Red Hat published bulletin RHSB-2026-004 "File Descriptor Theft via Process Exit Race Condition" for a race condition in the Linux kernel: CVE-2026-46333, going around as "ssh-keysign-pwn" or "ptrace exit-race". Red Hat rates it Important, NVD lists CVSS 5.5. Affected are RHEL 8, 9 and 10 and OpenShift Container Platform 4. Rocky Linux and AlmaLinux already ship fixes, Red Hat tracks the rollout in the linked bulletin. Until the regular kernel patch is in, the official mitigation through the Yama ptrace scope applies.
Rocky Linux launches an optional security repository for critical hot-fixes as long as RHEL has no patch yet. First use case is Dirty Frag (CVE-2026-43284, CVE-2026-43500), a local privilege escalation in the Linux kernel with a working public PoC. The repo is not enabled by default and has to be switched on deliberately.
Red Hat has published bulletin RHSB-2026-003 "Dirty Frag" covering a local privilege escalation in the Linux kernel networking subsystem. The bulletin groups CVE-2026-43284 in the IPsec ESP path (Dirty Frag) and CVE-2026-46300 in the ESP-in-TCP variant (Fragnesia). Red Hat rates both as Important. Affected are RHEL 8, 9 and 10 plus OpenShift Container Platform 4. Patches are being expedited per the bulletin. Until they are in, one of the two official mitigations applies.
CVE-2026-31431 is a local privilege escalation in the Linux kernel crypto API. Red Hat rates it Important (CVSS 7.8). Affected are RHEL 8, 9 and 10 (kernel and kernel-rt) and OpenShift Container Platform 4. Until the kernel patch is in, the official boot-parameter mitigation should be on every RHEL host.
Firewall Builder (fwbuilder) has no nftables support and has not been actively developed for years. FirewallFabrik is its modern successor: a complete rewrite in Python and Qt6 with native nftables support, seamless migration of existing .fwb files, and a GUI that feels just like the original.
ChecklistFabrik ("clf") helps to standardise processes and to-do lists in teams and organisations and to answer questions such as "What needs to be done next?" or "Where am I in the process?". All you need is a YAML file that defines the workflow as a checklist, Python to run ChecklistFabrik, and a browser to display the interactive HTML checklist generated by clf.
icinga-demo.linuxfabrik.ch is our public demo instance where Icinga, Icingaweb 2, the Icinga Director and our Linuxfabrik Monitoring Plugins can be tried out live, with no local installation needed.
Icinga can be ordered from our partner Exoscale on their Marketplace with just a few clicks. The cloud images we provide deliver a fully functional Icinga 2 instance, pre-configured and ready to use.
The characters \ / : ? * " < > | as well as leading and trailing spaces in file and directory names are generally problematic and cannot be used at all on some systems, e.g. the question mark on Windows.
At Icinga Summit 2024 in Berlin, Linuxfabrik ran the workshop Write your own monitoring plugin in Python using the Linuxfabrik Libraries.
In a small but nice setting our "Linuxfabrik Partner Event 2023" ended on 05.09.2023. Our customers and partners were invited.
At Icinga Camp Berlin 2023, Markus Frei presented the Linuxfabrik Monitoring Plugins.
In 2023, Linuxfabrik was elected Contribution Tinkerer by the Icinga Community with the Linuxfabrik Monitoring Plugins. Thank you! 🙂
Linuxfabrik is an official Graylog partner and offers the license that fits your environment: from Graylog Open to Graylog Enterprise to Graylog Security.
For customers using Icinga for infrastructure monitoring: Icinga GmbH has reshaped its business model so that the rpm packages for RHEL 8+, Amazon Linux and SUSE Linux based operating systems sit behind a paywall.
At the 12th Ansible Meetup in Zurich, Linuxfabrik presented LFOps.
Nice Icinga blog post about the Icinga setup at the Swiss Tropical and Public Health Institute (Swiss TPH), where Linuxfabrik handled the initial deployment and the Linuxfabrik Monitoring Plugins are in use.
At the 11th Ansible Meetup in Zurich, Linuxfabrik presented LFOps in a talk titled "Managing RHEL-based datacenter influenced by DebOps".
At Icinga Camp Berlin 2022, Markus Frei presented the Linuxfabrik Monitoring Plugins.
The Linuxfabrik Monitoring Plugins integrate LibreNMS into Icinga: when LibreNMS raises an alert, Icinga picks it up.
Nextcloud offers three layers of encryption: transport encryption (TLS), Server-Side Encryption (SSE) and End-to-End Encryption (E2EE). Which one fits when, and what we run at Linuxfabrik.
No matter how modern and redundant the data centre: in addition to the host's backups, customers should always run their own offsite backups.
The little admin guide available at docs.linuxfabrik.ch since 2020-12-01 is not a comprehensive introduction to Linux. It helps us solve many of our daily tasks in a "best practice" way.
