<?xml version="1.0" encoding="utf-8" standalone="yes"?><feed xmlns="http://www.w3.org/2005/Atom" xml:base="https://foundata.com/" xml:lang="en"><title>Planet-Fedora on foundata</title><id>https://foundata.com/en/tags/planet-fedora/feed-atom.xml</id><link rel="self" type="application/atom+xml" hreflang="en" href="https://foundata.com/en/tags/planet-fedora/feed-atom.xml" title="atom"/><link rel="alternate" type="text/html" hreflang="en" href="https://foundata.com/en/tags/planet-fedora/" title="html"/><link rel="alternate" type="application/rss+xml" hreflang="en" href="https://foundata.com/en/tags/planet-fedora/feed-rss.xml" title="rss"/><link rel="alternate" type="application/atom+xml" hreflang="de" href="https://foundata.com/de/tags/planet-fedora/feed-atom.xml" title="atom, Deutsch"/><link rel="alternate" type="text/html" hreflang="de" href="https://foundata.com/de/tags/planet-fedora/feed-atom.xml" title="html, Deutsch"/><link rel="alternate" type="application/rss+xml" hreflang="de" href="https://foundata.com/de/tags/planet-fedora/feed-atom.xml" title="rss, Deutsch"/><updated>2025-06-23T18:10:00Z</updated><author><name>foundata GmbH</name><email>webmaster@foundata.com</email><uri>https://foundata.com/</uri></author><rights>© 2023-2026, foundata GmbH (https://foundata.com)</rights><icon>https://foundata.com/images/feed-icon.67ff83c698af1511552374e80cf5f6ff26d497ef21f04186cf058859d535ca75.svg</icon><logo>https://foundata.com/images/feed-logo.9138f24a120dabc7e3d34003662131cc9c7f2ff153ec39d2f6dea3a48c35b4bf.svg</logo><entry><title type="html">System insights with command-line tools: free and vmstat</title><id>tag:foundata.com,2025-06-23:/en/blog/2025/system-insights-command-line-free-vmstat/</id><published>2025-06-23T18:10:00Z</published><updated>2025-06-23T18:10:00Z</updated><link href="https://foundata.com/en/blog/2025/system-insights-command-line-free-vmstat/?utm_source=feed-atom" rel="alternate" type="text/html"/><link href="https://foundata.com/de/blog/2025/systemeinblicke-kommandozeile-free-vmstat/?utm_source=feed-atom" rel="alternate" type="text/html" hreflang="de"/><link href="https://foundata.com/en/blog/2025/fsfe-reuse-open-source-licensing-tips-tricks-spdx-sbom/?utm_source=feed-atom" rel="related" type="text/html" title="Making sense of software licensing with FSFE REUSE: A guide for open source developers, tips and tricks."/><link href="https://foundata.com/en/blog/2024/system-insights-command-line-lslogins-lsmod/?utm_source=feed-atom" rel="related" type="text/html" title="System insights with command-line tools: lslogins and lsmod"/><link href="https://foundata.com/en/blog/2024/system-insights-command-line-lsof-lsblk/?utm_source=feed-atom" rel="related" type="text/html" title="System insights with command-line tools: lsof and lsblk"/><link href="https://foundata.com/en/blog/2024/system-insights-command-line-lscpu-lsusb/?utm_source=feed-atom" rel="related" type="text/html" title="System insights with command-line tools: lscpu and lsusb"/><link href="https://foundata.com/en/blog/2024/system-insights-command-line-dmidecode-lspci/?utm_source=feed-atom" rel="related" type="text/html" title="System insights with command-line tools: dmidecode and lspci"/><author><name>Andreas Haerter</name><uri>https://andreashaerter.com/</uri></author><summary type="html">An article introducing the command line tools `free` and `vmstat`.</summary><content type="html" xml:base="https://foundata.com/"><![CDATA[<p><em>Note: This article was originally released <a href="https://fedoramagazine.org/system-insights-with-command-line-tools-free-and-vmstat/" target="_blank" rel="noreferrer noopener">in the Fedora Magazine</a>.</em></p>
<p>In this fifth article of the &ldquo;<a href="https://foundata.com/en/blog/2024/system-insights-command-line-lscpu-lsusb/">System</a> <a href="https://foundata.com/en/blog/2024/system-insights-command-line-dmidecode-lspci/">insights</a> <a href="https://foundata.com/en/blog/2024/system-insights-command-line-lsof-lsblk/">with</a> <a href="https://foundata.com/en/blog/2024/system-insights-command-line-lslogins-lsmod/">command-line tools</a>&rdquo; series we explore <code>free</code> and <code>vmstat</code>, two small utilities that reveal a surprising amount about your Linux system&rsquo;s health. <code>free</code> gives you an instant snapshot of how RAM and <a href="https://en.wikipedia.org/wiki/Memory_swapping" target="_blank" rel="noreferrer noopener">swap</a> are being used. <code>vmstat</code> (the virtual memory statistics reporter) reports a real-time view of memory, CPU, and I/O activity.</p>
<p>By the end of this article you will be able to translate buffers and cache into &ldquo;breathing room&rdquo;, read the mysterious available column with confidence, and spot memory leaks or I/O saturation.</p>
<h2 id="a-quick-tour-of-free" class="scroll-mt-20 md:scroll-mt-24 wrap-break-word group/heading "><a href="#a-quick-tour-of-free" class="group-hover/heading:after:content-['#'] group-hover/heading:after:ml-1.5 group-hover/heading:after:text-content-400" id="a-quick-tour-of-free">A quick tour of <code>free</code></a></h2><h3 id="basic-usage" class="scroll-mt-20 md:scroll-mt-24 wrap-break-word group/heading "><a href="#basic-usage" class="group-hover/heading:after:content-['#'] group-hover/heading:after:ml-1.5 group-hover/heading:after:text-content-400" id="basic-usage">Basic usage</a></h3><div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">$ free -h
</span></span><span class="line"><span class="cl">       total    used    free   shared  buff/cache  available
</span></span><span class="line"><span class="cl">Mem:    23Gi    14Gi   575Mi    3,3Gi        12Gi      8,8Gi
</span></span><span class="line"><span class="cl">Swap:  8,0Gi   6,6Gi   1,4Gi
</span></span></code></pre></div><p><code>free</code> parses <code>/proc/meminfo</code> and prints totals for physical memory and swap, along with kernel buffers and cache. Use <code>-h</code> for human-readable units, <code>-s 1</code> to refresh every second, and <code>-c N</code> to stop after <code>N</code> samples which is handy to get a trend when doing something in parallel. For example, <code>free -s 60 -c 1440</code> gives a 24-hour CSV-friendly record without installing extra monitoring daemons.</p>
<p><strong>Free memory</strong> refers to RAM that is entirely unoccupied. It isn&rsquo;t being used by any process or for caching. On server systems, I tend to view this as wasted since unused memory isn&rsquo;t contributing to performance. Ideally, after a system has been running for some time, this number should remain low.</p>
<p><strong>Available memory</strong>, on the other hand, represents an estimate of how much memory can be used by new or running processes without resorting to swap. It includes free memory plus parts of the cache and buffers that the system can reclaim quickly if needed.</p>
<p>In essence, the distinction in Linux lies here: <em>free</em> memory is idle and unused, while <em>available</em> memory includes both truly free space and memory that can be readily freed up to keep the system responsive without swapping. <strong>It is not a problem to have a low free memory, available memory is usually what to be concerned about.</strong></p>
<p>A healthy system might even show <code>used</code> ≈ <code>total</code> yet <code>available</code> remains large; that mostly reflects cache at work. Your Linux kernel will automatically drop clean cache pages whenever an application needs the space, so cached memory is not wasted. Think of it as a working set that just hasn&rsquo;t been reassigned yet.</p>
<h3 id="spotting-problems-with-free" class="scroll-mt-20 md:scroll-mt-24 wrap-break-word group/heading "><a href="#spotting-problems-with-free" class="group-hover/heading:after:content-['#'] group-hover/heading:after:ml-1.5 group-hover/heading:after:text-content-400" id="spotting-problems-with-free">Spotting problems with <code>free</code></a></h3><ul>
<li><strong>Rapidly shrinking <code>available</code> combined with rising <code>swap used</code></strong> indicates real memory pressure.</li>
<li><strong>Large swap-in/out spikes</strong> point to thrashing workloads or runaway memory consumers.</li>
</ul>
<h2 id="vmstat--report-virtual-memory-statistics" class="scroll-mt-20 md:scroll-mt-24 wrap-break-word group/heading "><a href="#vmstat--report-virtual-memory-statistics" class="group-hover/heading:after:content-['#'] group-hover/heading:after:ml-1.5 group-hover/heading:after:text-content-400" id="vmstat--report-virtual-memory-statistics"><code>vmstat</code> – Report virtual memory statistics</a></h2><p><code>vmstat</code> (virtual memory statistics) displays processes, memory, paging, block-I/O, interrupts, context switches, and CPU utilization in a single line. Run it with an interval and count to watch trends (output shown below has been split into three sections for better readability):</p>
<div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">$ vmstat <span class="m">1</span> <span class="m">3</span>
</span></span><span class="line"><span class="cl">procs -----------memory----------
</span></span><span class="line"><span class="cl"> r  b   swpd   free   buff  cache
</span></span><span class="line"><span class="cl"> <span class="m">2</span>  <span class="m">0</span> <span class="m">7102404</span> <span class="m">1392528</span>     <span class="m">36</span> <span class="m">12335148</span>
</span></span><span class="line"><span class="cl"> <span class="m">0</span>  <span class="m">0</span> <span class="m">7102404</span> <span class="m">1392560</span>     <span class="m">36</span> <span class="m">12335188</span>
</span></span><span class="line"><span class="cl"> <span class="m">0</span>  <span class="m">0</span> <span class="m">7102404</span> <span class="m">1373640</span>     <span class="m">36</span> <span class="m">12349928</span>
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"> ---swap-- -----io----
</span></span><span class="line"><span class="cl">  si   so    bi    bo
</span></span><span class="line"><span class="cl">   <span class="m">8</span>   <span class="m">21</span>   <span class="m">130</span>   <span class="m">724</span>
</span></span><span class="line"><span class="cl">   <span class="m">0</span>    <span class="m">0</span>     <span class="m">0</span>     <span class="m">0</span>
</span></span><span class="line"><span class="cl">   <span class="m">0</span>    <span class="m">0</span>     <span class="m">8</span>    <span class="m">48</span>
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"> -system-- -------cpu-------
</span></span><span class="line"><span class="cl"> in     cs us sy id wa st gu
</span></span><span class="line"><span class="cl"> <span class="m">2851</span>   <span class="m">19</span> <span class="m">15</span>  <span class="m">7</span> <span class="m">77</span>  <span class="m">0</span>  <span class="m">0</span>  <span class="m">0</span>
</span></span><span class="line"><span class="cl"> <span class="m">5779</span> <span class="m">7246</span> <span class="m">14</span> <span class="m">10</span> <span class="m">77</span>  <span class="m">0</span>  <span class="m">0</span>  <span class="m">0</span>
</span></span><span class="line"><span class="cl"> <span class="m">5141</span> <span class="m">6525</span> <span class="m">12</span>  <span class="m">9</span> <span class="m">79</span>  <span class="m">0</span>  <span class="m">0</span>  <span class="m">0</span>
</span></span></code></pre></div><h3 id="anatomy-of-the-output" class="scroll-mt-20 md:scroll-mt-24 wrap-break-word group/heading "><a href="#anatomy-of-the-output" class="group-hover/heading:after:content-['#'] group-hover/heading:after:ml-1.5 group-hover/heading:after:text-content-400" id="anatomy-of-the-output">Anatomy of the output</a></h3><p>From the <code>vmstat(8)</code> manpage:</p>
<div class="highlight"><pre tabindex="0" class="chroma"><code class="language-text" data-lang="text"><span class="line"><span class="cl">Procs
</span></span><span class="line"><span class="cl">    r: The number of runnable processes (running or waiting
</span></span><span class="line"><span class="cl">       for run time).
</span></span><span class="line"><span class="cl">    b: The number of processes blocked waiting for I/O to
</span></span><span class="line"><span class="cl">       complete.
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl">Memory
</span></span><span class="line"><span class="cl">    These are affected by the --unit option.
</span></span><span class="line"><span class="cl">    swpd: the amount of swap memory used.
</span></span><span class="line"><span class="cl">    free: the amount of idle memory.
</span></span><span class="line"><span class="cl">    buff: the amount of memory used as buffers.
</span></span><span class="line"><span class="cl">    cache: the amount of memory used as cache.
</span></span><span class="line"><span class="cl">    inact: the amount of inactive memory.  (-a option)
</span></span><span class="line"><span class="cl">    active: the amount of active memory.  (-a option)
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl">Swap
</span></span><span class="line"><span class="cl">    These are affected by the --unit option.
</span></span><span class="line"><span class="cl">    si: Amount of memory swapped in from disk (/s).
</span></span><span class="line"><span class="cl">    so: Amount of memory swapped to disk (/s).
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl">IO
</span></span><span class="line"><span class="cl">    bi: Kibibyte received from a block device (KiB/s).
</span></span><span class="line"><span class="cl">    bo: Kibibyte sent to a block device (KiB/s).
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl">System
</span></span><span class="line"><span class="cl">    in: The number of interrupts per second, including
</span></span><span class="line"><span class="cl">        the clock.
</span></span><span class="line"><span class="cl">    cs: The number of context switches per second.
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl">CPU
</span></span><span class="line"><span class="cl">    These are percentages of total CPU time.
</span></span><span class="line"><span class="cl">    us: Time spent running non-kernel code.  (user time,
</span></span><span class="line"><span class="cl">        including nice time)
</span></span><span class="line"><span class="cl">    sy: Time spent running kernel code.  (system time)
</span></span><span class="line"><span class="cl">    id: Time spent idle.  Prior to Linux 2.5.41, this
</span></span><span class="line"><span class="cl">        includes IO-wait time.
</span></span><span class="line"><span class="cl">    wa: Time spent waiting for IO.  Prior to Linux 2.5.41,
</span></span><span class="line"><span class="cl">        included in idle.
</span></span><span class="line"><span class="cl">    st: Time stolen from a virtual machine.  Prior to
</span></span><span class="line"><span class="cl">        Linux 2.6.11, unknown.
</span></span><span class="line"><span class="cl">    gu: Time spent running KVM guest code (guest time,
</span></span><span class="line"><span class="cl">        including guest nice).
