DOKK Library

Best of a decade on 2010–2019


License CC-BY-SA-4.0

Best of a decade on
   In celebration of our
    10-year anniversary
                                                        .  ........
                                                          ... .. ...
                                            E D I T O R .. .. .. ....
                                                                     . .

           Dear reader,
           As we celebrate 10 years of publishing, our focus is on the people from all over the globe, in
           various roles, from diverse backgrounds, who have helped us explore the multitude of ways in
           which open source can improve our lives—from technology and programming to farming and
           design, and so much more.
           We are celebrating you because we’ve learned that growing this unique storytelling site demands
           that we do one thing better than all the rest: listen to and talk with our readers and writers.
           Over the years, we’ve gotten better at it. We regularly hold meetings where we review how articles
           performed with readers from the week before and discuss why we think that’s so. We brainstorm
           and pitch new and exciting article ideas to our writer community on a weekly basis. And we build
           and nurture close relationships with many writers who publish articles for us every month.
           As an editor, I never would have imagined my biggest responsibility would be community
           management and relationship building over copy editing and calendar planning. I’m so grateful
           for this because it’s made being a part of a deeply rewarding experience.
           In December, we closed out a decade of publishing by reaching a new, all-time record of over
           2 million reads and over 1 million readers. For us, this validates and affirms the value we’ve
           learned to place on relationships with people in a world swirling with metrics and trends.
           We truly believe that openness is a better way to work, so I’d like to share some of best practices:
               • If anyone out there in the big, wide world has something to share about how they use
                  open source, got started with open source, learned best practices to get a job done
                  or operate in a community (and the list goes on...), they can share it with us. We have
                  hundreds of writers and writers-to-be who come to our door and generate thousands
                  of published articles each year.
               • Our lean-mean editorial team reviews and responds to all submissions, provides
                  professional editorial services, nurtures each of our writer communities, and attends
                  conferences and events around the world. Our goal is to care for the articles that come
                  in to us, support and encourage our writers, and meet and know the open source
                  communities that are important to our readers.
               • T
                  he rest is all about learning and open lines of communication. What can we learn from
                 the response we see from our readers? How can we best deliver the guides, tutorials,
                 and stories we have to share with them? Who are the writers and writers-to-be coming
                 to our door and what can we learn about them? How can we inspire and encourage
                 them on their journeys?
           “The community is open, kind, and inquisitive. Each person who writes for us
           brings their own individual experiences and expertise to the table. When we launched the first
           version of the Correspondent program in 2013—three years after our first article went live on
           January 25, 2010—we began with a handful of dedicated individuals. Over the past five years,
           that group has grown and become the heartbeat of our contributor community. They provide
           us with feedback on what’s going on in the world of open source, they reach out to leaders and
           members of open source communities and projects, and they pen articles that truly change lives,”
           says Jason Hibbets, former community manager for
           As we celebrate a decade, we invite you to share with us. How do you meet the challenges of
           your life with open source? What could you contribute to the conversation?
           — Jen Wike Huger
              Chief Editor

OPEN SOURCE YEARBOOK 2010-2019          . CC BY-SA 4.0 . OPENSOURCE.COM                                           3
                                                   .. ... .
                                                 .. .. .....

          6	Welcome
             First Article Ever
                       to the conversation on
                 Jim Whitehurst

          7	2014
             Favorite Linux distributions through the years
                  — 2019

          8	2013
             Open source news timeline
                  — 2019

          9	Open Source Alternatives Cheat Sheet

          10	Open   Source Cheat Sheets

          11	How
              A Word from Christine Peterson
                   I coined the term ‘open source’
                 Christine Peterson


              Stand-out Article of the Year — 2010
          14	Cooperative success: Understanding the co-op business model
                 Rebecca Fernandez

            	Stand-out Article of the Year — 2011
          	The DRM graveyard: A brief history of digital rights management
                 in music
                 Ruth Suehle

               Stand-out Article of the Year — 2012
          18	Three tips for working with open source diagrams
                 Máirín Duffy

               Stand-out Article of the Year — 2013
          19 	How one parent fosters open source at home through DIY projects
                 Carolyn Fox

              Stand-out Article of the Year — 2014
          20	Top 3 open source business intelligence and reporting tools
                 Robin Muilwijk

                            Article of the Year — 2015
          22	Stand-out
               8 Linux file managers to try
                 David Both

4                                     OPEN SOURCE YEARBOOK 2010-2019   . CC BY-SA 4.0 . OPENSOURCE.COM

                          Article of the Year — 2016
          26	4Stand-out
                 open source tools for Linux system monitoring
                 David Both

                           Article of the Year — 2017
          32	5Stand-out
                 projects for Raspberry Pi at home
                 Ben Nuttall

              Stand-out Article of the Year — 2018
          35	Linux vs. Unix: What’s the difference?
                 Phil Estes

              Stand-out Article of the Year — 2019
          38	Create your own video streaming server with Linux
                 Aaron J. Prisk


          42	What
              Stand-out Linux Article
                   you probably didn’t know about sudo
                 Peter Czanik

          45	Pylint:
              Stand-out Python Article
                      Making your Python code consistent
                 Moshe Zadka

          47	How
              Stand-out Raspberry Pi Article
                  to set up a personal web server with a Raspberry Pi

          52	You
              Stand-out DevOps Article
                  can’t have DevOps without open source
                 Jen Krieger

                 Stand-out Kubernetes Article
          54     Why is Kubernetes so popular?
                 Anurag Gupta

                 Stand-out Kids Article
          56     Four Linux distros for kids
                 Aseem Sharma

          58	6Stand-out   Non-technical Article
                 remarkable features of the new United Nations open source initiative
                 Frank Karlitsche
                 All lead images by or the author under CC BY-SA 4.0 unless otherwise noted.

OPEN SOURCE YEARBOOK 2010-2019       . CC BY-SA 4.0 . OPENSOURCE.COM                                          5

   Welcome to the conversation
                                                               BY JIM WHITEHURST

   AS THE CEO                      OF RED HAT, this is a day I’ve been
                                   looking forward to for quite some
   time. In my travels, I often find myself talking to people from
                                                                            This will not be a site for Red Hat, about Red Hat. Instead this
                                                                         will be a site for open source, about the future.
                                                                            What you see today is only a beginning. In the spirit of
   all walks of life who see opportunities for the lessons of open       open source, we are releasing the site early. We will grow
   source to be applied broadly to the world around us.                  its functionality and content over time based on ideas we
      At Red Hat, we’ve used open source principles as the               create together [1].
   backbone of a successful technology company. We know                     With your help, this will be a place that connects people,
   there are opportunities to apply the open source way broad-           creates dialog, and—if we dare to dream—maybe even
   ly in business, in government, in education, in the law, and          changes the world a little bit for the better.
   throughout our lives.                                                    Good to have you here. Let’s get started.
      This site is one of the ways in which Red Hat gives some-
   thing back to the open source community. Our desire is to             Links
   create a connection point for conversations about the broad-          [1]
   er impact that open source can have—and is having—even                     opensourcecom-be
   beyond the software world.                                            [2]
      We think of this site as a “Red Hat community service.” Mean-
   ing: all ideas are welcome, and all participants are welcome.
                                                                         Jim Whitehurst is President and Chief Executive Officer of
                                                                         Red Hat, the world’s leading provider of open source en-
                                                                         terprise IT products and services. With a background in
                                                                         business development, finance, and global operations,
                                                                         Whitehurst has proven expertise in helping companies flour-
                                                                         ish—even in the most challenging economic and business
                                                                         environments. Since joining Red Hat in 2008, Whitehurst
                                                                         has grown the company, and its influence on a variety of
                                                                         industries, by reaching key milestones—the most notable in
                                                                         2012 when Red Hat became the first $1 billion revenue open
                                                                         source software company.

   6                                             OPEN SOURCE YEARBOOK 2010-2019               . CC BY-SA 4.0 . OPENSOURCE.COM
                                                      FAVORITE LINUX DIS TRIBUTIONS THROUGH THE YEARS

        Favorite Linux distributions
             through the years
 1000                                                               2014
           Mint             Fedora       Debian        Ubuntu        Mageia         openSUSE        PCLinuxOS SparkyLinux elementary                Arch




           Mint             Ubuntu       Debian        Fedora        openSUSE       PCLinuxOS   elementary      Android-x86      Deepin         CentOS


 2000                                                               2016



           Mint         Ubuntu        Debian        Fedora     openSUSE       Mageia       Manjaro      CentOS          Arch     Android-x86        Other




           Arch        CentOS         Debian      elementary     Fedora      Manjaro        Mint        openSUSE        Ubuntu      Zorin           Other

 2500                                                               2018
         Mint      Debian    Manjaro Ubuntu Antergos openSUSE Solus       Fedora elementary Zorin     deepin   TrueOS   CentOS   Arch     PCLinuxOS Other





        Antergos    Arch     CentOS   Debian Elementary Fedora    Kali    Manjaro   Mint   MX Linux openSUSE ReactOS     Solus   Ubuntu     Zorin     Other

OPEN SOURCE YEARBOOK 2010-2019                      . CC BY-SA 4.0 . OPENSOURCE.COM                                                                           7

       Open source news timeline
  2013       IBM pledges $1 billion
             for Linux                                   Motorola announces
                                                       open hardware phones         2013
  2013       The Weather Channel
             goes open source                                   NASA to release
                                                                 source code for
                                                                software projects
             GitHub releases Atom
  2014       text editor under MIT                       Google reveals new
             license                                   container orchestration
                                                             tool, Kubernetes
  2014       Microsoft open sources
             more of .NET                                   Rust version 1.0.0
                                                                now available       2015
             goes open source
                                                                 Perl 6 released
  2016       Raspberry Pi 3
                                                shares US
                                                           government open
                                                                source code

  2016       Microsoft joins the
             Linux Foundation                               Run Linux on your
                                                             Samsung phone          2017
  2017       Linux dominates
                                                            Julia 1.0 released
  2018       Tim Berners-Lee building
             a decentralized internet                    Alibaba launches the
                                                     fastest open source CPU        2019
             GNOME and KDE
  2019       partner on the
             Linux Desktop
                                                           System76 will ship
                                                          2 Linux laptops with
                                                      Coreboot-powered open         2019
                                                              source firmware

  8                            OPEN SOURCE YEARBOOK 2010-2019   . CC BY-SA 4.0 . OPENSOURCE.COM
                                                                         OPEN SOURCE ALTERNATIVES CHEAT SHEET Open Source Alternatives Cheat Sheet
 Use this guide to help you find an open source alternative to common proprietary software tools.
Creative Tools
Photoshop           GIMP, Pinta, Krita                          
Dreamweaver         Aptana Studio, BlueGriffon, NetBeans,       
                    SeaMonkey, Aloha Editor
AutoCAD             BRL-CAD, FreeCAD, LibreCAD                  
Video Editing       Pitivi, OpenShot, Cinelerra, KDEnlive, Blender
Microsoft Publisher Scribus, LibreOffice, LaTeX or other markup 
Chat Tools
Slack               IRC, Let’s Chat, Mattermost, Rocket.Chat,
WhatsApp            Line,, Signal, Threema, Viber, Wire,
Skype               Jami, Jitsi, Linphone, Riot, Wire, Pidgin   
Office Tools
Microsoft Access    LibreOffice Base, DB Browser for SQLite, Kexi,
                    nuBuilder Forte
Gmail               Roundcube, Zimbra, SquirrelMail, Rainloop, Cypht
Google Docs         CryptPad                               
Google Sheets       EtherCalc                              
Project Management Tools
Project             MyCollab, Odoo, Taiga, Phabricator, Tuleap Open
Management          ALM, Agilefant, Redmine, Gitlab, OpenProject,   tools-2016
Tools               LibrePlan, ProjectLibre
Trello              Taiga, Kanboard, Wekan, Restyaboard, Taskboard
Notetaking Tools
Evernote            Joplin, Turtl, Paperwork, Laverna, Permanote,
                    Brainstorm                                            alternative
News and Social Media
Pocket              Wallabag                                    
Social Media        Mastodon, Textile, PixelFed                 
Dropbox             ownCloud, NextCloud, Seafile, OnionShare, Pydio
CRM Tools
Salesforce          Corteza                                     
CRM Tools           EspoCRM, SuiteCRM, Oro CRM, CiviCRM,        
                    Fat Free CRM, Zurmo                                   tools-2016
LastPass            Bitwarden                                   
Personal Finance
Personal Finance    GnuCash, HomeBank, KMyMoney, Money          
Tools               Manager Ex, Skrooge, Spreadsheets
Minecraft, Steam    Lutris, Minetest, Terasology, Voxel.js, TrueCraft,
More open source alternatives                                   

OPEN SOURCE YEARBOOK 2010-2019                 . CC BY-SA 4.0 . OPENSOURCE.COM                                                                   9
Open Source Cheat Sheets
  Visit our cheat sheets collection
    for free downloads, including:

  Raspberry Pi: See what you need to boot your Pi, how to install the operating
  system, how to enable SSH and connect to WiFi, how to install software and
  update your system, and links for where to get further

  Python 3.7: This cheat sheet rounds up a few built-in
  pieces to get new Python programmers started.

    Linux Common Commands: Keep common tasks
    top of mind with this handy Linux commands cheat

    Markdown: With this cheat sheet, you’ll find yourself
    ready to write advanced READMEs on GitLab
    and GitHub.

    Bash: Bash tricks and shortcuts to help you
    become more efficient at the command line.

  SSH: Most people know SSH as a tool for remote
  login, which it is, but it can be used in many other

        Linux Networking: In this downloadable PDF cheat sheet, get a list of
        Linux utilities and commands for managing servers and networks.

        Ansible Automation for SysAdmins: This guide
        is a primer to help you get started using Ansible to
        give you a better understanding of the capabilities
        and show you how to automate everyday
        sysadmin tasks.

        Getting Started with Kubernetes: Like
  Kubernetes, dump trucks are an elegant solution
  to a wide range of essential business problems.
  Download this e-book to learn more.

  DevOps Hiring Guide: This free download
  provides advice, tactics, and information about
  the state of DevOps hiring for both job seekers
  and hiring managers.
                                                             A WORD FROM CHRIS TINE PETERSON — 2018

How I coined the term
‘open source’
                        BY CHRISTINE PETERSON

Christine Peterson finally publishes her account of that fateful day, 20 years ago.

IN A FEW             DAYS, on February 3, the 20th anniversa-
                     ry of the introduction of the term “open
source software” is upon us. As open source software
                                                                 respect to software prior to 1998 has not been confirmed.
                                                                 The account below describes how the term open source
                                                                 software [2] caught on and became the name of both an in-
grows in popularity and powers some of the most robust and       dustry and a movement.
important innovations of our time, we reflect on its rise to
prominence.                                                      Meetings on computer security
   I am the originator of the term “open source software” [1]    In late 1997, weekly meetings were being held at Foresight
and came up with it while executive director at Foresight In-    Institute to discuss computer security. Foresight is a non-
stitute. Not a software developer like the rest, I thank Linux   profit think tank focused on nanotechnology and artificial
programmer Todd Anderson for supporting the term and pro-        intelligence, and software security is regarded as central
posing it to the group.                                          to the reliability and security of both. We had identified free
   This is my account of how I came up with it, how it was       software as a promising approach to improving software
proposed, and the subsequent reactions. Of course, there         security and reliability and were looking for ways to pro-
are a number of accounts of the coining of the term, for ex-     mote it. Interest in free software was starting to grow out-
ample by Eric Raymond and Richard Stallman, yet this is          side the programming community, and it was increasingly
mine, written on January 2, 2006.                                clear that an opportunity was coming to change the world.
   It has never been published, until today.                     However, just how to do this was unclear, and we were
   The introduction of the term “open source software” was       groping for strategies.
a deliberate effort to make this field of endeavor more un-         At these meetings, we discussed the need for a new term
derstandable to newcomers and to business, which was             due to the confusion factor. The argument was as follows:
viewed as necessary to its                                                                         those new to the term “free
spread to a broader com-                                                                           software” assume it is refer-
munity of users. The prob-                                                                         ring to the price. Oldtimers
lem with the main earlier la-                                                                      must then launch into an ex-
bel, “free software,” was not                                                                      planation, usually given as
its political connotations,                                                                        follows: “We mean free as in
but that—to newcomers—                                                                             freedom, not free as in beer.”
its seeming focus on price                                                                         At this point, a discussion on
is distracting. A term was                                                                         software has turned into one
needed that focuses on the                                                                         about the price of an alco-
key issue of source code                                                                           holic beverage. The problem
and that does not immedi-                                                                          was not that explaining the
ately confuse those new to                                                                         meaning is impossible—the
the concept. The first term that came along at the right         problem was that the name for an important idea should not
time and fulfilled these requirements was rapidly adopted:       be so confusing to newcomers. A clearer term was needed.
open source.                                                     No political issues were raised regarding the free software
   This term had long been used in an “intelligence” (i.e.,      term; the issue was its lack of clarity to those new to the
spying) context, but to my knowledge, use of the term with       concept.

OPEN SOURCE YEARBOOK 2010-2019             . CC BY-SA 4.0 . OPENSOURCE.COM                                                    11

  Releasing Netscape                                                 used the term in a sentence on another topic—just dropped
  On February 2, 1998, Eric Raymond arrived on a visit to work       it into the conversation to see what happened. I went on
  with Netscape on the plan to release the browser code under        alert, hoping for a response, but there was none at first. The
  a free-software-style license. We held a meeting that night        discussion continued on the original topic. It seemed only he
  at Foresight’s office in Los Altos to strategize and refine our    and I had noticed the usage.
  message. In addition to Eric and me, active participants in-          Not so—memetic evolution was in action. A few minutes
  cluded Brian Behlendorf, Michael Tiemann, Todd Anderson,           later, one of the others used the term, evidently without no-
  Mark S. Miller, and Ka-Ping Yee. But at that meeting, the          ticing, still discussing a topic other than terminology. Todd
  field was still described as free software or, by Brian, “source   and I looked at each other out of the corners of our eyes
  code available” software.                                          to check: yes, we had both noticed what happened. I was
     While in town, Eric used Foresight as a base of opera-          excited—it might work! But I kept quiet: I still had low status
  tions. At one point during his visit, he was called to the phone   in this group. Probably some were wondering why Eric had
  to talk with a couple of Netscape legal and/or marketing staff.    invited me at all.
  When he was finished, I asked to be put on the phone with             Toward the end of the meeting, the question of termi-
  them—one man and one woman, perhaps Mitchell Baker—                nology [3] was brought up explicitly, probably by Todd or
  so I could bring up the need for a new term. They agreed in        Eric. Maddog mentioned “freely distributable” as an earlier
  principle immediately, but no specific term was agreed upon.       term, and “cooperatively developed” as a newer term. Eric
     Between meetings that week, I was still focused on the          listed “free software,” “open source,” and “sourceware” as
  need for a better name and came up with the term “open             the main options. Todd advocated the “open source” mod-
  source software.” While not ideal, it struck me as good            el, and Eric endorsed this. I didn’t say much, letting Todd
  enough. I ran it by at least four others: Eric Drexler, Mark       and Eric pull the (loose, informal) consensus together
  Miller, and Todd Anderson liked it, while a friend in marketing    around the open source name. It was clear that to most of
  and public relations felt the term “open” had been overused        those at the meeting, the name change was not the most
  and abused and believed we could do better. He was right           important thing discussed there; a relatively minor issue.
  in theory; however, I didn’t have a better idea, so I thought I    Only about 10% of my notes from this meeting are on the
  would try to go ahead and introduce it. In hindsight, I should     terminology question.
  have simply proposed it to Eric Raymond, but I didn’t know            But I was elated. These were some key leaders in the
  him well at the time, so I took an indirect strategy instead.      community, and they liked the new name, or at least didn’t
     Todd had agreed strongly about the need for a new term          object. This was a very good sign. There was probably not
  and offered to assist in getting the term introduced. This         much more I could do to help; Eric Raymond was far bet-
  was helpful because, as a non-programmer, my influence             ter positioned to spread the new meme, and he did. Bruce
  within the free software community was weak. My work in            Perens signed on to the effort immediately, helping set up
  nanotechnology education at Foresight was a plus, but not and playing a key role in spreading the
  enough for me to be taken very seriously on free software          new term.
  questions. As a Linux programmer, Todd would be listened              For the name to succeed, it was necessary, or at least
  to more closely.                                                   highly desirable, that Tim O’Reilly agree and actively use it
                                                                     in his many projects on behalf of the community. Also helpful
  The key meeting                                                    would be use of the term in the upcoming official release of
  Later that week, on February 5, 1998, a group was assembled        the Netscape Navigator code. By late February, both O’Reilly
  at VA Research to brainstorm on strategy. Attending—in ad-         & Associates and Netscape had started to use the term.
  dition to Eric Raymond, Todd, and me—were Larry Augustin,
  Sam Ockman, and attending by phone, Jon “maddog” Hall.             Getting the name out
     The primary topic was promotion strategy, especially            After this, there was a period during which the term was
  which companies to approach. I said little, but was looking        promoted by Eric Raymond to the media, by Tim O’Reilly
  for an opportunity to introduce the proposed term. I felt that     to business, and by both to the programming community. It
  it wouldn’t work for me to just blurt out, “All you technical      seemed to spread very quickly.
  people should start using my new term.” Most of those at-             On April 7, 1998, Tim O’Reilly held a meeting of key lead-
  tending didn’t know me, and for all I knew, they might not         ers in the field. Announced in advance as the first “Freeware
  even agree that a new term was greatly needed, or even             Summit,” [4] by April 14 it was referred to as the first “Open
  somewhat desirable.                                                Source Summit.” [5]
     Fortunately, Todd was on the ball. Instead of making an            These months were extremely exciting for open source.
  assertion that the community should use this specific new          Every week, it seemed, a new company announced plans
  term, he did something less directive—a smart thing to do          to participate. Reading Slashdot became a necessity, even
  with this community of strong-willed individuals. He simply        for those like me who were only peripherally involved. I

