Running Ansible in OpenShift with arbitrary UIDs

My work at Red Hat involves testing lots and lots of kernels from various sources and we use GitLab CE to manage many of our repositories and run our CI jobs. Those jobs run in thousands of OpenShift containers that we spawn every day. OpenShift has some handy security features that we like. First, each container is mounted read-only with some writable temporary space (and any volumes that you mount). Also, OpenShift uses arbitrarily assigned user IDs (UIDs) for each container.
Read more β†’

Running Home Assistant in a Docker container with a Z-Wave USB stick

The Home Assistant project provides a great open source way to get started with home automtion that can be entirely self-contained within your home. It already has plenty of integrations with external services, but it can also monitor Z-Wave devices at your home or office. Here are my devices: Monoprice Z-Wave Garade Door Sensor Aeotec Z-Stick Gen5 (ZW090) Fedora Linux server with Docker installed Install the Z-Wave stick Start by plugging the Z-Stick into your Linux server.
Read more β†’

Disable autoplay for videos in Firefox 65

Firefox has some great features, but one of my favorites is the ability to disable autoplay for videos. We’ve all had one of those moments: your speakers are turned up and you browse to a website with an annoying advertisement that plays immediately. This feature stopped working for me somewhere in the Firefox 65 beta releases. Also, the usual setting in the preference page (under Privacy & Security) seems to be missing.
Read more β†’

Use a secret as an environment variable in OpenShift deployments

Environment variables are easy to add to OpenShift deployments, but a more secure way to add these variables is by referencing a secret.
Read more β†’

Changes in RHEL 7 Security Technical Implementation Guide Version 1, Release 3

The latest release of the Red Hat Enterprise Linux Security Technical Implementation Guide (STIG) was published last week. This release is Version 1, Release 3, and it contains four main changes: V-77819 - Multifactor authentication is required for graphical logins V-77821 - Datagram Congestion Control Protocol (DCCP) kernel module must be disabled V-77823 - Single user mode must require user authentication V-77825 - Address space layout randomization (ASLR) must be enabled Deep dive Let’s break down this list to understand what each one means.
Read more β†’