</span></span></code></pre></div><h3 id="practical-diagnostics" class="scroll-mt-20 md:scroll-mt-24 wrap-break-word group/heading "><a href="#practical-diagnostics" class="group-hover/heading:after:content-['#'] group-hover/heading:after:ml-1.5 group-hover/heading:after:text-content-400" id="practical-diagnostics">Practical diagnostics</a></h3><table>
  <thead>
      <tr>
          <th>Section</th>
          <th>Key Fields</th>
          <th>What to watch</th>
      </tr>
  </thead>
  <tbody>
      <tr>
          <td>Procs</td>
          <td><code>r</code> (run-queue),<br><code>b</code> (blocked)</td>
          <td><code>r</code> &gt; CPU cores = contention</td>
      </tr>
      <tr>
          <td>Memory</td>
          <td><code>swpd</code>, <code>free</code>, <code>buff</code>, <code>cache</code></td>
          <td>Rising <code>swpd</code> with falling <code>free</code> = pressure</td>
      </tr>
      <tr>
          <td>Swap</td>
          <td><code>si</code>, <code>so</code></td>
          <td>Non-zero so means the kernel is swapping out</td>
      </tr>
      <tr>
          <td>IO</td>
          <td><code>bi</code>, <code>bo</code></td>
          <td>High bo + high wa hints at write-heavy workloads</td>
      </tr>
      <tr>
          <td>System</td>
          <td><code>in</code>, <code>cs</code></td>
          <td>Sudden spikes may indicate interrupt storms</td>
      </tr>
      <tr>
          <td>CPU</td>
          <td><code>us</code>, <code>sy</code>, <code>id</code>, <code>wa</code>, <code>st</code></td>
          <td>High wa (I/O wait) = storage bottleneck</td>
      </tr>
  </tbody>
</table>
<h4 id="catching-a-memory-leak" class="scroll-mt-20 md:scroll-mt-24 wrap-break-word group/heading "><a href="#catching-a-memory-leak" class="group-hover/heading:after:content-['#'] group-hover/heading:after:ml-1.5 group-hover/heading:after:text-content-400" id="catching-a-memory-leak">Catching a memory leak</a></h4><p>Run <code>vmstat 500</code> in one terminal while your suspect application runs in another. If <code>free</code> keeps falling and <code>si</code>/<code>so</code> climb over successive samples, physical RAM is being exhausted and the kernel starts swapping, which is classic leak behavior.</p>
<h4 id="finding-io-saturation" class="scroll-mt-20 md:scroll-mt-24 wrap-break-word group/heading "><a href="#finding-io-saturation" class="group-hover/heading:after:content-['#'] group-hover/heading:after:ml-1.5 group-hover/heading:after:text-content-400" id="finding-io-saturation">Finding I/O saturation</a></h4><p>When <code>wa</code> (CPU wait) and <code>bo</code> (blocks out) soar while <code>r</code> remains modest, the CPU is idle but stuck waiting for the disk. Consider adding faster storage or tuning I/O scheduler parameters.</p>
<h4 id="detecting-cpu-over-commit" class="scroll-mt-20 md:scroll-mt-24 wrap-break-word group/heading "><a href="#detecting-cpu-over-commit" class="group-hover/heading:after:content-['#'] group-hover/heading:after:ml-1.5 group-hover/heading:after:text-content-400" id="detecting-cpu-over-commit">Detecting CPU over-commit</a></h4><p>A sustained <code>r</code> that is double the number of logical cores with low <code>wa</code> and plenty of <code>free</code> means CPU is the bottleneck, not memory or I/O. Use <code>top</code> or <code>htop</code> to locate the busiest processes to scale out workloads accordingly.</p>
<h2 id="conclusion" class="scroll-mt-20 md:scroll-mt-24 wrap-break-word group/heading "><a href="#conclusion" class="group-hover/heading:after:content-['#'] group-hover/heading:after:ml-1.5 group-hover/heading:after:text-content-400" id="conclusion">Conclusion</a></h2><p>Mastering <code>free</code> and <code>vmstat</code> gives you a lens into memory usage, swap activity, I/O latency, and CPU load. For everyday debugging: start with <code>free</code> to check if your system is truly out of memory, then use <code>vmstat</code> to reveal the reason, whether it&rsquo;s memory leaks, disk bottlenecks, or CPU saturation.</p>
<p>Stay tuned for the next piece in our &ldquo;System insights with command-line tools&rdquo; series and happy Linux troubleshooting!</p>
]]></content><category scheme="taxonomy:tags" term="toolbox" label="toolbox"/><category scheme="taxonomy:tags" term="free" label="free"/><category scheme="taxonomy:tags" term="vmstat" label="vmstat"/></entry><entry><title type="html">Making sense of software licensing with FSFE REUSE: A guide for open source developers, tips and tricks.</title><id>tag:foundata.com,2025-06-18:/en/blog/2025/fsfe-reuse-open-source-licensing-tips-tricks-spdx-sbom/</id><published>2025-06-18T10:10:00Z</published><updated>2025-06-18T10:10:00Z</updated><link href="https://foundata.com/en/blog/2025/fsfe-reuse-open-source-licensing-tips-tricks-spdx-sbom/?utm_source=feed-atom" rel="alternate" type="text/html"/><link href="https://foundata.com/de/blog/2025/fsfe-reuse-lizenzverwaltung-open-source-tipps-spdx-sbom/?utm_source=feed-atom" rel="alternate" type="text/html" hreflang="de"/><link href="https://foundata.com/en/blog/2024/use-gpl-or-later/?utm_source=feed-atom" rel="related" type="text/html" title='Please use GPLv3 "or-later" instead of "only"'/><link href="https://foundata.com/en/blog/2024/copyleft-open-source-licenses/?utm_source=feed-atom" rel="related" type="text/html" title="Use copyleft licenses for open source or life with the consequences"/><link href="https://foundata.com/en/blog/2024/system-insights-command-line-lslogins-lsmod/?utm_source=feed-atom" rel="related" type="text/html" title="System insights with command-line tools: lslogins and lsmod"/><link href="https://foundata.com/en/blog/2024/system-insights-command-line-lsof-lsblk/?utm_source=feed-atom" rel="related" type="text/html" title="System insights with command-line tools: lsof and lsblk"/><link href="https://foundata.com/en/blog/2024/system-insights-command-line-lscpu-lsusb/?utm_source=feed-atom" rel="related" type="text/html" title="System insights with command-line tools: lscpu and lsusb"/><author><name>Andreas Haerter</name><uri>https://andreashaerter.com/</uri></author><summary type="html">Learn how the FSFE REUSE specification can help you manage licenses with clarity and precision.</summary><content type="html" xml:base="https://foundata.com/"><![CDATA[<p><em>Note: This article was originally released <a href="https://fedoramagazine.org/beginners-guide-for-open-source-developers-for-software-licensing-with-fsfe-reuse/" target="_blank" rel="noreferrer noopener">in the Fedora Magazine</a>.</em></p>
<p>Among the many details developers juggle, software licensing is often treated as an afterthought. We know we need it. However, faced with choosing the right license, tracking inherited code, and keeping things consistent, license management can feel like a bureaucratic burden.</p>
<p>Licensing is what makes the <a href="https://reuse.software/" target="_blank" rel="noreferrer noopener">REUSE project</a>, maintained by the <a href="https://fsfe.org/" target="_blank" rel="noreferrer noopener">Free Software Foundation Europe (FSFE)</a>, such an interesting and important effort. It does not try to replace the legal work involved in choosing a license or deciphering obligations. Instead, <strong>REUSE focuses on the mechanics of software licensing</strong>. It addresses <strong>how we communicate licensing clearly, unambiguously, and reliably in the code itself</strong>. REUSE has been adopted by a <a href="https://api.reuse.software/projects" target="_blank" rel="noreferrer noopener">lot of projects already</a>. These include <a href="https://github.com/SAP/openui5/blob/master/REUSE.toml" target="_blank" rel="noreferrer noopener">SAP</a>, <a href="https://github.com/nextcloud/server/blob/cf1eed2769d928f4a7fe4543d51994331701f2d9/.reuse/dep5" target="_blank" rel="noreferrer noopener">Nextcloud</a> and numerous Ansible community roles and collections.</p>
<p>I recently went down the licensing and supply chain rabbit hole myself. I had to figure out how to apply it to <a href="https://github.com/foundata/" target="_blank" rel="noreferrer noopener">open source projects we work on</a> and explain it to others. Thus, I had the unique experience of learning it from scratch while also teaching it. That process gave me insight into what makes REUSE helpful. I learned where the roadblocks are, and how you can start using it in your own open source work. So this article aims to give additional reasoning and insights for every day usage beyond the scope of a quick start tutorial.</p>
<p>For those who prefer video, I also gave a <a href="https://media.ccc.de/v/gpn23-268-fsfe-reuse-einfache-lizenz-und-quellenverwaltung-fr-software-projekte" target="_blank" rel="noreferrer noopener">REUSE presentation on this topic at GPN23 in German</a> (it contains essentially the same content as the text):</p>
<div style="position: relative; padding-bottom: 56.25%; height: 0; overflow: hidden;">
<iframe src="https://media.ccc.de/v/gpn23-268-fsfe-reuse-einfache-lizenz-und-quellenverwaltung-fr-software-projekte/oembed" frameborder="0" allowfullscreen style="position: absolute; top: 0; left: 0; width: 100%; height: 100%; border:0;" title="Media CCC Video"></iframe>
</div>
<h2 id="why-licensing-still-feels-broken" class="scroll-mt-20 md:scroll-mt-24 wrap-break-word group/heading "><a href="#why-licensing-still-feels-broken" class="group-hover/heading:after:content-['#'] group-hover/heading:after:ml-1.5 group-hover/heading:after:text-content-400" id="why-licensing-still-feels-broken">Why licensing still feels broken</a></h2><p>If you&rsquo;ve ever tried to make sense of licensing in a codebase with contributions from half a dozen sources, or tried to package software only to find ambiguous or conflicting license declarations, you&rsquo;ve seen the brokenness first hand. It&rsquo;s a common pain point.</p>
<p>You start coding. A <code>LICENSE</code> file goes in the root. Maybe it&rsquo;s <a href="https://choosealicense.com/licenses/mit/" target="_blank" rel="noreferrer noopener">MIT</a>, maybe <a href="https://choosealicense.com/licenses/apache-2.0/" target="_blank" rel="noreferrer noopener">Apache 2.0</a>, maybe <a href="https://foundata.com/en/blog/2024/use-gpl-or-later/">GPLv3-or-later</a>. We figure that&rsquo;s enough. For the most part, tools like <a href="https://github.com/licensee/licensee" target="_blank" rel="noreferrer noopener">Licensee</a> (which Github uses) will scan that file and report the project as single-licensed under whatever it finds.</p>
<p>But that is only part of the picture.</p>
<p>Real-world projects grow messy over time. Files come in from various places. Pull requests, upstream forks, old backups. Someone pastes in a script from Stack Overflow. Someone else uploads a code generator output. Over time, the repository becomes a tangle of files with unclear origins. The top-level <code>LICENSE</code> file can&rsquo;t speak for all of it any more. But the tools like licensee don&rsquo;t know that, and often neither do the maintainers.</p>
<p><strong>If you provide code without clear licensing information, you make it hard for the open source ecosystem to collaborate with or consume your work</strong>. Unfortunately, approaches to <strong>automatic license detection can&rsquo;t deliver the needed certainty</strong>. They rely on fuzzy matching, heuristics, and assumptions (like there is &ldquo;one license for the project&rdquo;). This just does not cut it when legal clarity is required. Automatic license heuristics are complicated and will never deliver reliable results for all the possible use cases.</p>
<h2 id="fsfe-reuse-to-the-rescue" class="scroll-mt-20 md:scroll-mt-24 wrap-break-word group/heading "><a href="#fsfe-reuse-to-the-rescue" class="group-hover/heading:after:content-['#'] group-hover/heading:after:ml-1.5 group-hover/heading:after:text-content-400" id="fsfe-reuse-to-the-rescue">FSFE REUSE to the rescue</a></h2><p>Rather than trying to detect or infer licensing, REUSE asks developers to be explicit in a machine-readable, auditable way:</p>
<ol>
<li><strong><a href="https://reuse.software/spec-3.3/#license-files" target="_blank" rel="noreferrer noopener">There has to be a text copy of every used license</a> below a <code>LICENSES/</code> directory</strong><sup id="fnref:1"><a href="#fn:1" class="footnote-ref" role="doc-noteref">1</a></sup> in the root of the project.</li>
<li><strong>Each file in your project must have <a href="https://reuse.software/spec-3.3/#licensing-information" target="_blank" rel="noreferrer noopener">machine-readable copyright and licensing information associated</a> with it</strong>.</li>
</ol>
<p>Again: This matters. It means anyone—an auditor, a packager, a contributor, or a compliance team—can look at any file in your repository and immediately understand its legal status. There is no guessing, no cross-referencing, no &ldquo;well maybe this falls under the MIT license because the rest of the project does.&rdquo; It&rsquo;s explicit. It&rsquo;s standardized. And it is quickly <a href="https://reuse.readthedocs.io/en/stable/man/reuse-lint.html" target="_blank" rel="noreferrer noopener">lintable</a> which is great for teams with <a href="https://en.wikipedia.org/wiki/Continuous_integration" target="_blank" rel="noreferrer noopener">Continuous Integration</a>.</p>
<p>Following REUSE, adding machine-readable copyright and licensing information can be done in the following ways:</p>
<ul>
<li><strong><a href="https://reuse.software/spec-3.3/#comment-headers" target="_blank" rel="noreferrer noopener">Comment headers</a> or <code>&lt;filename&gt;.license</code></strong> for uncommentable files.</li>
<li><strong><a href="https://reuse.software/spec-3.3/#reusetoml" target="_blank" rel="noreferrer noopener"><code>REUSE.toml</code></a>, a machine-readable copyright file</strong> to address file and directory names. This is especially handy to define:
<ul>
<li>a default license for your project.</li>
<li>deviant licenses for third party artefacts residing in a sub-directory.</li>
</ul>
</li>
</ul>
<p>REUSE backs up its <a href="https://reuse.software/spec/" target="_blank" rel="noreferrer noopener">specification</a> with a simple, focused, <a href="https://github.com/fsfe/reuse-tool" target="_blank" rel="noreferrer noopener"><code>reuse</code> command-line tool</a>. This makes adoption relatively painless (even though all can also be done manually). <a href="https://reuse.software/comparison/" target="_blank" rel="noreferrer noopener">REUSE fits nicely into the ecosystem</a>, especially by relying on <a href="https://spdx.dev/" target="_blank" rel="noreferrer noopener">Software Package Data Exchange (SPDX)</a> and <a href="https://github.com/david-a-wheeler/spdx-tutorial/blob/master/README.md#spdx-license-identifiers" target="_blank" rel="noreferrer noopener">SPDX license identifiers</a>.</p>
<h2 id="usage" class="scroll-mt-20 md:scroll-mt-24 wrap-break-word group/heading "><a href="#usage" class="group-hover/heading:after:content-['#'] group-hover/heading:after:ml-1.5 group-hover/heading:after:text-content-400" id="usage">Usage</a></h2><p>The <a href="https://reuse.software/tutorial/" target="_blank" rel="noreferrer noopener">official REUSE tutorial</a> and the <a href="https://github.com/fsfe/reuse-tool#usage" target="_blank" rel="noreferrer noopener">tool usage section</a> is really good so I will just reproduce a quick start here:</p>
<ol>
<li>Put your licenses in the <code>LICENSES/</code> directory.</li>
<li>Add a comment header to each file that says something like
<div class="highlight"><pre tabindex="0" class="chroma"><code class="language-text" data-lang="text"><span class="line"><span class="cl">SPDX-License-Identifier: GPL-3.0-or-later
</span></span><span class="line"><span class="cl">SPDX-FileCopyrightText: $YEAR $NAME
</span></span></code></pre></div>You can be flexible with the format, just make sure that the line starts with <code>SPDX-License-Identifier:</code> and/or <code>SPDX-FileCopyrightText:</code></li>
</ol>
<h3 id="comment-headers" class="scroll-mt-20 md:scroll-mt-24 wrap-break-word group/heading "><a href="#comment-headers" class="group-hover/heading:after:content-['#'] group-hover/heading:after:ml-1.5 group-hover/heading:after:text-content-400" id="comment-headers">Comment headers</a></h3><p><a href="https://github.com/fsfe/reuse-docs/issues/117#issuecomment-1306963966" target="_blank" rel="noreferrer noopener">REUSE</a>, and many organizations like <a href="https://www.gnu.org/licenses/gpl-howto.html.en#why-license-notices" target="_blank" rel="noreferrer noopener">GNU</a>, recommend including license header comments in source files as it helps to prevent confusion or errors. So even if the <code>REUSE.toml</code> copyright file exists as the central place for licensing information, sometimes files get copied or forked into new projects and third parties might not have a well organized repository bureaucracy. Without a statement about what their license is, moving single files into another context might eliminate all trace of that information.</p>
<p>Example of a header comment:</p>
<div class="highlight"><pre tabindex="0" class="chroma"><code class="language-text" data-lang="text"><span class="line"><span class="cl"># SPDX-FileCopyrightText: Andreas Haerter, ACME Corp (https://example.com)
</span></span><span class="line"><span class="cl"># SPDX-License-Identifier: CC-BY-SA-4.0
</span></span></code></pre></div><p>One with <a href="https://reuse.software/faq/#multi-licensing" target="_blank" rel="noreferrer noopener">dual-licensing</a>:</p>
<div class="highlight"><pre tabindex="0" class="chroma"><code class="language-text" data-lang="text"><span class="line"><span class="cl">/*
</span></span><span class="line"><span class="cl">  SPDX-FileCopyrightText: Jane Doe &lt;j.doe@example.com&gt;
</span></span><span class="line"><span class="cl">  SPDX-License-Identifier: Apache-2.0 OR LGPL-2.1-or-later
</span></span><span class="line"><span class="cl">*/
</span></span></code></pre></div><h3 id="reusetoml" class="scroll-mt-20 md:scroll-mt-24 wrap-break-word group/heading "><a href="#reusetoml" class="group-hover/heading:after:content-['#'] group-hover/heading:after:ml-1.5 group-hover/heading:after:text-content-400" id="reusetoml"><code>REUSE.toml</code></a></h3><p>You might come to the conclusion that to skip adding headers to every file and only using a <code>REUSE.toml</code> is better for your project … fair enough and that will still be compliant. It is also possible to <a href="https://reuse.software/faq/#bulk-license" target="_blank" rel="noreferrer noopener">bulk-license whole directories</a> using this technique. The file format is <a href="https://reuse.software/spec-3.3/#reusetoml" target="_blank" rel="noreferrer noopener">specified</a>, but a simple example helps to get started:</p>
<div class="highlight"><pre tabindex="0" class="chroma"><code class="language-toml" data-lang="toml"><span class="line"><span class="cl"><span class="nx">version</span> <span class="p">=</span> <span class="mi">1</span>
</span></span><span class="line"><span class="cl"><span class="nx">SPDX-PackageName</span> <span class="p">=</span> <span class="s2">&#34;Foo bar project&#34;</span>
</span></span><span class="line"><span class="cl"><span class="nx">SPDX-PackageDownloadLocation</span> <span class="p">=</span> <span class="s2">&#34;https://git.example.com/foobar&#34;</span>
</span></span><span class="line"><span class="cl"><span class="nx">SPDX-PackageSupplier</span> <span class="p">=</span> <span class="s2">&#34;ACME Inc. (https://example.com)&#34;</span>
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"><span class="p">[[</span><span class="nx">annotations</span><span class="p">]]</span>
</span></span><span class="line"><span class="cl"><span class="nx">path</span> <span class="p">=</span> <span class="s2">&#34;**&#34;</span>
</span></span><span class="line"><span class="cl"><span class="nx">precedence</span> <span class="p">=</span> <span class="s2">&#34;closest&#34;</span>
</span></span><span class="line"><span class="cl"><span class="nx">SPDX-FileCopyrightText</span> <span class="p">=</span> <span class="s2">&#34;ACME Inc.&#34;</span>
</span></span><span class="line"><span class="cl"><span class="nx">SPDX-License-Identifier</span> <span class="p">=</span> <span class="s2">&#34;LGPL-2.1-or-later&#34;</span>
</span></span></code></pre></div><h3 id="verification" class="scroll-mt-20 md:scroll-mt-24 wrap-break-word group/heading "><a href="#verification" class="group-hover/heading:after:content-['#'] group-hover/heading:after:ml-1.5 group-hover/heading:after:text-content-400" id="verification">Verification</a></h3><p>Now verify your work using <a href="https://reuse.readthedocs.io/en/stable/man/reuse-lint.html" target="_blank" rel="noreferrer noopener"><code>reuse lint</code></a>:</p>
<div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">$ reuse lint
</span></span><span class="line"><span class="cl"><span class="o">[</span>...<span class="o">]</span>
</span></span><span class="line"><span class="cl">Congratulations! Your project is compliant with version 3.4 of the REUSE Specification :-<span class="o">)</span>
</span></span></code></pre></div><h2 id="demo" class="scroll-mt-20 md:scroll-mt-24 wrap-break-word group/heading "><a href="#demo" class="group-hover/heading:after:content-['#'] group-hover/heading:after:ml-1.5 group-hover/heading:after:text-content-400" id="demo">Demo</a></h2><p>The FSFE created a small screencast<sup id="fnref:2"><a href="#fn:2" class="footnote-ref" role="doc-noteref">2</a></sup>, which follows the <a href="https://reuse.software/tutorial" target="_blank" rel="noreferrer noopener">tutorial</a>, making the <a href="https://github.com/fsfe/reuse-example/" target="_blank" rel="noreferrer noopener">REUSE example repository</a> compliant:</p>