  12                                          OPEN SOURCE YEARBOOK 2010-2019             . CC BY-SA 4.0 . OPENSOURCE.COM
                                                               A WORD FROM CHRIS TINE PETERSON — 2018

strongly believe that the new term was helpful in enabling         [5]
this rapid spread into business, which then enabled wider          [6]​
use by the public.                                                         vedxjQkDDP1mXWo6uco/wiki/Alternative_terms_for_
   A quick Google search indicates that “open source” ap-                  free_software.html
pears more often than “free software,” but there still is sub-
stantial use of the free software term, which remains useful       Author
and should be included when communicating with audiences           Christine Peterson writes, lectures, and briefs the media on
who prefer it.                                                     coming powerful technologies, especially nanotechnology,
                                                                   artificial intelligence, and longevity. She is Cofounder and
A happy twinge                                                     Past President of Foresight Institute, the leading nanotech
When an early account [6] of the terminology change written        public interest group. Foresight educates the public, techni-
by Eric Raymond was posted on the Open Source Initiative           cal community, and policymakers on coming powerful tech-
website, I was listed as being at the VA brainstorming meet-       nologies and how to guide their long-term impact.
ing, but not as the originator of the term. This was my own           She serves on the Advisory Board of the Machine Intel-
fault; I had neglected to tell Eric the details. My impulse was    ligence Research Institute, and has served on California’s
to let it pass and stay in the background, but Todd felt oth-      Blue Ribbon Task Force on Nanotechnology and the Editori-
erwise. He suggested to me that one day I would be glad to         al Advisory Board of NASA’s Nanotech Briefs.
be known as the person who coined the name “open source               She has often directed Foresight Conferences on Molecu-
software.” He explained the situation to Eric, who promptly        lar Nanotechnology, organized Foresight Institute Feynman
updated his site.                                                  Prizes, and chaired Foresight Vision Weekends.
  Coming up with a phrase is a small contribution, but I ad-          She lectures on technology topics to a wide variety of au-
mit to being grateful to those who remember to credit me           diences, focusing on making complex fields understandable.
with it. Every time I hear it, which is very often now, it gives      Her work is motivated by a desire to help Earth’s envi-
me a little happy twinge.                                          ronment and traditional human communities avoid harm and
  The big credit for persuading the community goes to Eric         instead benefit from expected dramatic advances in tech-
Raymond and Tim O’Reilly, who made it happen. Thanks               nology. This goal of spreading benefits led to an interest in
to them for crediting me, and to Todd Anderson for his role        new varieties of intellectual property including open source
throughout. The above is not a complete account of open            software, a term she is credited with originating.
source history; apologies to the many key players whose               Wearing her for-profit hat, she chairs the Personalized
names do not appear. Those seeking a more complete ac-             Life Extension Conference series. In 1991 she coauthored
count should refer to the links in this article and elsewhere      Unbounding the Future: the Nanotechnology Revolution
on the net.                                                        (Morrow, full text online), which sketches nanotechnology’s
                                                                   potential environmental and medical benefits as well as pos-
Links                                                              sible abuses. An interest in group process led to coauthoring
[1]              Leaping the Abyss: Putting Group Genius to Work (knOw-
[2]                                     here Press, 1997, full text online) with Gayle Pergamit.
[3]          Peterson holds a bachelor’s degree in chemistry from MIT.
[4]                                Follow her at @lifeext

OPEN SOURCE YEARBOOK 2010-2019              . CC BY-SA 4.0 . OPENSOURCE.COM                                                    13

   Cooperative success:
   Understanding the
   co-op business model
                                                       BY REBECCA FERNANDEZ

   THERE ARE                A FEW THINGS you should know about
                            democratically run “cooperative”
   businesses. First, they’re not all that unusual. They’re also
                                                                      Cooperative businesses take this idea of employee own-
                                                                   ership and engagement one step further: employees actual-
                                                                   ly own and operate the business. Besides the profit motive,
   respectably profitable. And working in one doesn’t require      cooperative models assume that workers value a more hu-
   you to be a Marxist or wear patchouli.                          manized workplace, where the input of ground-level employ-
                                                                   ees can improve the business. Most cooperative businesses
   Something old, something new                                    are founded on the democratic principle of “one worker, one
   Last December, the United Nations declared 2012 to be “The      vote,” and no two are alike.
   International Year of Cooperatives,” encouraging countries
   around the world to promote the establishment of these          The many faces of the cooperative
   types of businesses. And with good reason.                      Isthmus Engineering employs around 45 people, who are
      From Spain’s seventh-largest business, Mondragon             eligible to become worker-owners of the company after
   Corporation [1], a federation of worker cooperatives that       two years of service. According to controls engineer Ole
   employs over 90,000 peo-                                                                      Olson, worker-owners “get
   ple, to Wisconsin’s Isthmus                                                                   to decide how our company
   Engineering [2], with its 29                                                                  runs, what we build, what
   co-owners, cooperative busi-                                                                  we don’t build.” The wait-
   nesses are thriving. Arguably                                                                 ing period gives employees
   the most well known, Mon-                                                                     time to experience the busi-
   dragon is now 54 years old                                                                    ness model, get acclimated
   and has outperformed private                                                                  to the environment, and
   sector companies on employ-                                                                   understand the corporate
   ee compensation and, during                                                                   culture.
   several    bleak     recession                                                                   Nearby Union Cab [3] oper-
   years, unemployment rates.                                                                    ates a bit differently, creating
      Still, when people hear                                                                    new owners almost immedi-
   the word “cooperative,” most                                                                  ately, as long-time member
   have difficulty envisioning anything beyond a crunchy           Fred Schepartz explained to The Workers’ Paradise [4]:
   granola health food store. That’s perhaps not surprising,
   considering the closest thing to employee-ownership most          “All employees who pass probation are members
   corporate workers experience is an Employee Stock Own-            of Union Cab Cooperative. Period. [...] There
   ership Plan, where they can purchase (or are granted)             is no caste system. Structurally, there are no
   stock in their company. These programs are designed to            members that are more equal than others. Yes,
   incentivize workers to be more productive, as they now
                                                                     we have managers, but they have to answer to
   benefit directly from the business’s success. They are built
                                                                     the board of directors, which is elected from the
   around the assumption that monetary reward is the best
                                                                     membership, by the membership. Essentially,
   motivation for workers.

   14                                        OPEN SOURCE YEARBOOK 2010-2019           . CC BY-SA 4.0 . OPENSOURCE.COM
                                                                   S TAND-OUT AR TICLE OF THE YEAR — 2010

   management works for the employees though                        recession, exploring new business models probably isn’t
   they are given the authority to do their jobs.                   a bad idea.
                                                                      Retired steelworker Rick Kimbrough told SolidarityEcon-
   [E]verybody who works at Union Cab who
                                                           that he’s all for the initiative. “Ever since they shut
   has passed probation is a full-fledged member.
                                                                    down our mill, I’ve always thought, ‘Why shouldn’t we own
   Drivers, dispatchers, phone answerers,                           them?’ If we did, they wouldn’t be running away.”
   mechanics, IT staff, accounting staff. Everybody.”
Meanwhile, New York City’s Cooperative Home Care Asso-              Links
ciates [5], which provides services like light housekeeping         [1]
and personal care to a number of elderly and disabled indi-               success-understanding-co-op-business-model
viduals, focuses on transforming what are traditionally low         [2]
income, entry-level, part time jobs [6] into full time positions          11de-a44a-001cc4c03286.html
with training, full benefits, higher wages, and guaranteed          [3]
hours. The company offers a number of special services              [4]
tailored to the needs of these workers, including no-inter-               html?tp=iw&cid=8502&v=23&gnum=6&clickid=​
est loans up to $250, free tax preparation, and savings                   77661227104&cachecode=HAyZFRX6td7Y%2F8fq​
programs toward the $1,000 required to become a work-                     SvcrnA%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA​
er-owner. Meanwhile, operating decisions are made by a                    %3D%3​D&q=cooperativeconsult+KW+cooperativeconsult.
14-member Board of Directors, eight being elected from                    com+cooperative+consultants&dkw=cooperativeconsult.
among all worker-owners. The Worker Council, composed                     com&g=US&cc2=HAyZFRX6td7Y%2F8fqSvcrnA
of 12 home care workers, serves as a liason between the                   %3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D​
Board of Directors and the employees, explaining decisions                %3D&geo=US
and advocating for needs. Each worker-owner votes to ap-            [5]
prove or deny the annual allocation of net profit determined        [6]
by the Board.                                                       [7]
   There are many more stories of profitable cooperatives,          [8]
from bakeries to retailers. There are also a number of orga-        [9]
nizing bodies, including the US Federation of Worker Coop-
eratives [7], National Cooperative Business Organization [8],
and the International Co-operative Alliance [9].                    Author
                                                                    Rebecca Fernandez is a Principal Program Manager at Red
Learning from success                                               Hat, leading projects to help the company scale its open cul-
Even Pittsburgh’s United Steel Workers Union is getting             ture. She’s an Open Organization Ambassador, contributed
in on the (cooperative) action. The union is partnering             to The Open Organization book, and maintains the Open
with Mondragon to explore the possibility of steel worker           Decision Framework. She is interested in the intersection
cooperatives. With over 40,000 manufacturing facilities             of open source principles and practices, and how they can
closed throughout the United States during the economic             transform organizations for the better.

OPEN SOURCE YEARBOOK 2010-2019               . CC BY-SA 4.0 . OPENSOURCE.COM                                                    15

   The DRM graveyard:
   A brief history of digital rights
   management in music
                                                                        BY RUTH SUEHLE

   THERE             ARE MORE than a few reasons digital rights man-
                     agement (DRM) has been largely unsuccessful.
   But the easiest way to explain to a consumer why DRM doesn’t
                                                                          have intended this software for. I want to make a point with this
                                                                          software, and if you use it for purposes of violating copyrights,
                                                                          the message stands a very good chance of getting lost.”
   work is to put it in terms he understands: “What happens to the
   music you paid for if that company changes its mind?” It was           May 2002
   one thing when it was a theoretical question. Now it’s a histori-      Shuman Ghosemajumder proposes the Open Music
   cal one. Rhapsody just had the next in a line of DRM music ser-        Model [2], which states that subscription services free
   vices to go—this week the company told its users than anyone           of DRM are the only successful model to beat piracy. It
   with RAX files has unil November 7 to back them up in another          requires open file sharing, open file formats, open mem-
   format or lose them the next time they upgrade their systems.          bership, open payment, and open competition.
      The Electronic Frontier Foundation summarizes the battle [1]:
     Corporations claim that DRM is necessary to fight copy-
                                                                          April 21, 2003
                                                                          RealNetworks (known for RealAudio, RealVideo and Re-
     right infringement online and keep consumers safe from
                                                                          alPlayer) acquires, owner of Rhapsody and of-
     viruses. But there’s no evidence that DRM helps fight
                                                                          fers streaming downloads for a monthly fee.
     either of those. Instead DRM helps big business stifle
     innovation and competition by making it easy to quash
     “unauthorized” uses of media and technology.
                                                                          April 28, 2003
                                                                          One week later, the iTunes store launches with its songs en-
   Unfortunately, the side effect in this less-than-successful at-        crypted with FairPlay DRM. It restricts users to accessing songs
   tempt to fight piracy is the hours it takes users to retrieve,         from only three (later five) computers and making no more than
   rip, and back up their music when a services shuts down,               ten (later seven) copies of a CD playlist. Apple does not license
   is sold, or simply decides DRM wasn’t the right way to go              its encryption, so only Apple devices can play iTunes music.
   (sometimes in as little as five months). The following is a
   brief history of the rise and fall of DRM in music services.           November 2003
                                                                          FairPlay is cracked by Jon Lech Johansen (“DVD Jon”), pre-
   October 1998                                                           viously known for his part in the DeCSS software, which was
   The Digital Millennium Copyright Act makes DRM circum-                 released four years earlier for decrypting DVDs.
   vention and circumvention tools illegal.
                                                                          January 2004
   December 2001                                                          RealNetworks announces sale of DRM-restricted music in
   Rhapsody unlimited music streaming subscription service                the RealPlayer Music Store.
   launches with songs restricted by the company’s Helix DRM.
                                                                          August 2004
   October 2001                                                           Microsoft begins certifying devices and providers with the Plays-
   “Beale Screamer” cracks the Microsoft Windows Media DRM                ForSure mark, noting that they had been tested and certified for
   and posts a how-to on the sci-crypt Usenet board along with            compatibility with files encrypted with Windows Media DRM.
   code for stripping the DRM from Windows Media files. In his
   message, he writes to music companies, “Give us more op-               February 2005
   tions, not fewer. If you try to take away our current rights, and      Yahoo! Music offers unlimited music as a rebrand of
   dictate to us what we may or may not do, you’re going to get a         LAUNCH Media at the Open Music Model’s recommended
   lot of resistance.” To users he writes, “Please respect the uses I     $5 subscription price point, but using DRM.

   16                                           OPEN SOURCE YEARBOOK 2010-2019                . CC BY-SA 4.0 . OPENSOURCE.COM
                                                                    S TAND-OUT AR TICLE OF THE YEAR — 2011

October/November 2005                                               their songs on any computer they do not authorize by
Consumers of Sony CDs discover the Sony rootkit in its Se-          August 31—songs definitely no longer “play for sure.”
cuROM DRM. Removing it leaves some forced to reinstall
Windows [3]. Sony settles in December. (Read a timeline of          June 2008
the Sony rootkit story [4].)                                        Microsoft responds to customer outrage and agrees that
                                                                    MSN Music Store songs will continue to be transferrable
July 2006                                                           through the end of 2011.
The eMusic subscription service, which sells songs DRM-
free, becomes the second-largest digital music service,                     September 2008
though with an 11% market share to iTunes’ 67%.                            Yahoo! Music Unlimited shuts down and merges into
                                                                    Rhapsody. It encourages users to burn their music to CDs by
September 2006                                                      the end of the month, as the move to Rhapsody does not include
Steve Jobs announces that Apple has 88% of the legal US             the continued ability to access license keys for purchased music.
music download market—still locked under DRM.                                 Wal-Mart decides to shut down its DRM system,
                                                                           ending support for protected files from the five months
       November 2006                                                       when they chose to use it.
        Microsoft abandons the PlaysForSure strategy in fa-
vor of a more Apple-esque approach with the Zune player                     January 2009
tightly tied to the Zune Marketplace. PlaysForSure music will               Apple agrees with the four major music companies
not play on the Zune.                                               that all music sold via iTunes will be sold DRM-free.

February 2007                                                               April 2009
Steve Jobs writes in “Thoughts on Music” [5] that it is the music            Apple announces availability of DRM-free versions of all mu-
companies who force Apple to use DRM in iTunes contracts,           sic in the iTunes store (but keeps it on video, audiobooks, and apps).
and he calls on them to relax the demand. “DRMs haven’t
worked, and may never work, to halt music piracy,” he writes.       April 2010
                                                                    Rhapsody spins off from RealNetworks.
       April 2007
      EMI’s music library becomes available DRM-free on             September 2010
iTunes for a premium charge through “iTunes Plus.”                  Nokia Music Store (Ovi Music) decides to go DRM-free.

       May 2007                                                             November 2011
       Amazon announces it will sell DRM-free music for 99                 Rhapsody tells its users that anyone with its older RAX
cents/song. Shortly thereafter, Apple drops the DRM-free premi-     format files has unil November 7 to back them up in another
um price. Customers soon discover that each of these tracks         format or lose them the next time they upgrade their systems.
downloaded from iTunes—even the new, DRM-free ones—
has the user’s personal information embedded [6].                   Links
August 2007                                                         [2]
Wal-Mart begins offering DRM-restricted mp3 downloads.              [3]
Nokia Music Stoore launches to provide Nokia phones with            [4]
an on-phone music store using DRM that allowed music to             [5]
be played only on the phone.                                             jobs_posts_rare_open_letter_thoughts_on_music/
       February 2008                                                     files-carry-more-than-just-names-and-e-mail-addresses/
       Wal-Mart decides to offer only DRM-free mp3s.
April 2008                                                          Ruth Suehle is the community leadership manager for Red Hat’s
Apple becomes the largest music seller in the US, followed          Open Source and Standards team. She’s co-author of Raspber-
by Wal-Mart and Best Buy.                                           ry Pi Hacks (O’Reilly, December 2013) and a senior editor at
                                                                    GeekMom, a site for those who find their joy in both geekery and
       March 2008                                                   parenting. She’s a maker at heart who is often behind a sewing
      Microsoft announces that the MSN Music Store will             machine creating costumes, rolling fondant for an excessively
no longer be supported and users will not be able to play           large cake, or looking for the next great DIY project.

OPEN SOURCE YEARBOOK 2010-2019               . CC BY-SA 4.0 . OPENSOURCE.COM                                                           17

   Three tips for working with
   open source diagrams
                                                                                 BY MÁIRÍN DUFFY

  IF YOU’RE A                  BIG-TIME OPEN SOURCE FANATIC like me,
                               you probably get questions about
   open source alternatives to proprietary tools rather frequent-
                                                                              October 2000. In mid 2010, the Calligra project [6] split off [7] of
                                                                              the KOffice project; not long after, Flow maintainer Yue Liu got
                                                                              to work [8] improving the stencil system and included stencils.
   ly. From the ‘Alternatives to Microsoft® Visio®’ department,                  From my initial experimentations of creating sample dia-
   here are three tips that should help designers who use Visio               grams with it, Calligra Flow looks to be a pretty promising
   in an open source environment. If you need an open source                  diagramming tool, so give it a shot!
   option for opening Visio files, a revived open source appli-
   cation for creating diagrams, or a lesser-known open source                3. Converting Visio stencils (.VXD) to .SVG
   tool for converting Visio® stencils, these tips are for you.               Converting Visio-format stencils to .SVG involves a pretty kludgy
                                                                              workflow that doesn’t always work. Depending on how complex
   1. Opening Visio files                                                     the stencils are, though, it’s possible to extract the shapes from
   Open source tools haven’t been able to open Visio (.VSD format)            a .VXD stencil file and use them as .SVGs. It involves using
   diagrams for a pretty long time. The format is commonly used               an old and seemingly abandoned project, so not much is new
   for infrastructure and architecture documentation and planning—            here, but now that you know how to open .VSD files, it may be
   and less commonly, for user interface design and planning.                 of more interest to know how to also open .VXDs files [9].
       Thankfully, Summer of Code students Eilidh McAdam and                     Remember, this process can be really buggy and may
   Fridrich Strba implemented support for opening .VSD format                 need some love. For example, you have to move the in-
   files in LibreOffice Draw last summer. This support is now                 cluded ‘chunks_parse_cmds.tbl’ file to the directory you run
   available in Fedora 17’s version of LibreOffice.                           the command from, in order for it to work. Even then it fails
       If you prefer to use Inkscape or any other open source                 sometimes, but, it’s a start!
   SVG editor (such as Karbon14 or Xara,) Eilidh McAdam pro-                     The format for Calligra Flow stencils is open and it is ODG-
   duced libvisio which works with the libwpd tools for convert-              based, so with some effort it is possible to manually convert
   ing .VSD files to .SVG—making it possible to open them in                  VXDs to Calligra Flow stencils [10], and the project has an
   any SVG editor in Fedora. For Fedora 17, you’ll need the                   open call for help on that front. If you’d like to get involved, it
   libvisio and libvisio-tools packages that are now available.               seems like a great place to start. Have fun!
       These two projects are covered in detail in Libre Graphics
   World, including full instructions on VSD-to-SVG conversion [1].           Links
       Note: There isn’t a solution yet for writing out to .VSD format, but   [1]
   you can write out to .PDF, of course, which may serve your needs                 of-bringing-visio-support-to-libreoffice
   in sharing your modified and originally .VSD-format diagrams.              [2]
   2. Creating diagrams in a Visio-like environment                           [3]
   Traditionally, Dia [2] has been the best game in town for                  [4]
   open source diagramming, but it hasn’t changed much over                   [5]
   the years and requires a lot of tweaking and extra work to                 [6]
   produce beautiful diagrams. For example, diagram graphics                  [7]
   are not anti-aliased by default in Dia .9.7.1.                                   June/001663.html
      Inkscape [3] is another option—my preferred one—but as                  [8]
   a general vector graphics editing tool, it doesn’t have the                      months/
   specialized niceities and workflow of a tool specifically fo-              [9]
   cused on diagramming and takes a bit of experience to use                  [10]
   it effectively for creating diagrams.
      Calligra Flow [4], which is part of the Calligra suite of productiv-    Author
   ity applications, is now available in Fedora 17. The lineage of this       Máirín is a principal interaction designer at Red Hat. She is pas-
   application can be traced back to the KOffice Kivio [5] diagram-           sionate about software freedom and free & open source tools, par-
   ming tool, which according to Wikipedia was initially released in          ticularly in the creative domain: her favorite application is Inkscape.

