archive-be.com » BE » S » SIPHOS.BE

Total: 45

Choose link from "Titles, links and description words view":

Or switch to "Titles and links view".
  • Index
    Existence DNSSEC Domain Name System DNS DomainKey Identified Mail DNS DS DNSSEC DSA Key management E ECSDA Key management EVM Using IMA and EVM exports Configuration F facter Learning the facts FURPS Capturing the requirements G gitolite Architecture I IMA Using IMA and EVM ISO IEC 27000 Architecture frameworks ITIL Architecture frameworks K Key Signing Key DNSSEC KSK DNSSEC M MAC Access management services SELinux as MAC man in the middle Public and private keys Mandatory Access Control Access management services SELinux as MAC MITM Using DNS SSHFP fields MITM attack Public and private keys MoSCoW Capturing the requirements N named conf Administration Initial configuration Next Secure DNSSEC NOEXEC PaX NSEC DNSSEC NSEC3 DNSSEC nsupdate Pushing changes O OCSP Certificate management protocols Online Certificate Status Protocol Certificate management protocols P PAM Pluggable Authentication Modules PaX PaX paxctl PaX pg hba conf Operations PIC PIE PIC SSP PIE PIE PIC SSP Pluggable Authentication Modules Pluggable Authentication Modules pmcs Compliance validation psql Administration public key cryptography Public and private keys R requirements Capturing the requirements Resource Record Signature DNSSEC rndc Administration rpc gssd Kerberos support rpc idmapd ID Mapping rpc lockd Architecture rpc mountd Architecture rpc statd Architecture rpc svcgssd Kerberos support

    Original URL path: http://swift.siphos.be/aglara/ix01.html (2016-05-01)
    Open archived version from archive


  • Task Viewer

    (No additional info available in detailed archive for this subpage)
    Original URL path: /tools/taskviewer/taskviewer.html (2016-05-01)


  • Quizzer

    (No additional info available in detailed archive for this subpage)
    Original URL path: /tools/quizzer-5/quizzer.html (2016-05-01)


