts up by one and prints the current
averages, the theory and the math behind them, and how to value of X to STDOUT. And it sucks up CPU cycles. The
interpret them in the December 1, 2006 issue. terminal session in which cpuHog is running should show
a very high CPU usage in top. Observe the effect this has
Signals on system performance in top. CPU usage should immedi-
All of the monitors discussed here allow you to send sig- ately go way up and the load averages should also start to
nals [2] to running processes. Each of these signals has a increase over time. If you want, you can open additional ter-
specific function though some of them can be defined by the minal sessions and start the cpuHog program in them so that
receiving program using signal handlers. you have multiple instances running.
The separate kill command can also be used to send sig- Determine the PID of the cpuHog program you want to kill.
nals to processes outside of the monitors. The kill -l can be Press the k key and look at the message under the Swap line
used to list all possible signals that can be sent. Three of at the bottom of the summary section. Top asks for the PID of
these signals can be used to kill a process. the process you want to kill. Enter that PID and press Enter.
SIGTERM (15): Signal 15, SIGTERM is the default signal Now top asks for the signal number and displays the default
sent by top and the other monitors when the k key is pressed. of 15. Try each of the signals described here and observe
It may also be the least effective because the program must the results.
have a signal handler built into it. The program’s signal handler
must intercept incoming signals and act accordingly. So for 4 open source tools for Linux system monitoring
scripts, most of which do not have signal handlers, SIGTERM
is ignored. The idea behind SIGTERM is that by simply telling top
the program that you want it to terminate itself, it will take ad- One of the first tools I use when performing problem deter-
vantage of that and clean up things like open files and then mination is top. I like it because it has been around since
terminate itself in a controlled and nice manner. forever and is always available while the other tools may not
SIGKILL (9): Signal 9, SIGKILL provides a means of kill- be installed.
ing even the most recalcitrant programs, including scripts The top program is a very powerful utility that provides a
and other programs that have no signal handlers. For great deal of information about your running system. This
scripts and other programs with no signal handler, howev- includes data about memory usage, CPU loads, and a list
er, it not only kills the running script but it also kills the shell of running processes including the amount of CPU time and
session in which the script is running; this may not be the memory being utilized by each process. Top displays sys-
behavior that you want. If you want to kill a process and tem information in near real-time, updating (by default) ev-
you don’t care about being nice, this is the signal you want. ery three seconds. Fractional seconds are allowed by top,
This signal cannot be intercepted by a signal handler in the although very small values can place a significant load the
program code. system. It is also interactive and the data columns to be dis-
SIGINT (2): Signal 2, SIGINT can be used when SIGTERM played and the sort column can be modified.
does not work and you want the program to die a little more A sample output from the top program is shown in Figure 1
nicely, for example, without killing the shell session in which below. The output from top is divided into two sections which
it is running. SIGINT sends an interrupt to the session in are called the “summary” section, which is the top section
which the program is running. This is equivalent to terminat- of the output, and the “process” section which is the lower
ing a running program, particularly a script, with the Ctrl-C portion of the output; I will use this terminology for top, atop,
key combination. htop and glances in the interest of consistency.
To experiment with this, open a terminal session and cre- The top program has a number of useful interactive com-
ate a file in /tmp named cpuHog and make it executable mands you can use to manage the display of data and to ma-
with the permissions rwxr_xr_x. Add the following content nipulate individual processes. Use the h command to view
to the file. a brief help page for the various interactive commands. Be
sure to press h twice to see both pages of the help. Use the
#!/bin/bash # This little program is a cpu hog X=0; q command to quit.
while [ 1 ];do echo $X;X=$((X+1));done
Summary section
Open another terminal session in a different window, position The summary section of the output from top is an overview of
them adjacent to each other so you can watch the results the system status. The first line shows the system uptime and
and run top in the new session. Run the cpuHog program the 1, 5, and 15 minute load averages. In the example below,
with the following command: the load averages are 4.04, 4.17, and 4.06 respectively.
The second line shows the number of processes currently
/tmp/cpuHog active and the status of each.
OPEN SOURCE YEARBOOK 2010-2019 . CC BY-SA 4.0 . OPENSOURCE.COM 27
S TAND-OUT AR TICLE OF THE YEAR — 2016
The lines containing CPU statistics are shown next. Process section
There can be a single line which combines the statistics for The process section of the output from top is a listing of the
all CPUs present in the system, as in the example below, running processes in the system—at least for the number
or one line for each CPU; in the case of the computer used of processes for which there is room on the terminal dis-
for the example, this is a single quad core CPU. Press the play. The default columns displayed by top are described
1 key to toggle between the consolidated display of CPU below. Several other columns are available and each can
usage and the display of the individual CPUs. The data in usually be added with a single keystroke. Refer to the top
these lines is displayed as percentages of the total CPU man page for details.
time available. • PID – The Process ID.
These and the other fields for CPU data are described below. • USER – The username of the process owner.
• us: userspace – Applications and other programs running • PR – The priority of the process.
in user space, i.e., not in the kernel. • NI – The nice number of the process.
• s y: system calls – Kernel level functions. This does not • VIRT – The total amount of virtual memory allocated to the
include CPU time taken by the kernel itself, just the kernel process.
system calls. • RES – Resident size (in kb unless otherwise noted) of non-
• n i: nice – Processes that are running at a positive nice swapped physical memory consumed by a process.
level. • SHR – The amount of shared memory in kb used by the
• id: idle – Idle time, i.e., time not used by any running process. process.
• w a: wait – CPU cycles that are spent waiting for I/O to • S – The status of the process. This can be R for running,
occur. This is wasted CPU time. S for sleeping, and Z for zombie. Less frequently seen sta-
• h i: hardware interrupts – CPU cycles that are spent deal- tuses can be T for traced or stopped, and D for uninter-
ing with hardware interrupts. ruptable sleep.
• si: software interrupts – CPU cycles spent dealing with • %CPU – The percentage of CPU cycles, or time used by
software-created interrupts such as system calls. this process during the last measured time period.
• st: steal time – The percentage of CPU cycles that a virtu- • %MEM – The percentage of physical system memory used
al CPU waits for a real CPU while the hypervisor is servic- by the process.
ing another virtual processor. • TIME+ – Total CPU time to 100ths of a second consumed
The last two lines in the summary section are memory us- by the process since the process was started.
age. They show the physical memory usage including both • COMMAND – This is the command that was used to
RAM and swap space. launch the process.
Use the Page Up and Page Down keys to scroll through
the list of running processes. The d or s commands are in-
terchangeable and can be used to set the delay interval be-
tween updates. The default is three seconds, but I prefer a
one second interval. Interval granularity can be as low as
one-tenth (0.1) of a second but this will consume more of the
CPU cycles you are trying to measure.
You can use the < and > keys to sequence the sort column
to the left or right.
The k command is used to kill a process or the r com-
mand to renice it. You have to know the process ID (PID)
of the process you want to kill or renice and that informa-
tion is displayed in the process section of the top display.
When killing a process, top asks first for the PID and then
for the signal number to use in killing the process. Type
them in and press the enter key after each. Start with sig-
Figure 1: The top command showing a fully utilized 4-core CPU. nal 15, SIGTERM, and if that does not kill the process,
use 9, SIGKILL.
You can use the 1 command to display CPU statistics as a
single, global number as shown in Figure 1, above, or by Configuration
individual CPU. The l command turns load averages on and If you alter the top display, you can use the W (in uppercase)
off. The t and m commands rotate the process/CPU and command to write the changes to the configuration file, ~/.to-
memory lines of the summary section, respectively, through prc in your home directory.
off, text only, and a couple types of bar graph formats.
28 OPEN SOURCE YEARBOOK 2010-2019 . CC BY-SA 4.0 . OPENSOURCE.COM
S TAND-OUT AR TICLE OF THE YEAR — 2016
atop User ID) which might be important when programs run SUID
I also like atop. It is an excellent monitor to use when you (Set User ID).
need more details about that type of I/O activity. The default atop can also provide detailed information about disk,
refresh interval is 10 seconds, but this can be changed using memory, network, and scheduling information for each pro-
the interval i command to whatever is appropriate for what cess. Just press the d, m, n or s keys respectively to view
you are trying to do. atop cannot refresh at sub-second inter- that data. The g key returns the display to the generic pro-
vals like top can. cess display.
Use the h command to display help. Be sure to notice that Sorting can be accomplished easily by using C to sort by
there are multiple pages of help and you can use the space CPU usage, M for memory usage, D for disk usage, N for
bar to scroll down to see the rest. network usage and A for automatic sorting. Automatic sort-
One nice feature of atop is that it can save raw perfor- ing usually sorts processes by the most busy resource. The
mance data to a file and then play it back later for close network usage can only be sorted if the netatop kernel mod-
inspection. This is handy for tracking down internmittent ule is installed and loaded.
problems, especially ones that occur during times when you You can use the k key to kill a process but there is no op-
cannot directly monitor the system. The atopsar program is tion to renice a process.
used to play back the data in the saved file. By default, network and disk devices for which no activity
occurs during a given time interval are not displayed. This
can lead to mistaken assumptions about the hardware con-
figuration of the host. The f command can be used to force
atop to display the idle resources.
Configuration
The atop man page refers to global and user level config-
uration files, but none can be found in my own Fedora or
CentOS installations. There is also no command to save
a modified configuration and a save does not take place
automatically when the program is terminated. So, there
appears to be now way to make configuration changes
permanent.
Figure 2: The atop system monitor provides information about
disk and network activity in addition to CPU and process data. htop
The htop program is much like top but on steroids. It does
Summary section look a lot like top, but it also provides some capabilities that
atop contains much of the same information as top but also top does not. Unlike atop, however, it does not provide any
displays information about network, raw disk, and logical vol- disk, network, or I/O information of any type.
ume activity. Figure 2, above, shows these additional data in
the columns at the top of the display. Note that if you have
the horizontal screen real-estate to support a wider display,
additional columns will be displayed. Conversely, if you have
less horizontal width, fewer columns are displayed. I also
like that atop displays the current CPU frequency and scal-
ing factor—something I have not seen on any other of these
monitors—on the second line in the rightmost two columns
in Figure 2.
Process section
The atop process display includes some of the same col-
umns as that for top, but it also includes disk I/O information
and thread count for each process as well as virtual and real
memory growth statistics for each process. As with the sum-
mary section, additional columns will display if there is suffi-
cient horizontal screen real-estate. For example, in Figure 2,
the RUID (Real User ID) of the process owner is displayed. Figure 3: htop has nice bar charts to to indicate resource usage
Expanding the display will also show the EUID (Effective and it can show the process tree.
OPEN SOURCE YEARBOOK 2010-2019 . CC BY-SA 4.0 . OPENSOURCE.COM 29
S TAND-OUT AR TICLE OF THE YEAR — 2016
Summary section The drawback to having all of this information is that glanc-
The summary section of htop is displayed in two columns. es uses a significant amount of CPU resurces itself. On my
It is very flexible and can be configured with several differ- systems I find that it can use from about 10% to 18% of CPU
ent types of information in pretty much any order you like. cycles. That is a lot so you should consider that impact when
Although the CPU usage sections of top and atop can be you choose your monitor.
toggled between a combined display and a display that
shows one bar graph for each CPU, htop cannot. So it has a Summary section
number of different options for the CPU display, including a The summary section of glances contains most of the same
single combined bar, a bar for each CPU, and various com- information as the summary sections of the other monitors.
binations in which specific CPUs can be grouped together If you have enough horizontal screen real estate it can show
into a single bar. CPU usage with both a bar graph and a numeric indicator,
I think this is a cleaner summary display than some of the otherwise it will show only the number.
other system monitors and it is easier to read. The drawback
to this summary section is that some information is not avail-
able in htop that is available in the other monitors, such as
CPU percentages by user, idle, and system time.
The F2 (Setup) key is used to configure the summary
section of htop. A list of available data displays is shown
and you can use function keys to add them to the left or
right column and to move them up and down within the
selected column.
Process section
The process section of htop is very similar to that of top.
As with the other monitors, processes can be sorted any of
several factors, including CPU or memory usage, user, or
PID. Note that sorting is not possible when the tree view is
selected.
The F6 key allows you to select the sort column; it displays
a list of the columns available for sorting and you select the
Figure 4: The glances interface with network, disk, filesystem,
column you want and press the Enter key.
and sensor information.
You can use the up and down arrow keys to select a pro-
cess. To kill a process, use the up and down arrow keys to I like this summary section better than those of the other
select the target process and press the k key. A list of sig- monitors; I think it provides the right information in an easily
nals to send the process is displayed with 15, SIGTERM, understandable format. As with atop and htop, you can press
selected. You can specify the signal to use, if different from the 1 key to toggle between a display of the individual CPU
SIGTERM. You could also use the F7 and F8 keys to renice cores or a global one with all of the CPU cores as a single
the selected process. average as shown in Figure 4, above.