   18                                               OPEN SOURCE YEARBOOK 2010-2019                  . CC BY-SA 4.0 . OPENSOURCE.COM
                                                                     S TAND-OUT AR TICLE OF THE YEAR — 2013

How one parent fosters open
source at home through
DIY projects
                               BY CAROLYN FOX

THIS YEAR                 I MADE A NEW YEAR RESOLUTION to foster a
                          more open education at home by
joining a growing subculture of society. To start, I began
                                                                      that comes from realizing you can ditch a more expensive
                                                                      commercial product for one you’ve made yourself, and
                                                                      bubble down to future generations. Already, though, there
replacing some commercial household products, such as                 are kid’s sites such as [2] that are flourishing. They
toothpaste, with ‘open source’ ones. After all, there is no pat-      bargain that children are more involved in digital technol-
ent on or trademark for baking soda (2/3 cup), salt (4 tea-           ogy at a younger age than previous generations and bill
spoons), mint oil (1 tablespoon), or melted coconut oil (2-3          themselves as a place where kids can build, make, hack,
tablespoons)—what you need to make homemade tooth-                    grow, and earn skills—an updated digital version of the
paste. They are readily available and accessible, except for          Boy Scouts. And there are future plans for a membership
the mint oil perhaps (but you can substitute it with cinnamon         subscription and options for children to sell their own in-
or vanilla extract, or other possibilities if you just use your       ventions (another thing Marx might not have imagined, or
creative, open mind).                                                 Robert Baden-Powell who was founder and Chief Scout of
   Once I had the necessary ingredients to make my own                the Scout Movement).
toothpaste, I spent less time to make it than I had previously  is free and open to all children age 7 and older,
spent in the supermarket checkout queue to buy it. It costs           though it seems to be primarily aimed at boys. Good thing
less money too. No fluoride, preservatives, or other chemical         then that making toothpaste (for one) is, by contrast, univer-
substances either.                                                    sal and gender neutral. Perhaps this is an alternative way to
   Nearly everyone uses some kind of toothpaste on a daily            connect underrepresented girls with STEM (science, tech-
basis, but how many of us question the futility of a commer-          nology, engineering, and mathematics) and open source,
cial brand toothpaste for something that we can easily make           since at the moment, digital technology and the type of cre-
ourselves and with an open source concept? How many of                ative tinkering that DIY tends to foster is still initially focused
us would like our children to get excited about math, science,        on boys.
and history or live a simpler, greener, and healthier lifestyle          Furthermore, I think girls may be more readily interested
by making their own toothpaste?                                       in creative tinkering if they were first involved in something
   Plus, making your own toothpaste or shampoo, or even               like making their own toothpaste. It would foster a sense
laundry detergent, doesn’t require some special skill. It isn’t       of empowerment, autonomy, and agency. (Read: Wendy
laborious or time consuming or some mysterious process.               Priesnitz’s idea of economic success [3] that questions a tra-
   When I first started to find out about the growing do-it-your-     dition of well-being based on economics alone.)
self (DIY), or homemade, movement I was a bit intrigued and              All in all, allowing children to make their own toothpaste
baffled—that is, until I made an analogy with open source.            not only becomes a principle of economics and self-reliance,
Then it dawned on me that this movement is an outgrowth               but maybe a slightly subversive act too.
or extension of the open source movement, and a way to
overcome a crisis in education. And I am far from alone in my         Links
thoughts here. In September a technology reporter for the             [1]	
BBC News wrote about how Karl Marx predicted [1] a revo-              [2]	
lution would come, but Marx probably didn’t envision it being         [3]	
a bunch of do-it-yourselfers and members of a homemade                    feminism/
movement brigade. Without digital technology, it’s true that
such efforts would be minimal, but with digital technology, it        Author
has taken root.                                                       Carolyn Fox is an educator, librarian, historian, and an
   Time will tell how much this movement will affect the larg-        un/homeschooling mother. She lives in Massachusetts with
er open source movement, generate a type of questioning               her UK husband and son.

OPEN SOURCE YEARBOOK 2010-2019                . CC BY-SA 4.0 . OPENSOURCE.COM                                                         19

   Top 3 open source business
   intelligence and reporting tools
                                                                                             BY ROBIN MUILWIJK

   THIS ARTICLE                   REVIEWS three top open source
                                  business intelligence and re-
   porting tools. In economies of big data and open data, who
                                                                   ports primarily to web. It lacks a true Report Server, but
                                                                   by using the Viewer on a Java application server, you
                                                                   can provide end users with a web interface to render and
   do we turn to in order to have our data analysed and present-   view reports.
   ed in a precise and readable format? This list covers those        If you are looking for support, you can either check out the
   types of tools. The list is not exhaustive—I have selected      BIRT community [4] or the Developer Center [5] at Actuate.
   tools that are widely used and can also meet enterprise re-     The project also provides extensive documentation [6] and
   quirements. And, this list is not meant to be a comparison—     a Wiki [7].
   this is a review of what is available.                             BIRT is licensed under the Eclipse Public License. It’s
                                                                   latest release 4.3.2, which runs on Windows, Linux and
   BIRT                                                            Mac, can be downloaded here [8]. Current development is
   BIRT [1] is part of the open source Eclipse project and was     shared through it’s most recent project plan [9].
   first released in 2004. BIRT is sponsored by Actuate, and
   recieves contributions from IBM and Innovent Solutions.         JasperReport
      BIRT consists of several components. The main compo-         TIBCO recently acquired [10] JasperSoft, the company for-
   nents being the Report Designer and BIRT Runtime. BIRT          merly behind JasperReport [11]. JasperReport is the most
   also provides three extra components: a Chart Engine,           popular and widely used open source reporting tool. It is
   Chart Designer, and Viewer. With these components you           used in hundreds of thousands production environments.
   are able to develop and publish reports as a standalone         JasperReport is released as Enterprise and Community
   solution. However, with the use of the Design Engine API,       editions.
   which you can include in any Java/Java EE application,             Similar to BIRT, JasperReport consists of several com-
   you can add reporting features in your own applications.        ponents such as the JasperReport Library, iReport Report
   For a full description and overview of it’s architecture, see   Designer, JasperReport Studio, and JasperReport Server.
   this overview. [2]                                              The Library is a library of Java classes and APIs and is the
      The BIRT Report Designer has a rich feature set [3],         core of JasperReport. iReport Designer and Studio as the
   is robust, and performs well. It scores high in terms of        report designers where iReport is a Netbeans plugin and
   usability with it’s intuitive user interface. An important      standalone client, and Studio an Eclipse plugin. Note: iRe-
   difference with the other tools is the fact it presents re-     port will be discontinued in December 2015, with Studio
                                                                   becoming the main designer component. For a full over-
                                                                   view and description of the components, visit the homep-
                                                                   age of the JasperReport community [11].
                                                                      A full feature list of JasperSoft (Studio) can be viewed
                                                                   here [12]. Different from BIRT, JasperReport is using a
                                                                   pixel-perfect approach in viewing and printing it’s reports.
                                                                   The ETL, OLAP, and Server components provide Jasper-
                                                                   Report with valuable functionality in enterprise environ-
                                                                   ments, making it easier to integrate with the IT-architec-
                                                                   ture of organisations.
                                                                      JasperReport is supported by excellent documenta-
                                                                   tion [13], a Wiki [14], Q&A forums, and user groups [15].

   20                                        OPEN SOURCE YEARBOOK 2010-2019            . CC BY-SA 4.0 . OPENSOURCE.COM
                                                               S TAND-OUT AR TICLE OF THE YEAR — 2014

Based on Java, JasperReport runs on Windows, Linux,            porting tool, with a full suite of components (data mining
and Mac. It’s latest release 5.5 is from October 2013, and     and integration).
is licensed under GPL.
Pentaho                                                        [1]
Unlike the previous two tools, Pentaho is a complete busi-     [2]
ness intelligene (BI) Suite, covering the gamut from report-   [3]
ing to data mining. The Pentaho BI Suite encompasses           [4]
several open source projects, of which Pentaho Reporting       [5]
is one of them.                                                      products/ai-and-analytics/analytics-developer-
   Like the other tools, Pentaho [16] Reporting has a rich           community/?utm_source=ai-analytics&utm_
feature set, ready for use in enterprise organisations. From         medium=redirect&utm_source=actuatedev&utm_
visual report editor to web platform to render and view re-          medium=redirect
ports to end users. And report formats like PDF, HTML and      [6]
more, security and role management, and the ability to email   [7]
reports to users.                                              [8]
   The Pentaho BI suite also contains the Pentaho BI Server.   [9]
This is a J2EE application which provides an infrastructure    [10]
to run and view reports through a web-based user interface.    [11]
Other components from the suite are out of scope for this      [12]
article. They can be viewed on the site from Pentaho [17],           features
under the Projects menu. Pentaho is released as Enterprise     [13]
and Community editions.                                              documentation?version=10870
   The Pentaho project provides it’s community with a forum,   [14]
Jira bug tracker, and some other collaboration options. It’s         community-wiki-0
documentation can be found on a Wiki [18].                     [15]
   Pentaho runs on Java Enterprise Edition and can be used     [16]
on Windows, Linux, and Mac. It’s latest release is version           reporting
5.0.7 from May 2014, and is licensed under GPL.                [17]
Summary                                                              Community+Wiki+Home
All three of these open source business intelligence and
reporting tools provide a rich feature set ready for enter-    Author
prise use. It will be up to the end user to do a thorough      Former and Open Organization modera-
comparison and select either of these tools. Major differ-     tor/ambassador.
ences can be found in report presentations, with a focus         Robin writes and is active on social media to promote and
on web or print, or in the availability of a report server.    advocate for open source in our businesses and lives.Follow
Pentaho distinguishes itself by being more than just a re-     him on Twitter @i_robin or on LinkedIn.

OPEN SOURCE YEARBOOK 2010-2019            . CC BY-SA 4.0 . OPENSOURCE.COM                                                    21

  8            Linux file managers
               to try
                                                                              BY DAVID BOTH

  ONE OF THE                    MOST COMMON administrative tasks
                                that end users and administra-
   tors alike need to perform is file management. Managing
                                                                       agers justice. I hope to have some future articles that provide
                                                                       a more detailed look at two or three of these powerful tools.
                                                                         Each of these file managers is configurable, with Kru-
   files can consume a major                                                                            sader and Konqueror being
   portion of your time. Locat-                                                                         the most configurable of the
   ing files, determining which                                                                         GUI-based file managers.
   files and folders (directories)                                                                      Midnight commander, the
   are taking the most disk                                                                             lone text-based file manager,
   space, deleting files, mov-                                                                          is also quite configurable.
   ing files, and simply open-                                                                             None of the file managers
   ing files for use in an appli-                                                                       look by default like they do in
   cation are some of the most                                                                          this document. I have config-
   basic—yet frequent—tasks                                                                             ured them to look like this on
   we do as computer users.                                                                             my systems. Except for Mid-
   File management programs                                                                             night Commander, the colors
   are tools that are intended                                                                          are managed in the “Appli-
   to streamline and simplify those necessary chores.                  cation Appearance” section of the KDE System Settings
                                                                       application and are not configurable within the applications
   Many choices                                                        themselves.
   Many people aren’t aware of the wide array of choices avail-
   able in file managers, nor do they realize the full capabili-       Default File Manager
   ties of the ones they do know about. As with every aspect           Like most Linux distributions, Fedora has a default file man-
   of Linux, there are many options available for file managers.       ager, which is currently Dolphin. The Linux desktop usually
   The most common ones provided by my favorite distribution,          has an icon that looks like a little house—that’s your home
   Fedora, are:                                                        directory/folder. Click on the Home icon and the default file
      • M idnight Commander                                           manager opens with your home directory as the PWD, or
      • K onqueror                                                    Present Working Directory. In current releases that use KDE
      • D olphin                                                      4.1 or above, the Home icon is located in the Desktop Folder
      • K rusader                                                     along with the Trash icon, as shown below.
      • N autilus
      • Thunar
      • P CmanFM
      • X FE
   I have used each of these at various times for various rea-
   sons and they all have qualities to recommend them. Rang-
   ing from very simple to feature-packed, there is a file manag-
   er available that will meet your needs. Midnight Commander
   and Krusader are my favorite file managers, and I use both
   quite frequently, but I also find myself using Dolphin and
      This article looks briefly at each of the file managers listed
   above and compares a few of their main features. Unfortu-
   nately, there is not enough space to do each of these file man-

   22                                           OPEN SOURCE YEARBOOK 2010-2019             . CC BY-SA 4.0 . OPENSOURCE.COM
                                                                 S TAND-OUT AR TICLE OF THE YEAR — 2015

In KDE, the default file manager can be changed using             file manager. Krusader allows you to use the same key-
System Settings > Default Applications > File Manager.            board navigation and command structure as Midnight Com-
                                                                  mander, and also allows you to use the mouse or trackball
Midnight Commander                                                to navigate and perform all of the standard drag and drop
Midnight Commander [1] is a text-based Command Line In-           operations you would expect on files.
terface (CLI) program. It is particularly useful when a GUI is
not available, but can also be used as a primary file manager
in a terminal session even when you are using a GUI. I use
Midnight Commander frequently because I often need to in-
teract with local and remote Linux computers using the CLI.
It can be used with almost any of the common shells and
remote terminals through SSH.

                                                                  The primary user interface for Krusader, much like that of
                                                                  Midnight Commander, is two text-mode panes—left and
                                                                  right—which each display the contents of a directory. The
                                                                  top of each pane contains the name of the current directo-
                                                                  ry for that pane. In addition, tabs can be opened for each
                                                                  pane and a different directory can be open in each tab.
                                                                  Navigation is accomplished with the arrow and tab keys
                                                                  or the mouse. The Enter key can be used to enter a high-
                                                                  lighted directory.
You can start Midnight Commander from the CLI with the mc            Each tab and pane can be configured to show files in one
command. The above image shows Midnight Commander                 of two different Modes. In the illustration above, files are dis-
in one tab of the Konsole program. The user interface for         played in the detailed view that—in addition to the file name
Midnight Commander is two text mode panes, left and right,        and an icon or preview—shows the file size, the date it was
which each display the contents of a directory. The top of        last modified, the owner, and the file permissions.
each pane displays the name of the current directory for             Along the very top of the Krusader GUI are a menu bar
that pane. Navigation is accomplished with the arrow and          and toolbar containing menu items for configuring Krusad-
tab keys. The Enter key can be used to enter a highlighted        er and managing files. The bottom portion of the interface
directory.                                                        displays a line of function key labels; you can simply press
   Along the very top of the Midnight Commander inter-            the function key on your keyboard that corresponds to the
face is a menu bar containing menu items for configuring          function you want to perform. At the bottom of the interface
Midnight Commander, the left and right panes, and for is-         is a command line.
suing various file commands. The bottom portion of the               Krusader automatically saves the current tab and directory
interface displays information about the file or directory        locations as well as other configuration items so that you will
highlighted in each pane, a hint feature and a line of func-      always return to the last configuration and set of directories
tion key labels; you can simply press the function key on         when restarting the application.
your keyboard that corresponds to the function you want
to perform. Between the hint line and the function keys is        Konqueror
a command line.                                                   Konqueror [3] is another powerful and flexible file man-
                                                                  ager with many features. It has one feature that none of
Krusader                                                          the other file managers do: it doubles as a web browser.
Krusader [2] is an exceptional file manager that is modeled       Just type the URL of the web site you want to view in the
after Midnight Commander. It uses a similar two-pane in-          location bar.
terface, but it’s graphical instead of text-based. Krusader          The main thing that sets Konqeuror apart from the crowd
provides many features that enhance its functionality as a        is the ability to open multiple tabs, each of which can have

OPEN SOURCE YEARBOOK 2010-2019             . CC BY-SA 4.0 . OPENSOURCE.COM                                                      23

   one or more directory navigation panes. In the image below,
   one tab has been divided into three panes; one on the left
   side and two on the right. The sidebar at the far left is used to
   provide rapid navigation of the entire filesystem.

                                                                       The primary user interface for Dolphin can be configured
                                                                       to be very similar to Konqueror and Krusader. Using two
                                                                       panes which each display the contents of a directory, it
                                                                       does not support splitting the panes. Navigation is accom-
                                                                       plished with the arrow and tab keys or the mouse. The En-
   One thing I particularly like about Konqueror is that it pro-       ter key can be used to enter a highlighted directory. Dolphin
   vides an excellent high-level view of your directory structure,     also supports expanding the directory trees (folders) in both
   both in the sidebar and in the directory panels. This makes         the sidebar navigation pane and the directory panes.
   it easier to locate and delete files and directory trees that          Although Dolphin does support tabs, when restarted it al-
   are no longer needed. It also enables easier navigation and         ways reverts to the default of one pair of directory panes that
   reorganization of the directory structure.                          display your home directory.
      The primary user interface for Konqueror, much like
   that of Midnight Commander and Krusader, is text-mode               Nautilus
   panes that display the contents of a directory. Konquer-            Nautilus [5] has a single directory pane with which to work.
   or, however, allows multiple panes, and the default single          It also has a sidebar for navigation. Nautilus is a simple, de-
   pane can be split both horizontally and vertically as many          cent file manager that is good for many beginners due to
   times as it makes sense to do so. Konqueror also sup-               its simplicity. Nautilus is typically found in systems where
   ports multiple tabs (at the top of the directory panes this         GNOME is the desktop, but it can also be installed and used
   time) and a different set of directories can be open in each        with KDE.
   tab. Navigation is accomplished with the arrow and tab
   keys or the mouse. The Enter key can be used to enter a
   highlighted directory. The Location widget near the top of
   the Konqueror GUI contains the full path of the currently
   selected pane.
      Each tab and pane can be configured to show files in one
   of two different Modes. In the above image, files are dis-
   played in the detailed view which, in addition to the file name
   and an icon or preview, shows the file size, the date it was
   last modified, the owner, and the file permissions.
      Along the very top of the Graphical User Interface are a
   menu bar and tool bar containing menu items for configuring
   Konqueror and managing files. Once you have the tabs and
   panes set up the way you want them, you can save it so that
   Konqueror will always start with that configuration.

   Dolphin [4] is very much like Konqueror and Krusader. It has        The primary user interface for Nautilus is fairly simple with
   two directory navigation panes and a sidebar that allows for        a navigation sidebar and a single directory window in which
   easy filesystem navigation. It supports tabs.                       to work. It does not support multiple tabs or splitting the

   24                                           OPEN SOURCE YEARBOOK 2010-2019             . CC BY-SA 4.0 . OPENSOURCE.COM
                                                                   S TAND-OUT AR TICLE OF THE YEAR — 2015

panes. Navigation is accomplished with the arrow and tab            ble choices and one will most likely meet most of your needs.
keys or the mouse. The Enter key can be used to enter a             If your favorite does not meet your needs for a particular
highlighted directory.                                              task, you can always use the one that does.
                                                                       All of these file managers are free of charge and dis-
Thunar                                                              tributed under some form of open source license. All are
Thunar [6] is another lightweight file manager. It is so much       available from common, trusted repositories for Fedora
like Nautilus in the way it looks and works and that there is       and CentOS.
nothing else to say about it.                                          I plan to write some additional articles that cover some of
                                                                    these file managers in a bit more detail. Please leave your
PCmanFM                                                             comments to let me know which ones you would like to know
The PCManFM [7] file manager is intended to replace                 more about.
Nautilus and Thunar. In fact, based on the way they look
and work so much alike, they may actually share some                Links
common code. These three file managers have the few-                [1]
est configuration options and all share the same simple             [2]
interface.                                                          [3]
XFE                                                                 [5]
XFE [8] is one of the more interesting of the file managers as           Nautilus?action=show&redirect=Nautilus
it has an interface all its own and is a bit more flexible than     [6]
Nautilus, Thunar, and PCManFM.                                      [7]

                                                                    David Both is an Open Source Software and GNU/Linux ad-
                                                                    vocate, trainer, writer, and speaker who lives in Raleigh North
                                                                    Carolina. He is a strong proponent of and evangelist for the
                                                                    “Linux Philosophy.”
                                                                       David has been in the IT industry for nearly 50 years. He
                                                                    has taught RHCE classes for Red Hat and has worked at MCI
                                                                    Worldcom, Cisco, and the State of North Carolina. He has
                                                                    been working with Linux and Open Source Software for over
                                                                    20 years.
                                                                       David prefers to purchase the components and build his own
                                                                    computers from scratch to ensure that each new computer
                                                                    meets his exacting specifications. His primary workstation is an
XFE may be configured to display one or two directory               ASUS TUF X299 motherboard and an Intel i9 CPU with 16 cores
panes, and the navigation bar is optional. It performs all the      (32 CPUs) and 64GB of RAM in a ThermalTake Core X9 case.
expected drag and drop functions, but it requires some man-            David has written articles for magazines including, Linux
ual configuration to associate the correct applications like        Magazine, Linux Journal. His article “Complete Kickstart,”
LibreOffice with specific file types. It has a reasonable set of    co-authored with a colleague at Cisco, was ranked 9th in the
configuration options, but nowhere near those of Konqueror          Linux Magazine Top Ten Best System Administration Articles
or Krusader.                                                        list for 2008. David currently writes prolifically for OpenSource.
   XFE is also quite difficult about retaining its own set of       com and Enable SysAdmin.
“themes” and has no option to use the desktop color scheme,            David currently has one book published, “The Linux Phi-
icons, decorations, or widgets.                                     losophy for SysAdmins.” and is now is working on his next
                                                                    project, “Using and Administering Linux: Zero to SysAdmin,” a
Recommendations                                                     self-study training course in three volumes that is scheduled
I know that there are other file managers, one of which may         for release in late 2019.
be your favorite. Your choice of file manager should be the            David can be reached at or on
one that works best for you. GNU/Linux provides several via-        Twitter @LinuxGeek46.