<figure><img class="mx-auto my-0 rounded-xs" alt="REUSE tutorial: Screencast" src="./reuse-tool.gif" loading="lazy"></figure><h2 id="tips-and-tricks" class="scroll-mt-20 md:scroll-mt-24 wrap-break-word group/heading "><a href="#tips-and-tricks" class="group-hover/heading:after:content-['#'] group-hover/heading:after:ml-1.5 group-hover/heading:after:text-content-400" id="tips-and-tricks">Tips and tricks</a></h2><h3 id="needed-vocabulary-when-you-start-learning-or-teaching" class="scroll-mt-20 md:scroll-mt-24 wrap-break-word group/heading "><a href="#needed-vocabulary-when-you-start-learning-or-teaching" class="group-hover/heading:after:content-['#'] group-hover/heading:after:ml-1.5 group-hover/heading:after:text-content-400" id="needed-vocabulary-when-you-start-learning-or-teaching">Needed vocabulary when you start learning or teaching</a></h3><p>To follow documentation and communication in the licensing space, it is important to know about the meaning of:</p>
<ul>
<li><strong><a href="https://spdx.dev/" target="_blank" rel="noreferrer noopener">Software Package Data Exchange (SPDX)</a> and <a href="https://github.com/david-a-wheeler/spdx-tutorial/blob/master/README.md#spdx-license-identifiers" target="_blank" rel="noreferrer noopener">SPDX license identifiers</a>:</strong> A standard for identifying licenses using short, consistent identifiers (like MIT or GPL-3.0-only). It simplifies license tracking and automation.</li>
<li><strong><a href="https://about.gitlab.com/blog/2022/10/25/the-ultimate-guide-to-sboms/#what-is-an-sbom%3F" target="_blank" rel="noreferrer noopener">Software Bill of Materials (SBOM)</a></strong>: A structured list of all software components and their licenses in a project. It helps with transparency, security audits, and legal compliance.</li>
<li><strong><a href="https://en.wikipedia.org/wiki/Copyleft" target="_blank" rel="noreferrer noopener">Copyleft</a> (license)</strong>: A type of open source license that ensures derivative works remain under the same license. It protects user freedoms by requiring shared modifications. The GPL is a well-known example.</li>
<li><strong>Permissive (license)</strong>: A license that allows code to be reused with minimal conditions, including in proprietary software, without giving back modifications. Common examples include MIT, BSD, and Apache 2.0.</li>
<li><strong>TOML</strong>: A configuration <a href="https://toml.io/en/v1.0.0" target="_blank" rel="noreferrer noopener">file format</a>. <code>REUSE.toml</code> (a machine-readable file in your project&rsquo;s root directory) uses it to declare licensing information based on filename patterns.</li>
<li><strong>DEP5:</strong> A machine-readable <a href="https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/" target="_blank" rel="noreferrer noopener">debian/copyright file</a> which was <a href="https://reuse.software/faq/#dep5-history" target="_blank" rel="noreferrer noopener">used before <code>REUSE.toml</code></a>. DEP5, while still supported, has been deprecated since the introduction of <code>REUSE.toml</code>. This is important to know when hitting older documentation or tutorials.</li>
</ul>
<h3 id="my-personal-killer-feature-additional-comments-in-reusetoml" class="scroll-mt-20 md:scroll-mt-24 wrap-break-word group/heading "><a href="#my-personal-killer-feature-additional-comments-in-reusetoml" class="group-hover/heading:after:content-['#'] group-hover/heading:after:ml-1.5 group-hover/heading:after:text-content-400" id="my-personal-killer-feature-additional-comments-in-reusetoml">My personal killer feature: Additional comments in <code>REUSE.toml</code></a></h3><p>It might sound trivial, but it was always cumbersome for me to keep track of the originally used download URLs and other common data around simple third-party files, like &ldquo;this small icon there&rdquo;. From my point of view, the <code>RESUE.toml</code> file is the ideal place to keep additional data on third party files by using SPDX-FileComment without cluttering the repository or the end-user documentation. If there is at least one example, in my experience, maintaining source information and reasoning for third-party files is quickly adopted even in teams without many regulations:</p>
<p><strong>Example 1: <a href="https://github.com/foundata/chocolatey-usewindow.extension/blob/78f22260526a319e83e62456922bb482564f1e41/REUSE.toml#L22-L34" target="_blank" rel="noreferrer noopener"><code>REUSE.toml</code> with sections tracking the original download URLs or notes</a></strong></p>
<div class="highlight"><pre tabindex="0" class="chroma"><code class="language-toml" data-lang="toml"><span class="line"><span class="cl"><span class="p">[...]</span>
</span></span><span class="line"><span class="cl"><span class="p">[[</span><span class="nx">annotations</span><span class="p">]]</span>
</span></span><span class="line"><span class="cl"><span class="nx">path</span> <span class="p">=</span> <span class="s2">&#34;assets/images/window.svg&#34;</span>
</span></span><span class="line"><span class="cl"><span class="nx">precedence</span> <span class="p">=</span> <span class="s2">&#34;closest&#34;</span>
</span></span><span class="line"><span class="cl"><span class="nx">SPDX-FileCopyrightText</span> <span class="p">=</span> <span class="s2">&#34;2022 Refactoring UI Inc.&#34;</span>
</span></span><span class="line"><span class="cl"><span class="nx">SPDX-License-Identifier</span> <span class="p">=</span> <span class="s2">&#34;MIT&#34;</span>
</span></span><span class="line"><span class="cl"><span class="nx">SPDX-FileComment</span> <span class="p">=</span> <span class="s2">&#34;https://github.com/tailwindlabs/heroicons/blob/master/optimized/24/outline/window.svg&#34;</span>
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"><span class="p">[[</span><span class="nx">annotations</span><span class="p">]]</span>
</span></span><span class="line"><span class="cl"><span class="nx">path</span> <span class="p">=</span> <span class="p">[</span><span class="s2">&#34;extensions/Find-WindowHandle.ps1&#34;</span><span class="p">,</span> <span class="s2">&#34;extensions/Helper.ps1&#34;</span><span class="p">]</span>
</span></span><span class="line"><span class="cl"><span class="nx">precedence</span> <span class="p">=</span> <span class="s2">&#34;closest&#34;</span>
</span></span><span class="line"><span class="cl"><span class="nx">SPDX-FileCopyrightText</span> <span class="p">=</span> <span class="s2">&#34;2018 Grégoire Geis (https://github.com/71/Focus-Window/)&#34;</span>
</span></span><span class="line"><span class="cl"><span class="nx">SPDX-License-Identifier</span> <span class="p">=</span> <span class="s2">&#34;MIT&#34;</span>
</span></span><span class="line"><span class="cl"><span class="nx">SPDX-FileComment</span> <span class="p">=</span> <span class="s2">&#34;Slightly adapted for this project by foundata GmbH (https://foundata.com)&#34;</span>
</span></span><span class="line"><span class="cl"><span class="p">[...]</span>
</span></span></code></pre></div><p><strong>Example 2:</strong> The <a href="https://github.com/SAP/openui5/blob/7ff18ab1ded47570228b5fc6c3da1ad135d6bc3e/REUSE.toml#L539-L561" target="_blank" rel="noreferrer noopener">REUSE.toml from SAP/openui5</a> which uses the file patterns and comments to keep track of single files copied from other projects:</p>
<div class="highlight"><pre tabindex="0" class="chroma"><code class="language-toml" data-lang="toml"><span class="line"><span class="cl"><span class="p">[...]</span>
</span></span><span class="line"><span class="cl"><span class="p">[[</span><span class="nx">annotations</span><span class="p">]]</span>
</span></span><span class="line"><span class="cl"><span class="nx">path</span> <span class="p">=</span> <span class="s2">&#34;src/sap.ui.integration/test/sap/ui/integration/demokit/cardExplorer/webapp/thirdparty/CfWorkerJsonSchemaValidator.js&#34;</span>
</span></span><span class="line"><span class="cl"><span class="nx">precedence</span> <span class="p">=</span> <span class="s2">&#34;aggregate&#34;</span>
</span></span><span class="line"><span class="cl"><span class="nx">SPDX-FileCopyrightText</span> <span class="p">=</span> <span class="s2">&#34;2020 Jeremy Danyow&#34;</span>
</span></span><span class="line"><span class="cl"><span class="nx">SPDX-License-Identifier</span> <span class="p">=</span> <span class="s2">&#34;MIT&#34;</span>
</span></span><span class="line"><span class="cl"><span class="nx">SPDX-FileComment</span> <span class="p">=</span> <span class="s2">&#34;these files belong to: @cfworker/json-schema&#34;</span>
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"><span class="c"># Library: sap.ui.webc.common:</span>
</span></span><span class="line"><span class="cl"><span class="p">[[</span><span class="nx">annotations</span><span class="p">]]</span>
</span></span><span class="line"><span class="cl"><span class="nx">path</span> <span class="p">=</span> <span class="p">[</span>
</span></span><span class="line"><span class="cl">    <span class="s2">&#34;src/sap.ui.webc.common/src/sap/ui/webc/common/thirdparty/base/**&#34;</span><span class="p">,</span>
</span></span><span class="line"><span class="cl">    <span class="s2">&#34;src/sap.ui.webc.common/src/sap/ui/webc/common/thirdparty/theming/**&#34;</span><span class="p">,</span>
</span></span><span class="line"><span class="cl">    <span class="s2">&#34;src/sap.ui.webc.common/src/sap/ui/webc/common/thirdparty/localization/**&#34;</span><span class="p">,</span>
</span></span><span class="line"><span class="cl">    <span class="s2">&#34;src/sap.ui.webc.common/src/sap/ui/webc/common/thirdparty/icons/**&#34;</span><span class="p">,</span>
</span></span><span class="line"><span class="cl">    <span class="s2">&#34;src/sap.ui.webc.common/src/sap/ui/webc/common/thirdparty/icons-tnt/**&#34;</span><span class="p">,</span>
</span></span><span class="line"><span class="cl">    <span class="s2">&#34;src/sap.ui.webc.common/src/sap/ui/webc/common/thirdparty/icons-business-suite/**&#34;</span>
</span></span><span class="line"><span class="cl"><span class="p">]</span>
</span></span><span class="line"><span class="cl"><span class="nx">precedence</span> <span class="p">=</span> <span class="s2">&#34;aggregate&#34;</span>
</span></span><span class="line"><span class="cl"><span class="nx">SPDX-FileCopyrightText</span> <span class="p">=</span> <span class="s2">&#34;SAP&#34;</span>
</span></span><span class="line"><span class="cl"><span class="nx">SPDX-License-Identifier</span> <span class="p">=</span> <span class="s2">&#34;Apache-2.0&#34;</span>
</span></span><span class="line"><span class="cl"><span class="nx">SPDX-FileComment</span> <span class="p">=</span> <span class="s2">&#34;these files belong to: UI5 Web Components&#34;</span>
</span></span><span class="line"><span class="cl"><span class="p">[...]</span>
</span></span></code></pre></div><h3 id="readme-section-template-about-licensing-and-copyright-for-humans" class="scroll-mt-20 md:scroll-mt-24 wrap-break-word group/heading "><a href="#readme-section-template-about-licensing-and-copyright-for-humans" class="group-hover/heading:after:content-['#'] group-hover/heading:after:ml-1.5 group-hover/heading:after:text-content-400" id="readme-section-template-about-licensing-and-copyright-for-humans"><code>README</code> section template about licensing and copyright for humans</a></h3><p>I find it useful to have a generic, easy to adapt text snippet for the README.md or a comparable central place which is easy for humans to notice and read. I created and use the following template, taking advantage of the existing REUSE information to make the section basically maintenance free without being useless:</p>
<div class="highlight"><pre tabindex="0" class="chroma"><code class="language-text" data-lang="text"><span class="line"><span class="cl">## Licensing, copyright
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl">&lt;!--REUSE-IgnoreStart--&gt;
</span></span><span class="line"><span class="cl">Copyright (c) YYYY, ACME Inc.
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl">This project is licensed under the GNU General Public License v3.0 or later (SPDX-License-Identifier: `GPL-3.0-or-later`), see [`LICENSES/GPL-3.0-or-later.txt`](LICENSES/GPL-3.0-or-later.txt) for the full text.
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl">The [`REUSE.toml`](REUSE.toml) file provides detailed licensing and copyright information in a human- and machine-readable format. This includes parts that may be subject to different licensing or usage terms, such as third-party components. The repository conforms to the [REUSE specification](https://reuse.software/spec/). You can use [`reuse spdx`](https://reuse.readthedocs.io/en/latest/readme.html#cli) to create a [SPDX software bill of materials (SBOM)](https://en.wikipedia.org/wiki/Software_Package_Data_Exchange).
</span></span><span class="line"><span class="cl">&lt;!--REUSE-IgnoreEnd--&gt;
</span></span></code></pre></div><p>Replace <code>YYYY</code> with the year of the first release or <a href="https://reuse.readthedocs.io/en/latest/scripts.html#starting-point-of-the-codebase" target="_blank" rel="noreferrer noopener">code contribution</a> and adapt the mentioned license, filenames and links as needed. The HTML comments prevent REUSE linting errors when e.g. listing multiple licenses.</p>
<p>The wording is already pointing to the copyright file (<code>REUSE.toml</code>) and mentions that parts of the project might be subject to different licensing than the main one. If this is not good enough, feel free to adapt the wording of the main &ldquo;licensed under&rdquo; sentence to highlight the main licensing rules without the need to maintain every single bit outside of the copyright file. Examples (adapt as needed):</p>
<div class="highlight"><pre tabindex="0" class="chroma"><code class="language-text" data-lang="text"><span class="line"><span class="cl">The project is dual-licensed under the
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl">* GNU General Public License v3.0 or later (SPDX-License-Identifier: `GPL-3.0-or-later`), see [`LICENSES/GPL-3.0-or-later.txt`](./LICENSES/GPL-3.0-or-later.txt) for the full text.
</span></span><span class="line"><span class="cl">* Apache License 2.0 (SPDX-License-Identifier: `Apache-2.0`), see [`LICENSES/Apache-2.0.txt`](./LICENSES/Apache-2.0.txt) for the full text.
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl">[... usual template follows ...]
</span></span></code></pre></div><h3 id="license-detection-on-github-or-gitlab" class="scroll-mt-20 md:scroll-mt-24 wrap-break-word group/heading "><a href="#license-detection-on-github-or-gitlab" class="group-hover/heading:after:content-['#'] group-hover/heading:after:ml-1.5 group-hover/heading:after:text-content-400" id="license-detection-on-github-or-gitlab">License detection on Github or Gitlab</a></h3><p>If you follow REUSE, you will notice that Github and Gitlab are no longer able to detect licensing information for your repository.</p>
<p>Even if automatic licensing is broken by design for the reasons outlined above, it is understood that it would be nice if all the broken license detection tools spit out something, even unreliable but working, for indexes and searches (for the sole reason of not having a disadvantage if inexperienced users are searching for projects and filter by often broken meta data).</p>
<p>If you need this, put the stated &ldquo;license with the highest freedom protections&rdquo; just for search-indexes and GitHub in a <code>LICENSE</code> or <code>COPYING</code> file in the root directory of your project:</p>
<ol>
<li><a href="https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/licensing-a-repository#detecting-a-license" target="_blank" rel="noreferrer noopener">GitHub uses Licensee</a> to attempt to identify the license of a project and <a href="https://github.com/licensee/licensee/issues/490" target="_blank" rel="noreferrer noopener">Licensee does not support the REUSE specification</a>.</li>
<li>A workaround to fix the automatic license detection of GitHub and <a href="https://forum.openmod.org/t/reuse-incompatible-to-auto-detection-of-license-s/3590" target="_blank" rel="noreferrer noopener">others</a> is to place an additional <code>LICENSE</code> or <code>COPYING</code> file in the root directory of your project. This is <a href="https://reuse.software/faq/#tradition" target="_blank" rel="noreferrer noopener">allowable by REUSE</a>. These files are explicitly <a href="https://github.com/fsfe/reuse-tool/blob/0e111c423ccf927f73a9ae7b39d3f88268b015b9/src/reuse/__init__.py#L66-L77" target="_blank" rel="noreferrer noopener">ignored by the toolset</a> and do not need an additional <code>.license</code> file or header.</li>
<li>If you want to prevent a duplication of License texts, beware of another issue with Licensee: You can place a symlink at <code>LICENSES/&lt;your license&gt;.txt</code> pointing to the <code>LICENSE</code> or <code>COPYING</code> file in the project&rsquo;s root directory. reuse lint will follow that link. <a href="https://github.com/licensee/licensee/pull/42" target="_blank" rel="noreferrer noopener">Licensee sadly does not even support symlinks</a>, so a more logical symlink from <code>LICENSE</code> or <code>COPYING</code> pointing to <code>LICENSES/&lt;your license&gt;.txt</code> is not solving the issue. I therefore recommend a real <em>copy</em> instead of a symlink to keep things accessible when using the workaround.</li>
</ol>
<p>I, for myself, would use this workaround <em>only</em> if a single license is used for all of the project&rsquo;s files. This would prevent misunderstandings or conflicts and simply ignore GitHub&rsquo;s limited behavior in all other cases.</p>
<h3 id="years-in-copyright-texts" class="scroll-mt-20 md:scroll-mt-24 wrap-break-word group/heading "><a href="#years-in-copyright-texts" class="group-hover/heading:after:content-['#'] group-hover/heading:after:ml-1.5 group-hover/heading:after:text-content-400" id="years-in-copyright-texts">Years in copyright texts</a></h3><p>This is not exactly a REUSE topic but I noticed it is discussed quite a lot when a project starts adopting REUSE. <a href="https://en.wikipedia.org/wiki/IANAL" target="_blank" rel="noreferrer noopener">IANAL</a>, but it is not necessary to update the copyright year since the main legal intention is to state the year of the first public release or code contribution. But it is common to do so anyway, especially since it shows third parties that a project is still alive.</p>
<p>I usually propose the following which might also be a useful technique for your project:</p>
<ul>
<li>Update the copyright data but maintain the copyright year only at central places like a project&rsquo;s <code>README.md</code> reduce the maintenance effort.</li>
<li>Simply add each year with a release or updates separated by commas. You can use a timespan (<code>yearX-yearY</code>) for multiple subsequent years.</li>
<li>Example:
<ul>
<li>The first release and copyright statement was <code>Copyright (c) 2013</code>.</li>
<li>There were releases or updates in several but not all years afterwards:
<ul>
<li>2023 → <code>Copyright (c) 2013, 2015, 2018-2021, 2023</code>.</li>
<li>2015 → <code>Copyright (c) 2013, 2015</code>.</li>
<li>2018 → <code>Copyright (c) 2013, 2015, 2018</code>.</li>
<li>2019 → <code>Copyright (c) 2013, 2015, 2018, 201</code>9.</li>
<li>2020 → <code>Copyright (c) 2013, 2015, 2018-2020</code>.</li>
<li>2021 → <code>Copyright (c) 2013, 2015, 2018-2021</code>.</li>
</ul>
</li>
</ul>
</li>
</ul>
<h2 id="conclusion" class="scroll-mt-20 md:scroll-mt-24 wrap-break-word group/heading "><a href="#conclusion" class="group-hover/heading:after:content-['#'] group-hover/heading:after:ml-1.5 group-hover/heading:after:text-content-400" id="conclusion">Conclusion</a></h2><p>Licensing clarity is needed for sustainable collaboration in open source. The REUSE specification doesn&rsquo;t try to replace legal frameworks or licensing decisions, but it makes the messy practicalities of license management predictable, explicit, and automatable.</p>
<p>Adopting REUSE can feel like extra effort at first, especially for existing codebases. But once in place, it pays off by making your project easier to understand, maintain, package, and … reuse… 🙂 . REUSE helps you express the legal structure of your project in a way that machines and humans can agree on. And that&rsquo;s worth a lot.</p>
<div class="footnotes" role="doc-endnotes">
<hr>
<ol>
<li id="fn:1">
<p>Using the<code>LICENSES/</code> directory is also recommended by the <a href="https://github.com/coreinfrastructure/best-practices-badge/blob/main/docs/criteria.md#license_location" target="_blank" rel="noreferrer noopener">CII best practices</a>, and implemented by the <a href="https://github.com/torvalds/linux/tree/master/LICENSES" target="_blank" rel="noreferrer noopener">Linux Kernel</a>.&#160;<a href="#fnref:1" class="footnote-backref" role="doc-backlink">&#x21a9;&#xfe0e;</a></p>
</li>
<li id="fn:2">
<p>Source: <a href="https://download.fsfe.org/videos/reuse/screencasts/reuse-tool.gif" target="_blank" rel="noreferrer noopener">https://download.fsfe.org/videos/reuse/screencasts/reuse-tool.gif</a>, Copyright © 2001-2025 <a href="https://fsfe.org/" target="_blank" rel="noreferrer noopener">Free Software Foundation Europe</a>, Verbatim copying and distribution is permitted in any medium, provided this notice is preserved.&#160;<a href="#fnref:2" class="footnote-backref" role="doc-backlink">&#x21a9;&#xfe0e;</a></p>
</li>
</ol>
</div>