  • Chapter 1. What is Linux?
    installing additional tools and libraries until you have your functional system These additional tools and libraries are of course written by programmers and they must be able to build their code so that it works on your system Some systems like Gentoo Linux even build this software for you instead of relying on the prebuilt software by others To be able to build these tools you need the source code of each tool and the necessary tools to convert the source code to executable files These tools are called a tool chain a set of tools that are used as in a chain in order to produce a working application A general tool chain consists out of a text editor to write the code in compiler to convert code to machine specific language linker to combine machine code of several sources including prebuilt shared libraries into a single executable file and libraries those I just mentioned as being shared libraries A tool chain is of the utmost importance for a developer it is a vital development tool but not the only development tool For instance developers of graphical applications generally need tools to create graphics as well or even multimedia related tools to add sound effects to their program A development tool is a general noun for a tool that a developer would need in order to create something but isn t vital for an operating system of an average non developer user The most well known development tools are also delivered by the GNU foundation namely the GNU Compiler Collection also known as gcc End User Tools Once a developer has finished creating its product you have an end user tool with accompanying libraries which might be required by other tools that are build on top of this product These end tools are what makes a system unique for a user they represent what a user wants to do with his system Although not required by an operating system they are required by the end user and are therefore very important for his system Most operating systems don t install all or most of the end user tools because there are just too many to choose from Some operating systems don t even provide the means to install end user tools to their users but rely on the ingenuity of each programmer to create an installer that sets up the tool on the system Other operating systems bring a small but considerable subset of end user tools with them so that their users can quickly update their system to whatever shape they want without requiring a long and difficult search across the Internet or even worse computer software shop to find the software they need Examples of end user tools are well known such as office suites graphic design tools multimedia players communication software Internet browsers Okay I bite What is this GNU The GNU Project is an effort of several programmers and developers to create a free Unix like operating system GNU is a recursive acronym that stands for GNU is Not Unix because it is Unix like but contains no Unix code and is and remains free The GNU foundation the legal entity behind the GNU project sees free as more than just the financial meaning of free the software should be free to use for any purpose whatsoever free to study and modify the source code and behaviour free to copy and free to distribute the changes you made This idea of free software is a noble thought that is active in many programmers minds hence many software titles are freely available Software is generally accompanied by a license that explains what you can and cannot do with it also known as the End User License Agreement Free Software also has such a license unlike the EULAs they actually allow most things instead of denying it An example of such license is the GPL GNU General Public License Linux as the Kernel of the Linux Operating System When we look at a Linux Operating System its core component is its kernel The kernel all Linux Operating System use is the Linux kernel or just Linux Yes that s right the Linux Operating System is called after the kernel Linux Now although all Linux Operating Systems use Linux as their kernel many of them use a different flavour This is because the kernel development has several branches The most important one I call the vanilla kernel This kernel is the main development kernel where most kernel developers work on every other kernel is based on this kernel Other kernels introduce features that the vanilla kernel doesn t want yet or has tossed away in favour of another feature still these kernels are fully compatible with the vanilla kernel The Linux kernel saw its first light in 1991 and is created and still maintained by Linus Torvalds It grew rapidly in 1994 version 1 0 0 saw the light both in size 1 0 0 had more than 175000 lines of code and in popularity Over the years its development model stayed the same there are few major players in the development who decide what goes in and what stays out of the kernel code but the majority of contributions happen from several hundreds volunteers kernel 2 6 21 had contributions from more than 800 individuals The latest kernel version at the time of writing is 3 10 7 The first two numbers play the role of the major version the third number is the minor version mostly bugfix releases Sometimes a fourth number is added when a one off bug fix was needed The Linux kernel development generally increments the major numbers most of the time the second number for functional improvement releases for every increment users and developers know that the kernel has new features Once a new version of the Linux kernel is released it isn t distributed to all of its users No this is where distributions come into play Linux Operating Systems Distributions If an end user would want to install a Linux Operating System without additional help he would need to build a Linux kernel himself build the components of the operating system like the libraries end tools and keep track of changes in the free software world like new versions or security fixes And although all this is perfectly possible look for the Linux From Scratch project most users would want something that is a bit more user friendly Enter distributions A distribution project like the Gentoo Project is responsible for a Linux Operating System the distribution to such an extend that for the end user the distribution project is the point of contact for his Linux installation Distribution projects make choices regarding the software How should the users install the operating system Perhaps users are encouraged to perform as many steps as possible during the installation process the distribution Linux from Scratch probably has the most intensive installation process The very inverse is an installation CD or USB image that doesn t even require any configuration or installation it just boots the environment and you re ready to start using the Linux distribution What installation options are there CD DVD network Internet Most Linux distributions offer an installation CD DVD as it is the most popular method for acquiring software But many other installation options exist You can install a distribution from a network using net booting a popular approach in enterprise environments as it makes unattended installations possible or from within another operating system What software should be available to the user Popular desktop Linux distributions offer a wide range of software to the end users This allows the distribution to become widely accepted as it fits the needs of many users However more advanced distributions exist that focus on a particular market like set top boxes for multimedia presentations firewalls and network management home automation appliances and of course these distributions offer different software titles to the users How is the available software built specific system features If a distribution wants the software to run on as many processor types as possible Pentium i7 Athlon Xeon Itanium it needs to build the software for a generic platform say i686 rather than for a specific one Itanium Of course this means that the software doesn t use all features that new processors provide but the software does run on many more systems The same is true for features supported by certain software titles Some software titles offer optional support for ipv6 ssl truetype fonts but if you want it you need to compile this support in the application Distributions that offer software in a binary format most distributions do need to make this choice for their users More than often they attempt to offer support for as many features as possible but not all end users would need or even want this Is internationalization of the software important Some distributions are targeting specific user groups tied to their language and geography There are distributions that are fully localized to a specific group say Belgian Dutch speaking users or Canadian French speaking users but