OPEN SOURCE YEARBOOK 2010-2019              . CC BY-SA 4.0 . OPENSOURCE.COM                                                        25

   4 open source tools for
   Linux system monitoring
                                                                                     BY DAVID BOTH

  INFORMATION                       IS THE KEY to resolving any
                                    computer problem, including
   problems with or relating to Linux and the hardware on
                                                                      the 1 (or 5 or 10) minute load average is 4.04, for example?
                                                                      Load average can be considered a measure of demand for
                                                                      the CPU; it is a number that represents the average num-
   which it runs. There are many tools available for and in-          ber of instructions waiting for CPU time. So this is a true
   cluded with most distributions even though they are not all        measure of CPU performance, unlike the standard “CPU
   installed by default. These tools can be used to obtain huge       percentage” which includes I/O wait times during which the
   amounts of information.                                            CPU is not really working.
       This article discusses some of the interactive command            For example, a fully utilized single processor system
   line interface (CLI) tools that are provided with or which         CPU would have a load average of 1. This means that
   can be easily installed on                                                                            the CPU is keeping up ex-
   Red Hat related distribu-                                                                             actly with the demand; in
   tions including Red Hat En-                                                                           other words it has perfect
   terprise Linux, Fedora, Cen-                                                                          utilization. A load average
   tOS, and other derivative                                                                             of less than one means
   distributions. Although there                                                                         that the CPU is underuti-
   are GUI tools available and                                                                           lized and a load average
   they offer good information,                                                                          of greater than 1 means
   the CLI tools provide all of                                                                          that the CPU is overutilized
   the same information and                                                                              and that there is pent-up,
   they are always usable be-                                                                            unsatisfied demand. For
   cause many servers do not                                                                             example, a load average
   have a GUI interface but all                                                                          of 1.5 in a single CPU sys-
   Linux systems have a command line interface.                       tem indicates that one-third of the CPU instructions are
       This article concentrates on the tools that I typically use.   forced to wait to be executed until the one preceding it
   If I did not cover your favorite tool, please forgive me and let   has completed.
   us all know what tools you use and why in the comments                This is also true for multiple processors. If a 4 CPU sys-
   section.                                                           tem has a load average of 4 then it has perfect utilization. If
       My go to tools for problem determination in a Linux envi-      it has a load average of 3.24, for example, then three of its
   ronment are almost always the system monitoring tools. For         processors are fully utilized and one is utilized at about 76%.
   me, these are top, atop, htop, and glances.                        In the example above, a 4 CPU system has a 1 minute load
       All of these tools monitor CPU and memory usage, and           average of 4.04 meaning that there is no remaining capacity
   most of them list information about running processes at the       among the 4 CPUs and a few instructions are forced to wait.
   very least. Some monitor other aspects of a Linux system as        A perfectly utilized 4 CPU system would show a load aver-
   well. All provide near real-time views of system activity.         age of 4.00 so that the system in the example is fully loaded
                                                                      but not overloaded.
   Load averages                                                         The optimum condition for load average is for it to equal
   Before I go on to discuss the monitoring tools, it is important    the total number of CPUs in a system. That would mean that
   to discuss load averages in more detail.                           every CPU is fully utilized and yet no instruction must be
      Load averages are an important criteria for measuring           forced to wait. The longer-term load averages provide indi-
   CPU usage, but what does this really mean when I say that          cation of the overall utilization trend.

   26                                          OPEN SOURCE YEARBOOK 2010-2019             . CC BY-SA 4.0 . OPENSOURCE.COM
                                                                       S TAND-OUT AR TICLE OF THE YEAR — 2016

   Linux Journal has an excellent article [1] describing load           This program simply counts up by one and prints the current
averages, the theory and the math behind them, and how to               value of X to STDOUT. And it sucks up CPU cycles. The
interpret them in the December 1, 2006 issue.                           terminal session in which cpuHog is running should show
                                                                        a very high CPU usage in top. Observe the effect this has
Signals                                                                 on system performance in top. CPU usage should immedi-
All of the monitors discussed here allow you to send sig-               ately go way up and the load averages should also start to
nals [2] to running processes. Each of these signals has a              increase over time. If you want, you can open additional ter-
specific function though some of them can be defined by the             minal sessions and start the cpuHog program in them so that
receiving program using signal handlers.                                you have multiple instances running.
   The separate kill command can also be used to send sig-                 Determine the PID of the cpuHog program you want to kill.
nals to processes outside of the monitors. The kill -l can be           Press the k key and look at the message under the Swap line
used to list all possible signals that can be sent. Three of            at the bottom of the summary section. Top asks for the PID of
these signals can be used to kill a process.                            the process you want to kill. Enter that PID and press Enter.
   SIGTERM (15): Signal 15, SIGTERM is the default signal               Now top asks for the signal number and displays the default
sent by top and the other monitors when the k key is pressed.           of 15. Try each of the signals described here and observe
It may also be the least effective because the program must             the results.
have a signal handler built into it. The program’s signal handler
must intercept incoming signals and act accordingly. So for             4 open source tools for Linux system monitoring
scripts, most of which do not have signal handlers, SIGTERM
is ignored. The idea behind SIGTERM is that by simply telling           top
the program that you want it to terminate itself, it will take ad-      One of the first tools I use when performing problem deter-
vantage of that and clean up things like open files and then            mination is top. I like it because it has been around since
terminate itself in a controlled and nice manner.                       forever and is always available while the other tools may not
   SIGKILL (9): Signal 9, SIGKILL provides a means of kill-             be installed.
ing even the most recalcitrant programs, including scripts                 The top program is a very powerful utility that provides a
and other programs that have no signal handlers. For                    great deal of information about your running system. This
scripts and other programs with no signal handler, howev-               includes data about memory usage, CPU loads, and a list
er, it not only kills the running script but it also kills the shell    of running processes including the amount of CPU time and
session in which the script is running; this may not be the             memory being utilized by each process. Top displays sys-
behavior that you want. If you want to kill a process and               tem information in near real-time, updating (by default) ev-
you don’t care about being nice, this is the signal you want.           ery three seconds. Fractional seconds are allowed by top,
This signal cannot be intercepted by a signal handler in the            although very small values can place a significant load the
program code.                                                           system. It is also interactive and the data columns to be dis-
   SIGINT (2): Signal 2, SIGINT can be used when SIGTERM                played and the sort column can be modified.
does not work and you want the program to die a little more                A sample output from the top program is shown in Figure 1
nicely, for example, without killing the shell session in which         below. The output from top is divided into two sections which
it is running. SIGINT sends an interrupt to the session in              are called the “summary” section, which is the top section
which the program is running. This is equivalent to terminat-           of the output, and the “process” section which is the lower
ing a running program, particularly a script, with the Ctrl-C           portion of the output; I will use this terminology for top, atop,
key combination.                                                        htop and glances in the interest of consistency.
   To experiment with this, open a terminal session and cre-               The top program has a number of useful interactive com-
ate a file in /tmp named cpuHog and make it executable                  mands you can use to manage the display of data and to ma-
with the permissions rwxr_xr_x. Add the following content               nipulate individual processes. Use the h command to view
to the file.                                                            a brief help page for the various interactive commands. Be
                                                                        sure to press h twice to see both pages of the help. Use the
#!/bin/bash # This little program is a cpu hog X=0;                     q command to quit.
  while [ 1 ];do echo $X;X=$((X+1));done
                                                                        Summary section
Open another terminal session in a different window, position           The summary section of the output from top is an overview of
them adjacent to each other so you can watch the results                the system status. The first line shows the system uptime and
and run top in the new session. Run the cpuHog program                  the 1, 5, and 15 minute load averages. In the example below,
with the following command:                                             the load averages are 4.04, 4.17, and 4.06 respectively.
                                                                          The second line shows the number of processes currently
/tmp/cpuHog                                                             active and the status of each.

OPEN SOURCE YEARBOOK 2010-2019                 . CC BY-SA 4.0 . OPENSOURCE.COM                                                        27

      The lines containing CPU statistics are shown next.                 Process section
   There can be a single line which combines the statistics for           The process section of the output from top is a listing of the
   all CPUs present in the system, as in the example below,               running processes in the system—at least for the number
   or one line for each CPU; in the case of the computer used             of processes for which there is room on the terminal dis-
   for the example, this is a single quad core CPU. Press the             play. The default columns displayed by top are described
   1 key to toggle between the consolidated display of CPU                below. Several other columns are available and each can
   usage and the display of the individual CPUs. The data in              usually be added with a single keystroke. Refer to the top
   these lines is displayed as percentages of the total CPU               man page for details.
   time available.                                                        • PID – The Process ID.
      These and the other fields for CPU data are described below.        • USER – The username of the process owner.
   • us: userspace – Applications and other programs running             • PR – The priority of the process.
      in user space, i.e., not in the kernel.                             • NI – The nice number of the process.
   • s y: system calls – Kernel level functions. This does not           • VIRT – The total amount of virtual memory allocated to the
      include CPU time taken by the kernel itself, just the kernel           process.
      system calls.                                                       • RES – Resident size (in kb unless otherwise noted) of non-
   • n i: nice – Processes that are running at a positive nice              swapped physical memory consumed by a process.
      level.                                                              • SHR – The amount of shared memory in kb used by the
   • id: idle – Idle time, i.e., time not used by any running process.      process.
   • w a: wait – CPU cycles that are spent waiting for I/O to            • S – The status of the process. This can be R for running,
      occur. This is wasted CPU time.                                        S for sleeping, and Z for zombie. Less frequently seen sta-
   • h i: hardware interrupts – CPU cycles that are spent deal-             tuses can be T for traced or stopped, and D for uninter-
      ing with hardware interrupts.                                          ruptable sleep.
   • si: software interrupts – CPU cycles spent dealing with             • %CPU – The percentage of CPU cycles, or time used by
      software-created interrupts such as system calls.                      this process during the last measured time period.
   • st: steal time – The percentage of CPU cycles that a virtu-         • %MEM – The percentage of physical system memory used
      al CPU waits for a real CPU while the hypervisor is servic-            by the process.
      ing another virtual processor.                                      • TIME+ – Total CPU time to 100ths of a second consumed
   The last two lines in the summary section are memory us-                  by the process since the process was started.
   age. They show the physical memory usage including both                • COMMAND – This is the command that was used to
   RAM and swap space.                                                       launch the process.
                                                                          Use the Page Up and Page Down keys to scroll through
                                                                          the list of running processes. The d or s commands are in-
                                                                          terchangeable and can be used to set the delay interval be-
                                                                          tween updates. The default is three seconds, but I prefer a
                                                                          one second interval. Interval granularity can be as low as
                                                                          one-tenth (0.1) of a second but this will consume more of the
                                                                          CPU cycles you are trying to measure.
                                                                             You can use the < and > keys to sequence the sort column
                                                                          to the left or right.
                                                                             The k command is used to kill a process or the r com-
                                                                          mand to renice it. You have to know the process ID (PID)
                                                                          of the process you want to kill or renice and that informa-
                                                                          tion is displayed in the process section of the top display.
                                                                          When killing a process, top asks first for the PID and then
                                                                          for the signal number to use in killing the process. Type
                                                                          them in and press the enter key after each. Start with sig-
   Figure 1: The top command showing a fully utilized 4-core CPU.         nal 15, SIGTERM, and if that does not kill the process,
                                                                          use 9, SIGKILL.
   You can use the 1 command to display CPU statistics as a
   single, global number as shown in Figure 1, above, or by               Configuration
   individual CPU. The l command turns load averages on and               If you alter the top display, you can use the W (in uppercase)
   off. The t and m commands rotate the process/CPU and                   command to write the changes to the configuration file, ~/.to-
   memory lines of the summary section, respectively, through             prc in your home directory.
   off, text only, and a couple types of bar graph formats.

   28                                             OPEN SOURCE YEARBOOK 2010-2019             . CC BY-SA 4.0 . OPENSOURCE.COM
                                                                   S TAND-OUT AR TICLE OF THE YEAR — 2016

atop                                                                User ID) which might be important when programs run SUID
I also like atop. It is an excellent monitor to use when you        (Set User ID).
need more details about that type of I/O activity. The default         atop can also provide detailed information about disk,
refresh interval is 10 seconds, but this can be changed using       memory, network, and scheduling information for each pro-
the interval i command to whatever is appropriate for what          cess. Just press the d, m, n or s keys respectively to view
you are trying to do. atop cannot refresh at sub-second inter-      that data. The g key returns the display to the generic pro-
vals like top can.                                                  cess display.
   Use the h command to display help. Be sure to notice that           Sorting can be accomplished easily by using C to sort by
there are multiple pages of help and you can use the space          CPU usage, M for memory usage, D for disk usage, N for
bar to scroll down to see the rest.                                 network usage and A for automatic sorting. Automatic sort-
   One nice feature of atop is that it can save raw perfor-         ing usually sorts processes by the most busy resource. The
mance data to a file and then play it back later for close          network usage can only be sorted if the netatop kernel mod-
inspection. This is handy for tracking down internmittent           ule is installed and loaded.
problems, especially ones that occur during times when you             You can use the k key to kill a process but there is no op-
cannot directly monitor the system. The atopsar program is          tion to renice a process.
used to play back the data in the saved file.                          By default, network and disk devices for which no activity
                                                                    occurs during a given time interval are not displayed. This
                                                                    can lead to mistaken assumptions about the hardware con-
                                                                    figuration of the host. The f command can be used to force
                                                                    atop to display the idle resources.

                                                                    The atop man page refers to global and user level config-
                                                                    uration files, but none can be found in my own Fedora or
                                                                    CentOS installations. There is also no command to save
                                                                    a modified configuration and a save does not take place
                                                                    automatically when the program is terminated. So, there
                                                                    appears to be now way to make configuration changes
Figure 2: The atop system monitor provides information about
disk and network activity in addition to CPU and process data.      htop
                                                                    The htop program is much like top but on steroids. It does
Summary section                                                     look a lot like top, but it also provides some capabilities that
atop contains much of the same information as top but also          top does not. Unlike atop, however, it does not provide any
displays information about network, raw disk, and logical vol-      disk, network, or I/O information of any type.
ume activity. Figure 2, above, shows these additional data in
the columns at the top of the display. Note that if you have
the horizontal screen real-estate to support a wider display,
additional columns will be displayed. Conversely, if you have
less horizontal width, fewer columns are displayed. I also
like that atop displays the current CPU frequency and scal-
ing factor—something I have not seen on any other of these
monitors—on the second line in the rightmost two columns
in Figure 2.

Process section
The atop process display includes some of the same col-
umns as that for top, but it also includes disk I/O information
and thread count for each process as well as virtual and real
memory growth statistics for each process. As with the sum-
mary section, additional columns will display if there is suffi-
cient horizontal screen real-estate. For example, in Figure 2,
the RUID (Real User ID) of the process owner is displayed.          Figure 3: htop has nice bar charts to to indicate resource usage
Expanding the display will also show the EUID (Effective            and it can show the process tree.

OPEN SOURCE YEARBOOK 2010-2019               . CC BY-SA 4.0 . OPENSOURCE.COM                                                      29

   Summary section                                                     The drawback to having all of this information is that glanc-
   The summary section of htop is displayed in two columns.          es uses a significant amount of CPU resurces itself. On my
   It is very flexible and can be configured with several differ-    systems I find that it can use from about 10% to 18% of CPU
   ent types of information in pretty much any order you like.       cycles. That is a lot so you should consider that impact when
   Although the CPU usage sections of top and atop can be            you choose your monitor.
   toggled between a combined display and a display that
   shows one bar graph for each CPU, htop cannot. So it has a        Summary section
   number of different options for the CPU display, including a      The summary section of glances contains most of the same
   single combined bar, a bar for each CPU, and various com-         information as the summary sections of the other monitors.
   binations in which specific CPUs can be grouped together          If you have enough horizontal screen real estate it can show
   into a single bar.                                                CPU usage with both a bar graph and a numeric indicator,
      I think this is a cleaner summary display than some of the     otherwise it will show only the number.
   other system monitors and it is easier to read. The drawback
   to this summary section is that some information is not avail-
   able in htop that is available in the other monitors, such as
   CPU percentages by user, idle, and system time.
      The F2 (Setup) key is used to configure the summary
   section of htop. A list of available data displays is shown
   and you can use function keys to add them to the left or
   right column and to move them up and down within the
   selected column.

   Process section
   The process section of htop is very similar to that of top.
   As with the other monitors, processes can be sorted any of
   several factors, including CPU or memory usage, user, or
   PID. Note that sorting is not possible when the tree view is
      The F6 key allows you to select the sort column; it displays
   a list of the columns available for sorting and you select the
                                                                     Figure 4: The glances interface with network, disk, filesystem,
   column you want and press the Enter key.
                                                                     and sensor information.
      You can use the up and down arrow keys to select a pro-
   cess. To kill a process, use the up and down arrow keys to        I like this summary section better than those of the other
   select the target process and press the k key. A list of sig-     monitors; I think it provides the right information in an easily
   nals to send the process is displayed with 15, SIGTERM,           understandable format. As with atop and htop, you can press
   selected. You can specify the signal to use, if different from    the 1 key to toggle between a display of the individual CPU
   SIGTERM. You could also use the F7 and F8 keys to renice          cores or a global one with all of the CPU cores as a single
   the selected process.                                             average as shown in Figure 4, above.
      One command I especially like is F5 which displays the
   running processes in a tree format making it easy to deter-       Process section
   mine the parent/child relationships of running processes.         The process section displays the standard information about
                                                                     each of the running processes. Processes can be sorted au-
   Configuration                                                     tomatically a, or by CPU c, memory m, name p, user u, I/O
   Each user has their own configuration file, ~/.config/htop/hto-   rate i, or time t. When sorted automatically processes are
   prc and changes to the htop configuration are stored there        first sorted by the most used resource.
   automatically. There is no global configuration file for htop.       Glances also shows warnings and critical alerts at the
                                                                     very bottom of the screen, including the time and duration of
   glances                                                           the event. This can be helpful when attempting to diagnose
   I have just recently learned about glances, which can display     problems when you cannot stare at the screen for hours at
   more information about your computer than any of the other        a time. These alert logs can be toggled on or off with the l
   monitors I am currently familiar with. This includes disk and     command, warnings can be cleared with the w command
   network I/O, thermal readouts that can display CPU and oth-       while alerts and warnings can all be cleared with x.
   er hardware temperatures as well as fan speeds, and disk             It is interesting that glances is the only one of these mon-
   usage by hardware device and logical volume.                      itors that cannot be used to either kill or renice a process. It

   30                                         OPEN SOURCE YEARBOOK 2010-2019              . CC BY-SA 4.0 . OPENSOURCE.COM
                                                                    S TAND-OUT AR TICLE OF THE YEAR — 2016

is intended strictly as a monitor. You can use the external kill        You should also be aware that the act of using these mon-
and renice commands to manipulate processes.                         itoring tools alters the system’s use of resources including
                                                                     memory and CPU time. top and most of these monitors use
Sidebar                                                              perhaps 2% or 3% of a system’s CPU time. glances has
Glances has a very nice sidebar that displays information            much more impact than the others and can use between
that is not available in top or htop. Atop does display some         10% and 20% of CPU time. Be sure to consider this when
of this data, but glances is the only monitor that displays the      choosing your tools.
sensors data. Sometimes it is nice to see the temperatures              I had originally intended to include SAR (System Activity
inside your computer. The individual modules, disk, filesys-         Reporter) in this article but as this article grew longer it also
tem, network, and sensors can be toggled on and off using            became clear to me that SAR is significantly different from
the d, f, n, and s commands, respectively. The entire sidebar        these monitoring tools and deserves to have a separate ar-
can be toggled using 2.                                              ticle. So with that in mind, I plan to write an article on SAR
   Docker stats can be displayed with D.                             and the /proc filesystem, and a third article on how to use all
                                                                     of these tools to locate and resolve problems.
Glances does not require a configuration file to work proper-        Links
ly. If you choose to have one, the system-wide instance of the       [1],0
configuration file would be located in /etc/glances/glances.conf.    [2]
Individual users can have a local instance at ~/.config/glances/
glances.conf which will override the global configuration. The
primary purpose of these configuration files is to set thresh-       Author
olds for warnings and critical alerts. There is no way I can find    David Both is an Open Source Software and GNU/Linux
to make other configuration changes—such as sidebar mod-             advocate, trainer, writer, and speaker who lives in Raleigh
ules or the CPU displays—permanent. It appears that you              North Carolina. He is a strong proponent of and evangelist
must reconfigure those items every time you start glances.           for the “Linux Philosophy.”
   There is a document, /usr/share/doc/glances/glances-doc.             David has been in the IT industry for nearly 50 years. He
html, that provides a great deal of information about using          has taught RHCE classes for Red Hat and has worked at
glances, and it explicitly states that you can use the configu-      MCI Worldcom, Cisco, and the State of North Carolina. He
ration file to configure which modules are displayed. Howev-         has been working with Linux and Open Source Software for
er, neither the information given nor the examples describe          over 20 years.
just how to do that.                                                    David prefers to purchase the components and build his
                                                                     own computers from scratch to ensure that each new com-
Conclusion                                                           puter meets his exacting specifications. His primary worksta-
Be sure to read the man pages for each of these monitors             tion is an ASUS TUF X299 motherboard and an Intel i9 CPU
because there is a large amount of information about config-         with 16 cores (32 CPUs) and 64GB of RAM in a Thermal-
uring and interacting with them. Also use the h key for help in      Take Core X9 case.
interactive mode. This help can provide you with information            David has written articles for magazines including, Linux
about selecting and sorting the columns of data, setting the         Magazine, Linux Journal. His article “Complete Kickstart,”
update interval and much more.                                       co-authored with a colleague at Cisco, was ranked 9th in the
   These programs can tell you a great deal when you are look-       Linux Magazine Top Ten Best System Administration Arti-
ing for the cause of a problem. They can tell you when a process,    cles list for 2008. David currently writes prolifically for Open-
and which one, is sucking up CPU time, whether there is enough and Enable SysAdmin.
free memory, whether processes are stalled while waiting for I/O        David currently has one book published, “The Linux Phi-
such as disk or network access to complete, and much more.           losophy for SysAdmins.” and is now is working on his next
   I strongly recommend that you spend time watching these           project, “Using and Administering Linux: Zero to SysAdmin,”
monitoring programs while they run on a system that is func-         a self-study training course in three volumes that is sched-
tioning normally so you will be able to differentiate those          uled for release in late 2019.”
things that may be abnormal while you are looking for the               David can be reached at or on
cause of a problem.                                                  Twitter @LinuxGeek46.