One command I especially like is F5 which displays the
running processes in a tree format making it easy to deter- Process section
mine the parent/child relationships of running processes. The process section displays the standard information about
each of the running processes. Processes can be sorted au-
Configuration tomatically a, or by CPU c, memory m, name p, user u, I/O
Each user has their own configuration file, ~/.config/htop/hto- rate i, or time t. When sorted automatically processes are
prc and changes to the htop configuration are stored there first sorted by the most used resource.
automatically. There is no global configuration file for htop. Glances also shows warnings and critical alerts at the
very bottom of the screen, including the time and duration of
glances the event. This can be helpful when attempting to diagnose
I have just recently learned about glances, which can display problems when you cannot stare at the screen for hours at
more information about your computer than any of the other a time. These alert logs can be toggled on or off with the l
monitors I am currently familiar with. This includes disk and command, warnings can be cleared with the w command
network I/O, thermal readouts that can display CPU and oth- while alerts and warnings can all be cleared with x.
er hardware temperatures as well as fan speeds, and disk It is interesting that glances is the only one of these mon-
usage by hardware device and logical volume. itors that cannot be used to either kill or renice a process. It
30 OPEN SOURCE YEARBOOK 2010-2019 . CC BY-SA 4.0 . OPENSOURCE.COM
S TAND-OUT AR TICLE OF THE YEAR — 2016
is intended strictly as a monitor. You can use the external kill You should also be aware that the act of using these mon-
and renice commands to manipulate processes. itoring tools alters the system’s use of resources including
memory and CPU time. top and most of these monitors use
Sidebar perhaps 2% or 3% of a system’s CPU time. glances has
Glances has a very nice sidebar that displays information much more impact than the others and can use between
that is not available in top or htop. Atop does display some 10% and 20% of CPU time. Be sure to consider this when
of this data, but glances is the only monitor that displays the choosing your tools.
sensors data. Sometimes it is nice to see the temperatures I had originally intended to include SAR (System Activity
inside your computer. The individual modules, disk, filesys- Reporter) in this article but as this article grew longer it also
tem, network, and sensors can be toggled on and off using became clear to me that SAR is significantly different from
the d, f, n, and s commands, respectively. The entire sidebar these monitoring tools and deserves to have a separate ar-
can be toggled using 2. ticle. So with that in mind, I plan to write an article on SAR
Docker stats can be displayed with D. and the /proc filesystem, and a third article on how to use all
of these tools to locate and resolve problems.
Configuration
Glances does not require a configuration file to work proper- Links
ly. If you choose to have one, the system-wide instance of the [1] https://www.linuxjournal.com/article/9001?page=0,0
configuration file would be located in /etc/glances/glances.conf. [2] https://en.wikipedia.org/wiki/Signal_(IPC)
Individual users can have a local instance at ~/.config/glances/
glances.conf which will override the global configuration. The
primary purpose of these configuration files is to set thresh- Author
olds for warnings and critical alerts. There is no way I can find David Both is an Open Source Software and GNU/Linux
to make other configuration changes—such as sidebar mod- advocate, trainer, writer, and speaker who lives in Raleigh
ules or the CPU displays—permanent. It appears that you North Carolina. He is a strong proponent of and evangelist
must reconfigure those items every time you start glances. for the “Linux Philosophy.”
There is a document, /usr/share/doc/glances/glances-doc. David has been in the IT industry for nearly 50 years. He
html, that provides a great deal of information about using has taught RHCE classes for Red Hat and has worked at
glances, and it explicitly states that you can use the configu- MCI Worldcom, Cisco, and the State of North Carolina. He
ration file to configure which modules are displayed. Howev- has been working with Linux and Open Source Software for
er, neither the information given nor the examples describe over 20 years.
just how to do that. David prefers to purchase the components and build his
own computers from scratch to ensure that each new com-
Conclusion puter meets his exacting specifications. His primary worksta-
Be sure to read the man pages for each of these monitors tion is an ASUS TUF X299 motherboard and an Intel i9 CPU
because there is a large amount of information about config- with 16 cores (32 CPUs) and 64GB of RAM in a Thermal-
uring and interacting with them. Also use the h key for help in Take Core X9 case.
interactive mode. This help can provide you with information David has written articles for magazines including, Linux
about selecting and sorting the columns of data, setting the Magazine, Linux Journal. His article “Complete Kickstart,”
update interval and much more. co-authored with a colleague at Cisco, was ranked 9th in the
These programs can tell you a great deal when you are look- Linux Magazine Top Ten Best System Administration Arti-
ing for the cause of a problem. They can tell you when a process, cles list for 2008. David currently writes prolifically for Open-
and which one, is sucking up CPU time, whether there is enough Source.com and Enable SysAdmin.
free memory, whether processes are stalled while waiting for I/O David currently has one book published, “The Linux Phi-
such as disk or network access to complete, and much more. losophy for SysAdmins.” and is now is working on his next
I strongly recommend that you spend time watching these project, “Using and Administering Linux: Zero to SysAdmin,”
monitoring programs while they run on a system that is func- a self-study training course in three volumes that is sched-
tioning normally so you will be able to differentiate those uled for release in late 2019.”
things that may be abnormal while you are looking for the David can be reached at LinuxGeek46@both.org or on
cause of a problem. Twitter @LinuxGeek46.
OPEN SOURCE YEARBOOK 2010-2019 . CC BY-SA 4.0 . OPENSOURCE.COM 31
S TAND-OUT AR TICLE OF THE YEAR — 2017
5 projects for
Raspberry Pi at home
BY BEN NUTTALL
THE RASPBERRY PI [1] computer can
be used in all kinds
of settings and for a variety of purposes. It obviously has
a place in education for helping students with learning pro-
gramming and maker skills in the classroom and the hack-
space, and it has plenty of industrial applications in the work-
place and in factories. I’m going to introduce five projects
you might want to build in your own home.
Media center
One of the most common uses for Raspberry Pi in people’s
homes is behind the TV running media center software serv- OSMC.tv, Copyright, Used with permission
ing multimedia files. It’s easy to set this up, and the Rasp- Before proceeding you’ll need to decide which Raspberry Pi
berry Pi provides plenty of GPU (Graphics Processing Unit) model to use [6]. These distributions will work on any Pi (1,
power to render HD TV shows and movies to your big screen 2, 3, or Zero), and video playback will essentially be matched
TV. Kodi [2] (formerly XBMC) on a Raspberry Pi is a great on each of these. Apart from the Pi 3 (and Zero W) having
way to playback any media you have on a hard drive or net- built-in Wi-Fi, the only noticeable difference is the reaction
work-attached storage. You can also install a plugin to play speed of the user interface, which will be much faster on a
YouTube videos. Pi 3. A Pi 2 will not be much slower, so that’s fine if you don’t
There are a few different options available, most promi- need Wi-Fi, but the Pi 3 will noticeably outperform the Pi 1
nently OSMC [3] (Open Source Media Center) and Libre- and Zero when it comes to flicking through the menus.
ELEC [4], both based on Kodi. They both perform well at
playing media content, but OSMC has a more visually ap- SSH gateway
pearing user interface, while LibreElec is much more light- If you want to be able to access computers and devices on
weight. All you have to do is choose a distribution, download your home network from outside over the internet, you have
the image and install on an SD card (or just use NOOBS [5]), to open up ports on those devices to allow outside traffic.
boot it up, and you’re ready to go. Opening ports to the internet is a security risk, meaning
you’re always at risk of attack, misuse, or any kind of unau-
thorized access. However, if you install a Raspberry Pi on
your network and set up port forwarding to allow only SSH
access to that Pi, you can use that as a secure gateway to
hop onto other Pis and PCs on the network.
Most routers allow you to configure port-forwarding rules.
You’ll need to give your Pi a fixed internal IP address and set up
port 22 on your router to map to port 22 on your Raspberry Pi.
If your ISP provides you with a static IP address, you’ll be able
to SSH into it with this as the host address (for example, ssh
pi@123.45.56.78). If you have a domain name, you can config-
ure a subdomain to point to this IP address, so you don’t have
LibreElec; Raspberry Pi Foundation, CC BY-SA to remember it (for example, ssh pi@home.mydomain.com).
32 OPEN SOURCE YEARBOOK 2010-2019 . CC BY-SA 4.0 . OPENSOURCE.COM
S TAND-OUT AR TICLE OF THE YEAR — 2017
sons you might want to do this, but two common use cases
are for a homemade security camera or to monitor a pet.
The Raspberry Pi camera module [11] is a brilliant acces-
sory. It provides full HD photo and video, lots of advanced
configuration, and is easy to program [12]. The infrared cam-
era [13] is ideal for this kind of use, and with an infrared LED
(which the Pi can control) you can see in the dark!
If you want to take still images on a regular basis to keep
an eye on things, you can just write a short Python [14] script
or use the command line tool raspistill [15], and schedule it
to recur in Cron [16]. You might want to have it save them to
However, if you’re going to expose a Raspberry Pi to the Dropbox [17] or another web service, upload them to a web
internet, you should be very careful not to put your network server, or you can even create a web app [18] to display them.
at risk. There are a few simple procedures you can follow to If you want to stream video, internally or externally, that’s
make it sufficiently secure: really easy, too. A simple MJPEG (Motion JPEG) example
1. Most people suggest you change your login password is provided in the picamera [19] documentation [20] (under
(which makes sense, seeing as the default password “web streaming”). Just download or copy that code into a file,
“raspberry” is well known), but this does not protect against run it and visit the Pi’s IP address at port 8000, and you’ll see
brute-force attacks. You could change your password and your camera’s output live.
add a two-factor authentication (so you need your pass- A more advanced streaming project, pistreaming [21],
word and a time-dependent passcode generated by your is available, which uses JSMpeg [22] (a JavaScript video
phone), which is more secure. However, I believe the best player) with the web server and a websocket for the camera
way to secure your Raspberry Pi from intruders is to dis- stream running separately. This method is more performant
able “password authentication” [7] in your SSH configura- and is just as easy to get running as the previous example,
tion, so you allow only SSH key access. This means that but there is more code involved and if set up to stream on the
anyone trying to SSH in by guessing your password will internet, requires you to open two ports.
never succeed. Only with your private SSH key can any- Once you have web
one gain access. Similarly, most people suggest changing streaming set up, you
the SSH port from the default 22 to something unexpect- can position the camera
ed, but a simple Nmap [8] of your IP address will reveal where you want it. I have
your true SSH port. one set up to keep an
2. Ideally, you would not run much in the way of other software eye on my pet tortoise:
on this Pi, so you don’t end up accidentally exposing anything If you want to be able
else. If you want to run other software, you might be better to control where the
running it on another Pi on the network that is not exposed camera actually points,
to the internet. Ensure that you keep your packages up to you can do so using
date by upgrading regularly, particularly the openssh-server servos. A neat solu-
package, so that any security vulnerabilities are patched. tion is to use Pimoro-
3. Install sshblack [9] or fail2ban [10] to blacklist any users ni’s Pan-Tilt HAT [23],
who seem to be acting maliciously, such as attempting to which allows you to Ben Nuttall, CC BY-SA
brute force your SSH password. move the camera easily in two dimensions. To integrate this
Once you’ve secured your Raspberry Pi and put it online, with pistreaming, see the project’s pantilthat branch [24].
you’ll be able to log in to your network from anywhere in the
world. Once you’re on your Raspberry Pi, you can SSH into
other devices on the network using their local IP address
(for example, 192.168.1.31). If you have passwords on these
devices, just use the password. If they’re also SSH-key-only,
you’ll need to ensure your key is forwarded over SSH by
using the -A flag: ssh -A pi@123.45.67.89.
