week 42, 2019

The best Docker base image for your Python application

When you’re building a Docker image for your Python application, you’re building on top of an existing image—and there are many possible choices. There are OS images like Ubuntu and CentOS, and there are the many different variants of the python base image.

Which one should you use? Which one is better? There are many choices, and it may not be obvious which is the best for your situation.

So to help you make a choice that fits your needs, in this article I’ll go through some of the relevant criteria, and suggest some reasonable defaults that will work for most people.

Source: The best Docker base image for your Python application, an article by Itamar Turner-Trauring.

Mushrooms in a Garden

Today, on our way to the town center, I took several photos of mushrooms growing in a garden by the side of the road.

Mushrooms in a garden
Small groups of mushrooms growing in a garden.
Mushrooms in a garden
A group of mushrooms near a tree.

Working with Errors in Go 1.13

Go 1.13 introduces new features to the errors and fmt standard library packages to simplify working with errors that contain other errors. The most significant of these is a convention rather than a change: an error which contains another may implement an Unwrap method returning the underlying error. If e1.Unwrap() returns e2, then we say that e1 wraps e2, and that you can unwrap e1 to get e2.

Source: Working with Errors in Go 1.13, an article by Damien Neil and Jonathan Amsterdam.

Parsing In Python: Tools And Libraries

If you need to parse a language, or document, from Python there are fundamentally three ways to solve the problem:

  • use an existing library supporting that specific language: for example a library to parse XML
  • building your own custom parser by hand
  • a tool or library to generate a parser: for example ANTLR, that you can use to build parsers for any language

Source: Parsing In Python: Tools And Libraries, an article by Gabriele Tomassetti. A great overview; recommended.

Regex and grep: Data flow and building blocks

In Introducing regular expressions, I covered what they are and why they’re useful. Now let’s take a deeper look at how they’re created. Because GNU grep is one of the tools I use the most (that provides a more or less standardized implementation of regular expressions), I will use that set of expressions as the basis for this article. We will then look at sed (another tool that uses regular expressions) in a later article.

Source: Regex and grep: Data flow and building blocks, an article by David Both.

The Ugly History of Beautiful Things: Orchids

Although lady’s slipper orchids continued to bloom throughout the wild woods of Europe and North America, this particular species (Cypripedium calceolus) had been declared extinct in England as of 1917. Collectors had destroyed the plant in the early 20th century, suffering from what was then known as “orchidelirium,” an incurable psychological illness marked by a need to pillage and possess, to strip the landscape bare and imprison one’s precious findings behind the four walls of a personal greenhouse.

Source: The Ugly History of Beautiful Things: Orchids, an article by Katy Kelleher.

The Real Reason Remote Workers Are More Productive

Study after study after study into remote work has made one thing clear: Remote workers are more productive than their office-bound counterparts.

What’s not entirely clear is why.

Yes, people gain back time (and sanity) by avoiding rush hour commutes. They avoid the distractions of the office. They regain a sense of control over their workdays. They have more time to dedicate to family, friends, and hobbies.

But apart from the commute, all of those benefits aren’t necessarily the result of location independence, but rather the byproduct of asynchronous communication — giving employees control over when they communicate with their teammates.

Source: Asynchronous Communication: The Real Reason Remote Workers Are More Productive a well-written article by Amir Salihefendic.

A flaw in sudo

A flaw was found in the way sudo implemented running commands with arbitrary user ID. If a sudoers entry is written to allow the attacker to run a command as any user except root, this flaw can be used by the attacker to bypass that restriction.

Source: CVE-2019-14287 by Red Hat.

How to enable SSH session recording in CentOS 8

CentOS 8 has been released and it includes some really amazing features. One feature that many security admins will greatly appreciate is session recording. With this feature, CentOS will record any/all SSH sessions, which includes all of the user activity that occurs during the session. Once recorded, videos of these sessions can be played back by any admin with a Cockpit login.

Source: How to enable SSH session recording in CentOS 8, an article by Jack Wallen.

Using a Makefile

Because tumblelog has many arguments it's a good idea to store the command and its arguments somewhere. While it's possible to create an alias or a bash script, for example, I decided to use a Makefile.

In the evening I finished documenting how to use a Makefile to compile the Sass stylesheet to CSS, run tumblelog, and upload the generated microblog.