OPEN SOURCE YEARBOOK 2010-2019               . CC BY-SA 4.0 . OPENSOURCE.COM                                                       31

  5           projects for
              Raspberry Pi at home
                                                                                   BY BEN NUTTALL

   THE RASPBERRY PI                            [1] computer can
                                               be used in all kinds
   of settings and for a variety of purposes. It obviously has
   a place in education for helping students with learning pro-
   gramming and maker skills in the classroom and the hack-
   space, and it has plenty of industrial applications in the work-
   place and in factories. I’m going to introduce five projects
   you might want to build in your own home.

   Media center
   One of the most common uses for Raspberry Pi in people’s
   homes is behind the TV running media center software serv-, Copyright, Used with permission
   ing multimedia files. It’s easy to set this up, and the Rasp-      Before proceeding you’ll need to decide which Raspberry Pi
   berry Pi provides plenty of GPU (Graphics Processing Unit)         model to use [6]. These distributions will work on any Pi (1,
   power to render HD TV shows and movies to your big screen          2, 3, or Zero), and video playback will essentially be matched
   TV. Kodi [2] (formerly XBMC) on a Raspberry Pi is a great          on each of these. Apart from the Pi 3 (and Zero W) having
   way to playback any media you have on a hard drive or net-         built-in Wi-Fi, the only noticeable difference is the reaction
   work-attached storage. You can also install a plugin to play       speed of the user interface, which will be much faster on a
   YouTube videos.                                                    Pi 3. A Pi 2 will not be much slower, so that’s fine if you don’t
     There are a few different options available, most promi-         need Wi-Fi, but the Pi 3 will noticeably outperform the Pi 1
   nently OSMC [3] (Open Source Media Center) and Libre-              and Zero when it comes to flicking through the menus.
   ELEC [4], both based on Kodi. They both perform well at
   playing media content, but OSMC has a more visually ap-            SSH gateway
   pearing user interface, while LibreElec is much more light-        If you want to be able to access computers and devices on
   weight. All you have to do is choose a distribution, download      your home network from outside over the internet, you have
   the image and install on an SD card (or just use NOOBS [5]),       to open up ports on those devices to allow outside traffic.
   boot it up, and you’re ready to go.                                Opening ports to the internet is a security risk, meaning
                                                                      you’re always at risk of attack, misuse, or any kind of unau-
                                                                      thorized access. However, if you install a Raspberry Pi on
                                                                      your network and set up port forwarding to allow only SSH
                                                                      access to that Pi, you can use that as a secure gateway to
                                                                      hop onto other Pis and PCs on the network.
                                                                         Most routers allow you to configure port-forwarding rules.
                                                                      You’ll need to give your Pi a fixed internal IP address and set up
                                                                      port 22 on your router to map to port 22 on your Raspberry Pi.
                                                                      If your ISP provides you with a static IP address, you’ll be able
                                                                      to SSH into it with this as the host address (for example, ssh
                                                                      pi@ If you have a domain name, you can config-
                                                                      ure a subdomain to point to this IP address, so you don’t have
   LibreElec; Raspberry Pi Foundation, CC BY-SA                       to remember it (for example, ssh

   32                                          OPEN SOURCE YEARBOOK 2010-2019              . CC BY-SA 4.0 . OPENSOURCE.COM
                                                                     S TAND-OUT AR TICLE OF THE YEAR — 2017

                                                                     sons you might want to do this, but two common use cases
                                                                     are for a homemade security camera or to monitor a pet.
                                                                        The Raspberry Pi camera module [11] is a brilliant acces-
                                                                     sory. It provides full HD photo and video, lots of advanced
                                                                     configuration, and is easy to program [12]. The infrared cam-
                                                                     era [13] is ideal for this kind of use, and with an infrared LED
                                                                     (which the Pi can control) you can see in the dark!
                                                                        If you want to take still images on a regular basis to keep
                                                                     an eye on things, you can just write a short Python [14] script
                                                                     or use the command line tool raspistill [15], and schedule it
                                                                     to recur in Cron [16]. You might want to have it save them to
However, if you’re going to expose a Raspberry Pi to the             Dropbox [17] or another web service, upload them to a web
internet, you should be very careful not to put your network         server, or you can even create a web app [18] to display them.
at risk. There are a few simple procedures you can follow to            If you want to stream video, internally or externally, that’s
make it sufficiently secure:                                         really easy, too. A simple MJPEG (Motion JPEG) example
1. Most people suggest you change your login password               is provided in the picamera [19] documentation [20] (under
    (which makes sense, seeing as the default password               “web streaming”). Just download or copy that code into a file,
    “raspberry” is well known), but this does not protect against    run it and visit the Pi’s IP address at port 8000, and you’ll see
    brute-force attacks. You could change your password and          your camera’s output live.
    add a two-factor authentication (so you need your pass-             A more advanced streaming project, pistreaming [21],
    word and a time-dependent passcode generated by your             is available, which uses JSMpeg [22] (a JavaScript video
    phone), which is more secure. However, I believe the best        player) with the web server and a websocket for the camera
    way to secure your Raspberry Pi from intruders is to dis-        stream running separately. This method is more performant
    able “password authentication” [7] in your SSH configura-        and is just as easy to get running as the previous example,
    tion, so you allow only SSH key access. This means that          but there is more code involved and if set up to stream on the
    anyone trying to SSH in by guessing your password will           internet, requires you to open two ports.
    never succeed. Only with your private SSH key can any-              Once you have web
    one gain access. Similarly, most people suggest changing         streaming set up, you
    the SSH port from the default 22 to something unexpect-          can position the camera
    ed, but a simple Nmap [8] of your IP address will reveal         where you want it. I have
    your true SSH port.                                              one set up to keep an
2. Ideally, you would not run much in the way of other software     eye on my pet tortoise:
    on this Pi, so you don’t end up accidentally exposing anything      If you want to be able
    else. If you want to run other software, you might be better     to control where the
    running it on another Pi on the network that is not exposed      camera actually points,
    to the internet. Ensure that you keep your packages up to        you can do so using
    date by upgrading regularly, particularly the openssh-server     servos. A neat solu-
    package, so that any security vulnerabilities are patched.       tion is to use Pimoro-
3. Install sshblack [9] or fail2ban [10] to blacklist any users     ni’s Pan-Tilt HAT [23],
    who seem to be acting maliciously, such as attempting to         which allows you to Ben Nuttall, CC BY-SA
    brute force your SSH password.                                   move the camera easily in two dimensions. To integrate this
Once you’ve secured your Raspberry Pi and put it online,             with pistreaming, see the project’s pantilthat branch [24].
you’ll be able to log in to your network from anywhere in the
world. Once you’re on your Raspberry Pi, you can SSH into
other devices on the network using their local IP address
(for example, If you have passwords on these
devices, just use the password. If they’re also SSH-key-only,
you’ll need to ensure your key is forwarded over SSH by
using the -A flag: ssh -A pi@

CCTV / pet camera
Another great home project is to set up a camera module
to take photos or stream video, capture and save files, or
streamed internally or to the internet. There are many rea-, Copyright, Used with permission

OPEN SOURCE YEARBOOK 2010-2019                . CC BY-SA 4.0 . OPENSOURCE.COM                                                      33

   If you want to position your Pi outside, you’ll need a waterproof    Pi-holeYou can install a Raspberry
   enclosure and some way of getting power to the Pi. PoE (Pow-         Pi on your network that intercepts all
   er-over-Ethernet) cables can be a good way of achieving this.        web traffic and filters out any advertis-
                                                                        ing. Simply download the Pi-hole [27]
   Home automation and IoT                                              software onto the Pi, and all devic-
   It’s 2017 and there are internet-connected devices every-            es on your network will be ad-free (it
   where, especially in the home. Our lightbulbs have Wi-Fi,            even blocks in-app ads on your mo-
   our toasters are smarter than they used to be, and our tea           bile devices).
   kettles are at risk of attack from Russia. As long as you keep
   your devices secure, or don’t connect them to the internet if        Links
   they don’t need to be, then you can make great use of IoT            [1]
   devices to automate tasks around the home.                           [2]
      There are plenty of services you can buy or subscribe to, like    [3]
   Nest Thermostat or Philips Hue lightbulbs, which allow you to        [4]
   control your heating or your lighting from your phone, respec-       [5]
   tively—whether you’re inside or away from home. You can use          [6]
   a Raspberry Pi to boost the power of these kinds of devices                should-you-choose-your-project
   by automating interactions with them according to a set of rules     [7]
   involving timing or even sensors. One thing you can’t do with              disable-password-authentication
   Philips Hue is have the lights come on when you enter the room,      [8]
   but with a Raspberry Pi and a motion sensor, you can use a Py-       [9]
   thon API to turn on the lights. Similarly, you can configure your    [10]
   Nest to turn on the heating when you’re at home, but what if you     [11]
   only want it to turn on if there’s at least two people home? Write   [12]
   some Python code to check which phones are on the network                  projects
   and if there are at least two, tell the Nest to turn on the heat.    [13]
      You can do a great deal more without integrating with existing    [14]
   IoT devices and with only using simple components. A home-           [15]
   made burglar alarm, an automated chicken coop door opener,                 raspicam/
   a night light, a music box, a timed heat lamp, an automated          [16]
   backup server, a print server, or whatever you can imagine.      
   Tor proxy and blocking ads                                           [18]
   Adafruit’s Onion Pi [25] is a Tor [26] proxy that makes your         [19]
   web traffic anonymous, allowing you to use the internet free               html#web-streaming
   of snoopers and any kind of surveillance. Follow Adafruit’s          [20]
   tutorial on setting up Onion Pi and you’re on your way to a          [21]
   peaceful anonymous browsing experience.                              [22]

                                                                        Ben Nuttall is the Raspberry Pi Community Manager. In ad-
                                                                        dition to his work for the Raspberry Pi Foundation, he’s into
                                                                        free software, maths, kayaking, GitHub, Adventure Time,
                                                                        and Futurama. Follow Ben on Twitter @ben_nuttall.

   Onion-pi from Adafruit, Copyright, Used with permission

   34                                           OPEN SOURCE YEARBOOK 2010-2019              . CC BY-SA 4.0 . OPENSOURCE.COM
                                                                 S TAND-OUT AR TICLE OF THE YEAR — 2018

Linux vs. Unix:
What’s the difference?
                                                                 BY PHIL ESTES
Dive into the differences between these two operating systems that
share much of the same heritage and many of the same goals.

IF YOU ARE                 A SOFTWARE DEVELOPER in your 20s or
                           30s, you’ve grown up in a world
dominated by Linux. It has been a significant player in the
                                                                  multi-tasking, multi-user operating system for the PDP-7. Two
                                                                  of the most notable members of this team at the Bell Labs re-
                                                                  search facility were Ken Thompson and Dennis Ritchie. While
data center for decades, and while it’s hard to find defini-      many of Unix’s concepts were derivative of its predecessor
tive operating system market share reports, Linux’s share         (Multics [1]), the Unix team’s decision early in the 1970s to
of data center operating systems could be as high as 70%,         rewrite this small operating system in the C language is what
with Windows variants carrying nearly all the remaining           separated Unix from all others. At the time, operating systems
percentage. Developers using any major public cloud can           were rarely, if ever, portable. Instead, by nature of their design
expect the target system will run Linux. Evidence that Li-        and low-level source language, operating systems were tight-
nux is everywhere has grown in recent years when you add          ly linked to the hardware platform for which they had been au-
in Android and Linux-based embedded systems in smart-             thored. By refactoring Unix on the C programming language,
phones, TVs, automobiles, and many other devices.                 Unix could now be ported to many hardware architectures.
   Even so, most software developers, even those who have            In addition to this new portability, which allowed Unix to
grown up during this venerable “Linux revolution” have at         quickly expand beyond Bell Labs to other research, aca-
least heard of Unix. It sounds similar to Linux, and you’ve       demic, and even commercial uses, several key of the op-
probably heard people use these terms interchangeably.            erating system’s design tenets were attractive to users and
Or maybe you’ve heard Linux called a “Unix-like” operating        programmers. For one, Ken Thompson’s Unix philosophy [2]
system.                                                                                              became a powerful model of
   So, what is this Unix?                                                                            modular software design and
The caricatures speak of                                                                             computing. The Unix philos-
wizard-like “graybeards” sit-                                                                        ophy recommended utilizing
ting behind glowing green                                                                            small, purpose-built pro-
screens, writing C code and                                                                          grams in combination to do
shell scripts, powered by                                                                            complex overall tasks. Since
old-fashioned,      drip-brewed                                                                      Unix was designed around
coffee. But Unix has a much                                                                          files and pipes, this model of
richer history beyond those                                                                          “piping” inputs and outputs of
bearded C programmers from                                                                           programs together into a lin-
the 1970s. While articles de-                                                                        ear set of operations on the
tailing the history of Unix and                                                                      input is still in vogue today. In
“Unix vs. Linux” comparisons abound, this article will offer a    fact, the current cloud functions-as-a-service (FaaS)/server-
high-level background and a list of major differences between     less computing model owes much of its heritage to the Unix
these complementary worlds.                                       philosophy.

Unix’s beginnings                                                 Rapid growth and competition
The history of Unix begins at AT&T Bell Labs in the late          Through the late 1970s and 80s, Unix became the root of a
1960s with a small team of programmers looking to write a         family tree that expanded across research, academia, and

OPEN SOURCE YEARBOOK 2010-2019             . CC BY-SA 4.0 . OPENSOURCE.COM                                                         35

   a growing commercial Unix operating system business.              complete operating system to life. Given that Linus was
   Unix was not open source software, and the Unix source            using several GNU tools (e.g., the GNU Compiler Collec-
   code was licensable via agreements with its owner, AT&T.          tion, or GCC [5]), the marriage of the GNU tools and the
   The first known software license was sold to the University       Linux kernel was a perfect match.
   of Illinois in 1975.                                                 Linux distributions came to life with the components of
      Unix grew quickly in academia, with Berkeley becoming          GNU, the Linux kernel, MIT’s X-Windows GUI, and oth-
   a significant center of activity, given Ken Thompson’s sab-       er BSD components that could be used under the open
   batical there in the ’70s. With all the activity around Unix      source BSD license. The early popularity of distributions
   at Berkeley, a new delivery of Unix software was born: the        like Slackware and then Red Hat gave the “common PC
   Berkeley Software Distribution, or BSD. Initially, BSD was        user” of the 1990s access to the Linux operating system
   not an alternative to AT&T’s Unix, but an add-on with addi-       and, with it, many of the proprietary Unix system capa-
   tional software and capabilities. By the time 2BSD (the Sec-      bilities and utilities they used in their work or academic
   ond Berkeley Software Distribution) arrived in 1979, Bill Joy,    lives.
   a Berkeley grad student, had added now-famous programs               Because of the free and open source standing of all the
   such as vi and the C shell (/bin/csh).                            Linux components, anyone could create a Linux distribu-
      In addition to BSD, which became one of the most pop-          tion with a bit of effort, and soon the total number of dis-
   ular branches of the Unix family, Unix’s commercial offer-        tros reached into the hundreds. Today, [6]
   ings exploded through the 1980s and into the ’90s with            lists 312 unique Linux distributions available in some form.
   names like HP-UX, IBM’s AIX, Sun’s Solaris, Sequent,              Of course, many developers utilize Linux either via cloud
   and Xenix. As the branches grew from the original root,           providers or by using popular free distributions like Fedo-
   the “Unix wars” [3] began, and standardization became a           ra, Canonical’s Ubuntu, Debian, Arch Linux, Gentoo, and
   new focus for the community. The POSIX standard was               many other variants. Commercial Linux offerings, which
   born in 1988, as well as other standardization follow-ons         provide support on top of the free and open source com-
   via The Open Group into the 1990s.                                ponents, became viable as many enterprises, including
      Around this time AT&T and Sun released System V Re-            IBM, migrated from proprietary Unix to offering middleware
   lease 4 (SVR4), which was adopted by many commercial              and software solutions atop Linux. Red Hat built a model
   vendors. Separately, the BSD family of operating systems          of commercial support around Red Hat Enterprise Linux,
   had grown over the years, leading to some open source             as did German provider SUSE with SUSE Linux Enterprise
   variations that were released under the now-familiar BSD li-      Server (SLES).
   cense [4]. This included FreeBSD, OpenBSD, and NetBSD,
   each with a slightly different target market in the Unix server   Comparing Unix and Linux
   industry. These Unix variants continue to have some usage         So far, we’ve looked at the history of Unix and the rise of
   today, although many have seen their server market share          Linux and the GNU/Free Software Foundation underpin-
   dwindle into the single digits (or lower). BSD may have the       nings of a free and open source alternative to Unix. Let’s
   largest install base of any modern Unix system today. Also,       examine the differences between these two operating sys-
   every Apple Mac hardware unit shipped in recent history can       tems that share much of the same heritage and many of
   be claimed by BSD, as its OS X (now macOS) operating              the same goals.
   system is a BSD-derivative.                                          From a user experience perspective, not very much is
      While the full history of Unix and its academic and com-       different! Much of the attraction of Linux was the operating
   mercial variants could take many more pages, for the sake of      system’s availability across many hardware architectures
   our article focus, let’s move on to the rise of Linux.            (including the modern PC) and ability to use tools familiar to
                                                                     Unix system administrators and users.
   Enter Linux                                                          Because of POSIX standards and compliance, software
   What we call the Linux operating system today is really           written on Unix could be compiled for a Linux operating
   the combination of two efforts from the early 1990s. Rich-        system with a usually limited amount of porting effort. Shell
   ard Stallman was looking to create a truly free and open          scripts could be used directly on Linux in many cases.
   source alternative to the proprietary Unix system. He was         While some tools had slightly different flag/command-line
   working on the utilities and programs under the name              options between Unix and Linux, many operated the same
   GNU, a recursive acronym meaning “GNU’s not Unix!”                on both.
   Although there was a kernel project underway, it turned              One side note is that the popularity of the macOS hard-
   out to be difficult going, and without a kernel, the free and     ware and operating system as a platform for development
   open source operating system dream could not be real-             that mainly targets Linux may be attributed to the BSD-like
   ized. It was Linus Torvald’s work—producing a working             macOS operating system. Many tools and scripts meant
   and viable kernel that he called Linux—that brought the           for a Linux system work easily within the macOS terminal.

   36                                         OPEN SOURCE YEARBOOK 2010-2019            . CC BY-SA 4.0 . OPENSOURCE.COM
                                                                  S TAND-OUT AR TICLE OF THE YEAR — 2018

Many open source software components available on Linux            whether you’re talking about container runtimes or Kuber-
are easily available through tools like Homebrew [7].              netes or many of the serverless platforms that are gaining
   The remaining differences between Linux and Unix are            popularity.
mainly related to the licensing model: open source vs.               One of the most revealing representations of Linux’s as-
proprietary, licensed software. Also, the lack of a com-           cendancy is Microsoft’s transformation in recent years. If
mon kernel within Unix distributions has implications for          you told software developers a decade ago that the Win-
software and hardware vendors. For Linux, a vendor can             dows operating system would “run Linux” in 2016, most of
create a device driver for a specific hardware device and          them would have laughed hysterically. But the existence
expect that, within reason, it will operate across most            and popularity of the Windows Subsystem for Linux (WSL),
distributions. Because of the commercial and academic              as well as more recently announced capabilities like the
branches of the Unix tree, a vendor might have to write            Windows port of Docker, including LCOW (Linux contain-
different drivers for variants of Unix and have licensing          ers on Windows) support, are evidence of the impact that
and other concerns related to access to an SDK or a dis-           Linux has had—and clearly will continue to have—across
tribution model for the software as a binary device driver         the software world.
across many Unix variants.
   As both communities have matured over the past decade,          Links
many of the advancements in Linux have been adopted in             [1]
the Unix world. Many GNU utilities were made available as          [2]
add-ons for Unix systems where developers wanted features          [3]
from GNU programs that aren’t part of Unix. For example,           [4]
IBM’s AIX offered an AIX Toolbox for Linux Applications            [5]
with hundreds of GNU software packages (like Bash, GCC,            [6]
OpenLDAP, and many others) that could be added to an AIX           [7]
installation to ease the transition between Linux and Unix-
based AIX systems.                                                 Author
   Proprietary Unix is still alive and well and, with many         Phil is a Distinguished Engineer & CTO, Container and Li-
major vendors promising support for their current releases         nux OS Architecture Strategy for the IBM Watson and Cloud
well into the 2020s, it goes without saying that Unix will be      Platform division. Phil is currently an OSS maintainer in the
around for the foreseeable future. Also, the BSD branch            Docker (now Moby) engine project, the CNCF containerd
of the Unix tree is open source, and NetBSD, OpenBSD,              project, and is a member of both the Open Container Initia-
and FreeBSD all have strong user bases and open source             tive (OCI) Technical Oversight Board and the Moby Techni-
communities that may not be as visible or active as Linux,         cal Steering Committee. Phil is a long-standing member of
but are holding their own in recent server share reports,          the Docker Captains program and has enjoyed a long rela-
with well above the proprietary Unix numbers in areas like         tionship with key open source contributors and experts in the
web serving.                                                       Docker ecosystem.
   Where Linux has shown a significant advantage over                 Phil is a regular speaker at industry and developer confer-
proprietary Unix is in its availability across a vast number of    ences as well as meetups on topics related to open source,
hardware platforms and devices. The Raspberry Pi, popu-            Docker, Linux container technology and the broader con-
lar with hobbyists and enthusiasts, is Linux-driven and has        tainer ecosystem. Phil is a recognized subject matter expert
opened the door for an entire spectrum of IoT devices run-         on Linux container technology and regularly assists IBM’s
ning Linux. We’ve already mentioned Android devices, au-           product teams and enterprise customers in their application
tos (with Automotive Grade Linux), and smart TVs, where            of container technology for their public and private cloud
Linux has large market share. Every cloud provider on the          solutions. He maintains an active blog on container topics at
planet offers virtual servers running Linux, and many of to- You can find him on Twitter tweet-
day’s most popular cloud-native stacks are Linux-based,            ing away as @estesp.