]]></content><category scheme="taxonomy:tags" term="open-source" label="open-source"/><category scheme="taxonomy:tags" term="license" label="license"/><category scheme="taxonomy:tags" term="toolbox" label="toolbox"/><category scheme="taxonomy:tags" term="fsfe" label="fsfe"/><category scheme="taxonomy:tags" term="reuse" label="reuse"/><category scheme="taxonomy:tags" term="compliance" label="compliance"/><category scheme="taxonomy:tags" term="spdx" label="spdx"/></entry><entry><title type="html">System insights with command-line tools: lslogins and lsmod</title><id>tag:foundata.com,2024-12-30:/en/blog/2024/system-insights-command-line-lslogins-lsmod/</id><published>2024-12-30T19:57:00Z</published><updated>2024-12-30T19:57:00Z</updated><link href="https://foundata.com/en/blog/2024/system-insights-command-line-lslogins-lsmod/?utm_source=feed-atom" rel="alternate" type="text/html"/><link href="https://foundata.com/de/blog/2024/systemeinblicke-kommandozeile-lslogins-lsmod/?utm_source=feed-atom" rel="alternate" type="text/html" hreflang="de"/><link href="https://foundata.com/en/blog/2024/system-insights-command-line-lsof-lsblk/?utm_source=feed-atom" rel="related" type="text/html" title="System insights with command-line tools: lsof and lsblk"/><link href="https://foundata.com/en/blog/2024/system-insights-command-line-lscpu-lsusb/?utm_source=feed-atom" rel="related" type="text/html" title="System insights with command-line tools: lscpu and lsusb"/><link href="https://foundata.com/en/blog/2024/system-insights-command-line-dmidecode-lspci/?utm_source=feed-atom" rel="related" type="text/html" title="System insights with command-line tools: dmidecode and lspci"/><link href="https://foundata.com/en/blog/2024/cve-2024-6387-regresshion-openssh-rce-vulnerability/?utm_source=feed-atom" rel="related" type="text/html" title="OpenSSH Vulnerability: regreSSHion (CVE-2024-6387), Remote Code Execution (RCE)"/><link href="https://foundata.com/en/blog/2024/quectel-em05-g-thinkpad-t14-gen4-fedora-linux/?utm_source=feed-atom" rel="related" type="text/html" title="Quectel EM05-G (LTE module) with ThinkPad T14 Gen4 on Fedora 39 and 40"/><author><name>Andreas Haerter</name><uri>https://andreashaerter.com/</uri></author><summary type="html">An article introducing the command line tools `lslogins` and `lsmod`.</summary><content type="html" xml:base="https://foundata.com/"><![CDATA[<p><em>Note: This article was originally released <a href="https://fedoramagazine.org/system-insights-command-line-lslogins-lsmod/" target="_blank" rel="noreferrer noopener">in the Fedora Magazine</a>.</em></p>
<p>Continuing our <a href="https://foundata.com/en/blog/2024/system-insights-command-line-lscpu-lsusb/">exploration</a> <a href="https://foundata.com/en/blog/2024/system-insights-command-line-dmidecode-lspci/">of</a> <a href="https://foundata.com/en/blog/2024/system-insights-command-line-lsof-lsblk/">commands</a> that provide insights into the inner workings of your Linux system, we turn our focus to more simple ones like <code>lslogins</code> and <code>lsmod</code>. These tools offer information about user accounts and <a href="https://en.wikipedia.org/wiki/Monolithic_kernel#Loadable_modules" target="_blank" rel="noreferrer noopener">kernel modules</a>, respectively.</p>
<h2 id="lslogins-look-into-user-accounts" class="scroll-mt-20 md:scroll-mt-24 wrap-break-word group/heading "><a href="#lslogins-look-into-user-accounts" class="group-hover/heading:after:content-['#'] group-hover/heading:after:ml-1.5 group-hover/heading:after:text-content-400" id="lslogins-look-into-user-accounts"><code>lslogins</code>: Look into User Accounts</a></h2><p><code>lslogins</code> is a command that extracts and displays detailed information about user accounts on your system. It pulls data from <code>/etc/passwd</code> and <code>/etc/shadow</code> files, along with system logs, to give you a comprehensive overview. It is especially useful to look for login failures and to list group memberships.</p>
<h3 id="basic-usage" class="scroll-mt-20 md:scroll-mt-24 wrap-break-word group/heading "><a href="#basic-usage" class="group-hover/heading:after:content-['#'] group-hover/heading:after:ml-1.5 group-hover/heading:after:text-content-400" id="basic-usage">Basic Usage</a></h3><p>Run the command without arguments to display a summary of all user accounts:</p>
<div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">lslogins
</span></span></code></pre></div><p>This provides an overview including UID (User ID), GID (Group ID), user name, and last login details.</p>
<h3 id="common-options-and-usage-example" class="scroll-mt-20 md:scroll-mt-24 wrap-break-word group/heading "><a href="#common-options-and-usage-example" class="group-hover/heading:after:content-['#'] group-hover/heading:after:ml-1.5 group-hover/heading:after:text-content-400" id="common-options-and-usage-example">Common options and usage example</a></h3><ul>
<li><code>-u</code>: Display only user accounts and <code>root</code> (filtering out system accounts with UIDs below 1000).</li>
<li><code>-G</code>: Display information about exiting groups.</li>
<li><code>-g &lt;group&gt;</code>: Show users of a specific group (e.g. <code>wheel</code> which usually has <code>sudo</code>-permissions on a Red Hat system).</li>
<li><code>-e</code>: Display in an export-able key-value output format, separated by space.</li>
<li><code>-L</code>: List last logins and password information (empty, logged, nologin).</li>
</ul>
<p>Examples, listing the last logins and password information (empty, logged, nologin) of non-system user accounts on my laptop as well as group memberships:</p>
<div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">$ lslogins -L -p -u
</span></span><span class="line"><span class="cl"> UID USER      LAST-TTY LAST-HOSTNAME LAST-LOGIN PWD-EMPTY PWD-LOCK PWD-DENY NOLOGIN HUSHED PWD-METHOD
</span></span><span class="line"><span class="cl">   <span class="m">0</span> root                                                                          <span class="m">0</span>
</span></span><span class="line"><span class="cl"><span class="m">1000</span> ahaerter  tty2     tty2               01:16                                   <span class="m">0</span>      <span class="m">0</span>
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl">$ lslogins -G -u
</span></span><span class="line"><span class="cl"> UID USER       GID GROUP     SUPP-GIDS  SUPP-GROUPS
</span></span><span class="line"><span class="cl">   <span class="m">0</span> root         <span class="m">0</span> root
</span></span><span class="line"><span class="cl"><span class="m">1000</span> ahaerter  <span class="m">1000</span> user      971,10,977 docker,wheel
</span></span></code></pre></div><h2 id="lsmod-listing-kernel-modules-for-further-inspection" class="scroll-mt-20 md:scroll-mt-24 wrap-break-word group/heading "><a href="#lsmod-listing-kernel-modules-for-further-inspection" class="group-hover/heading:after:content-['#'] group-hover/heading:after:ml-1.5 group-hover/heading:after:text-content-400" id="lsmod-listing-kernel-modules-for-further-inspection"><code>lsmod</code>: Listing Kernel modules for further inspection</a></h2><p>The Linux kernel is <a href="https://en.wikipedia.org/wiki/Tanenbaum%E2%80%93Torvalds_debate" target="_blank" rel="noreferrer noopener">fundamentally monolithic</a> in design, but it also provides the capability to load and unload modules at runtime. A kernel module is generally understood as a component or an extension of the kernel. For example, hardware drivers (e.g., Wi-Fi cards, sound cards, etc.) are usually implemented as modules. The <code>lsmod</code> command provides a nice overview of all currently loaded kernel modules.</p>
<h3 id="basic-usage-1" class="scroll-mt-20 md:scroll-mt-24 wrap-break-word group/heading "><a href="#basic-usage-1" class="group-hover/heading:after:content-['#'] group-hover/heading:after:ml-1.5 group-hover/heading:after:text-content-400" id="basic-usage-1">Basic usage</a></h3><p>Simply type:</p>
<div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">lsmod
</span></span></code></pre></div><p>This displays a table with three columns:</p>
<ol>
<li>Module: The name of the kernel module.</li>
<li>Size: The memory size (in bytes) the module occupies.</li>
<li>Used By: Lists the dependent modules or kernel features.</li>
</ol>
<p>Example output:</p>
<div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">$ lsmod
</span></span><span class="line"><span class="cl">Module                  Size  Used by
</span></span><span class="line"><span class="cl">overlay               <span class="m">241664</span>  <span class="m">0</span>
</span></span><span class="line"><span class="cl">tun                    <span class="m">73728</span>  <span class="m">2</span>
</span></span><span class="line"><span class="cl">snd_usb_audio         <span class="m">614400</span>  <span class="m">0</span>
</span></span><span class="line"><span class="cl">snd_usbmidi_lib        <span class="m">57344</span>  <span class="m">1</span> snd_usb_audio
</span></span><span class="line"><span class="cl">snd_ump                <span class="m">49152</span>  <span class="m">1</span> snd_usb_audio
</span></span><span class="line"><span class="cl">snd_rawmidi            <span class="m">57344</span>  <span class="m">2</span> snd_usbmidi_lib,snd_ump
</span></span><span class="line"><span class="cl">hid_jabra              <span class="m">16384</span>  <span class="m">0</span>
</span></span><span class="line"><span class="cl">uinput                 <span class="m">20480</span>  <span class="m">0</span>
</span></span><span class="line"><span class="cl">rfcomm                <span class="m">102400</span>  <span class="m">16</span>
</span></span><span class="line"><span class="cl">snd_seq_dummy          <span class="m">12288</span>  <span class="m">0</span>
</span></span><span class="line"><span class="cl">snd_hrtimer            <span class="m">12288</span>  <span class="m">1</span>
</span></span><span class="line"><span class="cl">wireguard             <span class="m">122880</span>  <span class="m">0</span>
</span></span><span class="line"><span class="cl">curve25519_x86_64      <span class="m">36864</span>  <span class="m">1</span> wireguard
</span></span><span class="line"><span class="cl">libcurve25519_generic    <span class="m">45056</span>  <span class="m">2</span> curve25519_x86_64,wireguard
</span></span><span class="line"><span class="cl">ip6_udp_tunnel         <span class="m">16384</span>  <span class="m">1</span> wireguard
</span></span><span class="line"><span class="cl">udp_tunnel             <span class="m">36864</span>  <span class="m">1</span> wireguard
</span></span><span class="line"><span class="cl">nf_conntrack_netbios_ns    <span class="m">12288</span>  <span class="m">1</span>
</span></span><span class="line"><span class="cl">nf_conntrack_broadcast    <span class="m">12288</span>  <span class="m">1</span> nf_conntrack_netbios_ns
</span></span><span class="line"><span class="cl">nft_fib_inet           <span class="m">12288</span>  <span class="m">1</span>
</span></span><span class="line"><span class="cl">nft_fib_ipv4           <span class="m">12288</span>  <span class="m">1</span> nft_fib_inet
</span></span><span class="line"><span class="cl">nft_fib_ipv6           <span class="m">12288</span>  <span class="m">1</span> nft_fib_inet
</span></span><span class="line"><span class="cl">nft_fib                <span class="m">12288</span>  <span class="m">3</span> nft_fib_ipv6,nft_fib_ipv4,nft_fib_inet
</span></span><span class="line"><span class="cl"><span class="o">[</span>...<span class="o">]</span>
</span></span></code></pre></div><h3 id="usage-examples" class="scroll-mt-20 md:scroll-mt-24 wrap-break-word group/heading "><a href="#usage-examples" class="group-hover/heading:after:content-['#'] group-hover/heading:after:ml-1.5 group-hover/heading:after:text-content-400" id="usage-examples">Usage examples</a></h3><p>While <code>lsmod</code> doesn’t have options, pairing it with other commands enhances its utility:</p>
<ul>
<li>Combine with <code>modinfo</code>: Get detailed information about a specific module, including its author, license, and description.</li>
<li>Debug with <code>dmesg</code>: Correlate kernel log messages with loaded modules to diagnose boot-time issues.</li>
</ul>
<div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">modinfo &lt;module_name&gt;
</span></span><span class="line"><span class="cl">sudo dmesg <span class="p">|</span> grep &lt;module_name&gt;
</span></span></code></pre></div><h2 id="conclusion" class="scroll-mt-20 md:scroll-mt-24 wrap-break-word group/heading "><a href="#conclusion" class="group-hover/heading:after:content-['#'] group-hover/heading:after:ml-1.5 group-hover/heading:after:text-content-400" id="conclusion">Conclusion</a></h2><p>Commands like <code>lslogins</code> and <code>lsmod</code> can give you easy insights into user management and kernel behavior. Try them out today, and think about combining their output with other tools to appreciate their capabilities.</p>
]]></content><category scheme="taxonomy:tags" term="toolbox" label="toolbox"/><category scheme="taxonomy:tags" term="lslogins" label="lslogins"/><category scheme="taxonomy:tags" term="lsmod" label="lsmod"/></entry><entry><title type="html">System insights with command-line tools: lsof and lsblk</title><id>tag:foundata.com,2024-09-11:/en/blog/2024/system-insights-command-line-lsof-lsblk/</id><published>2024-09-11T20:21:00Z</published><updated>2024-09-11T20:21:00Z</updated><link href="https://foundata.com/en/blog/2024/system-insights-command-line-lsof-lsblk/?utm_source=feed-atom" rel="alternate" type="text/html"/><link href="https://foundata.com/de/blog/2024/systemeinblicke-kommandozeile-lsof-lsblk/?utm_source=feed-atom" rel="alternate" type="text/html" hreflang="de"/><link href="https://foundata.com/en/blog/2024/system-insights-command-line-lscpu-lsusb/?utm_source=feed-atom" rel="related" type="text/html" title="System insights with command-line tools: lscpu and lsusb"/><link href="https://foundata.com/en/blog/2024/system-insights-command-line-dmidecode-lspci/?utm_source=feed-atom" rel="related" type="text/html" title="System insights with command-line tools: dmidecode and lspci"/><link href="https://foundata.com/en/blog/2024/cve-2024-6387-regresshion-openssh-rce-vulnerability/?utm_source=feed-atom" rel="related" type="text/html" title="OpenSSH Vulnerability: regreSSHion (CVE-2024-6387), Remote Code Execution (RCE)"/><link href="https://foundata.com/en/blog/2024/quectel-em05-g-thinkpad-t14-gen4-fedora-linux/?utm_source=feed-atom" rel="related" type="text/html" title="Quectel EM05-G (LTE module) with ThinkPad T14 Gen4 on Fedora 39 and 40"/><link href="https://foundata.com/en/blog/2024/use-gpl-or-later/?utm_source=feed-atom" rel="related" type="text/html" title='Please use GPLv3 "or-later" instead of "only"'/><author><name>Andreas Haerter</name><uri>https://andreashaerter.com/</uri></author><summary type="html">An article introducing the command line tools `lsof` and `lsblk`.</summary><content type="html" xml:base="https://foundata.com/"><![CDATA[<p><em>Note: This article was originally released <a href="https://fedoramagazine.org/system-insights-with-command-line-tools-lsof-and-lsblk/" target="_blank" rel="noreferrer noopener">in the Fedora Magazine</a>.</em></p>
<p>In our ongoing series on Linux system insights, we have a look into essential command-line utilities that provide information about the system’s hardware and status. Following our previous discussions on <a href="https://foundata.com/en/blog/2024/system-insights-command-line-lscpu-lsusb/"><code>lscpu</code>, <code>lsusb</code></a>, <a href="https://foundata.com/en/blog/2024/system-insights-command-line-dmidecode-lspci/"><code>dmidecode</code> and <code>lspci</code></a>, we now turn our attention to <code>lsof</code> and <code>lsblk</code>. These tools are particularly useful for investigating open files, active network connections, and mounted block devices on your Fedora Linux system.</p>
<h2 id="exploring-open-files-with-lsof" class="scroll-mt-20 md:scroll-mt-24 wrap-break-word group/heading "><a href="#exploring-open-files-with-lsof" class="group-hover/heading:after:content-['#'] group-hover/heading:after:ml-1.5 group-hover/heading:after:text-content-400" id="exploring-open-files-with-lsof">Exploring open files with <code>lsof</code></a></h2><p><code>lsof</code> (list open files) is a powerful command-line tool. Since <a href="https://en.wikipedia.org/wiki/Everything_is_a_file" target="_blank" rel="noreferrer noopener">almost everything in Linux is treated as a file</a>, <code>lsof</code> provides detailed insight into many parts of your system by listing what files are being used, which processes are accessing them, and even which network ports are open (see e.g. Wikipedia on <a href="https://en.wikipedia.org/wiki/Network_socket" target="_blank" rel="noreferrer noopener">Network socket</a> for more information).</p>
<h3 id="basic-usage" class="scroll-mt-20 md:scroll-mt-24 wrap-break-word group/heading "><a href="#basic-usage" class="group-hover/heading:after:content-['#'] group-hover/heading:after:ml-1.5 group-hover/heading:after:text-content-400" id="basic-usage">Basic usage</a></h3><p>To start with, execute the basic <code>lsof</code> command to get an overview of the system’s open files:</p>
<div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">$ sudo lsof
</span></span></code></pre></div><p><code>sudo</code> was used for extended privileges. This is needed to get information about files not opened by processes started by your user. The command outputs a lot of information which can be overwhelming. We are going to narrow down the output to specific information about some common use cases in the following examples.</p>
<h3 id="example-1-finding-open-files-by-user-or-process" class="scroll-mt-20 md:scroll-mt-24 wrap-break-word group/heading "><a href="#example-1-finding-open-files-by-user-or-process" class="group-hover/heading:after:content-['#'] group-hover/heading:after:ml-1.5 group-hover/heading:after:text-content-400" id="example-1-finding-open-files-by-user-or-process">Example 1: Finding open files by user or process</a></h3><p>To identify which files a specific user or process has open, <code>lsof</code> can be very helpful.</p>
<p>To list all files opened by a specific user:</p>
<div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">$ sudo lsof -u &lt;username&gt;
</span></span></code></pre></div><p>This will return a list of open files owned by the given user. For example:</p>
<div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">$ sudo lsof -u johndoe
</span></span></code></pre></div><p>You’ll see details such as the process ID (PID), the file descriptor, the type of file, and the file’s path.</p>
<p>To filter by process ID, use the <code>-p</code> flag:</p>
<div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">$ lsof -p &lt;PID&gt;
</span></span></code></pre></div><p>This is particularly useful for troubleshooting issues related to specific processes or when you need to check which files a service is holding open. Use sudo if the process is not owned by your user.</p>
<p>Example output:</p>
<div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">$ lsof -p <span class="m">873648</span>
</span></span><span class="line"><span class="cl">COMMAND    PID USER   FD   TYPE DEVICE SIZE/OFF     NODE NAME
</span></span><span class="line"><span class="cl">bash    <span class="m">873648</span> user  cwd    DIR   0,39     <span class="m">8666</span>      <span class="m">257</span> /home/user
</span></span><span class="line"><span class="cl">bash    <span class="m">873648</span> user  rtd    DIR   0,35      <span class="m">158</span>      <span class="m">256</span> /
</span></span><span class="line"><span class="cl">bash    <span class="m">873648</span> user  txt    REG   0,35  <span class="m">1443376</span> <span class="m">12841259</span> /usr/bin/bash
</span></span><span class="line"><span class="cl">bash    <span class="m">873648</span> user  mem    REG   0,33          <span class="m">12841259</span> /usr/bin/bash <span class="o">(</span>path <span class="nv">dev</span><span class="o">=</span>0,35<span class="o">)</span>
</span></span><span class="line"><span class="cl">bash    <span class="m">873648</span> user  mem    REG   0,33          <span class="m">14055145</span> /usr/lib/locale/locale-archive <span class="o">(</span>path <span class="nv">dev</span><span class="o">=</span>0,35<span class="o">)</span>
</span></span><span class="line"><span class="cl">bash    <span class="m">873648</span> user  mem    REG   0,33          <span class="m">14055914</span> /usr/lib64/libc.so.6 <span class="o">(</span>path <span class="nv">dev</span><span class="o">=</span>0,35<span class="o">)</span>
</span></span><span class="line"><span class="cl">bash    <span class="m">873648</span> user  mem    REG   0,33          <span class="m">13309071</span> /usr/lib64/libtinfo.so.6.4 <span class="o">(</span>path <span class="nv">dev</span><span class="o">=</span>0,35<span class="o">)</span>
</span></span><span class="line"><span class="cl">bash    <span class="m">873648</span> user  mem    REG   0,33          <span class="m">14059926</span> /usr/lib64/gconv/gconv-modules.cache <span class="o">(</span>path <span class="nv">dev</span><span class="o">=</span>0,35<span class="o">)</span>
</span></span><span class="line"><span class="cl">bash    <span class="m">873648</span> user  mem    REG   0,33          <span class="m">14055911</span> /usr/lib64/ld-linux-x86-64.so.2 <span class="o">(</span>path <span class="nv">dev</span><span class="o">=</span>0,35<span class="o">)</span>
</span></span><span class="line"><span class="cl">bash    <span class="m">873648</span> user    0u   CHR  136,3      0t0        <span class="m">6</span> /dev/pts/3
</span></span><span class="line"><span class="cl">bash    <span class="m">873648</span> user    1u   CHR  136,3      0t0        <span class="m">6</span> /dev/pts/3
</span></span><span class="line"><span class="cl">bash    <span class="m">873648</span> user    2u   CHR  136,3      0t0        <span class="m">6</span> /dev/pts/3
</span></span><span class="line"><span class="cl">bash    <span class="m">873648</span> user  255u   CHR  136,3      0t0        <span class="m">6</span> /dev/pts/3
</span></span></code></pre></div><h3 id="example-2-identifying-open-network-connections-via-sockets" class="scroll-mt-20 md:scroll-mt-24 wrap-break-word group/heading "><a href="#example-2-identifying-open-network-connections-via-sockets" class="group-hover/heading:after:content-['#'] group-hover/heading:after:ml-1.5 group-hover/heading:after:text-content-400" id="example-2-identifying-open-network-connections-via-sockets">Example 2: identifying open network connections via sockets</a></h3><p>With its ability to list network connections, <code>lsof</code> also becomes a handy tool for diagnosing network-related issues as it is usually even available on hardened, minimal systems.</p>
