The looong road to xfce 4.14. I hope you still want some news about Xfce !
As usual, the xfce development is slow, has some organisation problems (only few members have access to servers, and are often not present), and lack “core” maintainers/mentors. But hey, we do our best :).
Ce 10 Novembre 2015 a eu lieu le second meetup ArchLinux France, chez BlaBlaCar à Paris ! Pour rappel le premier Meetup avait eu lieu en Octobre 2014.
Pour cette nouvelle édition, il y avait 5 présentations, et près de 70 personnes ! (vous pouvez retrouver le programme sur meetup).
Cassandra usually output all its logs in a system.log file. It uses log4j old 1.2 version for cassandra 2.0, and since 2.1, logback, which of course use different syntax :)
Logs can be enhanced with some configuration. These explanations works with Cassandra 2.0.x and Cassandra 2.1.x, I haven’t tested others versions yet.
HTTP Alternative services allow an origin’s resources to be authoritatively available at a separate network location, possibly accessed with a different protocol configuration.
Opportunistic Encryption (OE) provides unauthenticated encryption over TLS for data that would otherwise be carried via clear text. It allows a http:// connection to use secure resources.
The problem : be able to cache a backend response if it took more than 5 seconds. If not, don’t cache it!
A good challenge from @florentsolt. He solves the problem with a nodejs reverse proxy behind nginx, but I prefer a pure nginx implementation ;)
A new vulnerability has been discovered in bash, related to how environment variables are processed. You can read more on redhat security blog.
This vulnerability can be used to execute remote code, even via ssh, if the remote shell is bash.
Fail2ban scans log files (e.g. /var/log/apache/error_log) and bans IPs that show the malicious signs – too many password failures, seeking for exploits…
It can be usefull to ban bots who try to bruteforce your ssh and flood your logs (another solution is to restrict allowed IP or change sshd port).