also distributions that try to offer localization for as many groups as possible How should users update and maintain their system Many distributions offer an automated software update process but not all distributions offer a live upgrade process where once installed your installation gradually builds up and becomes the latest version of that distribution without any specific actions Some distributions even require you to boot from the latest installation CD and perform an upgrade step How would a user configure his system If you are a graphical Linux user you definitely don t want to hear about configuration file editing or command line actions to be taken So you will most likely look for distributions that offer a full graphical interface to configure your system But some users do like the idea of writing the configuration files directly as it offers the largest flexibility but also the highest learning curve and distributions often work on these sentiments Some distributions don t even allow you to update the configuration files directly as they re generate those files anyway overwriting your changes What is the target user group of the distribution Most desktop distributions target home office users but there are distributions that target children or scientists Some distributions are made for developers and others for elder people There are distributions for visually impaired people and distributions for people without Internet access What policies does the distribution put on its software Organizations like FSF have a vision on how the software world should look like Many distributions offer a way of implementing these visions For instance some distributions only allow software that is licensed under an FSF approved license Other distributions allow users to use non free software There are distributions that implement a higher security vision in the distribution offering a more hardened approach to operating systems Should the distribution be freely available Of course money is often a major decision point as well Not all distributions are freely downloadable available on the Internet although the majority is But even when the distribution is freely available it might still be necessary to obtain commercial support even just for the security updates of the distribution You ll find several distributions in the world each of those distribution projects answers the questions a bit different from the others Hence choosing the right distribution is often a quest where you have to answer many questions before you find the correct distribution Of course when you re starting with Linux you probably don t have a strong opinion about these questions yet That s okay because if you want to start using Linux you should start with the distribution of which you ll have the best support Ask around perhaps you have friends who might help you with Linux And be honest what better support is there than personal support What is a Distribution A distribution is a collection of software called the packages bundled together in a coherent set that creates a fully functional environment The packages contain software titles build by other projects and possibly patches updates specific for the distribution so that the package integrates better with other packages or blends in better with the overall environment These packages are usually not just copies of the releases made by the other software projects but contain a lot of logic to fit the software in the global vision of the distribution Take KDE for example KDE is a graphical desktop environment which bundles several dozens of smaller tools together Some distributions provide a pristine KDE installation to their users others change KDE a bit so that it has a different default look and such Another example would be MPlayer a multimedia player especially known for its broad support of various video formats However if you want to view Windows Media Video files WMV you need to build in support for the non free win32 codecs Some distributions provide MPlayer with support for these codecs others without Gentoo Linux lets you choose if you want this support or not What does a Distribution Provide When you want to use a distribution you can but you don t have to use tools built by the distribution project to ease several tasks to install the distribution you can use one or more installation tools provided by the distribution project to install additional packages on your system you can use one or more software management tools provided by the distribution project to configure your system you can use one or more configuration tools provided by the distribution project I cannot stress enough the importance of the term can You don t have to use the distributions installation tools you can always install a distribution differently you don t have to install software using the software management tools you can always build and install your software manually and you don t have to configure your system with the configuration tools you can always edit the configuration files of the various applications by hand Why then does a distribution put all this effort in these tools Because they make it a lot easier for the user to use his system Take software installation as an example If you don t use a software management tool you need to build the software yourself which can be different depending on the software you want to build keep track of updates both bug fixes and security fixes make sure you have installed all the dependent software software this depends on software that which depends on library a b and c and keep track of the installed files so that your system doesn t clutter up Another major addition distributions provide are the software packages themselves A software package contains a software title think of the Mozilla Firefox browser with additional information such as a description of the software title category information depending software and libraries and logic how to install the software how to activate certain modules it provides how to create a menu entry in the graphical environments how to build the software if it isn t built already This can result in a complex package making it one of the reasons why distributions usually cannot provide a new package at the same day the software project itself releases a new version For security fixes however most information and logic stays the same so security fix releases by the software project usually result in a quick security fix release of the software package by the distribution project Next to the software that is the distribution a distribution project provides supporting items documentation about the distribution infrastructure where you can download the distribution and its documentation from daily package updates for new software daily security updates support for the distribution which can be in the form of forums e mail support telephone support or even more commercial contractual support Now a distribution project is more than all that By bundling all packaging into a single project developers can work together to build an operating system that extends the commercial grade operating systems To do this most distribution projects have divisions for public relations user relations developer relations release management documentation and translations etc What is an Architecture I haven t talked about architectures yet but they are important nevertheless Let me first define the concept of instruction set s An instruction set of a CPU is the set of commands that that particular CPU understands These commands perform a plethora on functions such as arithmetic functions memory operations and flow control Programs can be written using these functions but usually programmers use a higher level programming language because a program written in this specific language called the assembly language of that CPU can only be run on that CPU That and assembly is so low level that it is far from easy to write a tool with it The tools that still use assembly language are compilers which translate higher level programming language to assembly boot loaders which load an operating system into memory and some core components of operating systems the Linux kernel has some assembly code Now every CPU type has a different instruction set The Intel Pentium IV has a different instruction set than the Intel Pentium III the Sun UltraSPARC III has a different instruction set than the Sun UltraSPARC IIIi Still their instruction sets are very similar This is because they are in the same family CPUs of the same family understand a particular instruction set Software tools built for that instruction set run on all CPUs of that family but cannot take advantage of the entire instruction set of the CPU they run on Families of CPUs are grouped in architectures Architectures are global and represent the concept of an entire system