<p>To display all open network connections (TCP/UDP <a href="https://en.wikipedia.org/wiki/Network_socket" target="_blank" rel="noreferrer noopener">sockets</a>), run:</p>
<div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">$ sudo lsof -i
</span></span></code></pre></div><p>This will list active network connections along with the associated protocol, port, and process details.</p>
<p>You can filter for specific protocols (like TCP or UDP), include or exclude IPv4 and v6 and combine several values (the example section of <code>man lsof</code> provides a lot of useful information, including negation):</p>
<div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">$ sudo lsof -i tcp
</span></span><span class="line"><span class="cl">$ sudo lsof -i udp
</span></span><span class="line"><span class="cl">$ sudo lsof -i 4tcp
</span></span><span class="line"><span class="cl">$ sudo lsof -i 6tcp
</span></span><span class="line"><span class="cl">$ sudo lsof -i 4tcp@example.com
</span></span></code></pre></div><p>For connections associated with a particular port:</p>
<div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">$ sudo lsof -i :&lt;port_number&gt;
</span></span></code></pre></div><p>For example, to list connections to port 22 (SSH):</p>
<div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">$ sudo lsof -i :22
</span></span><span class="line"><span class="cl">COMMAND    PID USER   FD   TYPE  DEVICE SIZE/OFF NODE NAME
</span></span><span class="line"><span class="cl">sshd    <span class="m">904379</span> root    3u  IPv4 <span class="m">5622530</span>      0t0  TCP *:ssh <span class="o">(</span>LISTEN<span class="o">)</span>
</span></span><span class="line"><span class="cl">sshd    <span class="m">904379</span> root    4u  IPv6 <span class="m">5622532</span>      0t0  TCP *:ssh <span class="o">(</span>LISTEN<span class="o">)</span>
</span></span></code></pre></div><p>This information can be critical for identifying unauthorized connections or simply monitoring network activity on a system for debugging.</p>
<h2 id="investigating-block-devices-with-lsblk" class="scroll-mt-20 md:scroll-mt-24 wrap-break-word group/heading "><a href="#investigating-block-devices-with-lsblk" class="group-hover/heading:after:content-['#'] group-hover/heading:after:ml-1.5 group-hover/heading:after:text-content-400" id="investigating-block-devices-with-lsblk">Investigating block devices with <code>lsblk</code></a></h2><p>Another useful tool is <code>lsblk</code>, which displays information about all available <a href="https://en.wikipedia.org/wiki/Device_file#Block_devices" target="_blank" rel="noreferrer noopener">block devices</a> on your system. Block devices include hard drives, SSDs, and USB storage. This command provides a tree-like view, helping you understand the relationships between partitions, devices, and their mount points.</p>
<h3 id="basic-usage-1" class="scroll-mt-20 md:scroll-mt-24 wrap-break-word group/heading "><a href="#basic-usage-1" class="group-hover/heading:after:content-['#'] group-hover/heading:after:ml-1.5 group-hover/heading:after:text-content-400" id="basic-usage-1">Basic usage</a></h3><p>Running <code>lsblk</code> without any options provides a clean hierarchical structure of the block devices:</p>
<div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">$ lsblk
</span></span></code></pre></div><p>This shows all block devices in a tree structure, including their size, type (disk, partition), and mount point (if applicable).</p>
<h3 id="examples" class="scroll-mt-20 md:scroll-mt-24 wrap-break-word group/heading "><a href="#examples" class="group-hover/heading:after:content-['#'] group-hover/heading:after:ml-1.5 group-hover/heading:after:text-content-400" id="examples">Examples</a></h3><p>For a deeper look into the file systems on your block devices, use the -f flag:</p>
<div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">$ lsblk -f
</span></span></code></pre></div><p>This will display not just the block devices, but also details about the file systems on each partition, including the type (e.g., ext4, vfat, swap), the UUID, and the current mount points.</p>
<p>If you want less information about the devices themselves (without showing partitions or mount points), the -d option is useful:</p>
<div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">$ lsblk -d
</span></span></code></pre></div><p>There is also a -J or –json option. If used, the command outputs the information in JSON format. This provides a structured view that is particularly useful for scripting and automation.</p>
<p>Example outputs from my laptop (some long information like UUIDs stripped for readability):</p>
<div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">$ lsblk
</span></span><span class="line"><span class="cl">NAME                     MAJ:MIN RM   SIZE RO TYPE  MOUNTPOINTS
</span></span><span class="line"><span class="cl">sda                        8:0    <span class="m">1</span>     0B  <span class="m">0</span> disk
</span></span><span class="line"><span class="cl">sdb                        8:16   <span class="m">1</span>     0B  <span class="m">0</span> disk
</span></span><span class="line"><span class="cl">sdc                        8:32   <span class="m">1</span>     0B  <span class="m">0</span> disk
</span></span><span class="line"><span class="cl">zram0                    252:0    <span class="m">0</span>     8G  <span class="m">0</span> disk  <span class="o">[</span>SWAP<span class="o">]</span>
</span></span><span class="line"><span class="cl">nvme0n1                  259:0    <span class="m">0</span> 931,5G  <span class="m">0</span> disk
</span></span><span class="line"><span class="cl">├─nvme0n1p1              259:1    <span class="m">0</span>   600M  <span class="m">0</span> part  /boot/efi
</span></span><span class="line"><span class="cl">├─nvme0n1p2              259:2    <span class="m">0</span>     1G  <span class="m">0</span> part  /boot
</span></span><span class="line"><span class="cl">└─nvme0n1p3              259:3    <span class="m">0</span> 929,9G  <span class="m">0</span> part
</span></span><span class="line"><span class="cl">  └─luks-84257c20<span class="o">[</span>...<span class="o">]</span>   253:0    <span class="m">0</span> 929,9G  <span class="m">0</span> crypt /home
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl">$ lsblk -d
</span></span><span class="line"><span class="cl">NAME    MAJ:MIN RM   SIZE RO TYPE MOUNTPOINTS
</span></span><span class="line"><span class="cl">sda       8:0    <span class="m">1</span>     0B  <span class="m">0</span> disk
</span></span><span class="line"><span class="cl">sdb       8:16   <span class="m">1</span>     0B  <span class="m">0</span> disk
</span></span><span class="line"><span class="cl">sdc       8:32   <span class="m">1</span>     0B  <span class="m">0</span> disk
</span></span><span class="line"><span class="cl">zram0   252:0    <span class="m">0</span>     8G  <span class="m">0</span> disk <span class="o">[</span>SWAP<span class="o">]</span>
</span></span><span class="line"><span class="cl">nvme0n1 259:0    <span class="m">0</span> 931,5G  <span class="m">0</span> disk
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl">$ lsblk -f
</span></span><span class="line"><span class="cl">NAME                FSTYPE <span class="o">[</span>...<span class="o">]</span>LABEL    UUID           FSAVAIL FSUSE% MOUNTPOINTS
</span></span><span class="line"><span class="cl">sda
</span></span><span class="line"><span class="cl">sdb
</span></span><span class="line"><span class="cl">sdc
</span></span><span class="line"><span class="cl">zram0                                                                  <span class="o">[</span>SWAP<span class="o">]</span>
</span></span><span class="line"><span class="cl">nvme0n1
</span></span><span class="line"><span class="cl">├─nvme0n1p1         vfat                 4C5B-4355      579,7M  3%     /boot/efi
</span></span><span class="line"><span class="cl">├─nvme0n1p2         ext4                 30eff827<span class="o">[</span>...<span class="o">]</span>  605M    31%    /boot
</span></span><span class="line"><span class="cl">└─nvme0n1p3         crypto_LUKS          84257c20<span class="o">[</span>...<span class="o">]</span>
</span></span><span class="line"><span class="cl">  └─luks-84257<span class="o">[</span>...<span class="o">]</span> btrfs       fe<span class="o">[</span>...<span class="o">]</span>  666f9d6f<span class="o">[</span>...<span class="o">]</span>  303,1G  67%    /home
</span></span><span class="line"><span class="cl">                                                                       /
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl">$ lsblk -f -J
</span></span><span class="line"><span class="cl"><span class="o">{</span>
</span></span><span class="line"><span class="cl">   <span class="s2">&#34;blockdevices&#34;</span>: <span class="o">[</span>
</span></span><span class="line"><span class="cl">   <span class="o">[</span>...<span class="o">]</span>,<span class="o">{</span>
</span></span><span class="line"><span class="cl">         <span class="s2">&#34;name&#34;</span>: <span class="s2">&#34;nvme0n1&#34;</span>,
</span></span><span class="line"><span class="cl">         <span class="s2">&#34;fstype&#34;</span>: null,
</span></span><span class="line"><span class="cl">         <span class="s2">&#34;fsver&#34;</span>: null,
</span></span><span class="line"><span class="cl">         <span class="s2">&#34;label&#34;</span>: null,
</span></span><span class="line"><span class="cl">         <span class="s2">&#34;uuid&#34;</span>: null,
</span></span><span class="line"><span class="cl">         <span class="s2">&#34;fsavail&#34;</span>: null,
</span></span><span class="line"><span class="cl">         <span class="s2">&#34;fsuse%&#34;</span>: null,
</span></span><span class="line"><span class="cl">         <span class="s2">&#34;mountpoints&#34;</span>: <span class="o">[</span>
</span></span><span class="line"><span class="cl">             null
</span></span><span class="line"><span class="cl">         <span class="o">]</span>,
</span></span><span class="line"><span class="cl">         <span class="s2">&#34;children&#34;</span>: <span class="o">[</span>
</span></span><span class="line"><span class="cl">            <span class="o">{</span>
</span></span><span class="line"><span class="cl">               <span class="s2">&#34;name&#34;</span>: <span class="s2">&#34;nvme0n1p1&#34;</span>,
</span></span><span class="line"><span class="cl">               <span class="s2">&#34;fstype&#34;</span>: <span class="s2">&#34;vfat&#34;</span>,
</span></span><span class="line"><span class="cl">               <span class="s2">&#34;fsver&#34;</span>: <span class="s2">&#34;FAT32&#34;</span>,
</span></span><span class="line"><span class="cl">               <span class="s2">&#34;label&#34;</span>: null,
</span></span><span class="line"><span class="cl">               <span class="s2">&#34;uuid&#34;</span>: <span class="s2">&#34;4C5B-4355&#34;</span>,
</span></span><span class="line"><span class="cl">               <span class="s2">&#34;fsavail&#34;</span>: <span class="s2">&#34;579,7M&#34;</span>,
</span></span><span class="line"><span class="cl">               <span class="s2">&#34;fsuse%&#34;</span>: <span class="s2">&#34;3%&#34;</span>,
</span></span><span class="line"><span class="cl">               <span class="s2">&#34;mountpoints&#34;</span>: <span class="o">[</span>
</span></span><span class="line"><span class="cl">                   <span class="s2">&#34;/boot/efi&#34;</span>
</span></span><span class="line"><span class="cl">               <span class="o">]</span>
</span></span><span class="line"><span class="cl">            <span class="o">}</span>,<span class="o">{</span>
</span></span><span class="line"><span class="cl">               <span class="s2">&#34;name&#34;</span>: <span class="s2">&#34;nvme0n1p2&#34;</span>,
</span></span><span class="line"><span class="cl">               <span class="s2">&#34;fstype&#34;</span>: <span class="s2">&#34;ext4&#34;</span>,
</span></span><span class="line"><span class="cl">               <span class="s2">&#34;fsver&#34;</span>: <span class="s2">&#34;1.0&#34;</span>,
</span></span><span class="line"><span class="cl">               <span class="s2">&#34;label&#34;</span>: null,
</span></span><span class="line"><span class="cl">               <span class="s2">&#34;uuid&#34;</span>: <span class="s2">&#34;30eff827-[...]&#34;</span>,
</span></span><span class="line"><span class="cl">               <span class="s2">&#34;fsavail&#34;</span>: <span class="s2">&#34;605M&#34;</span>,
</span></span><span class="line"><span class="cl">               <span class="s2">&#34;fsuse%&#34;</span>: <span class="s2">&#34;31%&#34;</span>,
</span></span><span class="line"><span class="cl">               <span class="s2">&#34;mountpoints&#34;</span>: <span class="o">[</span>
</span></span><span class="line"><span class="cl">                   <span class="s2">&#34;/boot&#34;</span>
</span></span><span class="line"><span class="cl">               <span class="o">]</span>
</span></span><span class="line"><span class="cl">            <span class="o">}</span>,<span class="o">{</span>
</span></span><span class="line"><span class="cl">               <span class="s2">&#34;name&#34;</span>: <span class="s2">&#34;nvme0n1p3&#34;</span>,
</span></span><span class="line"><span class="cl">               <span class="s2">&#34;fstype&#34;</span>: <span class="s2">&#34;crypto_LUKS&#34;</span>,
</span></span><span class="line"><span class="cl">               <span class="s2">&#34;fsver&#34;</span>: <span class="s2">&#34;2&#34;</span>,
</span></span><span class="line"><span class="cl">               <span class="s2">&#34;label&#34;</span>: null,
</span></span><span class="line"><span class="cl">               <span class="s2">&#34;uuid&#34;</span>: <span class="s2">&#34;84257c20-[...]&#34;</span>,
</span></span><span class="line"><span class="cl">               <span class="s2">&#34;fsavail&#34;</span>: null,
</span></span><span class="line"><span class="cl">               <span class="s2">&#34;fsuse%&#34;</span>: null,
</span></span><span class="line"><span class="cl">               <span class="s2">&#34;mountpoints&#34;</span>: <span class="o">[</span>
</span></span><span class="line"><span class="cl">                   null
</span></span><span class="line"><span class="cl">               <span class="o">]</span>,
</span></span><span class="line"><span class="cl">               <span class="s2">&#34;children&#34;</span>: <span class="o">[</span>
</span></span><span class="line"><span class="cl">                  <span class="o">{</span>
</span></span><span class="line"><span class="cl">                     <span class="s2">&#34;name&#34;</span>: <span class="s2">&#34;luks-[...]&#34;</span>,
</span></span><span class="line"><span class="cl">                     <span class="s2">&#34;fstype&#34;</span>: <span class="s2">&#34;btrfs&#34;</span>,
</span></span><span class="line"><span class="cl">                     <span class="s2">&#34;fsver&#34;</span>: null,
</span></span><span class="line"><span class="cl">                     <span class="s2">&#34;label&#34;</span>: <span class="s2">&#34;fedora_localhost-live&#34;</span>,
</span></span><span class="line"><span class="cl">                     <span class="s2">&#34;uuid&#34;</span>: <span class="s2">&#34;666f9d6f-[...]&#34;</span>,
</span></span><span class="line"><span class="cl">                     <span class="s2">&#34;fsavail&#34;</span>: <span class="s2">&#34;303,1G&#34;</span>,
</span></span><span class="line"><span class="cl">                     <span class="s2">&#34;fsuse%&#34;</span>: <span class="s2">&#34;67%&#34;</span>,
</span></span><span class="line"><span class="cl">                     <span class="s2">&#34;mountpoints&#34;</span>: <span class="o">[</span>
</span></span><span class="line"><span class="cl">                         <span class="s2">&#34;/home&#34;</span>, <span class="s2">&#34;/&#34;</span>
</span></span><span class="line"><span class="cl">                     <span class="o">]</span>
</span></span><span class="line"><span class="cl">                  <span class="o">}</span>
</span></span><span class="line"><span class="cl">               <span class="o">]</span>
</span></span><span class="line"><span class="cl">            <span class="o">}</span>
</span></span><span class="line"><span class="cl">         <span class="o">]</span>
</span></span><span class="line"><span class="cl">      <span class="o">}</span>
</span></span><span class="line"><span class="cl">   <span class="o">]</span>
</span></span><span class="line"><span class="cl"><span class="o">}</span>
</span></span></code></pre></div><h3 id="conclusion" class="scroll-mt-20 md:scroll-mt-24 wrap-break-word group/heading "><a href="#conclusion" class="group-hover/heading:after:content-['#'] group-hover/heading:after:ml-1.5 group-hover/heading:after:text-content-400" id="conclusion">Conclusion</a></h3><p>The <code>lsof</code> and <code>lsblk</code> commands are providing insights into file usage, network activity, and block device structures. Whether you’re tracking down open file handles, diagnosing network connections, or reviewing storage devices; whether you’re troubleshooting, optimizing, or simply curious; these tools provide valuable data that can help you better understand and manage your Fedora Linux environment. See you next time when we will have a look at more useful listing and information command line tools and how to use them.</p>
]]></content><category scheme="taxonomy:tags" term="toolbox" label="toolbox"/><category scheme="taxonomy:tags" term="lsof" label="lsof"/><category scheme="taxonomy:tags" term="lsblk" label="lsblk"/></entry><entry><title type="html">OpenSSH Vulnerability: regreSSHion (CVE-2024-6387), Remote Code Execution (RCE)</title><id>tag:foundata.com,2024-07-01:/en/blog/2024/cve-2024-6387-regresshion-openssh-rce-vulnerability/</id><published>2024-07-01T11:50:00Z</published><updated>2024-07-03T11:25:00Z</updated><link href="https://foundata.com/en/blog/2024/cve-2024-6387-regresshion-openssh-rce-vulnerability/?utm_source=feed-atom" rel="alternate" type="text/html"/><link href="https://foundata.com/de/blog/2024/cve-2024-6387-regresshion-openssh-rce-sicherheitsluecke/?utm_source=feed-atom" rel="alternate" type="text/html" hreflang="de"/><link href="https://foundata.com/en/blog/2024/system-insights-command-line-lscpu-lsusb/?utm_source=feed-atom" rel="related" type="text/html" title="System insights with command-line tools: lscpu and lsusb"/><link href="https://foundata.com/en/blog/2024/quectel-em05-g-thinkpad-t14-gen4-fedora-linux/?utm_source=feed-atom" rel="related" type="text/html" title="Quectel EM05-G (LTE module) with ThinkPad T14 Gen4 on Fedora 39 and 40"/><link href="https://foundata.com/en/blog/2024/use-gpl-or-later/?utm_source=feed-atom" rel="related" type="text/html" title='Please use GPLv3 "or-later" instead of "only"'/><link href="https://foundata.com/en/blog/2024/aten-cv211-kvm-linux/?utm_source=feed-atom" rel="related" type="text/html" title="Using the ATEN CV211 (all-in-one KVM adapter) with Fedora Linux"/><link href="https://foundata.com/en/blog/2024/copyleft-open-source-licenses/?utm_source=feed-atom" rel="related" type="text/html" title="Use copyleft licenses for open source or life with the consequences"/><author><name>Andreas Haerter</name><uri>https://andreashaerter.com/</uri></author><summary type="html"><![CDATA[<p><strong>Long story short: Update your OpenSSH packages today, no matter what.</strong> The original <a href="https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt" target="_blank" rel="noreferrer noopener">Security Advisory by Qualsys</a> is worth a read and not to complicated to follow if you are interested in a bit of background information. A bit of a problem might be that this bug dropped literally the day after CentOS 8 and FreeBSD 13.2 went out of support (even though both seem to be unaffected).</p>]]></summary><content type="html" xml:base="https://foundata.com/"><![CDATA[<p><strong>Long story short: Update your OpenSSH packages today, no matter what.</strong> The original <a href="https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt" target="_blank" rel="noreferrer noopener">Security Advisory by Qualsys</a> is worth a read and not to complicated to follow if you are interested in a bit of background information. A bit of a problem might be that this bug dropped literally the day after CentOS 8 and FreeBSD 13.2 went out of support (even though both seem to be unaffected).</p>
<h2 id="mitigation" class="scroll-mt-20 md:scroll-mt-24 wrap-break-word group/heading "><a href="#mitigation" class="group-hover/heading:after:content-['#'] group-hover/heading:after:ml-1.5 group-hover/heading:after:text-content-400" id="mitigation">Mitigation</a></h2><p>If there are old boxes, make sure you apply proper firewalling to mitigate the issue. It seems that a exploit might need <em>a lot</em> of login tries on average to be successful without further optimizations. This might buy you a bit of time to patch everything today, even if the box was exposed to the public internet. Additionally, the exploit was only shown for 32-bit systems yet. There is a high probability that a yet-to-come exploit for 64-bit systems will be slower (=more login attempts needed on average for a successful hack).</p>
<p>If you cannot upgrade your system yet, the <a href="https://www.freebsd.org/security/advisories/FreeBSD-SA-24:04.openssh.asc" target="_blank" rel="noreferrer noopener">FreeBSD security advisory</a> states that setting <code>LoginGraceTime</code> to <code>0</code> <em>might</em> help:</p>
<blockquote>
<p>If sshd(8) cannot be updated, this signal handler race condition can be mitigated by setting LoginGraceTime to 0 in /etc/ssh/sshd_config and restarting sshd(8). This makes sshd(8) vulnerable to a denial of service (the exhaustion of all MaxStartups connections), but makes it safe from the remote code execution presented in this advisory.</p></blockquote>
