Language Selection

English French German Italian Portuguese Spanish

LWN

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Updated: 2 hours 46 min ago

The new rules for Perl governance

Wednesday 25th of November 2020 04:29:49 PM
The process of adopting a new governance model for the Perl project appears to be reaching an end; the new model is designed to look a lot like the one adopted by the Python project. "So, now Perl has two well-defined bodies involved in its governance: a core team of a few dozen and a steering council of three people. The core team sets the rules of Perl governance, votes on membership of the two groups, and delegates substantial decision making power to the steering council. The steering council has broad authority to make decisions about the development of the Perl language, the interpreter, and all other components, systems and processes that result in new releases of the language interpreter." The full description is available for those looking for the details.

Security updates for Wednesday

Wednesday 25th of November 2020 03:49:09 PM
Security updates have been issued by Debian (spip and webkit2gtk), Fedora (kernel and libexif), openSUSE (chromium and rclone), Slackware (mutt), SUSE (kernel, mariadb, and slurm), and Ubuntu (igraph).

[$] Mutt releases version 2.0

Wednesday 25th of November 2020 02:50:03 PM
The venerable email client Mutt has just reached version 2.0. Mutt is different from the type of client that has come to dominate the email landscape—for one thing, it has no graphical interface. It has a long history that is worth a bit of a look, as are its feature set and extensive customizability. Version 2.0 brings several enhancements to Mutt's interface, configurability, and convenience, as well. In this article, readers who are unfamiliar with Mutt will learn about a different way to deal with the daily chore of wrangling their inboxes, while Mutt experts may discover some new sides to an old friend.

A set of stable kernels

Tuesday 24th of November 2020 05:20:27 PM
Greg Kroah-Hartman has released stable kernels 5.9.11, 5.4.80, 4.19.160, 4.14.209, 4.9.246, and 4.4.246 have been released. They all contain important fixes and users should upgrade.

Security updates for Tuesday

Tuesday 24th of November 2020 04:10:21 PM
Security updates have been issued by Fedora (chromium, microcode_ctl, and seamonkey), Mageia (f2fs-tools, italc, python-cryptography, python-pillow, tcpreplay, and vino), Oracle (thunderbird), Red Hat (bind, kernel, microcode_ctl, net-snmp, and Red Hat Virtualization), Scientific Linux (net-snmp and thunderbird), SUSE (kernel and mariadb), and Ubuntu (atftp, libextractor, pdfresurrect, and pulseaudio).

GNU Guix 1.2.0 released

Monday 23rd of November 2020 06:22:34 PM
GNU Guix, a functional package manager and associated free software distribution, was introduced eight years ago. The 1.2.0 release celebrates the anniversary. "A major highlight in this release is the ability to authenticate channels, which probably makes Guix one of the safest ways to deliver complete operating systems today. This was the missing link in our “software supply chain” and we’re glad it’s now fixed. The end result is that guix pull and related commands now cryptographically authenticate channel code that they fetch; you cannot, for instance, retrieve unauthorized commits to the official Guix repository."

Huang: Evaluating Precursor’s Hardware Security

Monday 23rd of November 2020 06:06:39 PM
For those who are interested in security at the hardware level, this blog post from Andrew 'bunnie' Huang is well worth a read. "Despite any claims you may have heard otherwise, tamper resistance is a largely unsolved problem. Any secrets committed to a non-volatile format are vulnerable to recovery by a sufficiently advanced adversary. The availability of near-atomic level microscopy, along with sophisticated photon and phonon based probing techniques, means that a lab equipped with a few million dollars worth of top-notch gear and well-trained technicians has a good chance of recovering secret key material out of virtually any non-volatile storage media. The hard part is figuring out where the secrets are located on the chip."