CCTV / pet camera
Another great home project is to set up a camera module
to take photos or stream video, capture and save files, or
streamed internally or to the internet. There are many rea- Pimoroni.com, Copyright, Used with permission
OPEN SOURCE YEARBOOK 2010-2019 . CC BY-SA 4.0 . OPENSOURCE.COM 33
S TAND-OUT AR TICLE OF THE YEAR — 2017
If you want to position your Pi outside, you’ll need a waterproof Pi-holeYou can install a Raspberry
enclosure and some way of getting power to the Pi. PoE (Pow- Pi on your network that intercepts all
er-over-Ethernet) cables can be a good way of achieving this. web traffic and filters out any advertis-
ing. Simply download the Pi-hole [27]
Home automation and IoT software onto the Pi, and all devic-
It’s 2017 and there are internet-connected devices every- es on your network will be ad-free (it
where, especially in the home. Our lightbulbs have Wi-Fi, even blocks in-app ads on your mo-
our toasters are smarter than they used to be, and our tea bile devices).
kettles are at risk of attack from Russia. As long as you keep
your devices secure, or don’t connect them to the internet if Links
they don’t need to be, then you can make great use of IoT [1] https://www.raspberrypi.org/
devices to automate tasks around the home. [2] https://kodi.tv/
There are plenty of services you can buy or subscribe to, like [3] https://osmc.tv/
Nest Thermostat or Philips Hue lightbulbs, which allow you to [4] https://libreelec.tv/
control your heating or your lighting from your phone, respec- [5] https://www.raspberrypi.org/downloads/noobs/
tively—whether you’re inside or away from home. You can use [6] https://opensource.com/life/16/10/which-raspberry-pi-
a Raspberry Pi to boost the power of these kinds of devices should-you-choose-your-project
by automating interactions with them according to a set of rules [7] https://stackoverflow.com/questions/20898384/ssh-
involving timing or even sensors. One thing you can’t do with disable-password-authentication
Philips Hue is have the lights come on when you enter the room, [8] https://nmap.org/
but with a Raspberry Pi and a motion sensor, you can use a Py- [9] http://www.pettingers.org/code/sshblack.html
thon API to turn on the lights. Similarly, you can configure your [10] https://www.fail2ban.org/wiki/index.php/Main_Page
Nest to turn on the heating when you’re at home, but what if you [11] https://www.raspberrypi.org/products/camera-module-v2/
only want it to turn on if there’s at least two people home? Write [12] https://opensource.com/life/15/6/raspberry-pi-camera-
some Python code to check which phones are on the network projects
and if there are at least two, tell the Nest to turn on the heat. [13] https://www.raspberrypi.org/products/pi-noir-camera-v2/
You can do a great deal more without integrating with existing [14] https://picamera.readthedocs.io/en/release-1.13/
IoT devices and with only using simple components. A home- [15] https://www.raspberrypi.org/documentation/usage/camera/
made burglar alarm, an automated chicken coop door opener, raspicam/raspistill.md
a night light, a music box, a timed heat lamp, an automated [16] https://www.raspberrypi.org/documentation/linux/usage/
backup server, a print server, or whatever you can imagine. cron.md
[17] https://github.com/RZRZR/plant-cam
Tor proxy and blocking ads [18] https://github.com/bennuttall/bett-bot
Adafruit’s Onion Pi [25] is a Tor [26] proxy that makes your [19] https://picamera.readthedocs.io/en/release-1.13/recipes2.
web traffic anonymous, allowing you to use the internet free html#web-streaming
of snoopers and any kind of surveillance. Follow Adafruit’s [20] https://github.com/waveform80/pistreaming
tutorial on setting up Onion Pi and you’re on your way to a [21] https://github.com/waveform80/pistreaming
peaceful anonymous browsing experience. [22] https://jsmpeg.com/
[23] https://shop.pimoroni.com/products/pan-tilt-
hat?variant=22408353287
[24] https://github.com/waveform80/pistreaming/tree/pantilthat
[25] https://learn.adafruit.com/onion-pi/overview
[26] https://www.torproject.org/
[27] https://pi-hole.net/
Author
Ben Nuttall is the Raspberry Pi Community Manager. In ad-
dition to his work for the Raspberry Pi Foundation, he’s into
free software, maths, kayaking, GitHub, Adventure Time,
and Futurama. Follow Ben on Twitter @ben_nuttall.
Onion-pi from Adafruit, Copyright, Used with permission
34 OPEN SOURCE YEARBOOK 2010-2019 . CC BY-SA 4.0 . OPENSOURCE.COM
S TAND-OUT AR TICLE OF THE YEAR — 2018
Linux vs. Unix:
What’s the difference?
BY PHIL ESTES
Dive into the differences between these two operating systems that
share much of the same heritage and many of the same goals.
IF YOU ARE A SOFTWARE DEVELOPER in your 20s or
30s, you’ve grown up in a world
dominated by Linux. It has been a significant player in the
multi-tasking, multi-user operating system for the PDP-7. Two
of the most notable members of this team at the Bell Labs re-
search facility were Ken Thompson and Dennis Ritchie. While
data center for decades, and while it’s hard to find defini- many of Unix’s concepts were derivative of its predecessor
tive operating system market share reports, Linux’s share (Multics [1]), the Unix team’s decision early in the 1970s to
of data center operating systems could be as high as 70%, rewrite this small operating system in the C language is what
with Windows variants carrying nearly all the remaining separated Unix from all others. At the time, operating systems
percentage. Developers using any major public cloud can were rarely, if ever, portable. Instead, by nature of their design
expect the target system will run Linux. Evidence that Li- and low-level source language, operating systems were tight-
nux is everywhere has grown in recent years when you add ly linked to the hardware platform for which they had been au-
in Android and Linux-based embedded systems in smart- thored. By refactoring Unix on the C programming language,
phones, TVs, automobiles, and many other devices. Unix could now be ported to many hardware architectures.
Even so, most software developers, even those who have In addition to this new portability, which allowed Unix to
grown up during this venerable “Linux revolution” have at quickly expand beyond Bell Labs to other research, aca-
least heard of Unix. It sounds similar to Linux, and you’ve demic, and even commercial uses, several key of the op-
probably heard people use these terms interchangeably. erating system’s design tenets were attractive to users and
Or maybe you’ve heard Linux called a “Unix-like” operating programmers. For one, Ken Thompson’s Unix philosophy [2]
system. became a powerful model of
So, what is this Unix? modular software design and
The caricatures speak of computing. The Unix philos-
wizard-like “graybeards” sit- ophy recommended utilizing
ting behind glowing green small, purpose-built pro-
screens, writing C code and grams in combination to do
shell scripts, powered by complex overall tasks. Since
old-fashioned, drip-brewed Unix was designed around
coffee. But Unix has a much files and pipes, this model of
richer history beyond those “piping” inputs and outputs of
bearded C programmers from programs together into a lin-
the 1970s. While articles de- ear set of operations on the
tailing the history of Unix and input is still in vogue today. In
“Unix vs. Linux” comparisons abound, this article will offer a fact, the current cloud functions-as-a-service (FaaS)/server-
high-level background and a list of major differences between less computing model owes much of its heritage to the Unix
these complementary worlds. philosophy.
Unix’s beginnings Rapid growth and competition
The history of Unix begins at AT&T Bell Labs in the late Through the late 1970s and 80s, Unix became the root of a
1960s with a small team of programmers looking to write a family tree that expanded across research, academia, and
OPEN SOURCE YEARBOOK 2010-2019 . CC BY-SA 4.0 . OPENSOURCE.COM 35
S TAND-OUT AR TICLE OF THE YEAR — 2018
a growing commercial Unix operating system business. complete operating system to life. Given that Linus was
Unix was not open source software, and the Unix source using several GNU tools (e.g., the GNU Compiler Collec-
code was licensable via agreements with its owner, AT&T. tion, or GCC [5]), the marriage of the GNU tools and the
The first known software license was sold to the University Linux kernel was a perfect match.
of Illinois in 1975. Linux distributions came to life with the components of
Unix grew quickly in academia, with Berkeley becoming GNU, the Linux kernel, MIT’s X-Windows GUI, and oth-
a significant center of activity, given Ken Thompson’s sab- er BSD components that could be used under the open
batical there in the ’70s. With all the activity around Unix source BSD license. The early popularity of distributions
at Berkeley, a new delivery of Unix software was born: the like Slackware and then Red Hat gave the “common PC
Berkeley Software Distribution, or BSD. Initially, BSD was user” of the 1990s access to the Linux operating system
not an alternative to AT&T’s Unix, but an add-on with addi- and, with it, many of the proprietary Unix system capa-
tional software and capabilities. By the time 2BSD (the Sec- bilities and utilities they used in their work or academic
ond Berkeley Software Distribution) arrived in 1979, Bill Joy, lives.
a Berkeley grad student, had added now-famous programs Because of the free and open source standing of all the
such as vi and the C shell (/bin/csh). Linux components, anyone could create a Linux distribu-
In addition to BSD, which became one of the most pop- tion with a bit of effort, and soon the total number of dis-
ular branches of the Unix family, Unix’s commercial offer- tros reached into the hundreds. Today, distrowatch.com [6]
ings exploded through the 1980s and into the ’90s with lists 312 unique Linux distributions available in some form.
names like HP-UX, IBM’s AIX, Sun’s Solaris, Sequent, Of course, many developers utilize Linux either via cloud
and Xenix. As the branches grew from the original root, providers or by using popular free distributions like Fedo-
the “Unix wars” [3] began, and standardization became a ra, Canonical’s Ubuntu, Debian, Arch Linux, Gentoo, and
new focus for the community. The POSIX standard was many other variants. Commercial Linux offerings, which
born in 1988, as well as other standardization follow-ons provide support on top of the free and open source com-
via The Open Group into the 1990s. ponents, became viable as many enterprises, including
Around this time AT&T and Sun released System V Re- IBM, migrated from proprietary Unix to offering middleware
lease 4 (SVR4), which was adopted by many commercial and software solutions atop Linux. Red Hat built a model
vendors. Separately, the BSD family of operating systems of commercial support around Red Hat Enterprise Linux,
had grown over the years, leading to some open source as did German provider SUSE with SUSE Linux Enterprise
variations that were released under the now-familiar BSD li- Server (SLES).
cense [4]. This included FreeBSD, OpenBSD, and NetBSD,
each with a slightly different target market in the Unix server Comparing Unix and Linux
industry. These Unix variants continue to have some usage So far, we’ve looked at the history of Unix and the rise of
today, although many have seen their server market share Linux and the GNU/Free Software Foundation underpin-
dwindle into the single digits (or lower). BSD may have the nings of a free and open source alternative to Unix. Let’s
largest install base of any modern Unix system today. Also, examine the differences between these two operating sys-
every Apple Mac hardware unit shipped in recent history can tems that share much of the same heritage and many of
be claimed by BSD, as its OS X (now macOS) operating the same goals.
system is a BSD-derivative. From a user experience perspective, not very much is
While the full history of Unix and its academic and com- different! Much of the attraction of Linux was the operating
mercial variants could take many more pages, for the sake of system’s availability across many hardware architectures
our article focus, let’s move on to the rise of Linux. (including the modern PC) and ability to use tools familiar to
Unix system administrators and users.
Enter Linux Because of POSIX standards and compliance, software
What we call the Linux operating system today is really written on Unix could be compiled for a Linux operating
the combination of two efforts from the early 1990s. Rich- system with a usually limited amount of porting effort. Shell
ard Stallman was looking to create a truly free and open scripts could be used directly on Linux in many cases.
source alternative to the proprietary Unix system. He was While some tools had slightly different flag/command-line
working on the utilities and programs under the name options between Unix and Linux, many operated the same
GNU, a recursive acronym meaning “GNU’s not Unix!” on both.
Although there was a kernel project underway, it turned One side note is that the popularity of the macOS hard-
out to be difficult going, and without a kernel, the free and ware and operating system as a platform for development
open source operating system dream could not be real- that mainly targets Linux may be attributed to the BSD-like
ized. It was Linus Torvald’s work—producing a working macOS operating system. Many tools and scripts meant
and viable kernel that he called Linux—that brought the for a Linux system work easily within the macOS terminal.
36 OPEN SOURCE YEARBOOK 2010-2019 . CC BY-SA 4.0 . OPENSOURCE.COM
S TAND-OUT AR TICLE OF THE YEAR — 2018
Many open source software components available on Linux whether you’re talking about container runtimes or Kuber-
are easily available through tools like Homebrew [7]. netes or many of the serverless platforms that are gaining
The remaining differences between Linux and Unix are popularity.
mainly related to the licensing model: open source vs. One of the most revealing representations of Linux’s as-
proprietary, licensed software. Also, the lack of a com- cendancy is Microsoft’s transformation in recent years. If
mon kernel within Unix distributions has implications for you told software developers a decade ago that the Win-
software and hardware vendors. For Linux, a vendor can dows operating system would “run Linux” in 2016, most of
create a device driver for a specific hardware device and them would have laughed hysterically. But the existence
expect that, within reason, it will operate across most and popularity of the Windows Subsystem for Linux (WSL),
distributions. Because of the commercial and academic as well as more recently announced capabilities like the
branches of the Unix tree, a vendor might have to write Windows port of Docker, including LCOW (Linux contain-
different drivers for variants of Unix and have licensing ers on Windows) support, are evidence of the impact that
and other concerns related to access to an SDK or a dis- Linux has had—and clearly will continue to have—across
tribution model for the software as a binary device driver the software world.
across many Unix variants.