<h2 id="systems-known-to-be-affected" class="scroll-mt-20 md:scroll-mt-24 wrap-break-word group/heading "><a href="#systems-known-to-be-affected" class="group-hover/heading:after:content-['#'] group-hover/heading:after:ml-1.5 group-hover/heading:after:text-content-400" id="systems-known-to-be-affected">Systems known to be affected</a></h2><ul>
<li><a href="https://access.redhat.com/security/cve/cve-2024-6387" target="_blank" rel="noreferrer noopener">Red Hat Enterprise Linux (RHEL) 9</a> (and therefore probably all CentOS 9 versions)</li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2024-6387" target="_blank" rel="noreferrer noopener">Debian 12 Bookwork</a></li>
<li><a href="https://ubuntu.com/security/notices/USN-6859-1" target="_blank" rel="noreferrer noopener">Ubuntu 22, 23 and 24</a></li>
<li>Potentially all systems with OpenSSH 8.5p1 up to 9.8; the first patched version is OpenSSH 9.8p1.</li>
<li>Potentially all systems with OpenSSH versions earlier than 4.4p1, as long as their respective distributions have not backported patches for <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5051" target="_blank" rel="noreferrer noopener">CVE-2006-5051</a> or <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5051" target="_blank" rel="noreferrer noopener">CVE-2026-5051</a>.</li>
</ul>
<p>The list is probably incomplete and will be updated as more confirmations are obtained. Do not forget to restart the <code>sshd</code> service (for example, it seems that there are otherwise issues with key exchange on Arch Linux).</p>
<h2 id="propably-unaffected-systems" class="scroll-mt-20 md:scroll-mt-24 wrap-break-word group/heading "><a href="#propably-unaffected-systems" class="group-hover/heading:after:content-['#'] group-hover/heading:after:ml-1.5 group-hover/heading:after:text-content-400" id="propably-unaffected-systems">Propably unaffected systems</a></h2><p>Even if your systems seem to be not affected in general: Update. Now. There will be a lot of research about this vulnerability and maybe new ways to exploit it will be discovered.</p>
<p>Currently not affected are:</p>
<ul>
<li>Red Hat Enterprise Linux (RHEL) 6, 7 und 8<sup id="fnref:1"><a href="#fn:1" class="footnote-ref" role="doc-noteref">1</a></sup> (and therefore probably all related CentOS versions)</li>
<li>Debian 11 Bullseye<sup id="fnref:2"><a href="#fn:2" class="footnote-ref" role="doc-noteref">2</a></sup></li>
<li>FreeBSD<sup id="fnref:3"><a href="#fn:3" class="footnote-ref" role="doc-noteref">3</a></sup></li>
<li>OpenBSD<sup id="fnref:4"><a href="#fn:4" class="footnote-ref" role="doc-noteref">4</a></sup></li>
</ul>
<h2 id="links" class="scroll-mt-20 md:scroll-mt-24 wrap-break-word group/heading "><a href="#links" class="group-hover/heading:after:content-['#'] group-hover/heading:after:ml-1.5 group-hover/heading:after:text-content-400" id="links">Links</a></h2><p>Additional links and reports:</p>
<ul>
<li><a href="https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt" target="_blank" rel="noreferrer noopener">Qualys Security Advisory: regreSSHion: RCE in OpenSSH&rsquo;s server, on glibc-based Linux systems
(CVE-2024-6387)</a></li>
<li><a href="https://news.ycombinator.com/item?id=40843778" target="_blank" rel="noreferrer noopener">Hacker News Thread about (CVE-2024-6387)</a></li>
</ul>
<div class="footnotes" role="doc-endnotes">
<hr>
<ol>
<li id="fn:1">
<p>From the <a href="https://access.redhat.com/security/cve/cve-2024-6387" target="_blank" rel="noreferrer noopener">Red Hat: CVE-2024-6387</a> advisory: &ldquo;This flaw doesn&rsquo;t affect the OpenSSH versions as shipped with Red Hat Enterprise Linux 6, 7 and 8 as the vulnerability was introduced by a regression in upstream on OpenSSH 8.5p1 which is newer then shipped with the mentioned Red Hat Enterprise Linux versions.&rdquo;&#160;<a href="#fnref:1" class="footnote-backref" role="doc-backlink">&#x21a9;&#xfe0e;</a></p>
</li>
<li id="fn:2">
<p>See <a href="https://security-tracker.debian.org/tracker/CVE-2024-6387" target="_blank" rel="noreferrer noopener">https://security-tracker.debian.org/tracker/CVE-2024-6387</a>.&#160;<a href="#fnref:2" class="footnote-backref" role="doc-backlink">&#x21a9;&#xfe0e;</a></p>
</li>
<li id="fn:3">
<p>See <a href="https://www.freebsd.org/security/advisories/FreeBSD-SA-24:04.openssh.asc" target="_blank" rel="noreferrer noopener">https://www.freebsd.org/security/advisories/FreeBSD-SA-24:04.openssh.asc</a>. Unclear situation but not glibc based and the <code>syslog</code> code looks as if it doesn&rsquo;t do anything that corrupts the state if called from a signal handler. Patch in doubt.&#160;<a href="#fnref:3" class="footnote-backref" role="doc-backlink">&#x21a9;&#xfe0e;</a></p>
</li>
<li id="fn:4">
<p>From the <a href="https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt" target="_blank" rel="noreferrer noopener">Qualsys advisory</a>: &ldquo;OpenBSD is notably not vulnerable, because its <code>SIGALRM</code> handler calls <code>syslog_r()</code>, an async-signal-safer version of <code>syslog()</code> that was invented by OpenBSD in 2001.&rdquo; Additionally, not glibc based.&#160;<a href="#fnref:4" class="footnote-backref" role="doc-backlink">&#x21a9;&#xfe0e;</a></p>
</li>
</ol>
</div>
]]></content><category scheme="taxonomy:tags" term="cve-2024-6387" label="cve-2024-6387"/><category scheme="taxonomy:tags" term="openssh" label="openssh"/><category scheme="taxonomy:tags" term="security" label="security"/></entry><entry><title type="html">System insights with command-line tools: lscpu and lsusb</title><id>tag:foundata.com,2024-05-29:/en/blog/2024/system-insights-command-line-lscpu-lsusb/</id><published>2024-05-29T00:02:00Z</published><updated>2024-05-29T00:02:00Z</updated><link href="https://foundata.com/en/blog/2024/system-insights-command-line-lscpu-lsusb/?utm_source=feed-atom" rel="alternate" type="text/html"/><link href="https://foundata.com/de/blog/2024/systemeinblicke-kommandozeile-lscpu-lsusb/?utm_source=feed-atom" rel="alternate" type="text/html" hreflang="de"/><link href="https://foundata.com/en/blog/2024/quectel-em05-g-thinkpad-t14-gen4-fedora-linux/?utm_source=feed-atom" rel="related" type="text/html" title="Quectel EM05-G (LTE module) with ThinkPad T14 Gen4 on Fedora 39 and 40"/><link href="https://foundata.com/en/blog/2024/use-gpl-or-later/?utm_source=feed-atom" rel="related" type="text/html" title='Please use GPLv3 "or-later" instead of "only"'/><link href="https://foundata.com/en/blog/2024/aten-cv211-kvm-linux/?utm_source=feed-atom" rel="related" type="text/html" title="Using the ATEN CV211 (all-in-one KVM adapter) with Fedora Linux"/><link href="https://foundata.com/en/blog/2024/copyleft-open-source-licenses/?utm_source=feed-atom" rel="related" type="text/html" title="Use copyleft licenses for open source or life with the consequences"/><author><name>Andreas Haerter</name><uri>https://andreashaerter.com/</uri></author><summary type="html">An article introducing the command line tools `lscpu` and `lsusb`.</summary><content type="html" xml:base="https://foundata.com/"><![CDATA[<p><em>Note: This article was originally released <a href="https://fedoramagazine.org/system-insights-with-command-line-tools-lscpu-and-lsusb/" target="_blank" rel="noreferrer noopener">in the Fedora Magazine</a>.</em></p>
<p>Fedora (and other common Linux setups out there) offers you an array of tools for managing, monitoring, and understanding the system. Among these tools are a series of commands that begin with ls (for &ldquo;list&rdquo;).</p>
<p>They provide easy insights into various aspects of the system&rsquo;s hardware and resources. This article series gives you an intro and overview over many of them, starting with the simpler ones. The post will cover <code>lscpu</code> and <code>lsusb</code>.</p>
<h2 id="lscpu--display-cpu-information" class="scroll-mt-20 md:scroll-mt-24 wrap-break-word group/heading "><a href="#lscpu--display-cpu-information" class="group-hover/heading:after:content-['#'] group-hover/heading:after:ml-1.5 group-hover/heading:after:text-content-400" id="lscpu--display-cpu-information"><code>lscpu</code> – Display CPU information</a></h2><p>The <code>lscpu</code> command gathers and displays information about the CPU architecture. It is provided by the util-linux package. The command gathers CPU information from multiple sources like <code>/proc/cpuinfo</code> and architecture-specific libraries (e.g. <code>librtas</code> on PowerPC):</p>
<div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">$ lscpu
</span></span></code></pre></div><p>This command outputs information like the number of CPUs, threads per core, cores per socket, and the CPU family and model.</p>
<p>If asked, it outputs detailed CPU information in JSON format. This provides a structured view that is particularly useful for scripting and automation:</p>
<div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">$ lscpu --extended --json
</span></span></code></pre></div><h3 id="advanced-usage-example" class="scroll-mt-20 md:scroll-mt-24 wrap-break-word group/heading "><a href="#advanced-usage-example" class="group-hover/heading:after:content-['#'] group-hover/heading:after:ml-1.5 group-hover/heading:after:text-content-400" id="advanced-usage-example">Advanced usage example</a></h3><p>With the machine readable JSON output, you can extract information using <a href="https://jqlang.github.io/jq/" target="_blank" rel="noreferrer noopener"><code>jq</code></a> (a powerful command-line tool that allows users to parse, filter, and manipulate JSON data efficiently and worth an article of its own). For example, the following command will extract the current <a href="https://en.wikipedia.org/wiki/Hertz" target="_blank" rel="noreferrer noopener">MHz</a> for each CPU:</p>
<div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl"><span class="nb">export</span> <span class="nv">LANG</span><span class="o">=</span>en_US.UTF-8
</span></span><span class="line"><span class="cl"><span class="nb">export</span> <span class="nv">LC_ALL</span><span class="o">=</span><span class="s2">&#34;en_US.UTF-8&#34;</span>
</span></span><span class="line"><span class="cl">lscpu --json --extended <span class="se">\
</span></span></span><span class="line"><span class="cl"><span class="se"></span>  <span class="p">|</span> jq <span class="s1">&#39;.cpus[] | {cpu: .cpu, mhz: .mhz}&#39;</span>
</span></span></code></pre></div><p>Let&rsquo;s look at the single parts of the command:</p>
<ul>
<li><code>export LANG=en_US.UTF-8</code> and export <code>LC_ALL=&quot;en_US.UTF-8&quot;</code> are making sure that the output is not using localized numbers. For example, a German language setting can result in broken JSON output because of the use of commas in place of periods as floating point separators.</li>
<li><code>lscpu --json --extended</code> generates the detailed CPU information in JSON format.</li>
<li><code>jq '.cpus[] |</code> will iterate over each entry in the cpus array. The <code>{cpu: .cpu, mhz: .mhz}'</code> part constructs a new JSON object for each CPU entry showing the CPU number (<code>cpu</code>) and its current frequency in MHz (<code>mhz</code>).</li>
</ul>
<p>Example output from a laptop operating in performance mode:</p>
<div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">$ lscpu --json --extended <span class="se">\
</span></span></span><span class="line"><span class="cl"><span class="se"></span>  <span class="p">|</span> jq <span class="s1">&#39;.cpus[] | {cpu: .cpu, mhz: .mhz}&#39;</span>
</span></span><span class="line"><span class="cl"><span class="o">{</span>
</span></span><span class="line"><span class="cl">  <span class="s2">&#34;cpu&#34;</span>: 0,
</span></span><span class="line"><span class="cl">  <span class="s2">&#34;mhz&#34;</span>: 3700.0171
</span></span><span class="line"><span class="cl"><span class="o">}</span>
</span></span><span class="line"><span class="cl"><span class="o">{</span>
</span></span><span class="line"><span class="cl">  <span class="s2">&#34;cpu&#34;</span>: 1,
</span></span><span class="line"><span class="cl">  <span class="s2">&#34;mhz&#34;</span>: 3700.2241
</span></span><span class="line"><span class="cl"><span class="o">}</span>
</span></span><span class="line"><span class="cl"><span class="o">{</span>
</span></span><span class="line"><span class="cl">  <span class="s2">&#34;cpu&#34;</span>: 2,
</span></span><span class="line"><span class="cl">  <span class="s2">&#34;mhz&#34;</span>: 3700.1121
</span></span><span class="line"><span class="cl"><span class="o">}</span>
</span></span><span class="line"><span class="cl"><span class="o">{</span>
</span></span><span class="line"><span class="cl">  <span class="s2">&#34;cpu&#34;</span>: 3,
</span></span><span class="line"><span class="cl">  <span class="s2">&#34;mhz&#34;</span>: 3884.2539
</span></span><span class="line"><span class="cl"><span class="o">}</span>
</span></span></code></pre></div><p>and later in power saver mode:</p>
<div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">$ lscpu --json --extended <span class="se">\
</span></span></span><span class="line"><span class="cl"><span class="se"></span>  <span class="p">|</span> jq <span class="s1">&#39;.cpus[] | {cpu: .cpu, mhz: .mhz}&#39;</span>
</span></span><span class="line"><span class="cl"><span class="o">{</span>
</span></span><span class="line"><span class="cl">  <span class="s2">&#34;cpu&#34;</span>: 0,
</span></span><span class="line"><span class="cl">  <span class="s2">&#34;mhz&#34;</span>: 1200.0580
</span></span><span class="line"><span class="cl"><span class="o">}</span>
</span></span><span class="line"><span class="cl"><span class="o">{</span>
</span></span><span class="line"><span class="cl">  <span class="s2">&#34;cpu&#34;</span>: 1,
</span></span><span class="line"><span class="cl">  <span class="s2">&#34;mhz&#34;</span>: 1200.0070
</span></span><span class="line"><span class="cl"><span class="o">}</span>
</span></span><span class="line"><span class="cl"><span class="o">{</span>
</span></span><span class="line"><span class="cl">  <span class="s2">&#34;cpu&#34;</span>: 2,
</span></span><span class="line"><span class="cl">  <span class="s2">&#34;mhz&#34;</span>: 1200.5450
</span></span><span class="line"><span class="cl"><span class="o">}</span>
</span></span><span class="line"><span class="cl"><span class="o">{</span>
</span></span><span class="line"><span class="cl">  <span class="s2">&#34;cpu&#34;</span>: 3,
</span></span><span class="line"><span class="cl">  <span class="s2">&#34;mhz&#34;</span>: 1200.0010
</span></span><span class="line"><span class="cl"><span class="o">}</span>
</span></span></code></pre></div><h2 id="lsusb--display-usb-devices-information" class="scroll-mt-20 md:scroll-mt-24 wrap-break-word group/heading "><a href="#lsusb--display-usb-devices-information" class="group-hover/heading:after:content-['#'] group-hover/heading:after:ml-1.5 group-hover/heading:after:text-content-400" id="lsusb--display-usb-devices-information"><code>lsusb</code> – Display USB Devices Information</a></h2><p>The <code>lsusb</code> command displays detailed information about the USB buses in the system and the devices connected to them. It is provided by the <code>usbutils</code> package and helps users and system administrators easily view the configuration and the devices attached to their USB interfaces:</p>
<div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">$ lsusb
</span></span></code></pre></div><p>This produces a list of all USB buses, devices connected to them, and brief information about each device, such as ID and manufacturer. This is particularly useful for a quick check of what devices are connected to the system and if you need the USB device ID for <a href="https://en.wikipedia.org/wiki/Udev" target="_blank" rel="noreferrer noopener">udev</a> rules or the like.</p>
<h3 id="usage-example-and-output" class="scroll-mt-20 md:scroll-mt-24 wrap-break-word group/heading "><a href="#usage-example-and-output" class="group-hover/heading:after:content-['#'] group-hover/heading:after:ml-1.5 group-hover/heading:after:text-content-400" id="usage-example-and-output">Usage example and output</a></h3><p>For those needing more detailed information about the USB devices, <code>lsusb</code> allows listing more detailed information:</p>
<div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">$ lsusb <span class="p">|</span> grep Fibocom
</span></span><span class="line"><span class="cl">Bus <span class="m">001</span> Device 013: ID 2cb7:0210 Fibocom L830-EB-00 LTE WWAN Modem
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl">$ sudo lsusb -d 2cb7:0210 -v
</span></span><span class="line"><span class="cl">Bus <span class="m">001</span> Device 013: ID 2cb7:0210 Fibocom L830-EB-00 LTE WWAN Modem
</span></span><span class="line"><span class="cl">Device Descriptor:
</span></span><span class="line"><span class="cl">  bLength                <span class="m">18</span>
</span></span><span class="line"><span class="cl">  bDescriptorType         <span class="m">1</span>
</span></span><span class="line"><span class="cl">  bcdUSB               2.00
</span></span><span class="line"><span class="cl">  bDeviceClass          <span class="m">239</span> Miscellaneous Device
</span></span><span class="line"><span class="cl">  bDeviceSubClass         <span class="m">2</span> <span class="o">[</span>unknown<span class="o">]</span>
</span></span><span class="line"><span class="cl">  bDeviceProtocol         <span class="m">1</span> Interface Association
</span></span><span class="line"><span class="cl">  bMaxPacketSize0        <span class="m">64</span>
</span></span><span class="line"><span class="cl">  idVendor           0x2cb7 Fibocom
</span></span><span class="line"><span class="cl">  idProduct          0x0210 L830-EB-00 LTE WWAN Modem
</span></span><span class="line"><span class="cl">  bcdDevice            3.33
</span></span><span class="line"><span class="cl">  iManufacturer           <span class="m">1</span> FIBOCOM
</span></span><span class="line"><span class="cl">  iProduct                <span class="m">2</span> L830-EB-00
</span></span><span class="line"><span class="cl">  iSerial                 <span class="m">3</span> <span class="m">004999010640000</span>
</span></span><span class="line"><span class="cl">  bNumConfigurations      <span class="m">1</span>
</span></span><span class="line"><span class="cl">  Configuration Descriptor:
</span></span><span class="line"><span class="cl">    bLength                 <span class="m">9</span>
</span></span><span class="line"><span class="cl">    bDescriptorType         <span class="m">2</span>
</span></span><span class="line"><span class="cl">    wTotalLength       0x00a1
</span></span><span class="line"><span class="cl">    bNumInterfaces          <span class="m">4</span>
</span></span><span class="line"><span class="cl">    bConfigurationValue     <span class="m">1</span>
</span></span><span class="line"><span class="cl">    iConfiguration          <span class="m">0</span>
</span></span><span class="line"><span class="cl">    bmAttributes         0xe0
</span></span><span class="line"><span class="cl">      Self Powered
</span></span><span class="line"><span class="cl">      Remote Wakeup
</span></span><span class="line"><span class="cl">    MaxPower              100mA
</span></span><span class="line"><span class="cl"><span class="o">[</span> more output omitted <span class="k">for</span> readability <span class="o">]</span>
</span></span></code></pre></div><p>Using the <code>-v</code> and <code>-t</code> options will tell lsusb to dump the physical USB device hierarchy as a tree including IDs. The following shows a detailed tree of all USB devices (here using a <a href="https://www.thinkwiki.org/wiki/Category:T480s" target="_blank" rel="noreferrer noopener">ThinkPad T480S</a>), their types, speeds, and device classes. This is particularly useful for troubleshooting USB device issues:</p>
<div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">$ lsusb -t -v
</span></span><span class="line"><span class="cl">/:  Bus 001.Port 001: Dev 001, <span class="nv">Class</span><span class="o">=</span>root_hub, <span class="nv">Driver</span><span class="o">=</span>xhci_hcd/12p, 480M
</span></span><span class="line"><span class="cl">    ID 1d6b:0002 Linux Foundation 2.0 root hub
</span></span><span class="line"><span class="cl">    <span class="p">|</span>__ Port 001: Dev 002, If 0, <span class="nv">Class</span><span class="o">=</span>Human Interface Device, <span class="nv">Driver</span><span class="o">=</span>usbhid, 1.5M
</span></span><span class="line"><span class="cl">        ID 046d:c069 Logitech, Inc. M-U0007 <span class="o">[</span>Corded Mouse M500<span class="o">]</span>
</span></span><span class="line"><span class="cl">    <span class="p">|</span>__ Port 002: Dev 003, If 0, <span class="nv">Class</span><span class="o">=</span>Human Interface Device, <span class="nv">Driver</span><span class="o">=</span>usbhid, 1.5M
</span></span><span class="line"><span class="cl">        ID 046a:c098 CHERRY
</span></span><span class="line"><span class="cl">    <span class="p">|</span>__ Port 002: Dev 003, If 1, <span class="nv">Class</span><span class="o">=</span>Human Interface Device, <span class="nv">Driver</span><span class="o">=</span>usbhid, 1.5M
</span></span><span class="line"><span class="cl">        ID 046a:c098 CHERRY
</span></span><span class="line"><span class="cl">    <span class="p">|</span>__ Port 003: Dev 004, If 0, <span class="nv">Class</span><span class="o">=</span>Chip/SmartCard, <span class="nv">Driver</span><span class="o">=</span>usbfs, 12M
</span></span><span class="line"><span class="cl">        ID 058f:9540 Alcor Micro Corp. AU9540 Smartcard Reader
</span></span><span class="line"><span class="cl">    <span class="p">|</span>__ Port 005: Dev 005, If 0, <span class="nv">Class</span><span class="o">=</span>Video, <span class="nv">Driver</span><span class="o">=</span>uvcvideo, 480M
</span></span><span class="line"><span class="cl">        ID 5986:2123 Bison Electronics Inc.
