#natural-language-linux-management

#natural-language-linux-management

He stormed up to my desk, leaned over my partition, and began his rant before I could so much as say hello. He screamed about the rubbish laptops and IT systems we had, nothing ever worked, all the usual stuff. The user's rant ended with a thundered 'Just FIX IT!'

In order to use agents or in order to use AI in IT operations, all of your systems need to be interconnected and what interconnects all of your systems is an automation platform. Interconnecting systems is only a piece of the puzzle though. There is also some well-founded concern about the autonomous AI systems we are moving towards. AI agents may make decisions and inferences, but enterprises remain hesitant to allow direct execution on production systems.

This flaw (CVE-2026-3888) allows an unprivileged local attacker to escalate privileges to full root access through the interaction of two standard system components: snap-confine and systemd-tmpfiles. While the exploit requires a specific time-based window (10-30 days), the resulting impact is a complete compromise of the host system.

The vulnerabilities exploit a confused deputy attack. An unauthorized user can manipulate a privileged process to perform actions on their behalf, without having the necessary rights themselves. Specifically, attackers abuse tools such as Sudo or Postfix to modify AppArmor profiles via pseudo-files such as /sys/kernel/security/apparmor/.load and .replace.

I've had several incarnations of the self-hosted home lab for decades. At one point, I had a small server farm of various machines that were either too old to serve as desktops or that people simply no longer wanted. I'd grab those machines, install Linux on them, and use them for various server purposes. Here are two questions you should ask yourself:

A few months ago, I decided to breathe new life into a 2019 Dell XPS 15 that had been collecting dust for a couple of years. Despite its (at the time) high-end Core i7 CPU and 32GB of RAM, Windows was frustratingly slow on it. The fan was constantly at full throttle even when the machine was idle, and it regularly failed to install updates.

You may have noticed that many European Union (EU) governments and agencies, worried about ceding control to untrustworthy US companies, have been embracing digital sovereignty. Those bodies are turning to running their own cloud and services instead of relying on, say, Microsoft 365 or Google Workspace. If you prize your privacy and want to control your own services, you can take that approach as well.

I recently wrote about my migration away from VirtualBox to KVM/Virt-Machine for my virtual machine needs. I've found those tools to be far superior (albeit with a bit more of a learning curve) than VirtualBox. Since then, however, I've found another method of working with KVM (the Linux kernel virtual machine technology), one that not only allows me to create and manage virtual machines on my local computer, but also from any machine on my LAN. That tool is Cockpit, which makes managing your Linux machines considerably easier.

Because of that, you need to be very familiar and comfortable with the command line. Or you can install a desktop environment. In my opinion, this is the single easiest way to make Ubuntu Server easier, especially if you're relatively new to Linux. Having a GUI desktop will strip away the fear of having to use the command line, because you'll have plenty of apps to use (such as the file manager, user manager, GUI app store, and much more).

The updates are installed onto a different (and isolated) system image or subvolume. Once the update finishes successfully, you can switch to the new system by rebooting. Again, if the update isn't 100% successful, it will not happen. And because this all occurs on a separate partition (or image), you don't have to worry about it affecting your system's current state.

We have already discussed in the previous two articles about file and folder permissions along with special permissions that are supported in linux. The permissions are effective for many scenarios. But what happens when you need more granularity? How do you grant write access to a file to just one specific user who isn't the owner and isn't in the owning group?

For the longest time, Linux was considered to be geared specifically for developers and computer scientists. Modern distributions are far more general purpose now -- but that doesn't mean there aren't certain distros that are also ideal platforms for developers. What makes a distribution right for developers? Although I consider app compatibility, stability, and flexibility to be essential attributes for most any Linux distribution, developers also need the right tools

Bash scripts are a great way to automate all sorts of repetitive tasks -- you can run backups, clear temporary files/logs, rename or batch-rename files, install or update software, and much more. Although writing such scripts isn't nearly as hard as you might think, it does take some time to learn the ins and outs of bash scripting. Also: 6 hidden Android features that are seriously useful (and how they made my life easier) Good news: If you have an Android device, you can enable the Linux terminal, which means you can create or practice your bash scripting on the go.

Ring the bells, sound the trumpet, the Linux 6.19 kernel has arrived. Linus Torvalds announced that "6.19 is out as expected -- just as the US prepares to come to a complete standstill later today, watching the latest batch of televised commercials." Because while the big news in Linux circles might be a new Linux release, Torvalds recognizes that for many people, the "big news [was] some random sporting event." American football, what can you do?

Every time I've had to install Windows (which is a nightmare), it seems there's always work to do to get it working as needed. You may need to install drivers and software, remove ads, update the system (which can take a long time), remove bloatware, tweak the UI, disable taskbar and lock screen widgets, disable system notifications, enable system protection, and more.