As both communities have matured over the past decade, Links
many of the advancements in Linux have been adopted in [1] https://en.wikipedia.org/wiki/Multics
the Unix world. Many GNU utilities were made available as [2] https://en.wikipedia.org/wiki/Unix_philosophy
add-ons for Unix systems where developers wanted features [3] https://en.wikipedia.org/wiki/Unix_wars
from GNU programs that aren’t part of Unix. For example, [4] https://en.wikipedia.org/wiki/BSD_licenses
IBM’s AIX offered an AIX Toolbox for Linux Applications [5] https://en.wikipedia.org/wiki/GNU_Compiler_Collection
with hundreds of GNU software packages (like Bash, GCC, [6] https://distrowatch.com/
OpenLDAP, and many others) that could be added to an AIX [7] https://brew.sh/
installation to ease the transition between Linux and Unix-
based AIX systems. Author
Proprietary Unix is still alive and well and, with many Phil is a Distinguished Engineer & CTO, Container and Li-
major vendors promising support for their current releases nux OS Architecture Strategy for the IBM Watson and Cloud
well into the 2020s, it goes without saying that Unix will be Platform division. Phil is currently an OSS maintainer in the
around for the foreseeable future. Also, the BSD branch Docker (now Moby) engine project, the CNCF containerd
of the Unix tree is open source, and NetBSD, OpenBSD, project, and is a member of both the Open Container Initia-
and FreeBSD all have strong user bases and open source tive (OCI) Technical Oversight Board and the Moby Techni-
communities that may not be as visible or active as Linux, cal Steering Committee. Phil is a long-standing member of
but are holding their own in recent server share reports, the Docker Captains program and has enjoyed a long rela-
with well above the proprietary Unix numbers in areas like tionship with key open source contributors and experts in the
web serving. Docker ecosystem.
Where Linux has shown a significant advantage over Phil is a regular speaker at industry and developer confer-
proprietary Unix is in its availability across a vast number of ences as well as meetups on topics related to open source,
hardware platforms and devices. The Raspberry Pi, popu- Docker, Linux container technology and the broader con-
lar with hobbyists and enthusiasts, is Linux-driven and has tainer ecosystem. Phil is a recognized subject matter expert
opened the door for an entire spectrum of IoT devices run- on Linux container technology and regularly assists IBM’s
ning Linux. We’ve already mentioned Android devices, au- product teams and enterprise customers in their application
tos (with Automotive Grade Linux), and smart TVs, where of container technology for their public and private cloud
Linux has large market share. Every cloud provider on the solutions. He maintains an active blog on container topics at
planet offers virtual servers running Linux, and many of to- https://integratedcode.us. You can find him on Twitter tweet-
day’s most popular cloud-native stacks are Linux-based, ing away as @estesp.
OPEN SOURCE YEARBOOK 2010-2019 . CC BY-SA 4.0 . OPENSOURCE.COM 37
S TAND-OUT AR TICLE OF THE YEAR — 2019
Create your own video
streaming server with Linux
BY AARON J. PRISK
Set up a basic live streaming server on a Linux or BSD operating system.
LIVE VIDEO STREAMING is incredibly popular—and
it’s still growing. Platforms like Am-
azon’s Twitch and Google’s YouTube boast millions of us-
It’s also very important to know that “live” doesn’t always
mean instant. A video stream must be encoded, transferred,
buffered, and displayed, which often adds delays. The delay
ers that stream and consume can be shortened or length-
countless hours of live and ened depending on the type
recorded media. These ser- of stream you’re creating
vices are often free to use and its attributes.
but require you to have an
account and generally hold Setting up a Linux
your content behind adver- server
tisements. Some people You can use many different
don’t need their videos to be distributions of Linux, but I
available to the masses or prefer Ubuntu, so I down-
just want more control over loaded the Ubuntu Server [1]
their content. Thankfully, with edition for my operating sys-
the power of open source tem. If you prefer your serv-
software, anyone can set up a live streaming server. er to have a graphical user interface (GUI), feel free to use
Ubuntu Desktop [2] or one of its many flavors. Then, I fired
Getting started up the Ubuntu installer on my computer or virtual machine
In this tutorial, I’ll explain how to set up a basic live streaming and chose the settings that best matched my environment.
server with a Linux or BSD operating system. Below are the steps I took.
This leads to the inevitable question of system require- Note: Because this is a server, you’ll probably want to set
ments. These can vary, as there are a lot of variables in- some static network settings.
volved with live streaming, such as:
• S tream quality: Do you want to stream in high definition
or will standard definition fit your needs?
• V iewership: How many viewers are you expecting for your
videos?
• S torage: Do you plan on keeping saved copies of your
video stream?
• Access: Will your stream be private or open to the world?
There are no set rules when it comes to system require-
ments, so I recommend you experiment and find what works
best for your needs. I installed my server on a virtual ma-
chine with 4GB RAM, a 20GB hard drive, and a single Intel
i7 processor core.
This project uses the Real-Time Messaging Protocol
(RTMP) to handle audio and video streaming. There are
other protocols available, but I chose RTMP because it has
broad support. As open standards like WebRTC become After the installer finishes and your system reboots, you’ll
more compatible, I would recommend that route. be greeted with a lovely new Ubuntu system. As with any
38 OPEN SOURCE YEARBOOK 2010-2019 . CC BY-SA 4.0 . OPENSOURCE.COM
S TAND-OUT AR TICLE OF THE YEAR — 2019
newly installed operating system, install any updates that are by pressing Ctrl+X, Y, and then Enter.
available: This is a very minimal config that will create a working
streaming server. You’ll add to this config later, but this is a
sudo apt update great starting point.
sudo apt upgrade However, before you can begin your first stream, you’ll
need to restart Nginx with its new configuration:
This streaming server will use the very powerful and versa-
tile Nginx web server, so you’ll need to install it: sudo systemctl restart nginx
sudo apt install nginx Setting up a BSD server
If you’re of the “beastie” persuasion, getting a streaming
Then you’ll need to get the RTMP module so Nginx can han- server up and running is also devilishly easy.
dle your media stream: Head on over to the FreeBSD [4] website and download
the latest release. Fire up the FreeBSD installer on your
sudo add-apt-repository universe computer or virtual machine and go through the initial steps
sudo apt install libnginx-mod-rtmp and choose settings that best match your environment.
Since this is a server, you’ll likely want to set some static
Adjust your web server’s configuration so it can accept and network settings.
deliver your media stream. After the installer finishes and your system reboots, you
should have a shiny new FreeBSD system. Like any other
sudo nano /etc/nginx/nginx.conf freshly installed system, you’ll likely want to get everything
updated (from this step forward, make sure you’re logged
Scroll to the bottom of the configuration file and add the fol- in as root):
lowing code:
pkg update
rtmp { pkg upgrade
server {
listen 1935; I install Nano for editing configuration files:
chunk_size 4096;
pkg install nano
application live {
live on; This streaming server will use the very powerful and versa-
record off; tile Nginx web server. You can build Nginx using the excel-
} lent ports system that FreeBSD boasts.
} First, update your ports tree:
}
portsnap fetch
portsnap extract
Browse to the Nginx ports directory:
cd /usr/ports/www/nginx
And begin building Nginx by running:
make install
You’ll see a screen asking what modules to include in your
Nginx build. For this project, you’ll need to add the RTMP
module. Scroll down until the RTMP module is selected and
press Space. Then Press Enter to proceed with the rest of
the build and installation.
Save the config. Because I’m a heretic, I use Nano [3] for Once Nginx has finished installing, it’s time to configure it
editing configuration files. In Nano, you can save your config for streaming purposes.
OPEN SOURCE YEARBOOK 2010-2019 . CC BY-SA 4.0 . OPENSOURCE.COM 39
S TAND-OUT AR TICLE OF THE YEAR — 2019
First, add an entry into /etc/rc.conf to ensure the Nginx
server starts when your system boots:
nano /etc/rc.conf
Add this text to the file:
nginx_enable="YES"
And finally, add your RTMP settings so Nginx will know how
to handle your media streams:
rtmp {
server {
listen 1935;
chunk_size 4096;
application live {
live on;
record off;
}
Next, create a webroot directory from where Nginx will serve }
its content. I call mine stream: }
cd /usr/local/www/ Save the config. In Nano, you can do this by pressing Ctrl+X,
mkdir stream Y, and then Enter.
chmod -R 755 stream/ As you can see, this is a very minimal config that will cre-
ate a working streaming server. Later, you’ll add to this con-
Now that you have created your stream directory, configure fig, but this will provide you with a great starting point.
Nginx by editing its configuration file: However, before you can begin your first stream, you’ll
need to restart Nginx with its new config:
nano /usr/local/etc/nginx/nginx.conf
service nginx restart
Load your streaming modules at the top of the file:
Set up your streaming software
load_module /usr/local/libexec/nginx/ngx_stream_module.so;
load_module /usr/local/libexec/nginx/ngx_rtmp_module.so; Broadcasting with OBS
Now that your server is ready to accept your video streams,
it’s time to set up your streaming software. This tutorial uses
the powerful and open source Open Broadcast Studio (OBS).
Head over to the OBS website [5] and find the build for
your operating system and install it. Once OBS launches,
you should see a first-time-run wizard that will help you con-
figure OBS with the settings that best fit your hardware.
Under the Server section, change the webroot location to
match the one you created earlier:
Location / {
root /usr/local/www/stream
}
40 OPEN SOURCE YEARBOOK 2010-2019 . CC BY-SA 4.0 . OPENSOURCE.COM
S TAND-OUT AR TICLE OF THE YEAR — 2019
OBS isn’t capturing anything because you haven’t supplied it
with a source. For this tutorial, you’ll just capture your desk-
top for the stream. Simply click the + button under Source,
choose Screen Capture, and select which desktop you want
to capture.
Click OK, and you should see OBS mirroring your desktop.
Now it’s time to send your newly configured video stream
to your server. In OBS, click File > Settings. Click on the
Stream section, and set Stream Type to Custom Stream-
ing Server.
In the URL box, enter the prefix rtmp:// followed the IP
address of your streaming server followed by /live. For ex-
ample, rtmp://IP-ADDRESS/live. Where to go next?
Next, you’ll probably want to enter a Stream key—a This is a very simple setup that will get you off the ground.
special identifier required to view your stream. En- Here are two other features you likely will want to use.
ter whatever key you want (and can remember) in the • Limit access: The next step you might want to take is to
Stream key box. limit access to your server, as the default setup allows any-
one to stream to and from the server. There are a variety of
ways to set this up, such as an operating system firewall,
.htaccess file [7], or even using the built-in access controls
in the RTMP module [8].
• Record streams: This simple Nginx configuration will only
stream and won’t save your videos, but this is easy to add.
In the Nginx config, under the RTMP section, set up the
recording options and the location where you want to save
your videos. Make sure the path you set exists and Nginx
is able to write to it.
application live {
Click Apply and then OK. live on;
Now that OBS is configured to send your stream to your record all;
server, you can start your first stream. Click Start Streaming. record_path /var/www/html/recordings;
If everything worked, you should see the button change to record_unique on;
Stop Streaming and some bandwidth metrics will appear at }
the bottom of OBS.
The world of live streaming is constantly evolving, and if
you’re interested in more advanced uses, there are lots of
If you receive an error, double-check Stream Settings in other great resources you can find floating around the inter-
OBS for misspellings. If everything looks good, there could net. Good luck and happy streaming!
be another issue preventing it from working.
Links
Viewing your stream [1] https://www.ubuntu.com/download/server
A live video isn’t much good if no one is watching it, so be [2] https://www.ubuntu.com/download/desktop
your first viewer! [3] https://www.nano-editor.org/
There are a multitude of open source media players that [4] https://www.freebsd.org/
support RTMP, but the most well-known is probably VLC me- [5] https://obsproject.com/
dia player [6]. [6] https://www.videolan.org/vlc/index.html
After you install and launch VLC, open your stream by [7] https://httpd.apache.org/docs/current/howto/htaccess.html
clicking on Media > Open Network Stream. Enter the path [8] https://github.com/arut/nginx-rtmp-module/wiki/
to your stream, adding the Stream Key you set up in OBS, Directives#access
then click Play. For example, rtmp://IP-ADDRESS/live/SE-
CRET-KEY. Author
You should now be viewing your very own live video School IT Director – Open Source Evangelist – Technology
stream! Enthusiast – Husband – Dad. Follow him at @AaronPrisk
OPEN SOURCE YEARBOOK 2010-2019 . CC BY-SA 4.0 . OPENSOURCE.COM 41
S TAND-OUT LINUX AR TICLE — 2019
What you probably didn’t
know about sudo
BY PETER CZANIK
Think you know everything about sudo? Think again.