</span></span><span class="line"><span class="cl">    <span class="p">|</span>__ Port 005: Dev 005, If 1, <span class="nv">Class</span><span class="o">=</span>Video, <span class="nv">Driver</span><span class="o">=</span>uvcvideo, 480M
</span></span><span class="line"><span class="cl">        ID 5986:2123 Bison Electronics Inc.
</span></span><span class="line"><span class="cl">    <span class="p">|</span>__ Port 006: Dev 013, If 0, <span class="nv">Class</span><span class="o">=</span>Communications, <span class="nv">Driver</span><span class="o">=</span>cdc_mbim, 480M
</span></span><span class="line"><span class="cl">        ID 2cb7:0210 Fibocom L830-EB-00 LTE WWAN Modem
</span></span><span class="line"><span class="cl">    <span class="p">|</span>__ Port 006: Dev 013, If 1, <span class="nv">Class</span><span class="o">=</span>CDC Data, <span class="nv">Driver</span><span class="o">=</span>cdc_mbim, 480M
</span></span><span class="line"><span class="cl">        ID 2cb7:0210 Fibocom L830-EB-00 LTE WWAN Modem
</span></span><span class="line"><span class="cl">    <span class="p">|</span>__ Port 006: Dev 013, If 2, <span class="nv">Class</span><span class="o">=</span>Communications, <span class="nv">Driver</span><span class="o">=</span>cdc_acm, 480M
</span></span><span class="line"><span class="cl">        ID 2cb7:0210 Fibocom L830-EB-00 LTE WWAN Modem
</span></span><span class="line"><span class="cl">    <span class="p">|</span>__ Port 006: Dev 013, If 3, <span class="nv">Class</span><span class="o">=</span>CDC Data, <span class="nv">Driver</span><span class="o">=</span>cdc_acm, 480M
</span></span><span class="line"><span class="cl">        ID 2cb7:0210 Fibocom L830-EB-00 LTE WWAN Modem
</span></span><span class="line"><span class="cl">    <span class="p">|</span>__ Port 007: Dev 007, If 0, <span class="nv">Class</span><span class="o">=</span>Wireless, <span class="nv">Driver</span><span class="o">=</span>btusb, 12M
</span></span><span class="line"><span class="cl">        ID 8087:0a2b Intel Corp. Bluetooth wireless interface
</span></span><span class="line"><span class="cl">    <span class="p">|</span>__ Port 007: Dev 007, If 1, <span class="nv">Class</span><span class="o">=</span>Wireless, <span class="nv">Driver</span><span class="o">=</span>btusb, 12M
</span></span><span class="line"><span class="cl">        ID 8087:0a2b Intel Corp. Bluetooth wireless interface
</span></span><span class="line"><span class="cl">    <span class="p">|</span>__ Port 008: Dev 008, If 0, <span class="nv">Class</span><span class="o">=</span>Video, <span class="nv">Driver</span><span class="o">=</span>uvcvideo, 480M
</span></span><span class="line"><span class="cl">        ID 5986:2115 Bison Electronics Inc.
</span></span><span class="line"><span class="cl">    <span class="p">|</span>__ Port 008: Dev 008, If 1, <span class="nv">Class</span><span class="o">=</span>Video, <span class="nv">Driver</span><span class="o">=</span>uvcvideo, 480M
</span></span><span class="line"><span class="cl">        ID 5986:2115 Bison Electronics Inc.
</span></span><span class="line"><span class="cl">    <span class="p">|</span>__ Port 009: Dev 009, If 0, <span class="nv">Class</span><span class="o">=</span>Vendor Specific Class, <span class="nv">Driver</span><span class="o">=[</span>none<span class="o">]</span>, 12M
</span></span><span class="line"><span class="cl">        ID 06cb:009a Synaptics, Inc. Metallica MIS Touch Fingerprint Reader
</span></span><span class="line"><span class="cl">/:  Bus 002.Port 001: Dev 001, <span class="nv">Class</span><span class="o">=</span>root_hub, <span class="nv">Driver</span><span class="o">=</span>xhci_hcd/6p, 5000M
</span></span><span class="line"><span class="cl">    ID 1d6b:0003 Linux Foundation 3.0 root hub
</span></span><span class="line"><span class="cl">    <span class="p">|</span>__ Port 003: Dev 002, If 0, <span class="nv">Class</span><span class="o">=</span>Mass Storage, <span class="nv">Driver</span><span class="o">=</span>usb-storage, 5000M
</span></span><span class="line"><span class="cl">        ID 0bda:0316 Realtek Semiconductor Corp. Card Reader
</span></span><span class="line"><span class="cl">/:  Bus 003.Port 001: Dev 001, <span class="nv">Class</span><span class="o">=</span>root_hub, <span class="nv">Driver</span><span class="o">=</span>xhci_hcd/2p, 480M
</span></span><span class="line"><span class="cl">    ID 1d6b:0002 Linux Foundation 2.0 root hub
</span></span><span class="line"><span class="cl">    <span class="p">|</span>__ Port 001: Dev 002, If 0, <span class="nv">Class</span><span class="o">=</span>Hub, <span class="nv">Driver</span><span class="o">=</span>hub/5p, 480M
</span></span><span class="line"><span class="cl">        ID 0451:8442 Texas Instruments, Inc.
</span></span><span class="line"><span class="cl">        <span class="p">|</span>__ Port 001: Dev 003, If 0, <span class="nv">Class</span><span class="o">=</span>Hub, <span class="nv">Driver</span><span class="o">=</span>hub/7p, 480M
</span></span><span class="line"><span class="cl">            ID 0424:2137 Microchip Technology, Inc. <span class="o">(</span>formerly SMSC<span class="o">)</span>
</span></span><span class="line"><span class="cl">        <span class="p">|</span>__ Port 003: Dev 005, If 0, <span class="nv">Class</span><span class="o">=</span>Hub, <span class="nv">Driver</span><span class="o">=</span>hub/3p, 480M
</span></span><span class="line"><span class="cl">            ID 0bda:5411 Realtek Semiconductor Corp. RTS5411 Hub
</span></span><span class="line"><span class="cl">            <span class="p">|</span>__ Port 001: Dev 006, If 0, <span class="nv">Class</span><span class="o">=</span>Vendor Specific Class, <span class="nv">Driver</span><span class="o">=</span>r8152, 480M
</span></span><span class="line"><span class="cl">                ID 0bda:8153 Realtek Semiconductor Corp. RTL8153 Gigabit Ethernet Adapter
</span></span><span class="line"><span class="cl">        <span class="p">|</span>__ Port 004: Dev 004, If 0, <span class="nv">Class</span><span class="o">=</span>Human Interface Device, <span class="nv">Driver</span><span class="o">=</span>usbhid, 480M
</span></span><span class="line"><span class="cl">            ID 0451:82ff Texas Instruments, Inc.
</span></span><span class="line"><span class="cl">/:  Bus 004.Port 001: Dev 001, <span class="nv">Class</span><span class="o">=</span>root_hub, <span class="nv">Driver</span><span class="o">=</span>xhci_hcd/2p, 10000M
</span></span><span class="line"><span class="cl">    ID 1d6b:0003 Linux Foundation 3.0 root hub
</span></span></code></pre></div><h2 id="conclusion" class="scroll-mt-20 md:scroll-mt-24 wrap-break-word group/heading "><a href="#conclusion" class="group-hover/heading:after:content-['#'] group-hover/heading:after:ml-1.5 group-hover/heading:after:text-content-400" id="conclusion">Conclusion</a></h2><p>Even though they are simple, both commands offer insights into the system’s configuration and status. Whether you’re troubleshooting, optimizing, or simply curious, these tools provide valuable data that can help you better understand and manage your Linux environment. See you next time when we will have a look at more useful listing and information command line tools and how to use them.</p>
]]></content><category scheme="taxonomy:tags" term="toolbox" label="toolbox"/><category scheme="taxonomy:tags" term="lscpu" label="lscpu"/><category scheme="taxonomy:tags" term="lsusb" label="lsusb"/></entry><entry><title type="html">Quectel EM05-G (LTE module) with ThinkPad T14 Gen4 on Fedora 39 and 40</title><id>tag:foundata.com,2024-05-23:/en/blog/2024/quectel-em05-g-thinkpad-t14-gen4-fedora-linux/</id><published>2024-05-23T01:46:00Z</published><updated>2024-05-23T01:46:00Z</updated><link href="https://foundata.com/en/blog/2024/quectel-em05-g-thinkpad-t14-gen4-fedora-linux/?utm_source=feed-atom" rel="alternate" type="text/html"/><link href="https://foundata.com/de/blog/2024/quectel-em05-g-thinkpad-t14-gen4-fedora-linux/?utm_source=feed-atom" rel="alternate" type="text/html" hreflang="de"/><link href="https://foundata.com/en/blog/2024/aten-cv211-kvm-linux/?utm_source=feed-atom" rel="related" type="text/html" title="Using the ATEN CV211 (all-in-one KVM adapter) with Fedora Linux"/><link href="https://foundata.com/en/blog/2024/use-gpl-or-later/?utm_source=feed-atom" rel="related" type="text/html" title='Please use GPLv3 "or-later" instead of "only"'/><link href="https://foundata.com/en/blog/2024/copyleft-open-source-licenses/?utm_source=feed-atom" rel="related" type="text/html" title="Use copyleft licenses for open source or life with the consequences"/><author><name>Andreas Haerter</name><uri>https://andreashaerter.com/</uri></author><author><name>Jürgen</name></author><summary type="html">How to get a working Quectel EM05-G Wireless Wide Area Network (WWAN) module with Fedora Linux with current hardware revisions.</summary><content type="html" xml:base="https://foundata.com/"><![CDATA[<p>We recently bought a bunch of <a href="https://www.lenovo.com/us/en/p/laptops/thinkpad/thinkpadt/thinkpad-t14-gen-4-%2814-inch-intel%29/len101t0057" target="_blank" rel="noreferrer noopener">Lenovo ThinkPad T14 Gen4</a> Model <code>21HDCTO1WW</code>. They were shipped with a <a href="https://www.quectel.com/product/lte-em05-series/" target="_blank" rel="noreferrer noopener">Quectel EM05-G WWAN module</a>. To our surprise, <a href="https://modemmanager.org/" target="_blank" rel="noreferrer noopener">ModemManager</a> did not activate the module right away even though the Fedora Linux support for the hardware is known to be good. It turned out that our hardware revision reports with a different USB device ID <code>2c7c:0313</code> than previous versions which used <code>2c7c:030a</code>:</p>
<div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">Bus <span class="m">003</span> Device 002: ID 2c7c:0313 Quectel Wireless Solutions Co., Ltd. Quectel EM05-G
</span></span></code></pre></div><p>Therefore, the necessary <a href="https://modemmanager.org/docs/modemmanager/fcc-unlock/" target="_blank" rel="noreferrer noopener">FCC unlock procedure</a> does not get triggered automatically even though an <a href="https://gitlab.freedesktop.org/mobile-broadband/ModemManager/-/blob/main/data/dispatcher-fcc-unlock/2c7c" target="_blank" rel="noreferrer noopener">unlock script for the Quectel EM05-G</a> was already <a href="https://gitlab.freedesktop.org/mobile-broadband/ModemManager/-/issues/640" target="_blank" rel="noreferrer noopener">added</a> by <a href="https://leah.is/" target="_blank" rel="noreferrer noopener">Leah Oswald</a>. However, the modem works perfectly fine if you unlock it manually after each reboot:</p>
<div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">mmcli -L
</span></span><span class="line"><span class="cl">sudo mbimcli --device-open-proxy --device<span class="o">=</span><span class="s2">&#34;/dev/cdc-wdm0&#34;</span> --quectel-set-radio-state<span class="o">=</span>on
</span></span></code></pre></div><p>We have opened an <a href="https://gitlab.freedesktop.org/mobile-broadband/ModemManager/-/issues/858" target="_blank" rel="noreferrer noopener">upstream issue</a> to fix the problem. If you don&rsquo;t want to wait so long until a new ModemManager version including the fix arrives on your computer, you can help yourself as follows:</p>
<div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">sudo mkdir -p <span class="s2">&#34;/etc/ModemManager/fcc-unlock.d/&#34;</span>
</span></span><span class="line"><span class="cl">sudo chown root:root -R <span class="s2">&#34;/etc/ModemManager/&#34;</span>
</span></span><span class="line"><span class="cl">sudo find <span class="s2">&#34;/etc/ModemManager/&#34;</span> -type d -exec chmod <span class="m">0755</span> <span class="o">{}</span> +
</span></span><span class="line"><span class="cl">sudo find <span class="s2">&#34;/etc/ModemManager/&#34;</span> -type f -exec chmod <span class="m">0644</span> <span class="o">{}</span> +
</span></span><span class="line"><span class="cl">sudo ln -s -f <span class="s2">&#34;/usr/share/ModemManager/fcc-unlock.available.d/2c7c&#34;</span> <span class="s2">&#34;/etc/ModemManager/fcc-unlock.d/2c7c:0313&#34;</span>
</span></span></code></pre></div><p>This creates a symlink to the working FCC unlock script <code>2c7c</code> for the new USB device ID <code>2c7c:0313</code> in your local configuration. Hope that helps.</p>
]]></content><category scheme="taxonomy:tags" term="fedora" label="fedora"/><category scheme="taxonomy:tags" term="wwan" label="wwan"/><category scheme="taxonomy:tags" term="modemmanager" label="modemmanager"/><category scheme="taxonomy:tags" term="quectel" label="quectel"/><category scheme="taxonomy:tags" term="lenovo" label="lenovo"/><category scheme="taxonomy:tags" term="thinkpad" label="thinkpad"/></entry><entry><title type="html">Please use GPLv3 “or-later” instead of “only”</title><id>tag:foundata.com,2024-05-23:/en/blog/2024/use-gpl-or-later/</id><published>2024-05-23T00:25:00Z</published><updated>2024-05-23T00:25:00Z</updated><link href="https://foundata.com/en/blog/2024/use-gpl-or-later/?utm_source=feed-atom" rel="alternate" type="text/html"/><link href="https://foundata.com/de/blog/2024/verwende-gpl-or-later/?utm_source=feed-atom" rel="alternate" type="text/html" hreflang="de"/><link href="https://foundata.com/en/blog/2024/copyleft-open-source-licenses/?utm_source=feed-atom" rel="related" type="text/html" title="Use copyleft licenses for open source or life with the consequences"/><link href="https://foundata.com/en/blog/2024/aten-cv211-kvm-linux/?utm_source=feed-atom" rel="related" type="text/html" title="Using the ATEN CV211 (all-in-one KVM adapter) with Fedora Linux"/><author><name>Andreas Haerter</name><uri>https://andreashaerter.com/</uri></author><summary type="html">An article about the pros of the "or later" clause of the GNU General Public License (GPL).</summary><content type="html" xml:base="https://foundata.com/"><![CDATA[<p><a href="https://foundata.com/en/blog/2024/copyleft-open-source-licenses/">It makes sense to prefer copyleft licenses</a>. The most popular copyleft license is probably the GNU General Public License (GPL), with Version 3 from 2007 being the latest one. When you use the GPLv3, you have to decide if you go for &ldquo;<a href="https://spdx.org/licenses/GPL-3.0-or-later.html" target="_blank" rel="noreferrer noopener">GPL v3.0 or later</a>&rdquo; or &ldquo;<a href="https://spdx.org/licenses/GPL-3.0-only.html" target="_blank" rel="noreferrer noopener">GPL v3.0 only</a>&rdquo;. This is because of <a href="https://www.gnu.org/licenses/gpl-3.0-standalone.html#section14" target="_blank" rel="noreferrer noopener">Clause 14 &ldquo;Revised Versions of this License&rdquo; of the GPLv3</a>.<sup id="fnref:1"><a href="#fn:1" class="footnote-ref" role="doc-noteref">1</a></sup></p>
<p>The clause addresses how future versions of the license will be handled and state that the <a href="https://www.fsf.org/" target="_blank" rel="noreferrer noopener">Free Software Foundation (FSF)</a> may publish new versions of the GPL, <strong>which will be similar in spirit to the current version</strong> but may include changes to address new legal and technological issues. This <strong>also ensures the protection of Free Software from potential missteps by the Free Software Foundation (FSF) <em>itself</em></strong> as, for example, no one could state a valid GPLv4 without <a href="https://en.wikipedia.org/wiki/Copyleft" target="_blank" rel="noreferrer noopener">copyleft</a>. Some argue that the GPLv3 is fundamentally different from the GPLv2, but a detailed examination shows this is not the case&ndash;it is indeed similar in spirit. Just read it for yourself. For our part, we therefore strongly <a href="https://github.com/foundata/guidelines/blob/master/licensing-how-to-choose-a-license.md#licenses-to-choose-from" target="_blank" rel="noreferrer noopener">recommend</a> choosing the &ldquo;or later&rdquo; option for our own projects.</p>
<h2 id="learn-from-past-mistakes" class="scroll-mt-20 md:scroll-mt-24 wrap-break-word group/heading "><a href="#learn-from-past-mistakes" class="group-hover/heading:after:content-['#'] group-hover/heading:after:ml-1.5 group-hover/heading:after:text-content-400" id="learn-from-past-mistakes">Learn from past mistakes</a></h2><p>Using <code>GPL-2.0-only</code> in the past created significant compatibility issues with other licenses, hindering the integration and distribution of combined works. For example, software licensed under <code>GPL-2.0-only</code> is incompatible with the <a href="https://choosealicense.com/licenses/apache-2.0/" target="_blank" rel="noreferrer noopener"><code>Apache-2.0</code></a> license, preventing the combination of many codebases even today. And some projects had to <a href="https://wiki.mercurial-scm.org/Relicensing" target="_blank" rel="noreferrer noopener">spend <em>a lot</em> of time and work to change licensing</a> to achieve better license compatibility and reduce integration barriers. These issues can lead to fragmentation and reduced flexibility in the open-source ecosystem.</p>
<p>GPLv2 showed that this adaptability might be necessary, as sticking to <code>GPL-2.0-only</code> did not provide any significant benefit and led to compatibility problems. Therefore, it makes sense to adopt the &ldquo;or later&rdquo; option whenever possible. This approach not only preserves the spirit of the license but also provides a safeguard against potential future challenges, much like a well-prepared contingency plan.</p>