OPEN SOURCE YEARBOOK 2010-2019              . CC BY-SA 4.0 . OPENSOURCE.COM                                                     37

   Create your own video
   streaming server with Linux
                                                                                                  BY AARON J. PRISK
   Set up a basic live streaming server on a Linux or BSD operating system.

  LIVE VIDEO                STREAMING is incredibly popular—and
                            it’s still growing. Platforms like Am-
   azon’s Twitch and Google’s YouTube boast millions of us-
                                                                           It’s also very important to know that “live” doesn’t always
                                                                         mean instant. A video stream must be encoded, transferred,
                                                                         buffered, and displayed, which often adds delays. The delay
   ers that stream and consume                                                                           can be shortened or length-
   countless hours of live and                                                                           ened depending on the type
   recorded media. These ser-                                                                            of stream you’re creating
   vices are often free to use                                                                           and its attributes.
   but require you to have an
   account and generally hold                                                                           Setting up a Linux
   your content behind adver-                                                                           server
   tisements. Some people                                                                               You can use many different
   don’t need their videos to be                                                                        distributions of Linux, but I
   available to the masses or                                                                           prefer Ubuntu, so I down-
   just want more control over                                                                          loaded the Ubuntu Server [1]
   their content. Thankfully, with                                                                      edition for my operating sys-
   the power of open source                                                                             tem. If you prefer your serv-
   software, anyone can set up a live streaming server.                  er to have a graphical user interface (GUI), feel free to use
                                                                         Ubuntu Desktop [2] or one of its many flavors. Then, I fired
   Getting started                                                       up the Ubuntu installer on my computer or virtual machine
   In this tutorial, I’ll explain how to set up a basic live streaming   and chose the settings that best matched my environment.
   server with a Linux or BSD operating system.                          Below are the steps I took.
      This leads to the inevitable question of system require-             Note: Because this is a server, you’ll probably want to set
   ments. These can vary, as there are a lot of variables in-            some static network settings.
   volved with live streaming, such as:
   • S tream quality: Do you want to stream in high definition
     or will standard definition fit your needs?
   • V iewership: How many viewers are you expecting for your
   • S torage: Do you plan on keeping saved copies of your
     video stream?
   • Access: Will your stream be private or open to the world?
      There are no set rules when it comes to system require-
   ments, so I recommend you experiment and find what works
   best for your needs. I installed my server on a virtual ma-
   chine with 4GB RAM, a 20GB hard drive, and a single Intel
   i7 processor core.
      This project uses the Real-Time Messaging Protocol
   (RTMP) to handle audio and video streaming. There are
   other protocols available, but I chose RTMP because it has
   broad support. As open standards like WebRTC become                   After the installer finishes and your system reboots, you’ll
   more compatible, I would recommend that route.                        be greeted with a lovely new Ubuntu system. As with any

   38                                            OPEN SOURCE YEARBOOK 2010-2019             . CC BY-SA 4.0 . OPENSOURCE.COM
                                                                  S TAND-OUT AR TICLE OF THE YEAR — 2019

newly installed operating system, install any updates that are     by pressing Ctrl+X, Y, and then Enter.
available:                                                            This is a very minimal config that will create a working
                                                                   streaming server. You’ll add to this config later, but this is a
sudo apt update                                                    great starting point.
sudo apt upgrade                                                      However, before you can begin your first stream, you’ll
                                                                   need to restart Nginx with its new configuration:
This streaming server will use the very powerful and versa-
tile Nginx web server, so you’ll need to install it:               sudo systemctl restart nginx

sudo apt install nginx                                             Setting up a BSD server
                                                                   If you’re of the “beastie” persuasion, getting a streaming
Then you’ll need to get the RTMP module so Nginx can han-          server up and running is also devilishly easy.
dle your media stream:                                                Head on over to the FreeBSD [4] website and download
                                                                   the latest release. Fire up the FreeBSD installer on your
sudo add-apt-repository universe                                   computer or virtual machine and go through the initial steps
sudo apt install libnginx-mod-rtmp                                 and choose settings that best match your environment.
                                                                   Since this is a server, you’ll likely want to set some static
Adjust your web server’s configuration so it can accept and        network settings.
deliver your media stream.                                            After the installer finishes and your system reboots, you
                                                                   should have a shiny new FreeBSD system. Like any other
sudo nano /etc/nginx/nginx.conf                                    freshly installed system, you’ll likely want to get everything
                                                                   updated (from this step forward, make sure you’re logged
Scroll to the bottom of the configuration file and add the fol-    in as root):
lowing code:
                                                                   pkg update
rtmp {                                                             pkg upgrade
         server {
                  listen 1935;                                     I install Nano for editing configuration files:
                  chunk_size 4096;
                                                                   pkg install nano
                  application live {
                         live on;                                  This streaming server will use the very powerful and versa-
                         record off;                               tile Nginx web server. You can build Nginx using the excel-
                  }                                                lent ports system that FreeBSD boasts.
         }                                                             First, update your ports tree:
                                                                   portsnap fetch
                                                                   portsnap extract

                                                                   Browse to the Nginx ports directory:

                                                                   cd /usr/ports/www/nginx

                                                                   And begin building Nginx by running:

                                                                   make install

                                                                   You’ll see a screen asking what modules to include in your
                                                                   Nginx build. For this project, you’ll need to add the RTMP
                                                                   module. Scroll down until the RTMP module is selected and
                                                                   press Space. Then Press Enter to proceed with the rest of
                                                                   the build and installation.
Save the config. Because I’m a heretic, I use Nano [3] for           Once Nginx has finished installing, it’s time to configure it
editing configuration files. In Nano, you can save your config     for streaming purposes.

OPEN SOURCE YEARBOOK 2010-2019              . CC BY-SA 4.0 . OPENSOURCE.COM                                                     39

     First, add an entry into /etc/rc.conf to ensure the Nginx
   server starts when your system boots:

   nano /etc/rc.conf

   Add this text to the file:

                                                                  And finally, add your RTMP settings so Nginx will know how
                                                                  to handle your media streams:

                                                                  rtmp {
                                                                           server {
                                                                                  listen 1935;
                                                                                  chunk_size 4096;

                                                                                  application live {
                                                                                           live on;
                                                                                           record off;
   Next, create a webroot directory from where Nginx will serve            }
   its content. I call mine stream:                               }

   cd /usr/local/www/                                             Save the config. In Nano, you can do this by pressing Ctrl+X,
   mkdir stream                                                   Y, and then Enter.
   chmod -R 755 stream/                                              As you can see, this is a very minimal config that will cre-
                                                                  ate a working streaming server. Later, you’ll add to this con-
   Now that you have created your stream directory, configure     fig, but this will provide you with a great starting point.
   Nginx by editing its configuration file:                          However, before you can begin your first stream, you’ll
                                                                  need to restart Nginx with its new config:
   nano /usr/local/etc/nginx/nginx.conf
                                                                  service nginx restart
   Load your streaming modules at the top of the file:
                                                                  Set up your streaming software
   load_module /usr/local/libexec/nginx/;
   load_module /usr/local/libexec/nginx/;       Broadcasting with OBS
                                                                  Now that your server is ready to accept your video streams,
                                                                  it’s time to set up your streaming software. This tutorial uses
                                                                  the powerful and open source Open Broadcast Studio (OBS).
                                                                      Head over to the OBS website [5] and find the build for
                                                                  your operating system and install it. Once OBS launches,
                                                                  you should see a first-time-run wizard that will help you con-
                                                                  figure OBS with the settings that best fit your hardware.

   Under the Server section, change the webroot location to
   match the one you created earlier:

   Location / {
   root /usr/local/www/stream

   40                                            OPEN SOURCE YEARBOOK 2010-2019           . CC BY-SA 4.0 . OPENSOURCE.COM
                                                                   S TAND-OUT AR TICLE OF THE YEAR — 2019

OBS isn’t capturing anything because you haven’t supplied it
with a source. For this tutorial, you’ll just capture your desk-
top for the stream. Simply click the + button under Source,
choose Screen Capture, and select which desktop you want
to capture.
   Click OK, and you should see OBS mirroring your desktop.
   Now it’s time to send your newly configured video stream
to your server. In OBS, click File > Settings. Click on the
Stream section, and set Stream Type to Custom Stream-
ing Server.
   In the URL box, enter the prefix rtmp:// followed the IP
address of your streaming server followed by /live. For ex-
ample, rtmp://IP-ADDRESS/live.                                      Where to go next?
   Next, you’ll probably want to enter a Stream key—a               This is a very simple setup that will get you off the ground.
special identifier required to view your stream. En-                Here are two other features you likely will want to use.
ter whatever key you want (and can remember) in the                 • Limit access: The next step you might want to take is to
Stream key box.                                                        limit access to your server, as the default setup allows any-
                                                                       one to stream to and from the server. There are a variety of
                                                                       ways to set this up, such as an operating system firewall,
                                                                       .htaccess file [7], or even using the built-in access controls
                                                                       in the RTMP module [8].
                                                                    • Record streams: This simple Nginx configuration will only
                                                                       stream and won’t save your videos, but this is easy to add.
                                                                       In the Nginx config, under the RTMP section, set up the
                                                                       recording options and the location where you want to save
                                                                       your videos. Make sure the path you set exists and Nginx
                                                                       is able to write to it.

                                                                      application live {
Click Apply and then OK.                                                           live on;
  Now that OBS is configured to send your stream to your                           record all;
server, you can start your first stream. Click Start Streaming.                    record_path /var/www/html/recordings;
  If everything worked, you should see the button change to                        record_unique on;
Stop Streaming and some bandwidth metrics will appear at              }
the bottom of OBS.
                                                                    The world of live streaming is constantly evolving, and if
                                                                    you’re interested in more advanced uses, there are lots of
If you receive an error, double-check Stream Settings in            other great resources you can find floating around the inter-
OBS for misspellings. If everything looks good, there could         net. Good luck and happy streaming!
be another issue preventing it from working.
Viewing your stream                                                 [1]
A live video isn’t much good if no one is watching it, so be        [2]
your first viewer!                                                  [3]
   There are a multitude of open source media players that          [4]
support RTMP, but the most well-known is probably VLC me-           [5]
dia player [6].                                                     [6]
   After you install and launch VLC, open your stream by            [7]
clicking on Media > Open Network Stream. Enter the path             [8]
to your stream, adding the Stream Key you set up in OBS,                 Directives#access
then click Play. For example, rtmp://IP-ADDRESS/live/SE-
CRET-KEY.                                                           Author
   You should now be viewing your very own live video               School IT Director – Open Source Evangelist – Technology
stream!                                                             Enthusiast – Husband – Dad. Follow him at @AaronPrisk

OPEN SOURCE YEARBOOK 2010-2019              . CC BY-SA 4.0 . OPENSOURCE.COM                                                       41

   What you probably didn’t
   know about sudo
                                                 BY PETER CZANIK
   Think you know everything about sudo? Think again.

   Linux systems and is avail-
                                 KNOWS SUDO, RIGHT? This tool is
                                 installed by default on most
                                                                        So, in this example, the members of the wheel group can
                                                                      run all applications as all users on all hosts. Even this really
                                                                                                       permissive rule is useful be-
   able for most BSD and com-                                                                          cause it results in logs of who
   mercial Unix variants. Still,                                                                       did what on your machine.
   after talking to hundreds of
   sudo users, the most com-                                                                            Aliases
   mon answer I received was                                                                             Of course, once it is not just
   that sudo is a tool to compli-                                                                        you and your best friend ad-
   cate life.                                                                                            ministering a shared box,
      There is a root user and                                                                           you will start to fine-tune per-
   there is the su command, so                                                                           missions. You can replace
   why have yet another tool?                                                                            the items in the above con-
   For many, sudo was just a                                                                             figuration with lists: a list of
   prefix for administrative com-                                                                        users, a list of commands,
   mands. Only a handful mentioned that when you have mul-            and so on. Most likely, you will copy and paste some of these
   tiple administrators for the same system, you can use sudo         lists around in your configuration.
   logs to see who did what.                                             This situation is where aliases can come handy. Maintain-
      So, what is sudo? According to the sudo website [1]:            ing the same list in multiple places is error-prone. You define
                                                                      an alias once and then you can use it many times. Therefore,
     “Sudo allows a system administrator to dele-                     when you lose trust in one of your administrators, you can
     gate authority by giving certain users the ability               remove them from the alias and you are done. With multiple
     to run some commands as root or another user                     lists instead of aliases, it is easy to forget to remove the user
     while providing an audit trail of the commands                   from one of the lists with elevated privileges.
     and their arguments.”
                                                                      Enable features for a certain group of users
   By default, sudo comes with a simple configuration, a sin-         The sudo command comes with a huge set of defaults.
   gle rule allowing a user or a group of users to do practically     Still, there are situations when you want to override some of
   anything (more on the configuration file later in this article):   these. This is when you use the Defaults statement in the
                                                                      configuration. Usually, these defaults are enforced on every
   %wheel ALL=(ALL) ALL                                               user, but you can narrow the setting down to a subset of us-
                                                                      ers based on host, username, and so on. Here is an example
   In this example, the parameters mean the following:                that my generation of sysadmins loves to hear about: insults.
   • The first parameter defines the members of the group.           These are just some funny messages for when someone
   • The second parameter defines the host(s) the group mem-         mistypes a password:
      bers can run commands on.
   • The third parameter defines the usernames under which           czanik@linux-mewy:~> sudo ls
      the command can be executed.                                    [sudo] password for root:
   • The last parameter defines the applications that can be run.    Hold it up to the light --- not a brain in sight!

   42                                          OPEN SOURCE YEARBOOK 2010-2019              . CC BY-SA 4.0 . OPENSOURCE.COM
                                                                               S TAND-OUT LINUX AR TICLE — 2019

[sudo] password for root:                                            meaning that it is not so easy to compile, and it is even more
My pet ferret can type better than you!                              difficult to distribute the results. On the other hand, the plugin
[sudo] password for root:                                            provides interesting functionality, requiring a second admin
sudo: 3 incorrect password attempts                                  to approve (or deny) running commands through sudo. Not
czanik@linux-mewy:~>                                                 just that, but sessions can be followed on-screen and termi-
                                                                     nated if there is suspicious activity.
Because not everyone is a fan of sysadmin humor, these                  In a demo I did during a recent talk at the All Things Open
insults are disabled by default. The following example shows         conference, I had the infamous:
how to enable this setting only for your seasoned sysadmins,
who are members of the wheel group:                                  czanik@linux-mewy:~> sudo rm -fr /

Defaults !insults                                                    command displayed on the screen. Everybody was holding
Defaults:%wheel insults                                              their breath to see whether my laptop got destroyed, but it
I do not have enough fingers to count how many people
thanked me for bringing these messages back.                         Logs
                                                                     As I already mentioned at the beginning, logging and alerting
Digest verification                                                  is an important part of sudo. If you do not check your sudo
There are, of course, more serious features in sudo as well.         logs regularly, there is not much worth in using sudo. This
One of them is digest verification. You can include the digest       tool alerts by email on events specified in the configuration
of applications in your configuration:                               and logs all events to syslog. Debug logs can be turned on
                                                                     and used to debug rules or report bugs.
peter ALL =
sha244:11925141bb22866afdf257ce7790bd6275feda80b3b241c108b79c88      Alerts
 /usr/bin/passwd                                                     Email alerts are kind of old-fashioned now, but if you use
                                                                     syslog-ng for collecting your log messages, your sudo log
In this case, sudo checks and compares the digest of the             messages are automatically parsed. You can easily create
application to the one stored in the configuration before run-       custom alerts and send those to a wide variety of destina-
ning the application. If they do not match, sudo refuses to          tions, including Slack, Telegram, Splunk, or Elasticsearch.
run the application. While it is difficult to maintain this infor-   You can learn more about this feature from my blog on sys-
mation in your configuration—there are no automated tools   [3].
for this purpose—these digests can provide you with an ad-
ditional layer of protection.                                        Configuration
                                                                     We talked a lot about sudo features and even saw a few
Session recording                                                    lines of configuration. Now, let’s take a closer look at how
Session recording is also a lesser-known feature of sudo.            sudo is configured. The configuration itself is available in
After my demo, many people leave my talk with plans to im-           /etc/sudoers, which is a simple text file. Still, it is not recom-
plement it on their infrastructure. Why? Because with ses-           mended to edit this file directly. Instead, use visudo, as this
sion recording, you see not just the command name, but               tool also does syntax checking. If you do not like vi, you can
also everything that happened in the terminal. You can see           change which editor to use by pointing the EDITOR environ-
what your admins are doing even if they have shell access            ment variable at your preferred option.
and logs only show that bash is started.                                Before you start editing the sudo configuration, make
   There is one limitation, currently. Records are stored local-     sure that you know the root password. (Yes, even on Ubun-
ly, so with enough permissions, users can delete their traces.       tu, where root does not have a password by default.) While
Stay tuned for upcoming features.                                    visudo checks the syntax, it is easy to create a syntactically
                                                                     correct configuration that locks you out of your system.
Plugins                                                                 When you have a root password at hand in case of an
Starting with version 1.8, sudo changed to a modular,                emergency, you can start editing your configuration. When
plugin-based architecture. With most features implemented            it comes to the sudoers file, there is one important thing
as plugins, you can easily replace or extend the functionality       to remember: This file is read from top to bottom, and the
of sudo by writing your own. There are both open source              last setting wins. What this fact means for you is that you
and commercial plugins already available for sudo.                   should start with generic settings and place exceptions
   In my talk, I demonstrated the sudo_pair plugin, which            at the end, otherwise exceptions are overridden by the
is available on GitHub [2]. This plugin is developed in Rust,        generic settings.

OPEN SOURCE YEARBOOK 2010-2019                 . CC BY-SA 4.0 . OPENSOURCE.COM                                                      43

     You can find a simple sudoers file below, based on              New features
   the one in CentOS, and add a few lines we discussed               There is a new version of sudo right around the corner. Ver-
   previously:                                                       sion 1.9 will include many interesting new features. Here are
                                                                     the most important planned features:
   Defaults !visiblepw                                               • A recording service to collect session recordings centrally,
   Defaults always_set_home                                             which offers many advantages compared to local storage:
   Defaults match_group_by_gid                                           • It is more convenient to search in one place.
   Defaults always_query_group_plugin                                    • Recordings are available even if the sender machine is down.
   Defaults env_reset                                                    • Recordings cannot be deleted by someone who wants
   Defaults env_keep = "COLORS DISPLAY HOSTNAME HISTSIZE                    to delete their tracks.
    KDEDIR LS_COLORS"                                                • The audit plugin does not add new features to sudoers,
   Defaults env_keep += "MAIL PS1 PS2 QTDIR USERNAME                    but instead provides an API for plugins to easily access
    LANG LC_ADDRESS LC_CTYPE"                                           any kind of sudo logs. This plugin enables creating custom
   Defaults secure_path = /sbin:/bin:/usr/sbin:/usr/bin                 logs from sudo events using plugins.
   root ALL=(ALL) ALL                                                • The approval plugin enables session approvals without
   %wheel ALL=(ALL) ALL                                                 using third-party plugins.
   Defaults:%wheel insults                                           • And my personal favorite: Python support for plugins,
   Defaults !insults                                                    which enables you to easily extend sudo using Python
   Defaults log_output                                                  code instead of coding natively in C.