EVERYBODY
Linux systems and is avail-
KNOWS SUDO, RIGHT? This tool is
installed by default on most
So, in this example, the members of the wheel group can
run all applications as all users on all hosts. Even this really
permissive rule is useful be-
able for most BSD and com- cause it results in logs of who
mercial Unix variants. Still, did what on your machine.
after talking to hundreds of
sudo users, the most com- Aliases
mon answer I received was Of course, once it is not just
that sudo is a tool to compli- you and your best friend ad-
cate life. ministering a shared box,
There is a root user and you will start to fine-tune per-
there is the su command, so missions. You can replace
why have yet another tool? the items in the above con-
For many, sudo was just a figuration with lists: a list of
prefix for administrative com- users, a list of commands,
mands. Only a handful mentioned that when you have mul- and so on. Most likely, you will copy and paste some of these
tiple administrators for the same system, you can use sudo lists around in your configuration.
logs to see who did what. This situation is where aliases can come handy. Maintain-
So, what is sudo? According to the sudo website [1]: ing the same list in multiple places is error-prone. You define
an alias once and then you can use it many times. Therefore,
“Sudo allows a system administrator to dele- when you lose trust in one of your administrators, you can
gate authority by giving certain users the ability remove them from the alias and you are done. With multiple
to run some commands as root or another user lists instead of aliases, it is easy to forget to remove the user
while providing an audit trail of the commands from one of the lists with elevated privileges.
and their arguments.”
Enable features for a certain group of users
By default, sudo comes with a simple configuration, a sin- The sudo command comes with a huge set of defaults.
gle rule allowing a user or a group of users to do practically Still, there are situations when you want to override some of
anything (more on the configuration file later in this article): these. This is when you use the Defaults statement in the
configuration. Usually, these defaults are enforced on every
%wheel ALL=(ALL) ALL user, but you can narrow the setting down to a subset of us-
ers based on host, username, and so on. Here is an example
In this example, the parameters mean the following: that my generation of sysadmins loves to hear about: insults.
• The first parameter defines the members of the group. These are just some funny messages for when someone
• The second parameter defines the host(s) the group mem- mistypes a password:
bers can run commands on.
• The third parameter defines the usernames under which czanik@linux-mewy:~> sudo ls
the command can be executed. [sudo] password for root:
• The last parameter defines the applications that can be run. Hold it up to the light --- not a brain in sight!
42 OPEN SOURCE YEARBOOK 2010-2019 . CC BY-SA 4.0 . OPENSOURCE.COM
S TAND-OUT LINUX AR TICLE — 2019
[sudo] password for root: meaning that it is not so easy to compile, and it is even more
My pet ferret can type better than you! difficult to distribute the results. On the other hand, the plugin
[sudo] password for root: provides interesting functionality, requiring a second admin
sudo: 3 incorrect password attempts to approve (or deny) running commands through sudo. Not
czanik@linux-mewy:~> just that, but sessions can be followed on-screen and termi-
nated if there is suspicious activity.
Because not everyone is a fan of sysadmin humor, these In a demo I did during a recent talk at the All Things Open
insults are disabled by default. The following example shows conference, I had the infamous:
how to enable this setting only for your seasoned sysadmins,
who are members of the wheel group: czanik@linux-mewy:~> sudo rm -fr /
Defaults !insults command displayed on the screen. Everybody was holding
Defaults:%wheel insults their breath to see whether my laptop got destroyed, but it
survived.
I do not have enough fingers to count how many people
thanked me for bringing these messages back. Logs
As I already mentioned at the beginning, logging and alerting
Digest verification is an important part of sudo. If you do not check your sudo
There are, of course, more serious features in sudo as well. logs regularly, there is not much worth in using sudo. This
One of them is digest verification. You can include the digest tool alerts by email on events specified in the configuration
of applications in your configuration: and logs all events to syslog. Debug logs can be turned on
and used to debug rules or report bugs.
peter ALL =
sha244:11925141bb22866afdf257ce7790bd6275feda80b3b241c108b79c88 Alerts
/usr/bin/passwd Email alerts are kind of old-fashioned now, but if you use
syslog-ng for collecting your log messages, your sudo log
In this case, sudo checks and compares the digest of the messages are automatically parsed. You can easily create
application to the one stored in the configuration before run- custom alerts and send those to a wide variety of destina-
ning the application. If they do not match, sudo refuses to tions, including Slack, Telegram, Splunk, or Elasticsearch.
run the application. While it is difficult to maintain this infor- You can learn more about this feature from my blog on sys-
mation in your configuration—there are no automated tools long-ng.com [3].
for this purpose—these digests can provide you with an ad-
ditional layer of protection. Configuration
We talked a lot about sudo features and even saw a few
Session recording lines of configuration. Now, let’s take a closer look at how
Session recording is also a lesser-known feature of sudo. sudo is configured. The configuration itself is available in
After my demo, many people leave my talk with plans to im- /etc/sudoers, which is a simple text file. Still, it is not recom-
plement it on their infrastructure. Why? Because with ses- mended to edit this file directly. Instead, use visudo, as this
sion recording, you see not just the command name, but tool also does syntax checking. If you do not like vi, you can
also everything that happened in the terminal. You can see change which editor to use by pointing the EDITOR environ-
what your admins are doing even if they have shell access ment variable at your preferred option.
and logs only show that bash is started. Before you start editing the sudo configuration, make
There is one limitation, currently. Records are stored local- sure that you know the root password. (Yes, even on Ubun-
ly, so with enough permissions, users can delete their traces. tu, where root does not have a password by default.) While
Stay tuned for upcoming features. visudo checks the syntax, it is easy to create a syntactically
correct configuration that locks you out of your system.
Plugins When you have a root password at hand in case of an
Starting with version 1.8, sudo changed to a modular, emergency, you can start editing your configuration. When
plugin-based architecture. With most features implemented it comes to the sudoers file, there is one important thing
as plugins, you can easily replace or extend the functionality to remember: This file is read from top to bottom, and the
of sudo by writing your own. There are both open source last setting wins. What this fact means for you is that you
and commercial plugins already available for sudo. should start with generic settings and place exceptions
In my talk, I demonstrated the sudo_pair plugin, which at the end, otherwise exceptions are overridden by the
is available on GitHub [2]. This plugin is developed in Rust, generic settings.
OPEN SOURCE YEARBOOK 2010-2019 . CC BY-SA 4.0 . OPENSOURCE.COM 43
S TAND-OUT LINUX AR TICLE — 2019
You can find a simple sudoers file below, based on New features
the one in CentOS, and add a few lines we discussed There is a new version of sudo right around the corner. Ver-
previously: sion 1.9 will include many interesting new features. Here are
the most important planned features:
Defaults !visiblepw • A recording service to collect session recordings centrally,
Defaults always_set_home which offers many advantages compared to local storage:
Defaults match_group_by_gid • It is more convenient to search in one place.
Defaults always_query_group_plugin • Recordings are available even if the sender machine is down.
Defaults env_reset • Recordings cannot be deleted by someone who wants
Defaults env_keep = "COLORS DISPLAY HOSTNAME HISTSIZE to delete their tracks.
KDEDIR LS_COLORS" • The audit plugin does not add new features to sudoers,
Defaults env_keep += "MAIL PS1 PS2 QTDIR USERNAME but instead provides an API for plugins to easily access
LANG LC_ADDRESS LC_CTYPE" any kind of sudo logs. This plugin enables creating custom
Defaults secure_path = /sbin:/bin:/usr/sbin:/usr/bin logs from sudo events using plugins.
root ALL=(ALL) ALL • The approval plugin enables session approvals without
%wheel ALL=(ALL) ALL using third-party plugins.
Defaults:%wheel insults • And my personal favorite: Python support for plugins,
Defaults !insults which enables you to easily extend sudo using Python
Defaults log_output code instead of coding natively in C.
This file starts by changing a number of defaults. Then Conclusion
come the usual default rules: The root user and mem- I hope this article proved to you that sudo is a lot more than
bers of the wheel group have full permissions over the just a simple prefix. There are tons of possibilities to fine-
machine. Next, we enable insults for the wheel group, but tune permissions on your system. You cannot just fine-tune
disable them for everyone else. The last line enables ses- permissions, but also improve security by checking digests.
sion recording. Session recordings enable you to check what is happening
The above configuration is syntactically correct, but can on your systems. You can also extend the functionality of
you spot the logical error? Yes, there is one: Insults are dis- sudo using plugins, either using something already avail-
abled for everyone since the last, generic setting overrides able or writing your own. Finally, given the list of upcoming
the previous, more specific setting. Once you switch the two features you can see that even if sudo is decades old, it is a
lines, the setup works as expected: Members of the wheel living project that is constantly evolving.
group receive funny messages, but the rest of the users do If you want to learn more about sudo, here are a few re-
not receive them. sources:
• The sudo website [4]
Configuration management • The sudo blog [5]
Once you have to maintain the sudoers file on multi- • Follow us on Twitter [6]
ple machines, you will most likely want to manage your
configuration centrally. There are two major open source Links
possibilities here. Both have their advantages and draw- [1] https://www.sudo.ws/
backs. [2] https://github.com/square/sudo_pair/
You can use one of the configuration management ap- [3] https://www.syslog-ng.com/community/b/blog/posts/
plications that you also use to configure the rest of your alerting-on-sudo-events-using-syslog-ng
infrastructure. Red Hat Ansible, Puppet, and Chef all [4] https://www.sudo.ws/
have modules to configure sudo. The problem with this [5] https://blog.sudo.ws/
approach is that updating configurations is far from re- [6] https://twitter.com/sudoproject
al-time. Also, users can still edit the sudoers file locally
and change settings. Author
The sudo tool can also store its configuration in LDAP. Peter is an engineer working as evangelist at Balabit, the
In this case, configuration changes are real-time and company that developed syslog-ng. He assists distributions to
users cannot mess with the sudoers file. On the other maintain the syslog-ng package, follows bug trackers, helps
hand, this method also has limitations. For example, you users and talks regularly at conferences (SCALE, All Things
cannot use aliases or use sudo when the LDAP server Open, FOSDEM, LOADays, and others). In his limited free
is unavailable. time he is interested in non-x86 architectures, and works on
one of his PPC or ARM machines. Follow him at @PCzanik
44 OPEN SOURCE YEARBOOK 2010-2019 . CC BY-SA 4.0 . OPENSOURCE.COM
S TAND-OUT PY THON AR TICLE — 2019
Pylint: Making your
Python code consistent
BY MOSHE ZADKA
Pylint is your friend when you want to avoid arguing about code complexity.
PYLINT IS A HIGH-LEVEL PYTHON style enforcer. While
flake8 [1] and black [2] will take care of
“local” style: where the newlines occur, how comments are
formatted, or find issues like commented out code or bad
practices in log formatting.
Pylint is extremely aggressive by default. It will offer strong
opinions on everything from checking if declared interfaces
are actually implemented to opportunities to refactor duplicate
code, which can be a lot to a new user. One way of introducing
it gently to a project, or a team, is to start by turning all check-
ers off, and then enabling checkers one by one. This is es-
pecially useful if you already use flake8, black, and mypy [3]:
Pylint has quite a few checkers that overlap in functionality.
However, one of the things unique to Pylint is the ability to In general, it is not a great idea to add parameters to the
enforce higher-level issues: for example, number of lines in pylint command-line: the best place to configure your pylint
a function, or number of methods in a class. is the .pylintrc. In order to have it do something useful, we
These numbers might be different from project to project need to enable some messages.
and can depend on the development team’s preferences. In order to enable messages, add to your .pylintrc, under
However, once the team comes to an agreement about the the [MESSAGES CONTROL].
parameters, it is useful to enforce those parameters using an
automated tool. This is where Pylint shines. enable=<message>,
Configuring Pylint ...
In order to start with an empty configuration, start your
.pylintrc with For the “messages” (what Pylint calls different kinds of warn-
ings) that look useful. Some of my favorites include too-ma-
[MESSAGES CONTROL] ny-lines, too-many-arguments, and too-many-branches. All of
those limit complexity of modules or functions, and serve as
disable=all an objective check, without a human nitpicker needed, for
This disables all Pylint messages. Since many of them are code complexity measurement.
redundant, this makes sense. In Pylint, a message is a specif- A checker is a source of messages: every message
ic kind of warning. belongs to exactly one checker. Many of the most useful
You can check that all messages have been turned off by messages are under the design checker [4]. The default
running pylint: numbers are usually good, but tweaking the maximums is
straightfoward: we can add a section called DESIGN in the
$ pylint <my package> .pylintrc.
OPEN SOURCE YEARBOOK 2010-2019 . CC BY-SA 4.0 . OPENSOURCE.COM 45
S TAND-OUT PY THON AR TICLE — 2019
[DESIGN] Pylint makes code reviews easy
If you are sick of code reviews where you point out that a class
max-args=7 is too complicated, or that two different functions are basically
the same, add Pylint to your Continuous Integration [5] con-
max-locals=15 figuration, and only have the arguments about complexity
guidelines for your project once.
