Tux Machines
Posted by Roy Schestowitz on Oct 28, 2022,
updated Oct 28, 2022
=> Updated antiX-sid iso files available | Security Leftovers (UPDATED)
=> ↺ CPE Weekly
Red Hatters "clip in" to share sustainable, life-changing transportation worldwide
Throughout July, the Tour de France transfixed fans as they tried to catch glimpses of the leading yellow jersey in the blur of racers. The color to watch this past June, however, was red.
In a show of efficiency, over ten days, Red Hatters celebrated World Environment Day and World Bicycle Day by mounting their bikes and logging kilometers to give the gift of sustainable, life-changing mobility to women and children in developing regions of the world.
=> ↺ FreeIPA authentication improvements and Fedora Infrastructure part 1
The Fedora project exists because of its contributors. Their contributions shape the landscape of Linux distributions in a direct way but they also have made a significant influence on the Open Source projects themselves. Fedora contributors are not only people who participate in package maintenance, there are upstream developers, documentation writers, quality assurance engineers across multiple industries, students, volunteers and many many others. As with many other areas, this participation is bi-directional and practices established in the Fedora project may apply elsewhere too.
One area dear to me is authentication. The FreeIPA project serves as an umbrella to provide a consistent centralized identity management and authentication solution for Linux systems (in the first place, though standards-compliant, UNIX-like operating systems benefit from its use as well). FreeIPA’s core is built around Kerberos authentication protocol and SSSD daemon. It makes use of Kerberos’ features for single sign-on ease on the client side.
Many Free Software and Open Source projects use FreeIPA to deploy centralized identity management, authentication and authorization for their own contributors. Examples can be found small and large: GNOME project was one of the earliest, migrating its infrastructure to FreeIPA in 2014. The Fedora project is not an exception, it has been using FreeIPA for quite some time, though FreeIPA deployment was only handling Kerberos – user accounts were stored in a different place and synchronized with FreeIPA. The old Fedora account system was gradually rewritten to be built on top of FreeIPA and in 2021 all accounts were migrated to the new system.
=> ↺ FreeIPA authentication improvements and Fedora Infrastructure part 2
This article continues the discussion about FreeIPA authentication improvements and how they could benefit Fedora Infrastructure.
FreeIPA 4.9.10 has added support for relaying authentication to OAuth2 identity providers (IdPs). Users would get their access to FreeIPA resources mediated by an external OAuth2 identity provider which supports OAuth2 device authorization grant flow (RFC 8628). This is not too dissimilar from how smart TVs connect to Youtube and other media services on your behalf. A user would be able to grant access to a scoped information to a FreeIPA OAuth2 client registered with such IdP. In order to authorize the access, the user might need to login to the IdP first and this is performed with the help of a browser running elsewhere. Most common browsers do have support for Webauthn/FIDO2 tokens, thus it is possible to build a system where a login to FreeIPA-enrolled system is authenticated by the FIDO2 token exclusively.
=> ↺ Fedora Community Blog: Friday’s Fedora Facts: 2022-43
Here’s your weekly Fedora report. Read what happened this week and what’s coming up. Your contributions are welcome (see the end of the post)!
I have weekly office hours on Wednesdays in the morning and afternoon (US/Eastern time) in #fedora-meeting-1. Drop by if you have any questions or comments about the schedule, Changes, elections, or anything else. See the upcoming meetings for more information.
=> ↺ CPE Weekly Update – Week 43 2022 - Fedora Community Blog
This is a weekly report from the CPE (Community Platform Engineering) Team. If you have any questions or feedback, please respond to this report or contact us on #redhat-cpe channel on libera.chat.
We provide you both infographics and text version of the weekly report. If you just want to quickly look at what we did, just look at the infographic. If you are interested in more in depth details look below the infographic.
[...]
Extra Packages for Enterprise Linux (or EPEL) is a Fedora Special Interest Group that creates, maintains, and manages a high quality set of additional packages for Enterprise Linux, including, but not limited to, Red Hat Enterprise Linux (RHEL), CentOS and Scientific Linux (SL), Oracle Linux (OL).
=> gemini.tuxmachines.org This content has been proxied by September (3851b).Proxy Information
text/gemini;lang=en-GB