<h2 id="conclusion" class="scroll-mt-20 md:scroll-mt-24 wrap-break-word group/heading "><a href="#conclusion" class="group-hover/heading:after:content-['#'] group-hover/heading:after:ml-1.5 group-hover/heading:after:text-content-400" id="conclusion">Conclusion</a></h2><p>The &ldquo;or later&rdquo; clause of <code>GPL-3.0-or-later</code> is crucial as it allows the evolution of the license to keep up with changing circumstances, ensuring ongoing protection and freedom for software users and developers. This clause is like a safety net that allows us to adapt to future changes in the legal and technological landscape and to enable cooperation from various parties in the future. Use it.</p>
<div class="footnotes" role="doc-endnotes">
<hr>
<ol>
<li id="fn:1">
<p>It is the same with <a href="https://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html#section9" target="_blank" rel="noreferrer noopener">Clause 9 of GPLv2</a>.&#160;<a href="#fnref:1" class="footnote-backref" role="doc-backlink">&#x21a9;&#xfe0e;</a></p>
</li>
</ol>
</div>
]]></content><category scheme="taxonomy:tags" term="open-source" label="open-source"/><category scheme="taxonomy:tags" term="license" label="license"/><category scheme="taxonomy:tags" term="copyleft" label="copyleft"/><category scheme="taxonomy:tags" term="gpl" label="gpl"/></entry><entry><title type="html">Using the ATEN CV211 (all-in-one KVM adapter) with Fedora Linux</title><id>tag:foundata.com,2024-05-16:/en/blog/2024/aten-cv211-kvm-linux/</id><published>2024-05-16T17:32:00Z</published><updated>2024-07-11T01:34:00Z</updated><link href="https://foundata.com/en/blog/2024/aten-cv211-kvm-linux/?utm_source=feed-atom" rel="alternate" type="text/html"/><link href="https://foundata.com/de/blog/2024/aten-cv211-kvm-linux/?utm_source=feed-atom" rel="alternate" type="text/html" hreflang="de"/><link href="https://foundata.com/en/blog/2024/copyleft-open-source-licenses/?utm_source=feed-atom" rel="related" type="text/html" title="Use copyleft licenses for open source or life with the consequences"/><author><name>Andreas Haerter</name><uri>https://andreashaerter.com/</uri></author><summary type="html"><![CDATA[<p>The <a href="https://www.aten.com/global/en/products/kvm/cable-kvm-switches/cv211/" target="_blank" rel="noreferrer noopener">ATEN CV211</a> is an all-in-one KVM (Keyboard, Video, Mouse) adapter that turns your laptop into a KVM console, combining the functionality of a wormhole switch, capture box, external DVD-ROM, keyboard, mouse, and monitor, all in one compact and convenient unit. I really like the hardware in daily operations, especially when I have to a takeover new environments with &ldquo;historically grown&rdquo; cabling. It is nice to have the ability to get the screen and keyboard control of a yet unknown server without hassle—all with a small USB adapter in your backpack:</p>]]></summary><content type="html" xml:base="https://foundata.com/"><![CDATA[<p>The <a href="https://www.aten.com/global/en/products/kvm/cable-kvm-switches/cv211/" target="_blank" rel="noreferrer noopener">ATEN CV211</a> is an all-in-one KVM (Keyboard, Video, Mouse) adapter that turns your laptop into a KVM console, combining the functionality of a wormhole switch, capture box, external DVD-ROM, keyboard, mouse, and monitor, all in one compact and convenient unit. I really like the hardware in daily operations, especially when I have to a takeover new environments with &ldquo;historically grown&rdquo; cabling. It is nice to have the ability to get the screen and keyboard control of a yet unknown server without hassle—all with a small USB adapter in your backpack:</p>
<figure><img class="mx-auto my-0 rounded-xs" alt="ATEN CV211 KVM switch: photo of the hardware"  srcset="/de/blog/2024/aten-cv211-kvm-linux/aten-cv211-hardware_hu_27b86746264c34e3.jpg 330w,/de/blog/2024/aten-cv211-kvm-linux/aten-cv211-hardware_hu_34e659018e260b1d.jpg 660w,/de/blog/2024/aten-cv211-kvm-linux/aten-cv211-hardware_hu_77d2773747ea3ca8.jpg 1024w,/de/blog/2024/aten-cv211-kvm-linux/aten-cv211-hardware_hu_5738ffbe0085dd1d.jpg 2x" src="/de/blog/2024/aten-cv211-kvm-linux/aten-cv211-hardware_hu_34e659018e260b1d.jpg"  loading="lazy"></figure><p>If you connect the adapter, you&rsquo;ll get a 10 MiB drive mounted with the following contents, containing a Microsoft Windows Client <code>WinClient.exe</code> (basically a Runtime Environment and wrapper) and the real application <code>JavaClient.jar</code>:</p>
<div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">$ ll
</span></span><span class="line"><span class="cl">total 9,1M
</span></span><span class="line"><span class="cl">drwxr-xr-x. <span class="m">2</span> user user  16K  1. Jan <span class="m">1970</span>  .
</span></span><span class="line"><span class="cl">drwxr-x---+ <span class="m">3</span> root root   <span class="m">60</span> 30. Apr 19:08 ..
</span></span><span class="line"><span class="cl">-rw-r--r--. <span class="m">1</span> user user 3,7M 30. Dez <span class="m">2019</span>  JavaClient.jar
</span></span><span class="line"><span class="cl">-rw-r--r--. <span class="m">1</span> user user 2,0M 30. Dez <span class="m">2019</span>  Vplayer.jar
</span></span><span class="line"><span class="cl">-rwxr-xr-x. <span class="m">1</span> user user 3,5M 30. Dez <span class="m">2019</span>  WinClient.exe
</span></span></code></pre></div><h2 id="the-login-failed-problem" class="scroll-mt-20 md:scroll-mt-24 wrap-break-word group/heading "><a href="#the-login-failed-problem" class="group-hover/heading:after:content-['#'] group-hover/heading:after:ml-1.5 group-hover/heading:after:text-content-400" id="the-login-failed-problem">The &ldquo;login failed&rdquo; problem</a></h2><p>The <code>JavaClient.jar</code> KVM console is mostly the same as ATEN uses for all their IP KVM stuff. They just bind the service to some high port on <code>localhost</code> and use the hardcoded credentials <code>-u administrator -p password</code> to connect (which is obvious in several places):</p>
<figure><img class="mx-auto my-0 rounded-xs" alt="ATEN CV211 KVM switch: credentials"  srcset="/de/blog/2024/aten-cv211-kvm-linux/aten-cv211-credentials-ghex_hu_722afafdfa6a6527.png 330w,/de/blog/2024/aten-cv211-kvm-linux/aten-cv211-credentials-ghex_hu_af19ab6c8cdd408b.png 660w,/de/blog/2024/aten-cv211-kvm-linux/aten-cv211-credentials-ghex_hu_e6e17435976d4060.png 1024w,/de/blog/2024/aten-cv211-kvm-linux/aten-cv211-credentials-ghex_hu_c6323a919321bd14.png 2x" src="/de/blog/2024/aten-cv211-kvm-linux/aten-cv211-credentials-ghex_hu_af19ab6c8cdd408b.png"  loading="lazy"></figure><p>Sadly, the Java application is not able to run out-of-the-box on a Fedora 40 Linux with OpenJDK / Java SE. The application will start but sometimes does not even list the device. And if there is a device to connect to, the login will fail:</p>
<figure><img class="mx-auto my-0 rounded-xs" alt="ATEN CV211 KVM switch: login failed with OpenJDK"  src="/de/blog/2024/aten-cv211-kvm-linux/aten-cv211-login-failed-linux-openjdk.png"  loading="lazy"></figure><p>The <code>JavaClient.jar</code> will not be able to connect with any supported OpenJDK or <a href="https://www.azul.com/downloads/" target="_blank" rel="noreferrer noopener">Azul Zulu Java RE</a>:</p>
<div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl"><span class="c1"># incompatible Java version :-(</span>
</span></span><span class="line"><span class="cl">$ java -version
</span></span><span class="line"><span class="cl">openjdk version <span class="s2">&#34;17.0.9&#34;</span> 2023-10-17
</span></span></code></pre></div><h1 id="solution-oracle-jdk-7" class="scroll-mt-20 md:scroll-mt-24 wrap-break-word group/heading "><a href="#solution-oracle-jdk-7" class="group-hover/heading:after:content-['#'] group-hover/heading:after:ml-1.5 group-hover/heading:after:text-content-400" id="solution-oracle-jdk-7">Solution: Oracle JDK 7</a></h1><p>For anybody having the same problem, the following should help:</p>
<ol>
<li><strong>Use</strong> a copy of the <strong>Oracle JDK 7</strong> (the patch level does not matter) and the application will work without flaws.<sup id="fnref:1"><a href="#fn:1" class="footnote-ref" role="doc-noteref">1</a></sup></li>
<li>Make sure <strong>the current working directory is the USB mount point so the <code>.jar</code> files are in <code>./</code></strong>.</li>
</ol>
<p>For example, if you just extract <code>jdk-7u80-linux-x64.tar.gz</code> to <code>/tmp</code>, you can use the application as follows:</p>
<div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">tar -xvf jdk-7u80-linux-x64.tar.gz -C /tmp
</span></span><span class="line"><span class="cl"><span class="nb">cd</span> /run/media/user/disk <span class="c1"># or wherever the ATEN CV211 storage was mounted</span>
</span></span><span class="line"><span class="cl">sudo /tmp/jdk1.7.0_80/bin/java -jar ./JavaClient.jar
</span></span></code></pre></div><figure><img class="mx-auto my-0 rounded-xs" alt="ATEN CV211 KVM switch: screenshot of the working application"  srcset="/de/blog/2024/aten-cv211-kvm-linux/aten-cv211-working-with-jdk-7u80-linux-x64_hu_5925fb733328bd15.png 330w,/de/blog/2024/aten-cv211-kvm-linux/aten-cv211-working-with-jdk-7u80-linux-x64_hu_2f088b5d1449038e.png 660w,/de/blog/2024/aten-cv211-kvm-linux/aten-cv211-working-with-jdk-7u80-linux-x64_hu_aef664ead2cd8f80.png 1024w,/de/blog/2024/aten-cv211-kvm-linux/aten-cv211-working-with-jdk-7u80-linux-x64_hu_cb18726a350cfe9a.png 2x" src="/de/blog/2024/aten-cv211-kvm-linux/aten-cv211-working-with-jdk-7u80-linux-x64_hu_2f088b5d1449038e.png"  loading="lazy"></figure><p>You can <a href="https://www.google.com/search?q=download&#43;oracle&#43;jdk&#43;without&#43;account" target="_blank" rel="noreferrer noopener">download the Oracle JDK 7</a> from <a href="https://www.oracle.com/de/java/technologies/javase/javase7-archive-downloads.html" target="_blank" rel="noreferrer noopener">https://www.oracle.com/de/java/technologies/javase/javase7-archive-downloads.html</a>, but keep in mind to check the license conditions, especially if you are operating in a commercial environment.</p>
<h2 id="if-the-problem-persists" class="scroll-mt-20 md:scroll-mt-24 wrap-break-word group/heading "><a href="#if-the-problem-persists" class="group-hover/heading:after:content-['#'] group-hover/heading:after:ml-1.5 group-hover/heading:after:text-content-400" id="if-the-problem-persists">If the problem persists&hellip;</a></h2><p>Sometimes, the &ldquo;login failed&rdquo; error occurs even when following the procedure described above (i.e., when using Oracle Java and the current working directory is the mount point). I have not yet been able to determine the exact cause of these (rare) cases. However, this behavior has never occurred during operation but only during the first use. In such cases, a reboot of the hardware by unplugging and reconnecting it to the USB port always helped.</p>
<div class="footnotes" role="doc-endnotes">
<hr>
<ol>
<li id="fn:1">
<p>Do not use this old, unpatched Java RE for <em>anything</em> else because of known security vulnerabilities.&#160;<a href="#fnref:1" class="footnote-backref" role="doc-backlink">&#x21a9;&#xfe0e;</a></p>
</li>
</ol>
</div>
]]></content><category scheme="taxonomy:tags" term="aten" label="aten"/><category scheme="taxonomy:tags" term="aten-cv211" label="aten-cv211"/><category scheme="taxonomy:tags" term="kvm" label="kvm"/><category scheme="taxonomy:tags" term="java" label="java"/><category scheme="taxonomy:tags" term="fedora" label="fedora"/></entry><entry><title type="html">Use copyleft licenses for open source or life with the consequences</title><id>tag:foundata.com,2024-05-16:/en/blog/2024/copyleft-open-source-licenses/</id><published>2024-05-16T15:26:00Z</published><updated>2024-05-16T15:26:00Z</updated><link href="https://foundata.com/en/blog/2024/copyleft-open-source-licenses/?utm_source=feed-atom" rel="alternate" type="text/html"/><link href="https://foundata.com/de/blog/2024/copyleft-open-source-lizenzen/?utm_source=feed-atom" rel="alternate" type="text/html" hreflang="de"/><author><name>Andreas Haerter</name><uri>https://andreashaerter.com/</uri></author><summary type="html">An article about the pros of copyleft licenses and the consequences of not using them for open source.</summary><content type="html" xml:base="https://foundata.com/"><![CDATA[<p>A good open-source license allows reuse of source code while retaining copyright. But you should also <strong>think about <a href="https://en.wikipedia.org/wiki/Copyleft" target="_blank" rel="noreferrer noopener">copyleft</a></strong> when starting a open-source project or company.</p>
<p>Licenses like the <a href="https://choosealicense.com/licenses/gpl-3.0/" target="_blank" rel="noreferrer noopener">General Public License (GPL)</a> are usually better for the open-source ecosystem than permissive ones like <a href="https://choosealicense.com/licenses/apache-2.0/" target="_blank" rel="noreferrer noopener">Apache 2</a> or <a href="https://choosealicense.com/licenses/mit/" target="_blank" rel="noreferrer noopener">MIT</a> as they require that any modifications or derivative works are shared, promoting a cycle of continuous contributions and improvements. Enhancements are distributed, benefiting the entire community rather than allowing the exploitation of open source code without giving back (looking at you, <a href="https://en.wikipedia.org/wiki/Amazon_Web_Services" target="_blank" rel="noreferrer noopener">Amazon Web Services</a>).</p>
<h2 id="hypergrowth--community" class="scroll-mt-20 md:scroll-mt-24 wrap-break-word group/heading "><a href="#hypergrowth--community" class="group-hover/heading:after:content-['#'] group-hover/heading:after:ml-1.5 group-hover/heading:after:text-content-400" id="hypergrowth--community">Hypergrowth &lt; Community</a></h2><p>Licenses like the <a href="https://choosealicense.com/licenses/agpl-3.0/" target="_blank" rel="noreferrer noopener">GNU Affero General Public License (AGPL)</a> might prevent some corporations from using an open-source project because they do not want to release the source code of their own modifications to it. Sadly, corporate compliance often prohibits the usage of copyleft projects altogether, even if nobody plans to modify anything. Especially the legal departments of large &ldquo;enterprizy&rdquo; organizations often prefer software with licenses like <a href="https://choosealicense.com/licenses/mit/" target="_blank" rel="noreferrer noopener">MIT</a> as they want it simple and &ldquo;risk&rdquo;-free.</p>
<p>In light of <a href="https://arstechnica.com/information-technology/2019/10/is-the-software-world-taking-too-much-from-the-open-source-community/" target="_blank" rel="noreferrer noopener">license changes</a>, the impression comes to mind that <strong>many start-ups use open source not because of freedom but as an argument for adoption in the enterprise ecosystem. They avoid choosing (A)GPLv3 licenses to facilitate easier corporate adoption without generating enough revenue</strong>, while being funded by venture capital and without getting contributions back by organization who could easily afford giving back <em>something</em>. Then, after being adopted, they complain.</p>
<p>While the open-source contributions from corporations like <a href="https://en.wikipedia.org/wiki/HashiCorp" target="_blank" rel="noreferrer noopener">HashiCorp</a> are impressive, the overall situation is complex. There&rsquo;s a reason why Linux (GPL licensed) is still around, growing, and making money for so many while companies behind widespread open source projects often <a href="">fail financially and burning insane amounts of money</a>. It might work out for individuals and owners when <a href="https://www.theregister.com/2024/05/10/opinion_column_ibm_hashicorp/" target="_blank" rel="noreferrer noopener">getting bought</a>, but it hurts users and ecosystems who relied on something.</p>
<h2 id="your-saas-will-not-compete-against-aws-or-internal-it-staff" class="scroll-mt-20 md:scroll-mt-24 wrap-break-word group/heading "><a href="#your-saas-will-not-compete-against-aws-or-internal-it-staff" class="group-hover/heading:after:content-['#'] group-hover/heading:after:ml-1.5 group-hover/heading:after:text-content-400" id="your-saas-will-not-compete-against-aws-or-internal-it-staff">Your SaaS will not compete against AWS or internal IT staff</a></h2><p>So don&rsquo;t be surprised if <strong>licenses like MIT attract large corporations and users who don&rsquo;t care about you or the community</strong>, making it difficult to find fair cooperation (including financial resources) with them later. Stick with a real, copyleft license that has less adoption by other enterprises and focus on organic growth with people who care about the project.</p>
<p>Alternatively, be prepared for the consequences that Amazon or other hyperscalers will attract a large number of customers using your product without giving anything back—as you stated that&rsquo;s OK by using e.g the MIT license.</p>
<p><strong>If you still want to go that route, you must establish another source of income right away.</strong> One has to be realistic: Competing with your open-source product&rsquo;s own SaaS against any SaaS by Amazon or other hyperscalers—or even the well-trained on-premises operations team—will not work out if that&rsquo;s your only way to make money. Services that support users in operating in-house or enabling paid development (e.g., prioritizing features for a fee) are also possible with open source and are the better choice.</p>
]]></content><category scheme="taxonomy:tags" term="open-source" label="open-source"/><category scheme="taxonomy:tags" term="license" label="license"/><category scheme="taxonomy:tags" term="copyleft" label="copyleft"/></entry></feed>