Another good source of useful messages is the refactoring
checker. Some of my favorite messages to enable there Links
are consider-using-dict-comprehension, stop-itera- [1] https://opensource.com/article/19/5/python-flake8
tion-return (which looks for generators which use raise [2] https://opensource.com/article/19/5/python-black
StopIteration when return is the correct way to stop the [3] https://opensource.com/article/19/5/python-mypy
iteration). and chained-comparison, which will suggest [4] https://pylint.readthedocs.io/en/latest/technical_reference/
using syntax like 1 <= x < 5 rather than the less obvious features.html#design-checker
1 <= x && x > 5 [5] https://opensource.com/business/15/7/six-continuous-
Finally, an expensive checker, in terms of performance, integration-tools
but highly useful, is similarities. It is designed to enforce
“Don’t Repeat Yourself” (the DRY principle) by explicitly Author
looking for copy-paste between different parts of the code. Moshe has been involved in the Linux community since 1998,
It only has one message to enable: duplicate-code. The helping in Linux “installation parties”. He has been program-
default “minimum similarity lines” is set to 4. It is possible ming Python since 1999, and has contributed to the core Py-
to set it to a different value using the .pylintrc. thon interpreter. Moshe has been a DevOps/SRE since before
[SIMILARITIES] those terms existed, caring deeply about software reliability,
build reproducibility and other such things. He has worked
min-similarity-lines=3 in companies as small as three people and as big as tens
of thousands — usually some place around where software
meets system administration. Follow him at @moshezadka
46 OPEN SOURCE YEARBOOK 2010-2019 . CC BY-SA 4.0 . OPENSOURCE.COM
S TAND-OUT RASPBERRY PI AR TICLE — 2017
How to set up a personal
web server with a Raspberry Pi
BY RASPBERRYPIGUY
A PERSONAL
posed to a large corporation.
WEB SERVER is “the cloud,” except
you own and control it as op-
Owning a little cloud has a lot of benefits, including cus-
tomization, free storage, free Internet services, a path into
open source software, high-quality security, full control over
your content, the ability to make quick changes, a place to
experiment with code, and much more. Most of these ben-
efits are immeasurable, but financially these benefits can
save you over $100 per month.
Azure, iCloud, or AWS
• On-premise security
• HTTPS: Let’s Encrypt
• Analytics: Google
• OpenVPN: Do not need private Internet access (at an es-
timated $7 per month)
Things I used:
• Raspberry Pi 3 Model B
• MicroSD Card (32GB recommended, Raspberry Pi Com-
patible SD Cards [1])
• USB microSD card reader
• Ethernet cable
• Router connected to Wi-Fi
• Raspberry Pi case
• Amazon Basics MicroUSB cable
• Apple wall charger
• USB mouse
• USB keyboard
• HDMI cable
• Monitor (with HDMI input)
• MacBook Pro
Step 1: Setting up the Raspberry Pi
Raspberry Pi as a web server, by Raspberry Pi Guy, CC-BY-SA 4.0
Download the most recent release of Raspbian (the Rasp-
I could have used AWS, but I prefer complete freedom, full berry Pi operating system). Raspbian Jessie [2] ZIP version
control over security, and learning how things are built. is ideal1. Unzip or extract the downloaded file. Copy it onto
• S elf web-hosting: No BlueHost or DreamHost the SD card. Pi Filler [3] makes this process easy. Download
• Cloud storage: No Dropbox, Box, Google Drive, Microsoft Pi Filer 1.3 [4] or the most recent version. Unzip or extract
OPEN SOURCE YEARBOOK 2010-2019 . CC BY-SA 4.0 . OPENSOURCE.COM 47
S TAND-OUT RASPBERRY PI AR TICLE — 2017
the downloaded file and open it. You should be greeted with Select the “Expand Filesystem” option and hit the Enter key 3.
this prompt: Also, I recommend selecting the second option, “Change
User Password.” It is important for security. It also personal-
izes your Raspberry Pi.
(Note: For an extra layer of security install fail2ban. Fail-
2Ban blocks suspicious requests coming from the internet.
For example, if there are too many attempts to guess the
password, it will block that IP address. It can be installed by
typing into terminal: $ sudo apt-get install fail2ban)
Make sure the USB card reader has NOT been inserted yet. Select the third option in the setup options list, “Enable
If it has, eject it. Proceed by clicking Continue. A file explorer Boot To Desktop/Scratch” and hit the Enter key. It will take
should appear. Locate the uncompressed Raspberry Pi OS you to another window titled “Choose boot option” as shown
file from your Mac or PC and select it. You should see anoth- in the image below.
er prompt like the one pictured below:
Insert the MicroSD card (32GB recommended, 16GB mini-
mum) into the USB MicroSD Card Reader. Then insert the
USB reader into the Mac or PC. You can rename the SD card
to “Raspberry” to distinguish it from others. Click Continue.
Make sure the SD card is empty. Pi Filler will erase all previ- In the “Choose boot option” window, select the second op-
ous storage at runtime. If you need to back up the card, do tion, “Desktop log in as user ‘pi’ at the graphical desktop” and
so now. When you are ready to continue, the Raspbian OS hit the Enter button4. Once this is done you will be taken back
will be written to the SD card. It should take between one to to the “Setup Options” page. If not, select the “OK” button at
three minutes. Once the write is completed, eject the USB the bottom of this window and you will be taken back to the
reader, remove the SD card, and insert it into the Raspberry previous window.
Pi SD card slot. Give the Raspberry Pi power by plugging Once both these steps are done, select the “Finish” button
the power cord into the wall. It should start booting up. The at the bottom of the page and it should reboot automatically.
Raspberry Pi default login is: If it does not, then use the following command in the terminal
to reboot.
username: pi
password: raspberry $ sudo reboot
After the reboot from the previous step, if everything went well,
When the Raspberry Pi has completed booting for the first you will end up on the desktop similar to the image below.
time, a configuration screen titled “Setup Options” should ap-
pear like the image below 2:
48 OPEN SOURCE YEARBOOK 2010-2019 . CC BY-SA 4.0 . OPENSOURCE.COM
S TAND-OUT RASPBERRY PI AR TICLE — 2017
Once you are on the desktop, open a terminal and en-
ter the following commands to update the firmware of the
Raspberry Pi.
$ sudo apt-get update
$ sudo apt-get upgrade -y
$ sudo apt-get dist-upgrade -y
$ sudo rpi-update
This may take a few minutes. Now the Raspberry Pi is up-to-
date and running.
Step 2: Configuring the Raspberry Pi
SSH, which stands for Secure Shell, is a cryptographic net-
work protocol that lets you securely transfer data between
your computer and your Raspberry Pi. You can control your
Raspberry Pi from your Mac’s command line without a mon-
itor or keyboard.
To use SSH, first, you need your Pi’s IP address. Open the
Image by Raspberry Pi Guy, CC BY-SA 4.0
terminal and type:
Click “New” to set up a remote connection. Fill in the blanks
$ sudo ifconfig as shown below.
If you are using Ethernet, look at the “eth0” section. If you are
using Wi-Fi, look at the “wlan0” section.
Find “inet addr” followed by an IP address—something like
192.168.1.115, a common default IP I will use for the dura-
tion of this article.
With this address, open terminal and type:
$ ssh pi@192.168.1.115
For SSH on PC, see footnote5.
Enter the default password “raspberry” when prompted,
unless you changed it.
You are now logged in via SSH.
Remote desktop
Using a GUI (graphical user interface) is sometimes easier
than a command line. On the Raspberry Pi’s command line
(using SSH) type:
$ sudo apt-get install xrdp
Xrdp supports the Microsoft Remote Desktop Client for Mac
Image by Raspberry Pi Guy, CC BY-SA 4.0
and PC.
On Mac, navigate to the app store and search for “Mi- Save it by exiting out of the “New” window.
crosoft Remote Desktop.” Download it. (For a PC, see You should now see the remote connection listed under
footnote6.) “My Desktops.” Double click it.
After installation, search your Mac for a program called After briefly loading, you should see your Raspberry Pi
“Microsoft Remote Desktop.” Open it. You should see this: desktop in a window on your screen, which looks like this:
OPEN SOURCE YEARBOOK 2010-2019 . CC BY-SA 4.0 . OPENSOURCE.COM 49
S TAND-OUT RASPBERRY PI AR TICLE — 2017
Once you have set the static internal IP address, reboot the
Raspberry Pi with:
$ sudo reboot
After rebooting, from terminal type:
$ sudo ifconfig
Your new static settings should appear for your Rasp-
berry Pi.
Static global IP address
Perfect. Now, you don’t need a separate mouse, keyboard, or If your ISP (internet service provider) has already given you
monitor to control the Pi. This is a much more lightweight setup. a static external IP address, you can skip ahead to the port
forwarding section. If not, continue reading.
Static local IP address You have set up SSH, a remote desktop, and a static in-
Sometimes the local IP address 192.168.1.115 will change. ternal IP address, so now computers inside the local network
We need to make it static. Type: will know where to find the Pi. But you still can’t access your
Raspberry Pi from outside the local Wi-Fi network. You need
$ sudo ifconfig your Raspberry Pi to be accessible publicly from anywhere
on the Internet. This requires a static external IP address7.
Write down from the “eth0” section or the “wlan0” section, It can be a sensitive process initially. Call your ISP and re-
the “inet addr” (Pi’s current IP), the “bcast” (the broadcast IP quest a static external (sometimes referred to as static global)
range), and the “mask” (subnet mask address). Then, type: IP address. The ISP holds the decision-making power, so I
would be extremely careful dealing with them. They may re-
$ netstat -nr fuse your static external IP address request. If they do, you
can’t fault the ISP because there is a legal and operational
Write down the “destination” and the “gateway/network.” risk with this type of request. They particularly do not want
customers running medium- or large-scale Internet services.
They might explicitly ask why you need a static external IP ad-
dress. It is probably best to be honest and tell them you plan
on hosting a low-traffic personal website or a similar small not-
The cumulative records should look something like this: for-profit internet service. If all goes well, they should open a
ticket and call you in a week or two with an address.
net address 192.168.1.115
bcast 192.168.1.255 Port forwarding
mask 255.255.255.0 This newly obtained static global IP address your ISP as-
gateway 192.168.1.1 signed is for accessing the router. The Raspberry Pi is still
network 192.168.1.1 unreachable. You need to set up port forwarding to access
destination 192.168.1.0 the Raspberry Pi specifically.
Ports are virtual pathways where information travels on the
With this information, you can set a static internal IP easily. Internet. You sometimes need to forward a port in order to
Type: make a computer, like the Raspberry Pi, accessible to the
Internet because it is behind a network router. A YouTube
$ sudo nano /etc/dhcpcd.conf video titled What is TCP/IP, port, routing, intranet, firewall, In-
ternet [5] by VollmilchTV helped me visually understand ports.
Do not use /etc/network/interfaces. Port forwarding can be used for projects like a Raspberry Pi
Then all you need to do is append this to the bottom of the web server, or applications like VoIP or peer-to-peer download-
file, substituting the correct IP address you want. ing. There are 65,000+ ports [6] to choose from, so you can
interface eth0 assign a different port for every Internet application you build.
static ip_address=192.168.1.115 The way to set up port forwarding can depend on your
static routers=192.168.1.1 router. If you have a Linksys, a YouTube video titled How
static domain_name_servers=192.168.1.1 to go online with your Apache Ubuntu server [7] by Gabriel
50 OPEN SOURCE YEARBOOK 2010-2019 . CC BY-SA 4.0 . OPENSOURCE.COM
S TAND-OUT RASPBERRY PI AR TICLE — 2017
Ramirez explains how to set it up. If you don’t have a Linksys, Jekyll (static HTML generator), and Apache (web hosting),
read the documentation that comes with your router in order which is the client-side or front end.
to customize and define ports to forward.
Footnotes
You will need to port forward for SSH as well as the remote
[1] I do not recommend starting with the NOOBS operating system. I pre-
desktop. fer starting with the fully functional Raspbian Jessie operating system.
Once you believe you have port forwarding configured, [2] If “Setup Options” does not pop up, you can always find it by opening
check to see if it is working via SSH by typing: Terminal and executing this command:
$ sudo-raspi-config
[3] We do this to make use of all the space present on the SD card
$ ssh pi@your_global_ip_address as a full partition. All this does is expand the operating system to fit
the entire space on the SD card, which can then be used as storage
It should prompt you for the password. memory for the Raspberry Pi.