   This file starts by changing a number of defaults. Then           Conclusion
   come the usual default rules: The root user and mem-              I hope this article proved to you that sudo is a lot more than
   bers of the wheel group have full permissions over the            just a simple prefix. There are tons of possibilities to fine-
   machine. Next, we enable insults for the wheel group, but         tune permissions on your system. You cannot just fine-tune
   disable them for everyone else. The last line enables ses-        permissions, but also improve security by checking digests.
   sion recording.                                                   Session recordings enable you to check what is happening
      The above configuration is syntactically correct, but can      on your systems. You can also extend the functionality of
   you spot the logical error? Yes, there is one: Insults are dis-   sudo using plugins, either using something already avail-
   abled for everyone since the last, generic setting overrides      able or writing your own. Finally, given the list of upcoming
   the previous, more specific setting. Once you switch the two      features you can see that even if sudo is decades old, it is a
   lines, the setup works as expected: Members of the wheel          living project that is constantly evolving.
   group receive funny messages, but the rest of the users do           If you want to learn more about sudo, here are a few re-
   not receive them.                                                 sources:
                                                                     • The sudo website [4]
   Configuration management                                          • The sudo blog [5]
   Once you have to maintain the sudoers file on multi-              • Follow us on Twitter [6]
   ple machines, you will most likely want to manage your
   configuration centrally. There are two major open source          Links
   possibilities here. Both have their advantages and draw-          [1]
   backs.                                                            [2]
      You can use one of the configuration management ap-            [3]
   plications that you also use to configure the rest of your             alerting-on-sudo-events-using-syslog-ng
   infrastructure. Red Hat Ansible, Puppet, and Chef all             [4]
   have modules to configure sudo. The problem with this             [5]
   approach is that updating configurations is far from re-          [6]
   al-time. Also, users can still edit the sudoers file locally
   and change settings.                                              Author
      The sudo tool can also store its configuration in LDAP.        Peter is an engineer working as evangelist at Balabit, the
   In this case, configuration changes are real-time and             company that developed syslog-ng. He assists distributions to
   users cannot mess with the sudoers file. On the other             maintain the syslog-ng package, follows bug trackers, helps
   hand, this method also has limitations. For example, you          users and talks regularly at conferences (SCALE, All Things
   cannot use aliases or use sudo when the LDAP server               Open, FOSDEM, LOADays, and others). In his limited free
   is unavailable.                                                   time he is interested in non-x86 architectures, and works on
                                                                     one of his PPC or ARM machines. Follow him at @PCzanik

   44                                            OPEN SOURCE YEARBOOK 2010-2019           . CC BY-SA 4.0 . OPENSOURCE.COM
                                                                             S TAND-OUT PY THON AR TICLE — 2019

Pylint: Making your
Python code consistent
                                                                       BY MOSHE ZADKA
Pylint is your friend when you want to avoid arguing about code complexity.

PYLINT              IS A HIGH-LEVEL PYTHON style enforcer. While
                    flake8 [1] and black [2] will take care of
“local” style: where the newlines occur, how comments are
formatted, or find issues like commented out code or bad
practices in log formatting.
   Pylint is extremely aggressive by default. It will offer strong
opinions on everything from checking if declared interfaces
are actually implemented to opportunities to refactor duplicate
code, which can be a lot to a new user. One way of introducing
it gently to a project, or a team, is to start by turning all check-
ers off, and then enabling checkers one by one. This is es-
pecially useful if you already use flake8, black, and mypy [3]:
Pylint has quite a few checkers that overlap in functionality.
   However, one of the things unique to Pylint is the ability to       In general, it is not a great idea to add parameters to the
enforce higher-level issues: for example, number of lines in           pylint command-line: the best place to configure your pylint
a function, or number of methods in a class.                           is the .pylintrc. In order to have it do something useful, we
   These numbers might be different from project to project            need to enable some messages.
and can depend on the development team’s preferences.                     In order to enable messages, add to your .pylintrc, under
However, once the team comes to an agreement about the                 the [MESSAGES CONTROL].
parameters, it is useful to enforce those parameters using an
automated tool. This is where Pylint shines.                           enable=<message>,

Configuring Pylint                                                           ...
In order to start with an empty configuration, start your
.pylintrc with                                                         For the “messages” (what Pylint calls different kinds of warn-
                                                                       ings) that look useful. Some of my favorites include too-ma-
[MESSAGES CONTROL]                                                     ny-lines, too-many-arguments, and too-many-branches. All of
                                                                       those limit complexity of modules or functions, and serve as
disable=all                                                            an objective check, without a human nitpicker needed, for
This disables all Pylint messages. Since many of them are              code complexity measurement.
redundant, this makes sense. In Pylint, a message is a specif-            A checker is a source of messages: every message
ic kind of warning.                                                    belongs to exactly one checker. Many of the most useful
   You can check that all messages have been turned off by             messages are under the design checker [4]. The default
running pylint:                                                        numbers are usually good, but tweaking the maximums is
                                                                       straightfoward: we can add a section called DESIGN in the
$ pylint <my package>                                                  .pylintrc.

OPEN SOURCE YEARBOOK 2010-2019                 . CC BY-SA 4.0 . OPENSOURCE.COM                                                    45

   [DESIGN]                                                         Pylint makes code reviews easy
                                                                    If you are sick of code reviews where you point out that a class
   max-args=7                                                       is too complicated, or that two different functions are basically
                                                                    the same, add Pylint to your Continuous Integration [5] con-
   max-locals=15                                                    figuration, and only have the arguments about complexity
                                                                    guidelines for your project once.
   Another good source of useful messages is the refactoring
   checker. Some of my favorite messages to enable there            Links
   are consider-using-dict-comprehension, stop-itera-               [1]
   tion-return (which looks for generators which use raise          [2]
   StopIteration when return is the correct way to stop the         [3]
   iteration). and chained-comparison, which will suggest           [4]
   using syntax like 1 <= x < 5 rather than the less obvious             features.html#design-checker
   1 <= x && x > 5                                                  [5]
      Finally, an expensive checker, in terms of performance,            integration-tools
   but highly useful, is similarities. It is designed to enforce
   “Don’t Repeat Yourself” (the DRY principle) by explicitly        Author
   looking for copy-paste between different parts of the code.      Moshe has been involved in the Linux community since 1998,
   It only has one message to enable: duplicate-code. The           helping in Linux “installation parties”. He has been program-
   default “minimum similarity lines” is set to 4. It is possible   ming Python since 1999, and has contributed to the core Py-
   to set it to a different value using the .pylintrc.              thon interpreter. Moshe has been a DevOps/SRE since before
   [SIMILARITIES]                                                   those terms existed, caring deeply about software reliability,
                                                                    build reproducibility and other such things. He has worked
   min-similarity-lines=3                                           in companies as small as three people and as big as tens
                                                                    of thousands — usually some place around where software
                                                                    meets system administration. Follow him at @moshezadka

   46                                        OPEN SOURCE YEARBOOK 2010-2019              . CC BY-SA 4.0 . OPENSOURCE.COM
                                                                  S TAND-OUT RASPBERRY PI AR TICLE — 2017

How to set up a personal
web server with a Raspberry Pi
                                                                                                 BY RASPBERRYPIGUY

posed to a large corporation.
                             WEB SERVER is “the cloud,” except
                             you own and control it as op-

   Owning a little cloud has a lot of benefits, including cus-
tomization, free storage, free Internet services, a path into
open source software, high-quality security, full control over
your content, the ability to make quick changes, a place to
experiment with code, and much more. Most of these ben-
efits are immeasurable, but financially these benefits can
save you over $100 per month.

                                                                        Azure, iCloud, or AWS
                                                                    •   On-premise security
                                                                    •    HTTPS: Let’s Encrypt
                                                                    •  Analytics: Google
                                                                    •     OpenVPN: Do not need private Internet access (at an es-
                                                                           timated $7 per month)
                                                                    Things I used:
                                                                    • Raspberry Pi 3 Model B
                                                                    • MicroSD Card (32GB recommended, Raspberry Pi Com-
                                                                           patible SD Cards [1])
                                                                    • USB microSD card reader
                                                                    • Ethernet cable
                                                                    • Router connected to Wi-Fi
                                                                    • Raspberry Pi case
                                                                    • Amazon Basics MicroUSB cable
                                                                    • Apple wall charger
                                                                    • USB mouse
                                                                    • USB keyboard
                                                                    • HDMI cable
                                                                    • Monitor (with HDMI input)
                                                                    • MacBook Pro

                                                                    Step 1: Setting up the Raspberry Pi
Raspberry Pi as a web server, by Raspberry Pi Guy, CC-BY-SA 4.0
                                                                    Download the most recent release of Raspbian (the Rasp-
I could have used AWS, but I prefer complete freedom, full          berry Pi operating system). Raspbian Jessie [2] ZIP version
control over security, and learning how things are built.           is ideal1. Unzip or extract the downloaded file. Copy it onto
• S elf web-hosting: No BlueHost or DreamHost                      the SD card. Pi Filler [3] makes this process easy. Download
• Cloud storage: No Dropbox, Box, Google Drive, Microsoft          Pi Filer 1.3 [4] or the most recent version. Unzip or extract

OPEN SOURCE YEARBOOK 2010-2019              . CC BY-SA 4.0 . OPENSOURCE.COM                                                    47

   the downloaded file and open it. You should be greeted with          Select the “Expand Filesystem” option and hit the Enter key 3.
   this prompt:                                                         Also, I recommend selecting the second option, “Change
                                                                        User Password.” It is important for security. It also personal-
                                                                        izes your Raspberry Pi.
                                                                           (Note: For an extra layer of security install fail2ban. Fail-
                                                                        2Ban blocks suspicious requests coming from the internet.
                                                                        For example, if there are too many attempts to guess the
                                                                        password, it will block that IP address. It can be installed by
                                                                        typing into terminal: $ sudo apt-get install fail2ban)
   Make sure the USB card reader has NOT been inserted yet.                Select the third option in the setup options list, “Enable
   If it has, eject it. Proceed by clicking Continue. A file explorer   Boot To Desktop/Scratch” and hit the Enter key. It will take
   should appear. Locate the uncompressed Raspberry Pi OS               you to another window titled “Choose boot option” as shown
   file from your Mac or PC and select it. You should see anoth-        in the image below.
   er prompt like the one pictured below:

   Insert the MicroSD card (32GB recommended, 16GB mini-
   mum) into the USB MicroSD Card Reader. Then insert the
   USB reader into the Mac or PC. You can rename the SD card
   to “Raspberry” to distinguish it from others. Click Continue.
   Make sure the SD card is empty. Pi Filler will erase all previ-      In the “Choose boot option” window, select the second op-
   ous storage at runtime. If you need to back up the card, do          tion, “Desktop log in as user ‘pi’ at the graphical desktop” and
   so now. When you are ready to continue, the Raspbian OS              hit the Enter button4. Once this is done you will be taken back
   will be written to the SD card. It should take between one to        to the “Setup Options” page. If not, select the “OK” button at
   three minutes. Once the write is completed, eject the USB            the bottom of this window and you will be taken back to the
   reader, remove the SD card, and insert it into the Raspberry         previous window.
   Pi SD card slot. Give the Raspberry Pi power by plugging                 Once both these steps are done, select the “Finish” button
   the power cord into the wall. It should start booting up. The        at the bottom of the page and it should reboot automatically.
   Raspberry Pi default login is:                                       If it does not, then use the following command in the terminal
                                                                        to reboot.
   username: pi
   password: raspberry                                                  $ sudo reboot
                                                                        After the reboot from the previous step, if everything went well,
   When the Raspberry Pi has completed booting for the first            you will end up on the desktop similar to the image below.
   time, a configuration screen titled “Setup Options” should ap-
   pear like the image below 2:

   48                                           OPEN SOURCE YEARBOOK 2010-2019              . CC BY-SA 4.0 . OPENSOURCE.COM
                                                                    S TAND-OUT RASPBERRY PI AR TICLE — 2017

Once you are on the desktop, open a terminal and en-
ter the following commands to update the firmware of the
Raspberry Pi.

$ sudo apt-get update

$ sudo apt-get upgrade -y

$ sudo apt-get dist-upgrade -y

$ sudo rpi-update

This may take a few minutes. Now the Raspberry Pi is up-to-
date and running.

Step 2: Configuring the Raspberry Pi
SSH, which stands for Secure Shell, is a cryptographic net-
work protocol that lets you securely transfer data between
your computer and your Raspberry Pi. You can control your
Raspberry Pi from your Mac’s command line without a mon-
itor or keyboard.
   To use SSH, first, you need your Pi’s IP address. Open the
                                                                      Image by Raspberry Pi Guy, CC BY-SA 4.0
terminal and type:
                                                                      Click “New” to set up a remote connection. Fill in the blanks
$ sudo ifconfig                                                       as shown below.

If you are using Ethernet, look at the “eth0” section. If you are
using Wi-Fi, look at the “wlan0” section.
   Find “inet addr” followed by an IP address—something like, a common default IP I will use for the dura-
tion of this article.
   With this address, open terminal and type:

$ ssh pi@

For SSH on PC, see footnote5.
  Enter the default password “raspberry” when prompted,
unless you changed it.
  You are now logged in via SSH.

Remote desktop
Using a GUI (graphical user interface) is sometimes easier
than a command line. On the Raspberry Pi’s command line
(using SSH) type:

$ sudo apt-get install xrdp

Xrdp supports the Microsoft Remote Desktop Client for Mac
                                                                      Image by Raspberry Pi Guy, CC BY-SA 4.0
and PC.
  On Mac, navigate to the app store and search for “Mi-                Save it by exiting out of the “New” window.
crosoft Remote Desktop.” Download it. (For a PC, see                    You should now see the remote connection listed under
footnote6.)                                                           “My Desktops.” Double click it.
  After installation, search your Mac for a program called              After briefly loading, you should see your Raspberry Pi
“Microsoft Remote Desktop.” Open it. You should see this:             desktop in a window on your screen, which looks like this:

OPEN SOURCE YEARBOOK 2010-2019               . CC BY-SA 4.0 . OPENSOURCE.COM                                                    49

                                                                       Once you have set the static internal IP address, reboot the
                                                                       Raspberry Pi with:

                                                                       $ sudo reboot

                                                                       After rebooting, from terminal type:

                                                                       $ sudo ifconfig

                                                                       Your new static settings should appear for your Rasp-
                                                                       berry Pi.

                                                                       Static global IP address
   Perfect. Now, you don’t need a separate mouse, keyboard, or         If your ISP (internet service provider) has already given you
   monitor to control the Pi. This is a much more lightweight setup.   a static external IP address, you can skip ahead to the port
                                                                       forwarding section. If not, continue reading.
   Static local IP address                                                You have set up SSH, a remote desktop, and a static in-
   Sometimes the local IP address will change.           ternal IP address, so now computers inside the local network
   We need to make it static. Type:                                    will know where to find the Pi. But you still can’t access your
                                                                       Raspberry Pi from outside the local Wi-Fi network. You need
   $ sudo ifconfig                                                     your Raspberry Pi to be accessible publicly from anywhere
                                                                       on the Internet. This requires a static external IP address7.
   Write down from the “eth0” section or the “wlan0” section,             It can be a sensitive process initially. Call your ISP and re-
   the “inet addr” (Pi’s current IP), the “bcast” (the broadcast IP    quest a static external (sometimes referred to as static global)
   range), and the “mask” (subnet mask address). Then, type:           IP address. The ISP holds the decision-making power, so I
                                                                       would be extremely careful dealing with them. They may re-
   $ netstat -nr                                                       fuse your static external IP address request. If they do, you
                                                                       can’t fault the ISP because there is a legal and operational
   Write down the “destination” and the “gateway/network.”             risk with this type of request. They particularly do not want
                                                                       customers running medium- or large-scale Internet services.
                                                                       They might explicitly ask why you need a static external IP ad-
                                                                       dress. It is probably best to be honest and tell them you plan
                                                                       on hosting a low-traffic personal website or a similar small not-
   The cumulative records should look something like this:             for-profit internet service. If all goes well, they should open a
                                                                       ticket and call you in a week or two with an address.
   net address
   bcast                                                 Port forwarding
   mask                                                  This newly obtained static global IP address your ISP as-
   gateway                                                 signed is for accessing the router. The Raspberry Pi is still
   network                                                 unreachable. You need to set up port forwarding to access
   destination                                             the Raspberry Pi specifically.
                                                                          Ports are virtual pathways where information travels on the
   With this information, you can set a static internal IP easily.     Internet. You sometimes need to forward a port in order to
   Type:                                                               make a computer, like the Raspberry Pi, accessible to the
                                                                       Internet because it is behind a network router. A YouTube
   $ sudo nano /etc/dhcpcd.conf                                        video titled What is TCP/IP, port, routing, intranet, firewall, In-
                                                                       ternet [5] by VollmilchTV helped me visually understand ports.
   Do not use /etc/network/interfaces.                                    Port forwarding can be used for projects like a Raspberry Pi
       Then all you need to do is append this to the bottom of the     web server, or applications like VoIP or peer-to-peer download-
   file, substituting the correct IP address you want.                 ing. There are 65,000+ ports [6] to choose from, so you can
   interface eth0                                                      assign a different port for every Internet application you build.
   static ip_address=                                        The way to set up port forwarding can depend on your
   static routers=                                          router. If you have a Linksys, a YouTube video titled How
   static domain_name_servers=                              to go online with your Apache Ubuntu server [7] by Gabriel

   50                                           OPEN SOURCE YEARBOOK 2010-2019              . CC BY-SA 4.0 . OPENSOURCE.COM
                                                                     S TAND-OUT RASPBERRY PI AR TICLE — 2017

Ramirez explains how to set it up. If you don’t have a Linksys,        Jekyll (static HTML generator), and Apache (web hosting),
read the documentation that comes with your router in order            which is the client-side or front end.
to customize and define ports to forward.
   You will need to port forward for SSH as well as the remote
                                                                       [1] I do not recommend starting with the NOOBS operating system. I pre-
desktop.                                                                    fer starting with the fully functional Raspbian Jessie operating system.
   Once you believe you have port forwarding configured,               [2] If “Setup Options” does not pop up, you can always find it by opening
check to see if it is working via SSH by typing:                            Terminal and executing this command:
                                                                            $ sudo-raspi-config
                                                                       [3] We do this to make use of all the space present on the SD card
$ ssh pi@your_global_ip_address                                             as a full partition. All this does is expand the operating system to fit
                                                                            the entire space on the SD card, which can then be used as storage
It should prompt you for the password.                                      memory for the Raspberry Pi.
   Check to see if port forwarding is working for the remote           [4] We do this because we want to boot into a familiar desktop environ-
                                                                            ment. If we do not do this step, the Raspberry Pi boots into a terminal
desktop as well. Open Microsoft Remote Desktop. Your pre-                   each time with no GUI.
vious remote connection settings should be saved, but you              [5]
need to update the “PC name” field with the static external IP
address (for example, instead of the static
internal address (for example,
   Now, try connecting via remote desktop. It should briefly
load and arrive at the Pi’s desktop.

                                                                            Download and run PuTTY [8] or another SSH client for Windows.
                                                                            Enter your IP address in the field, as shown in the above screenshot.
                                                                            Keep the default port at 22. Hit Enter, and PuTTY will open a terminal
                                                                            window, which will prompt you for your username and password. Fill
                                                                            those in, and begin working remotely on your Pi.
                                                                       [6] If it is not already installed, download Microsoft Remote Desktop [9].
                                                                            Search your computer for Microsoft Remote Desktop. Run it. Input
                                                                            the IP address when prompted. Next, an xrdp window will pop up,
                                                                            prompting you for your username and password.
                                                                       [7] The router has a dynamically assigned external IP address, so in the-
                                                                            ory, it can be reached from the Internet momentarily, but you’ll need
                                                                            the help of your ISP to make it permanently accessible. If this was
                                                                            not the case, you would need to reconfigure the remote connection
                                                                            on each use.
Good job. The Raspberry Pi is now accessible from the Inter-
net and ready for advanced projects.                                   For the original source, visit Mitchell McLaughlin’s Full-Stack
   As a bonus option, you can maintain two remote connec-              Computer Projects [10].
tions to your Pi. One via the Internet and the other via the
LAN (local area network). It’s easy to set up. In Microsoft            Links
Remote Desktop, keep one remote connection called “Pi In-              [1]
ternet” and another called “Pi Local.” Configure Pi Internet’s         [2]
“PC name” to the static external IP address—for example,               [3] Configure Pi Local’s “PC name” to the                 [4]
static internal IP address—for example, Now,            [5]
you have the option to connect globally or locally.                    [6]
   If you have not seen it already, watch How to go online with              numbers
your Apache Ubuntu server [7] by Gabriel Ramirez as a tran-            [7]
sition into Project 2. It will show you the technical architecture     [8]
behind your project. In our case, you are using a Raspberry Pi               download.html
instead of an Ubuntu server. The dynamic DNS sits between              [9]
the domain company and your router, which Ramirez omits.                     remote-desktop/9wzdncrfj3ps
Beside this subtlety, the video is spot on when explaining vi-         [10]
sually how the system works. You might notice this tutorial
covers the Raspberry Pi setup and port forwarding, which is
the server-side or back end. See the original source for more          Author
advanced projects covering the domain name, dynamic DNS,               RaspberryPiGuy

OPEN SOURCE YEARBOOK 2010-2019                . CC BY-SA 4.0 . OPENSOURCE.COM                                                                   51

   You can’t have DevOps
   without open source
                                                           BY JEN KRIEGER

