Profile

Cover photo
Ernest Beinrohr
Works at AXON PRO
Lives in Bratislava
96 followers|416,040 views
AboutPostsPhotosYouTubeReviews

Stream

Ernest Beinrohr

Shared publicly  - 
 
 
And that's it, after more than a year of work, we just released LXC 2.0 final!

We got over 700 commits by over 90 contributors, making it our biggest release ever!

Feature wise, we've been reworking a bunch of the lxc-* tools, added a bunch of config options, a few more templates and a Ceph RBD storage driver!

But this release is meant as a very stable, production grade ready, so a lot of work went into fixing rough edges, adding support for new kernel features and improving our tests.

This is a long term support release, so LXC upstream is committing to a 5 years support period on this, ending 1st of June 2021. As with LXC 1.0 before it, we will be releasing bugfix-only point releases for LXC 2.0.

On the API front, I am very pleased to announce that LXC 2.0 is entirely backward compatible with the LXC 1.0 API, meaning no recompilation needed and a very smooth upgrade experience!

Enjoy!
6 comments on original post
1
Add a comment...

Ernest Beinrohr

Shared publicly  - 
 
 
Not pretty. However the bigger problem is not the obvious one. There will be patches very soon for all the usual Linux platforms (or roll your own RPM it's not hard). However guess what many of those cheap GPL violating no source code ADSL routers that never get firmware upgrades run for their own internal use and to masquerade DNS.

Oh dear..

And that is why source code to your infrastructure is so important. This bug just obsoleted a pile of low end crapware router and firewall boxes holding homes, businesses and government together.

You can upgrade all your servers but if that little cheapo plastic box on your network somewhere has a vulnerable post 2008 glibc and ever does DNS lookups chances are it's the equivalent of a trapdoor into your network.

Even more fun of course - some of them regularly do poll some hardcoded DNS address so if anyone takes over that DNS record and starts serving a suitably compromised record back ...

https://googleonlinesecurity.blogspot.co.uk/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html
41 comments on original post
1
Add a comment...

Ernest Beinrohr

Shared publicly  - 
 
Imgur: The most awesome images on the Internet.
1
Add a comment...

Ernest Beinrohr

Shared publicly  - 
 
miniPC na doske disku. Krat 500.
When Ceph was originally designed a decade ago, the concept was that “intelligent” disk drives with some modest processing capability could store objects instead of blocks and take an active role in replicating, migrating, or repairing data within the system. In contrast to conventional disk ...
1
Add a comment...

Ernest Beinrohr

Shared publicly  - 
1
Add a comment...

Ernest Beinrohr

Shared publicly  - 
 
Simulator svetla. Uzasne.
2
Add a comment...

Ernest Beinrohr

Shared publicly  - 
 
Ako sa zbieraju olivy ...
Imgur: The most awesome images on the Internet.
5
Add a comment...

Ernest Beinrohr

Shared publicly  - 
2
Juraj Meciar's profile photo
 
Uzasne!
Add a comment...
Collections Ernest is following
Work
Occupation
admin
Employment
  • AXON PRO
    admin, present
Basic Information
Gender
Male
Story
Introduction
linux admin, systems & services integration

--
Ing, RHCE, LPIC, +421-2--6241-0360, +421-903--482-603
icq:28153343, skype:oernii-work, jabber:oernii@jabber.org

Places
Map of the places this user has livedMap of the places this user has livedMap of the places this user has lived
Currently
Bratislava
Previously
Dortmund
Nice narrow place. Food was good.
Public - a year ago
reviewed a year ago
1 review
Map
Map
Map