Check to see if port forwarding is working for the remote [4] We do this because we want to boot into a familiar desktop environ-
ment. If we do not do this step, the Raspberry Pi boots into a terminal
desktop as well. Open Microsoft Remote Desktop. Your pre- each time with no GUI.
vious remote connection settings should be saved, but you [5]
need to update the “PC name” field with the static external IP
address (for example, 195.198.227.116) instead of the static
internal address (for example, 192.168.1.115).
Now, try connecting via remote desktop. It should briefly
load and arrive at the Pi’s desktop.
Download and run PuTTY [8] or another SSH client for Windows.
Enter your IP address in the field, as shown in the above screenshot.
Keep the default port at 22. Hit Enter, and PuTTY will open a terminal
window, which will prompt you for your username and password. Fill
those in, and begin working remotely on your Pi.
[6] If it is not already installed, download Microsoft Remote Desktop [9].
Search your computer for Microsoft Remote Desktop. Run it. Input
the IP address when prompted. Next, an xrdp window will pop up,
prompting you for your username and password.
[7] The router has a dynamically assigned external IP address, so in the-
ory, it can be reached from the Internet momentarily, but you’ll need
the help of your ISP to make it permanently accessible. If this was
not the case, you would need to reconfigure the remote connection
on each use.
Good job. The Raspberry Pi is now accessible from the Inter-
net and ready for advanced projects. For the original source, visit Mitchell McLaughlin’s Full-Stack
As a bonus option, you can maintain two remote connec- Computer Projects [10].
tions to your Pi. One via the Internet and the other via the
LAN (local area network). It’s easy to set up. In Microsoft Links
Remote Desktop, keep one remote connection called “Pi In- [1] http://elinux.org/RPi_SD_cards
ternet” and another called “Pi Local.” Configure Pi Internet’s [2] https://www.raspberrypi.org/downloads/raspbian/
“PC name” to the static external IP address—for example, [3] http://ivanx.com/raspberrypi/
195.198.227.116. Configure Pi Local’s “PC name” to the [4] http://ivanx.com/raspberrypi/files/PiFiller.zip
static internal IP address—for example, 192.168.1.115. Now, [5] https://www.youtube.com/watch?v=iskxw6T1Wb8
you have the option to connect globally or locally. [6] https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_
If you have not seen it already, watch How to go online with numbers
your Apache Ubuntu server [7] by Gabriel Ramirez as a tran- [7] https://www.youtube.com/watch?v=i1vB7JnPvuE#t=07m08s
sition into Project 2. It will show you the technical architecture [8] http://www.chiark.greenend.org.uk/~sgtatham/putty/
behind your project. In our case, you are using a Raspberry Pi download.html
instead of an Ubuntu server. The dynamic DNS sits between [9] https://www.microsoft.com/en-us/store/apps/microsoft-
the domain company and your router, which Ramirez omits. remote-desktop/9wzdncrfj3ps
Beside this subtlety, the video is spot on when explaining vi- [10] https://mitchellmclaughlin.com/server.html
sually how the system works. You might notice this tutorial
covers the Raspberry Pi setup and port forwarding, which is
the server-side or back end. See the original source for more Author
advanced projects covering the domain name, dynamic DNS, RaspberryPiGuy
OPEN SOURCE YEARBOOK 2010-2019 . CC BY-SA 4.0 . OPENSOURCE.COM 51
S TAND-OUT DEVOPS AR TICLE — 2014
You can’t have DevOps
without open source
BY JEN KRIEGER
rise and gather effort from the community.
YOU PROBABLY THINK I’m going to talk
about all the reasons
why you should use open source tooling as the foundation
Community
Communities are formed around a common purpose.
for an effective DevOps culture in your organization, but They bring together diverse ideas and share work.
that’s not what this is about. Not to marginalize the com- Together, a global community can create beyond the
plexity of the challenges faced by the team I work with [1], capabilities of any one individual. It multiplies effort
but I have confidence that the engineers are going to figure and shares the work. Together, we can do more.
the tooling part out. Believe it or not, the daunting part is
wrapped in cultural change. That is how you get an effective DevOps culture. You em-
I have spent a significant amount of time reading about brace the open source way.
cultural change [2], what you need to have an effective If you didn’t fist pump, remember a job you have had in the
DevOps community [3], how you build high functioning past where you felt like this guy, and then read that again.
teams [4], and asking the question, “How do I DevOp?” [5]
The ideas I’ve read have given me a few new things to stick Open exchange, participation, community
in my tool belt. However, nothing has resonated with me as My career before Red Hat was filled with statements like
much as this: “just do your job” and “that’s just the way it is, you can’t
change it.” I have viscerally felt the horrible feeling of hav-
The open source way is... ing to tell someone that they couldn’t have their idea, not
because it wouldn’t solve many problems, but because
Open exchange
they didn’t know the right people or know the best way to
We can learn more from each other when infor-
get their idea across.
mation is open. A free exchange of ideas is critical
When you have an open exchange and everyone is en-
to creating an environment where people are al-
couraged to participate:
lowed to learn and use existing information toward
• People talk to one another and build off of each other’s
creating new ideas.
collective experience.
Participation • People earn each other’s respect while working together.
When we are free to collaborate, we create. We • People are less likely to say, “It’s so and so’s job, not mine,”
can solve problems that no one person may be when they know and respect each other.
able to solve on their own.
Rapid prototyping
Rapid prototypes can lead to rapid failures, but
that leads to better solutions found faster. When
you’re free to experiment, you can look at prob-
lems in new ways and look for answers in new
places. You can learn by doing.
Meritocracy
In a meritocracy, the best ideas win. In a meritoc-
racy, everyone has access to the same informa-
tion. Successful work determines which projects
52 OPEN SOURCE YEARBOOK 2010-2019 . CC BY-SA 4.0 . OPENSOURCE.COM
S TAND-OUT DEVOPS AR TICLE — 2014
No team is going to believe they are in an optimal working cerned, and no one is shy about sharing the details about
environment if someone is saying, “Work together or else.” the impact it has had on their servers. However, I can still
Yes, they will work together, but wouldn’t you prefer to give say the work was successful because at the end of the day
them a reason to want to work together? The reason can it delighted the people who needed it the most, and it cer-
be as simple as helping two individuals connect on similar tainly gets people talking to me.
interests, or as hard as getting teams with a long-standing
history of disliking one another to work together. But the key Consider this
element here is a path to empathy and having respect for How hard do you think a DevOps transformation will be if
those you spend your week with. At the end of the day, you employees don’t feel comfortable enough to share ideas, are
need to foster an environment where it is OK to have an being told not to collaborate because it isn’t their job, or it
opinion, OK to have an idea... OK to share. is implied that their financial well-being is wrapped around
Even on the team [6] I’m working on, where the values of performing one function and there is no emphasis placed on
the open source way are individually embraced, we have to whole systems thinking?
work hard to continue to cultivate that global sense of com- The open source way isn’t an easy button for success. How-
munity and collaboration. Even at Red Hat it is hard. I strive ever, what it can do is provide a set of values for an individual
on a daily basis to provide as much visibility into what our and a group to follow that can set your organization on the
team is working on regardless of how trivial it may seem. The path towards an effective DevOps community. Do me a favor
result of this? People are sharing their ideas and helping to and go back and read those values again. Are you and your
build something we can all be proud of and support. organization open enough to embrace the open source way?
Rapid prototyping and meritocracy Links
A brilliant thing happened very early on with the team of en- [1] http://developerblog.redhat.com/tag/inception/
gineers I’m working with; they reminded me about the impor- [2] http://www.amazon.com/Leading-Change-With-Preface-
tance of just getting something done. We spent a good bit Author/dp/1422186431
of time trying to muddle through the mountain of things we [3] http://itrevolution.com/devops-culture-part-1/
could work on and the output of that? Well, frankly—it was [4] http://www.slideshare.net/reed2001/culture-1798664
a lot of talking. [5] http://blog.mihasya.com/2013/06/11/how-do-i-devops.html
Being able to show someone what you are doing, and re- [6] https://twitter.com/mrry550/lists/team-inception
ceive feedback on that thing, is so much more satisfying than [7] https://github.com/RHInception
the talking. Rapid prototyping? Getting to see the code [7], [8] https://github.com/RHInception/talook
instead of an idea disappearing into a requirements hole and [9] https://github.com/RHInception/jsonstats
resurfacing at QA, is so satisfying I can’t shout about that
enough. In my past experience with closed source projects, Author
I haven’t seen code delivered, input received for changes, Jen Krieger - Jen Krieger is Chief Agile Architect at Red Hat. Most
and subsequently modified very quickly. So, that continues of her 20+ year career has been in software development repre-
to be transformational for me. senting many roles throughout the waterfall and agile lifecycles.
Don’t get me wrong, this is not an easy thing to master. At Red Hat, she led a department-wide DevOps movement fo-
Early on the team made a technical decision to move for- cusing on CI/CD best practices. Most recently, she worked with
ward with a custom application [8] that could provide cer- with the Project Atomic & OpenShift teams. Now Jen is guiding
tain system information [9] (like software versions running) teams across the company into agility in a way that respects and
without requiring root access to servers. I understand that supports Red Hat’s commitment to Open Source. At Red Hat,
there are tools that already do that, but the team wanted she led a department-wide DevOps movement focusing on CI/
something quick to ease the pain. After we were done, we CD best practices. Most recently, she worked with with the Proj-
agreed we would start looking into longer-term solutions to ect Atomic & OpenShift teams. Now Jen is guiding teams across
help. We are still feeling the pain from that decision; mer- the company into agility in a way that respects and supports Red
itocracy is in full-on mode here where this project is con- Hat’s commitment to Open Source. Follow her at @mrry550
OPEN SOURCE YEARBOOK 2010-2019 . CC BY-SA 4.0 . OPENSOURCE.COM 53
S TAND-OUT KUBERNETES AR TICLE — 2017
Why is Kubernetes so popular?
BY ANURAG GUPTA
The Google-developed container management system has quickly become
one of the biggest success stories in open source history.
KUBERNETES, [1] AN OPEN SOURCE container
management system, has
surged in popularity in the past several years. Used by the
source its infrastructure has created a way for any company
in the world to run its infrastructure like one of the top com-
panies in the world.
largest enterprises in a wide range of industries for mis-
sion-critical tasks, it has become one of the biggest suc- One of the biggest open source communities
cess stories in open source. How did that happen? And After its open source release, Kubernetes found itself
what is it about Kubernetes that explains its widespread competing with other container-management systems,
adoption? namely Docker Swarm and Apache Mesos. One of the
reasons Kubernetes surged past these other systems in
Kubernetes’ backstory: Origins in Google’s Borg recent months is the community and support behind the
system system: It’s one of the largest open source communities
As the computing world became more distributed, more (more than 27,000+ stars on GitHub); has contributions
network-based, and more about cloud computing, we saw from thousands of organizations (1,409 contributors); and
large, monolithic apps slowly transform into multiple, agile is housed within a large, neutral open source foundation,
microservices. These microservices allowed users to indi- the Cloud Native Computing Foundation (CNCF) [3].
vidually scale key functions of an application and handle The CNCF, which is also part of the larger Linux Foun-
millions and millions of customers. On top of this para- dation, has some of the top enterprise companies as
digm change, we saw technologies like Docker containers members, including Microsoft, Google, and Amazon Web
emerge in the enterprise, creating a consistent, portable, Services. Additionally, the ranks of enterprise members in
and easy way for users to quickly build these microservices. CNCF continue to grow, with SAP and Oracle joining as
While Docker continued to thrive, managing these micro- Platinum members within the past couple of months. These
services and containers became a paramount requirement. companies joining the CNCF, where the Kubernetes project
That’s when Google, which had been running contain- is front and center, is a testament to how much these enter-
er-based infrastructure for many years, made the bold deci- prises are betting on the community to deliver a portion of
sion to open source an in-house project called Borg [2]. The their cloud strategy.
Borg system was key to running Google’s services, such as The enterprise community around Kubernetes has also
Google Search and Gmail. This decision by Google to open surged, with vendors providing enterprise versions with
added security, manageability, and support. Red Hat, Co-
reOS, and Platform 9 are some of the few that have made
Enterprise Kubernetes offerings key to their strategy going
forward and have invested heavily in ensuring the open
source project continues to be maintained.
Delivering the benefits of the hybrid cloud
Yet another reason why enterprises are adopting Kuberne-
tes at such a breakneck pace is that Kubernetes can work
in any cloud. With most enterprises sharing assets between
their existing on-premises datacenters and the public cloud,
the need for hybrid cloud technologies is critical.