                                                                     rise and gather effort from the community.
   YOU PROBABLY                        THINK I’m going to talk
                                       about all the reasons
   why you should use open source tooling as the foundation
                                                                     Communities are formed around a common purpose.
   for an effective DevOps culture in your organization, but         They bring together diverse ideas and share work.
   that’s not what this is about. Not to marginalize the com-        Together, a global community can create beyond the
   plexity of the challenges faced by the team I work with [1],      capabilities of any one individual. It multiplies effort
   but I have confidence that the engineers are going to figure      and shares the work. Together, we can do more.
   the tooling part out. Believe it or not, the daunting part is
   wrapped in cultural change.                                       That is how you get an effective DevOps culture. You em-
      I have spent a significant amount of time reading about      brace the open source way.
   cultural change [2], what you need to have an effective           If you didn’t fist pump, remember a job you have had in the
   DevOps community [3], how you build high functioning            past where you felt like this guy, and then read that again.
   teams [4], and asking the question, “How do I DevOp?” [5]
   The ideas I’ve read have given me a few new things to stick     Open exchange, participation, community
   in my tool belt. However, nothing has resonated with me as      My career before Red Hat was filled with statements like
   much as this:                                                   “just do your job” and “that’s just the way it is, you can’t
                                                                   change it.” I have viscerally felt the horrible feeling of hav-
   The open source way is...                                       ing to tell someone that they couldn’t have their idea, not
                                                                   because it wouldn’t solve many problems, but because
     Open exchange
                                                                   they didn’t know the right people or know the best way to
     We can learn more from each other when infor-
                                                                   get their idea across.
     mation is open. A free exchange of ideas is critical
                                                                      When you have an open exchange and everyone is en-
     to creating an environment where people are al-
                                                                   couraged to participate:
     lowed to learn and use existing information toward
                                                                   • People talk to one another and build off of each other’s
     creating new ideas.
                                                                      collective experience.
     Participation                                                 • People earn each other’s respect while working together.
     When we are free to collaborate, we create. We                • People are less likely to say, “It’s so and so’s job, not mine,”
     can solve problems that no one person may be                     when they know and respect each other.
     able to solve on their own.
     Rapid prototyping
     Rapid prototypes can lead to rapid failures, but
     that leads to better solutions found faster. When
     you’re free to experiment, you can look at prob-
     lems in new ways and look for answers in new
     places. You can learn by doing.
     In a meritocracy, the best ideas win. In a meritoc-
     racy, everyone has access to the same informa-
     tion. Successful work determines which projects

   52                                        OPEN SOURCE YEARBOOK 2010-2019             . CC BY-SA 4.0 . OPENSOURCE.COM
                                                                         S TAND-OUT DEVOPS AR TICLE — 2014

   No team is going to believe they are in an optimal working    cerned, and no one is shy about sharing the details about
environment if someone is saying, “Work together or else.”       the impact it has had on their servers. However, I can still
Yes, they will work together, but wouldn’t you prefer to give    say the work was successful because at the end of the day
them a reason to want to work together? The reason can           it delighted the people who needed it the most, and it cer-
be as simple as helping two individuals connect on similar       tainly gets people talking to me.
interests, or as hard as getting teams with a long-standing
history of disliking one another to work together. But the key   Consider this
element here is a path to empathy and having respect for         How hard do you think a DevOps transformation will be if
those you spend your week with. At the end of the day, you       employees don’t feel comfortable enough to share ideas, are
need to foster an environment where it is OK to have an          being told not to collaborate because it isn’t their job, or it
opinion, OK to have an idea... OK to share.                      is implied that their financial well-being is wrapped around
   Even on the team [6] I’m working on, where the values of      performing one function and there is no emphasis placed on
the open source way are individually embraced, we have to        whole systems thinking?
work hard to continue to cultivate that global sense of com-        The open source way isn’t an easy button for success. How-
munity and collaboration. Even at Red Hat it is hard. I strive   ever, what it can do is provide a set of values for an individual
on a daily basis to provide as much visibility into what our     and a group to follow that can set your organization on the
team is working on regardless of how trivial it may seem. The    path towards an effective DevOps community. Do me a favor
result of this? People are sharing their ideas and helping to    and go back and read those values again. Are you and your
build something we can all be proud of and support.              organization open enough to embrace the open source way?

Rapid prototyping and meritocracy                                Links
A brilliant thing happened very early on with the team of en-    [1]
gineers I’m working with; they reminded me about the impor-      [2]
tance of just getting something done. We spent a good bit             Author/dp/1422186431
of time trying to muddle through the mountain of things we       [3]
could work on and the output of that? Well, frankly—it was       [4]
a lot of talking.                                                [5]
   Being able to show someone what you are doing, and re-        [6]
ceive feedback on that thing, is so much more satisfying than    [7]
the talking. Rapid prototyping? Getting to see the code [7],     [8]
instead of an idea disappearing into a requirements hole and     [9]
resurfacing at QA, is so satisfying I can’t shout about that
enough. In my past experience with closed source projects,       Author
I haven’t seen code delivered, input received for changes,       Jen Krieger - Jen Krieger is Chief Agile Architect at Red Hat. Most
and subsequently modified very quickly. So, that continues       of her 20+ year career has been in software development repre-
to be transformational for me.                                   senting many roles throughout the waterfall and agile lifecycles.
   Don’t get me wrong, this is not an easy thing to master.      At Red Hat, she led a department-wide DevOps movement fo-
Early on the team made a technical decision to move for-         cusing on CI/CD best practices. Most recently, she worked with
ward with a custom application [8] that could provide cer-       with the Project Atomic & OpenShift teams. Now Jen is guiding
tain system information [9] (like software versions running)     teams across the company into agility in a way that respects and
without requiring root access to servers. I understand that      supports Red Hat’s commitment to Open Source. At Red Hat,
there are tools that already do that, but the team wanted        she led a department-wide DevOps movement focusing on CI/
something quick to ease the pain. After we were done, we         CD best practices. Most recently, she worked with with the Proj-
agreed we would start looking into longer-term solutions to      ect Atomic & OpenShift teams. Now Jen is guiding teams across
help. We are still feeling the pain from that decision; mer-     the company into agility in a way that respects and supports Red
itocracy is in full-on mode here where this project is con-      Hat’s commitment to Open Source. Follow her at @mrry550

OPEN SOURCE YEARBOOK 2010-2019             . CC BY-SA 4.0 . OPENSOURCE.COM                                                       53

   Why is Kubernetes so popular?
                                                                                                 BY ANURAG GUPTA
   The Google-developed container management system has quickly become
   one of the biggest success stories in open source history.

  KUBERNETES,                      [1] AN OPEN SOURCE container
                                   management system, has
   surged in popularity in the past several years. Used by the
                                                                  source its infrastructure has created a way for any company
                                                                  in the world to run its infrastructure like one of the top com-
                                                                  panies in the world.
   largest enterprises in a wide range of industries for mis-
   sion-critical tasks, it has become one of the biggest suc-     One of the biggest open source communities
   cess stories in open source. How did that happen? And          After its open source release, Kubernetes found itself
   what is it about Kubernetes that explains its widespread       competing with other container-management systems,
   adoption?                                                      namely Docker Swarm and Apache Mesos. One of the
                                                                  reasons Kubernetes surged past these other systems in
   Kubernetes’ backstory: Origins in Google’s Borg                recent months is the community and support behind the
   system                                                         system: It’s one of the largest open source communities
   As the computing world became more distributed, more           (more than 27,000+ stars on GitHub); has contributions
   network-based, and more about cloud computing, we saw          from thousands of organizations (1,409 contributors); and
   large, monolithic apps slowly transform into multiple, agile   is housed within a large, neutral open source foundation,
   microservices. These microservices allowed users to indi-      the Cloud Native Computing Foundation (CNCF) [3].
   vidually scale key functions of an application and handle         The CNCF, which is also part of the larger Linux Foun-
   millions and millions of customers. On top of this para-       dation, has some of the top enterprise companies as
   digm change, we saw technologies like Docker containers        members, including Microsoft, Google, and Amazon Web
   emerge in the enterprise, creating a consistent, portable,     Services. Additionally, the ranks of enterprise members in
   and easy way for users to quickly build these microservices.   CNCF continue to grow, with SAP and Oracle joining as
      While Docker continued to thrive, managing these micro-     Platinum members within the past couple of months. These
   services and containers became a paramount requirement.        companies joining the CNCF, where the Kubernetes project
   That’s when Google, which had been running contain-            is front and center, is a testament to how much these enter-
   er-based infrastructure for many years, made the bold deci-    prises are betting on the community to deliver a portion of
   sion to open source an in-house project called Borg [2]. The   their cloud strategy.
   Borg system was key to running Google’s services, such as         The enterprise community around Kubernetes has also
   Google Search and Gmail. This decision by Google to open       surged, with vendors providing enterprise versions with
                                                                  added security, manageability, and support. Red Hat, Co-
                                                                  reOS, and Platform 9 are some of the few that have made
                                                                  Enterprise Kubernetes offerings key to their strategy going
                                                                  forward and have invested heavily in ensuring the open
                                                                  source project continues to be maintained.

                                                                  Delivering the benefits of the hybrid cloud
                                                                  Yet another reason why enterprises are adopting Kuberne-
                                                                  tes at such a breakneck pace is that Kubernetes can work
                                                                  in any cloud. With most enterprises sharing assets between
                                                                  their existing on-premises datacenters and the public cloud,
                                                                  the need for hybrid cloud technologies is critical.

   54                                       OPEN SOURCE YEARBOOK 2010-2019            . CC BY-SA 4.0 . OPENSOURCE.COM
                                                                S TAND-OUT KUBERNETES AR TICLE — 2017

   Kubernetes can be deployed in a company’s pre-ex-            services and a heritage from Google Borg—Kubernetes
isting datacenter on premises, in one of the many public        is now open source software that is part of a big foun-
cloud environments, and even run as a service. Because          dation (CNCF) with many enterprise members. It contin-
Kubernetes abstracts the underlying infrastructure layer,       ues to grow in popularity and is being widely used with
developers can focus on building applications, then de-         mission-critical apps in finance, in massive multiplayer
ploy them to any of those environments. This helps accel-       online games like Pokemon Go, and by educational com-
erate a company’s Kubernetes adoption, because it can           panies and traditional enterprise IT. Considered together,
run Kubernetes on-premises while continuing to build out        all signs point to Kubernetes continuing to grow in pop-
its cloud strategy.                                             ularity and remaining one of the biggest success stories
                                                                in open source.
Real-world use cases
Another reason Kubernetes continues to surge is that major      Links
corporations are using the technology to tackle some of the     [1]
industry’s largest challenges. Capital One, Pearson Educa-      [2]
tion, and are just a few of the companies that     [3]
have published Kubernetes use cases [4].                        [4]
   Pokemon Go [5] is one of the most-popular publicized use     [5]
cases showing the power of Kubernetes. Before its release,           Pokemon-GO-to-life-on-Google-Cloud.html
the online multiplayer game was expected to be reasonably
popular. But as soon as it launched, it took off like a rock-
et, garnering 50 times the expected traffic. By using Kuber-    Author
netes as the infrastructure overlay on top of Google Cloud,     Anurag Gupta is a Product Manager at Treasure Data driving
Pokemon Go could scale massively to keep up with the un-        the development of the unified logging layer, Fluentd Enter-
expected demand.                                                prise. Anurag has worked on large data technologies includ-
   What started out as an open source project from Goo-         ing Azure Log Analytics, and enterprise IT services such as
gle—backed by 15 years of experience running Google             Microsoft System Center. Follow him at @Anurag_Gup

OPEN SOURCE YEARBOOK 2010-2019            . CC BY-SA 4.0 . OPENSOURCE.COM                                                     55

   Four Linux distros for kids
                                                                                     BY ASEEM SHARMA

  I CAN SEE               THE BRIGHTNESS of curiosity in my six year
                          old niece Shuchi’s eyes when she ex-
   plores a mobile phone or manipulates the idiot box with its
                                                                        etc., Windows is only on 20% of computing devices, and in
                                                                        the world of big iron, Linux reigns supreme. We specialize
                                                                        in science and engineering and want our students to go on
   remote control or becomes creatively destructive with any            to do great things like start the next Google or collapse the
   other electronic device. She, like a lot of kids her age, love       universe at CERN. In those environments, they will certainly
   experimenting.                                                       need to know Linux.”
      This curiosity reaches its peak when she sits in front of            Linux runs some of the most complex infrastructures in
   my laptop or her father’s laptop. A lot of times, however, I         the world. For anyone even remotely interested in a career
   observe that she is lost in complicated applications that are        in technology, learning Linux will be a definite asset. Besides
   suitable only to adults. An operating system that an adult           that, the adoption of Linux is massive and ubiquitous. Con-
   uses and the system running it can look like a beast to a            sider this:
   lot of kids. These applications are beyond the comprehen-            • Linux powers international space stations
   sion of very young kids and do not provide an ideal (and             • Linux powers the technology in new cars like Tesla and
   playful) introduction to computers. Futher, adults’ laptops             Cadillac
   and tablets do not serve as a good learning environment              • Linux powers air traffic control systems
   for any kid (younger or old-                                                                           • Google, Facebook, Twitter,
   er) who is just onboarding                                                                                all use Linux
   into the world of computing.                                                                           • 9 out of 10 supercomputers
   Besides, letting a kid run wild                                                                           in the world run on Linux
   on a computer with an online                                                                           There is a rational reason
   connection can be daunting                                                                             that initiatives like One Lap-
   for the parents.                                                                                       top per Child [2], which in
      As a big kid myself, and                                                                            my opinion is one of the
   an open source software en-                                                                            most powerful programs to-
   thusiast for over four years                                                                           day that is working to bridge
   now, I like exploring and                                                                              the digital divide, use Linux
   experimenting with differ-                                                                             based systems.
   ent software solutions. Per-
   taining to the problem of finding and setting up an ideal            For customization and variety
   system for my young niece, I found that the open source              Learning at an early age can be best enhanced in an en-
   Linux community has created specialized operating sys-               vironment that encourages exploration. There is no other
   tems and environments for kids. Plus, setting up these               operating system that offers such variety and autonomy to
   systems is a breeze.                                                 customize the system based on specific needs like Linux.
                                                                        Like toys and clothes for kids, the Linux community has
   Why should kids learn Linux                                          developed specific operating systems that can offer them
   I have reached a conclusive opinion at this point in my life         a fun learning environment. I believe that to boost curiosity
   that children should be exposed to the power of Linux early          in kids, it is important to create a set up that gives them a
   on. Two of the reasons are...                                        feeling of wonder.

   For the future of computing                                          Programs to teach kids Linux
    I recently read the article, A year of Linux desktop at Westcliff   There are many different varieties of environments that the
   High School [1], which is an excellent piece by Stu Jarvis in        Linux community has designed for the children, and I hav-
   which Malcolm Moore replies to a question by stating, “Here          en’t yet explored them all, but of the ones I did, you should
   is a survey that reports in 2000, 97% of computing devic-            be able to find a great solution for teaching a kid you know
   es had Windows installed, but now with tablets and phones,           about Linux and computing.

   56                                           OPEN SOURCE YEARBOOK 2010-2019              . CC BY-SA 4.0 . OPENSOURCE.COM
                                                                             S TAND-OUT KIDS AR TICLE — 2014

Qimo                                                               Ubermix comes pre-loaded with a number of appli-                                          cations for education, productivity, design, program-
Qimo for kids is a Ubuntu-based distribution designed              ming, Internet, and multimedia construction. Educa-
specifically for children. The operating system comes              tion oriented applications like Celestia, Stellarium,
pre-installed with a lot of educational applications for chil-     Scratch, VirtualLab Microscope, Geogebra, iGNUit,
dren ages 3 years and older. It comes with GCompris, a             and Klavaro, as well as educational games like Tux-
perfect suite for children aged 3 to 10 years. It consists of      Math, TuxTyping, gMult, and Numpty Physics all
over 100 educational games that teaches basic comput-              bring with them plenty of opportunities to learn.
er use, reading, art history, telling time, and drawing pic-
                                                                   Internet applications we all know and love, like Firefox,
tures, as well as Childs Play, a collection of memory-build-
                                                                   Thunderbird, Chrome, Google Earth, and Skype are
ing games.
                                                                   all there. Common productivity apps like LibreOffice,
   One of the things I like best about this distribution is
                                                                   NitroTasks, Planner Project Management, VYM (View
that it uses XFCE desktop , which is a lightweight desktop
                                                                   Your Mind), and Zim Desktop Wiki are too. Kids inter-
that can be installed on older machines. The hardware
                                                                   ested in design will find the GIMP, Inkscape, Scribus,
requirements are low and it is absurdly easy to repurpose
                                                                   Dia, Agave, and even TuxPaint for the younger ones.
an old laptop or a desktop system. We had an old PC
                                                                   And apps like Audacity, Openshot, Pencil, and ffDia-
at home, and Qimo resurrected it. This operating system
                                                                   porama help round out the media offerings. These,
was my choice for my niece because of its simple child
                                                                   and many more, make Ubermix a powerful launchpad
friendly cartoon desktop and assortment of educational
                                                                   for student creativity and learning.

Sugar                                                            Edubuntu                             
Sugar was designed for the One Laptop per Child pro-             Formally the Ubuntu Education Edition, Edubuntu was de-
gram. It is an easy to use and kid-friendly operating sys-       veloped in collaboration with educators and teachers. It
tem. Children who love exploring will figure out things          embeds a variety of educational programs and a suitable
quickly in this environment, even if they cannot read or         learning environment. An advantage to it is access to the
write yet.                                                       Ubuntu software repository. The education community has
   From Sugar Labs:                                              extensively used this operating system in schools and or-
                                                                 ganizations to provide an enriched learning environment for
  Information is about nouns; learning is about verbs.
                                                                 their students. It’s a great operating system to teach older
  The Sugar interface, in its departure from the desk-
                                                                 children about Linux; it can have a steeper learning curve in
  top metaphor for computing, is the first serious at-
                                                                 comparison to Qimo and Sugar.
  tempt to create a user interface that is based on both
  cognitive and social constructivism: learners should
  engage in authentic exploration and collaboration. It
  is based on three very simple principles about what
  makes us human.
Ubermix                                          Author
Ubermix is extensively used in schools. The system was           Aseem is a graduate of Conrad Business, Entrepreneurship
designed to store user data and software in seperate par-        and Technology Center, Faculty of Engineering, University
titions. So, in case the computer malfunctions, the user         of Waterloo, Canada. He also holds a masters in computers
can wipe out the operating system and resotre fresh cop-         application from Guru Nanak Dev University, Punjab, India.
ies quickly. From Ubermix founder, Jim Klein, in an Open-        On, he serves as an author. He also blogs interview [3]:                                        at Follow him at @aseem_sharma

OPEN SOURCE YEARBOOK 2010-2019             . CC BY-SA 4.0 . OPENSOURCE.COM                                                      57

  6           remarkable features
               of the new United Nations
               open source initiative
                                                                      BY FRANK KARLITSCHE
   What does it mean when the UN goes open source?

   THREE            MONTHS AGO the United Nations asked me to
                    join a new advisory board to help them devel-
   op their open source strategy and policy. I’m honored to have
                                                                          reviewed and audited. This fact is especially important for
                                                                          security-sensitive applications that require transparency
                                                                          and openness [2].
   the opportunity to work together with a group of established        • D ecentralization: An open source strategy enables de-
   experts in open source licensing and policy areas.                     centralized hosting of software and data. This fact makes it
      The United Nations wants to make technology, software,              possible to be compliant with all data protection and priva-
   and intellectual property available to everyone, including             cy regulations and enables a more free and open internet.
   developing countries. Open source and free software are                We discussed that a fair business model like the one from
   great tools to achieve this goal since open source is all           Nextcloud should be encouraged and recommended. Spe-
   about empowering people and global collaboration while              cifically, we discussed that that 100% of the code should
   protecting the personal data and privacy of users. So, the          be placed under an OSI-approved open source license [3].
   United Nations and the open source community share the              There should be no open core, proprietary extensions, dual
   same values.                                                        licensing, or other limited-access components to ensure
      This new open source strategy and policy is developed by         that everyone is on the same playing field.
   the United Nations Technology Innovation Labs (UNTIL) [1].             I’m excited to have the opportunity to advise the United
   Last month, we had our first in-person meeting in Helsinki in       Nations in this matter, and I hope to have a positive influence
   the UNTIL offices. I find this initiative remarkable for several    on the future of IT, especially in developing countries.
   • Sharing: The United Nations wants to have a positive             Links
      impact on everyone on this planet. For that goal, it is im-      [1]	
      portant that software, data, and services are available for      [2]	
      everyone independent of their language, budget, educa-           [3]	
      tion, or other factors. Open source is perfect to guarantee
      that result.                                                     Author
   • Contributing: It should be possible that everyone can            Frank Karlitschek is a long time open source contributor and
      contribute to the software, data, and services of the United     former board member of the KDE e.V. He managed engineer-
      Nations. The goal is to not depend on a single software          ing teams for over 20 years and worked as head of unit and
      vendor alone, but instead, build a bigger ecosystem that         managing director at different internet companies. In 2001 he
      drives innovation together.                                      created the social network as well as GTK-
   • Empowering: Open source makes it possible for under-   ,, and other ‘App-
      developed countries and regions to foster local companies        Stores’ before AppStores existed. He founded ownCloud in
      and expertise by building on top of existing open source         2010 and the successor Nextcloud in 2016 to create a fully
      software—standing on the shoulders of giants.                    open source and decentralized alternative to big centralized
   • Sustainability: Open source guarantees more sustain-             cloud companies. Frank was an invited expert at the W3C to
      able software, data, and services by not relying on a single     help to create the ActivityPub standard. Frank has spoken at
      entity to support, maintain, and develop it. Open source         MIT, CERN, Harvard and ETH and keynoted LinuxCon, Lati-
      helps to avoid a single point of failure by creating an equal    noware, FOSSASIA, Campus Party and many other confer-
      playing field for everyone.                                      ences. Frank is the founder and CEO of Nextcloud GmbH. He
   • Security: Open source software is more secure than               is also a fellow of Open Forum Europe and an advisor to the
      proprietary software because the code can be constantly          United Nations. Follow him at @fkarlitschek

   58                                          OPEN SOURCE YEARBOOK 2010-2019              . CC BY-SA 4.0 . OPENSOURCE.COM