    Original URL path: http://swift.siphos.be/linux_sea/whatislinux.html (2016-05-01)
    Open archived version from archive

  • Chapter 1. Infrastructure Architecturing for Free Software
    IT service delivery companies their suggested reference architecture is both a sales pitch to describe the maturity and integration of their services as well as a check point for their own development departments is our offering sufficient and necessary Throughout the rest of this book a reference architecture will be designed with primary focus on the components used the reason for these components and possible process implementations that are related to it Designing a reference architecture The process The focus of designing a reference architecture is to be able to display quickly how all needed services are deployed integrated and managed In very high terms it boils down to the following steps Capture the requirements Make a logical design Translate the design in infrastructure implementation details Go do it These steps are simply put the order of doing things the hardest part though lays in the beginning Capturing the requirements Generally speaking there are two types of requirements Functional requirements describing the features functions security capabilities and more of the organizations needs Non functional requirements which are more about the service level agreements performance availability reliability support requirements Functional requirements can be thought of in terms like What does the organization want to get Which security requirements are there most often based on legal or compliance requirements Which financial requirements are being presented The non functional requirements can be thought of through the FURPS acronym The F is covered already which stands for Functional but the other letters in the acronym give a nice overview of non functional requirements that might exist Usability Reliability Performance Supportability The in the acronym focuses on additional process driven requirements such as design requirements you need to use a relational database implementation requirement you need to code it in Python interface requirement you need to use SOAP for communication across services physical requirements the service must run in a colocation center or progress requirement you must use a lean IT approach with visual progress boards Capturing requirements from the organization is one of the most tough but most important tasks in any design exercise Properly evaluating and documenting the requirements as well as their priority for which you can use the MoSCoW approach Must Should Could Won t which was originally made for software development but can be used in other requirement exercises as well and who asked for it stakeholders Although you can go extremely far in this asking hundreds of questions be sure to take a pragmatic approach and inform the stakeholders about possible consequences too like the cost and time to market influence of additional requirements Using an iterative production approach where a first set of requirements is captured a design is made after which some sort of storyboard approach is used to describe to the organization how the design looks like will give the organization time to react or give their ideas or additional requirements Make a logical design A logical design visualizes and describes a solution without going into the details of the implementation The idea of logical designs is that they can be modularized them designing one component after another and using building blocks to give a high level overview of the solution you are designing This high level design allows tracking of the architecture whereas the components logical design documents go into the details of a single building block When a logical design is made try to keep the implementation details out of it Details such as IP addresses number of parallel instances memory details are not needed in order to track and manage the architecture These implementation details go into the later stage Infrastructure implementation details The implementation details are then used as a sort of handover process between designing the architecture and implementing it Whereas the logical design can be reused in other projects or sometimes even other organizations the implementation details are more about how it all works in a specific infrastructure deployment Overview of instances IP addresses functional accounts in use location of files and certificates etc are all implementation details that are important to manage properly and will often be managed through a configuration management database but not that vital in understanding the architecture by itself Go do it Only when these implementation details are known as well can the infrastructure be really created Logical design Whereas requirements capturing is the most important the logical design is where architects start writing and documenting how the architecture looks like translating the requirements in services or even immediately into technologies In this book a lightweight logical design method will be used to describe why decisions are made in the reference architecture There will not be full logical design documents that would be a bit overkill for now especially since it is just a fictional company but the methods and structures used can help in the quest to find out what a larger organization might want A lightweight logical design document starts off with a subset of requirements that is used during the design and which influences the decisions made Alongside the requirements a design might also include assumptions although it is recommended to remove assumptions before it is too late after all every assumption that isn t validated is a risk for a design Next the logical design itself is made for which the FAMOUS abbreviation is introduced Feeds and flows that are important for the design This information provides insight in the occasional data transports that occur towards the system This might be the shipping of the database backup file towards a remote location the flow of log entries that are sent to a central log server an incoming daily snapshot of configuration settings that need to be loaded in an LDAP etc By properly documenting these feeds and flows it is much easier to find possible attention points storage volume requirements network traffic shaping needs heavy I O timeframes that need to be tackled In many cases integration requirements can also be

    Original URL path: http://swift.siphos.be/aglara/architecturing.html (2016-05-01)
    Open archived version from archive