54 OPEN SOURCE YEARBOOK 2010-2019 . CC BY-SA 4.0 . OPENSOURCE.COM
S TAND-OUT KUBERNETES AR TICLE — 2017
Kubernetes can be deployed in a company’s pre-ex- services and a heritage from Google Borg—Kubernetes
isting datacenter on premises, in one of the many public is now open source software that is part of a big foun-
cloud environments, and even run as a service. Because dation (CNCF) with many enterprise members. It contin-
Kubernetes abstracts the underlying infrastructure layer, ues to grow in popularity and is being widely used with
developers can focus on building applications, then de- mission-critical apps in finance, in massive multiplayer
ploy them to any of those environments. This helps accel- online games like Pokemon Go, and by educational com-
erate a company’s Kubernetes adoption, because it can panies and traditional enterprise IT. Considered together,
run Kubernetes on-premises while continuing to build out all signs point to Kubernetes continuing to grow in pop-
its cloud strategy. ularity and remaining one of the biggest success stories
in open source.
Real-world use cases
Another reason Kubernetes continues to surge is that major Links
corporations are using the technology to tackle some of the [1] https://kubernetes.io/
industry’s largest challenges. Capital One, Pearson Educa- [2] http://queue.acm.org/detail.cfm?id=2898444
tion, and Ancestry.com are just a few of the companies that [3] https://www.cncf.io/
have published Kubernetes use cases [4]. [4] https://kubernetes.io/case-studies/
Pokemon Go [5] is one of the most-popular publicized use [5] https://cloudplatform.googleblog.com/2016/09/bringing-
cases showing the power of Kubernetes. Before its release, Pokemon-GO-to-life-on-Google-Cloud.html
the online multiplayer game was expected to be reasonably
popular. But as soon as it launched, it took off like a rock-
et, garnering 50 times the expected traffic. By using Kuber- Author
netes as the infrastructure overlay on top of Google Cloud, Anurag Gupta is a Product Manager at Treasure Data driving
Pokemon Go could scale massively to keep up with the un- the development of the unified logging layer, Fluentd Enter-
expected demand. prise. Anurag has worked on large data technologies includ-
What started out as an open source project from Goo- ing Azure Log Analytics, and enterprise IT services such as
gle—backed by 15 years of experience running Google Microsoft System Center. Follow him at @Anurag_Gup
OPEN SOURCE YEARBOOK 2010-2019 . CC BY-SA 4.0 . OPENSOURCE.COM 55
S TAND-OUT KIDS AR TICLE — 2014
Four Linux distros for kids
BY ASEEM SHARMA
I CAN SEE THE BRIGHTNESS of curiosity in my six year
old niece Shuchi’s eyes when she ex-
plores a mobile phone or manipulates the idiot box with its
etc., Windows is only on 20% of computing devices, and in
the world of big iron, Linux reigns supreme. We specialize
in science and engineering and want our students to go on
remote control or becomes creatively destructive with any to do great things like start the next Google or collapse the
other electronic device. She, like a lot of kids her age, love universe at CERN. In those environments, they will certainly
experimenting. need to know Linux.”
This curiosity reaches its peak when she sits in front of Linux runs some of the most complex infrastructures in
my laptop or her father’s laptop. A lot of times, however, I the world. For anyone even remotely interested in a career
observe that she is lost in complicated applications that are in technology, learning Linux will be a definite asset. Besides
suitable only to adults. An operating system that an adult that, the adoption of Linux is massive and ubiquitous. Con-
uses and the system running it can look like a beast to a sider this:
lot of kids. These applications are beyond the comprehen- • Linux powers international space stations
sion of very young kids and do not provide an ideal (and • Linux powers the technology in new cars like Tesla and
playful) introduction to computers. Futher, adults’ laptops Cadillac
and tablets do not serve as a good learning environment • Linux powers air traffic control systems
for any kid (younger or old- • Google, Facebook, Twitter,
er) who is just onboarding all use Linux
into the world of computing. • 9 out of 10 supercomputers
Besides, letting a kid run wild in the world run on Linux
on a computer with an online There is a rational reason
connection can be daunting that initiatives like One Lap-
for the parents. top per Child [2], which in
As a big kid myself, and my opinion is one of the
an open source software en- most powerful programs to-
thusiast for over four years day that is working to bridge
now, I like exploring and the digital divide, use Linux
experimenting with differ- based systems.
ent software solutions. Per-
taining to the problem of finding and setting up an ideal For customization and variety
system for my young niece, I found that the open source Learning at an early age can be best enhanced in an en-
Linux community has created specialized operating sys- vironment that encourages exploration. There is no other
tems and environments for kids. Plus, setting up these operating system that offers such variety and autonomy to
systems is a breeze. customize the system based on specific needs like Linux.
Like toys and clothes for kids, the Linux community has
Why should kids learn Linux developed specific operating systems that can offer them
I have reached a conclusive opinion at this point in my life a fun learning environment. I believe that to boost curiosity
that children should be exposed to the power of Linux early in kids, it is important to create a set up that gives them a
on. Two of the reasons are... feeling of wonder.
For the future of computing Programs to teach kids Linux
I recently read the article, A year of Linux desktop at Westcliff There are many different varieties of environments that the
High School [1], which is an excellent piece by Stu Jarvis in Linux community has designed for the children, and I hav-
which Malcolm Moore replies to a question by stating, “Here en’t yet explored them all, but of the ones I did, you should
is a survey that reports in 2000, 97% of computing devic- be able to find a great solution for teaching a kid you know
es had Windows installed, but now with tablets and phones, about Linux and computing.
56 OPEN SOURCE YEARBOOK 2010-2019 . CC BY-SA 4.0 . OPENSOURCE.COM
S TAND-OUT KIDS AR TICLE — 2014
Qimo Ubermix comes pre-loaded with a number of appli-
http://www.qimo4kids.com/ cations for education, productivity, design, program-
Qimo for kids is a Ubuntu-based distribution designed ming, Internet, and multimedia construction. Educa-
specifically for children. The operating system comes tion oriented applications like Celestia, Stellarium,
pre-installed with a lot of educational applications for chil- Scratch, VirtualLab Microscope, Geogebra, iGNUit,
dren ages 3 years and older. It comes with GCompris, a and Klavaro, as well as educational games like Tux-
perfect suite for children aged 3 to 10 years. It consists of Math, TuxTyping, gMult, and Numpty Physics all
over 100 educational games that teaches basic comput- bring with them plenty of opportunities to learn.
er use, reading, art history, telling time, and drawing pic-
Internet applications we all know and love, like Firefox,
tures, as well as Childs Play, a collection of memory-build-
Thunderbird, Chrome, Google Earth, and Skype are
ing games.
all there. Common productivity apps like LibreOffice,
One of the things I like best about this distribution is
NitroTasks, Planner Project Management, VYM (View
that it uses XFCE desktop , which is a lightweight desktop
Your Mind), and Zim Desktop Wiki are too. Kids inter-
that can be installed on older machines. The hardware
ested in design will find the GIMP, Inkscape, Scribus,
requirements are low and it is absurdly easy to repurpose
Dia, Agave, and even TuxPaint for the younger ones.
an old laptop or a desktop system. We had an old PC
And apps like Audacity, Openshot, Pencil, and ffDia-
at home, and Qimo resurrected it. This operating system
porama help round out the media offerings. These,
was my choice for my niece because of its simple child
and many more, make Ubermix a powerful launchpad
friendly cartoon desktop and assortment of educational
for student creativity and learning.
applications.
Sugar Edubuntu
https://www.sugarlabs.org/ http://www.edubuntu.org/
Sugar was designed for the One Laptop per Child pro- Formally the Ubuntu Education Edition, Edubuntu was de-
gram. It is an easy to use and kid-friendly operating sys- veloped in collaboration with educators and teachers. It
tem. Children who love exploring will figure out things embeds a variety of educational programs and a suitable
quickly in this environment, even if they cannot read or learning environment. An advantage to it is access to the
write yet. Ubuntu software repository. The education community has
From Sugar Labs: extensively used this operating system in schools and or-
ganizations to provide an enriched learning environment for
Information is about nouns; learning is about verbs.
their students. It’s a great operating system to teach older
The Sugar interface, in its departure from the desk-
children about Linux; it can have a steeper learning curve in
top metaphor for computing, is the first serious at-
comparison to Qimo and Sugar.
tempt to create a user interface that is based on both
cognitive and social constructivism: learners should
Links
engage in authentic exploration and collaboration. It
[1] https://opensource.com/education/13/7/linux-westcliff-
is based on three very simple principles about what
high-school
makes us human.
[2] http://one.laptop.org/
[3] https://opensource.com/education/13/3/ubermix-linux
Ubermix
http://www.ubermix.org/ Author
Ubermix is extensively used in schools. The system was Aseem is a graduate of Conrad Business, Entrepreneurship
designed to store user data and software in seperate par- and Technology Center, Faculty of Engineering, University
titions. So, in case the computer malfunctions, the user of Waterloo, Canada. He also holds a masters in computers
can wipe out the operating system and resotre fresh cop- application from Guru Nanak Dev University, Punjab, India.
ies quickly. From Ubermix founder, Jim Klein, in an Open- On Opensource.com, he serves as an author. He also blogs
source.com interview [3]: at http://aseemsharma.info/. Follow him at @aseem_sharma
OPEN SOURCE YEARBOOK 2010-2019 . CC BY-SA 4.0 . OPENSOURCE.COM 57
S TAND-OUT NON-TECHNIC AL AR TICLE — 2019
6 remarkable features
of the new United Nations
open source initiative
BY FRANK KARLITSCHE
What does it mean when the UN goes open source?
THREE MONTHS AGO the United Nations asked me to
join a new advisory board to help them devel-
op their open source strategy and policy. I’m honored to have
reviewed and audited. This fact is especially important for
security-sensitive applications that require transparency
and openness [2].
the opportunity to work together with a group of established • D ecentralization: An open source strategy enables de-
experts in open source licensing and policy areas. centralized hosting of software and data. This fact makes it
The United Nations wants to make technology, software, possible to be compliant with all data protection and priva-
and intellectual property available to everyone, including cy regulations and enables a more free and open internet.
developing countries. Open source and free software are We discussed that a fair business model like the one from
great tools to achieve this goal since open source is all Nextcloud should be encouraged and recommended. Spe-
about empowering people and global collaboration while cifically, we discussed that that 100% of the code should
protecting the personal data and privacy of users. So, the be placed under an OSI-approved open source license [3].
United Nations and the open source community share the There should be no open core, proprietary extensions, dual
same values. licensing, or other limited-access components to ensure
This new open source strategy and policy is developed by that everyone is on the same playing field.
the United Nations Technology Innovation Labs (UNTIL) [1]. I’m excited to have the opportunity to advise the United
Last month, we had our first in-person meeting in Helsinki in Nations in this matter, and I hope to have a positive influence
the UNTIL offices. I find this initiative remarkable for several on the future of IT, especially in developing countries.
reasons:
• Sharing: The United Nations wants to have a positive Links
impact on everyone on this planet. For that goal, it is im- [1]
https://until.un.org/
portant that software, data, and services are available for [2]
https://until.un.org/content/governance
everyone independent of their language, budget, educa- [3]
https://opensource.org/licenses
tion, or other factors. Open source is perfect to guarantee
that result. Author
• Contributing: It should be possible that everyone can Frank Karlitschek is a long time open source contributor and
contribute to the software, data, and services of the United former board member of the KDE e.V. He managed engineer-
Nations. The goal is to not depend on a single software ing teams for over 20 years and worked as head of unit and
vendor alone, but instead, build a bigger ecosystem that managing director at different internet companies. In 2001 he
drives innovation together. created the openDesktop.org social network as well as GTK-
• Empowering: Open source makes it possible for under- Apps.org, GNOME-Look.org, KDE-Apps.org and other ‘App-
developed countries and regions to foster local companies Stores’ before AppStores existed. He founded ownCloud in
and expertise by building on top of existing open source 2010 and the successor Nextcloud in 2016 to create a fully
software—standing on the shoulders of giants. open source and decentralized alternative to big centralized
• Sustainability: Open source guarantees more sustain- cloud companies. Frank was an invited expert at the W3C to
able software, data, and services by not relying on a single help to create the ActivityPub standard. Frank has spoken at
entity to support, maintain, and develop it. Open source MIT, CERN, Harvard and ETH and keynoted LinuxCon, Lati-
helps to avoid a single point of failure by creating an equal noware, FOSSASIA, Campus Party and many other confer-
playing field for everyone. ences. Frank is the founder and CEO of Nextcloud GmbH. He
• Security: Open source software is more secure than is also a fellow of Open Forum Europe and an advisor to the
proprietary software because the code can be constantly United Nations. Follow him at @fkarlitschek
58 OPEN SOURCE YEARBOOK 2010-2019 . CC BY-SA 4.0 . OPENSOURCE.COM