Security updates for Monday

Monday 23rd of November 2020 04:10:52 PM
Security updates have been issued by Debian (cimg, golang-1.7, golang-1.8, krb5, mediawiki, mupdf, php-pear, samba, thunderbird, and zabbix), Fedora (chromium, krb5, microcode_ctl, pngcheck, and rpki-client), Mageia (librepo, postgresql, python-twisted, raptor2, tcpdump, and thunderbird), openSUSE (blueman, java-11-openjdk, moinmoin-wiki, python, rmt-server, SDL, and tcpdump), Red Hat (chromium-browser and thunderbird), SUSE (c-ares, ceph, dash, firefox, java-1_8_0-openjdk, postgresql10, postgresql12, postgresql96, u-boot, and ucode-intel), and Ubuntu (openldap).

Kernel prepatch 5.10-rc5

Monday 23rd of November 2020 12:24:21 AM
The 5.10-rc5 kernel prepatch is out. "The 5.10 release candidates stubbornly keeps staying fairly big, even though by rc5 we really should be seeing things starting to calm down and shrink. There's nothing in here that makes me particularly nervous, but in pure numbers of commits, this is the largest rc5 we've had in the 5.x series."

Some weekend stable kernel updates

Sunday 22nd of November 2020 05:20:46 PM
The 5.9.10, 5.4.79, 4.19.159, 4.14.208, 4.9.245, and 4.4.245 stable kernel updates are all available. Each contains another set of important fixes, as usual.

[$] epoll_pwait2(), close_range(), and encoded I/O

Friday 20th of November 2020 05:50:30 PM
The various system calls and other APIs that the kernel provides for access to files and filesystems has grown increasingly comprehensive over the years. That does not mean, though, that there is no need or room for improvement. Several relatively small additions to the kernel's filesystem-related API are under consideration in the development community; read on for a survey of some of this work.

Security updates for Friday

Friday 20th of November 2020 02:06:35 PM
Security updates have been issued by CentOS (firefox), Fedora (chromium, microcode_ctl, mingw-libxml2, seamonkey, and xen), openSUSE (slurm_18_08 and tor), Oracle (thunderbird), SUSE (buildah, firefox, go1.14, go1.15, krb5, microcode_ctl, perl-DBI, podman, postgresql12, thunderbird, ucode-intel, wireshark, wpa_supplicant, and xen), and Ubuntu (firefox and phpmyadmin).

Paalanen: Developing Wayland Color Management and High Dynamic Range

Friday 20th of November 2020 01:13:48 AM
Over on the Collabora blog, Pekka Paalanen writes about adding color management and high dynamic range (HDR) support to the Wayland display server protocol. X11 already has support for color management tools and workflow, but not HDR, and Wayland currently doesn't support either, but Paalanen and others are working to change that. "As color management is all about color spaces and gamuts, and high dynamic range (HDR) is also very much about color spaces and gamuts plus extended luminance range, Sebastian [Wick] and I decided that Wayland color management extension should cater for both from the beginning. Combining traditional color management and HDR is a fairly new thing as far as I know, and I'm not sure we have much prior art to base upon, so this is an interesting research journey as well. There is a lot of prior art on HDR and color management separately, but they tend to have fundamental differences that makes the combination not obvious."

GCompris releases version 1.0 to celebrate 20 years

Friday 20th of November 2020 12:16:59 AM

The GCompris project, which provides a "high quality educational software suite, including a large number of activities for children aged 2 to 10", has announced its 1.0 release, which celebrates the 20th anniversary of the project. It includes more than 100 activities, a new Dataset selection in the Activity Settings menu for more than 50 activities, and four new activities, including an Analog Electricity activity to simulate and learn about circuits. KDE.news covered the release: "We have built the activities to follow the principles of 'nothing succeeds like success' and that children, when learning, should be challenged, but not made to feel threatened. Thus, GCompris congratulates, but does not reprimand; all the characters the child interacts with are friendly and supportive; activities are brightly colored, contain encouraging voices and play upbeat, but soothing music. The hardware requirements for running GCompris are extremely low and it will run fine on older computers or low-powered machines, like the Raspberry Pi. This saves you and your school from having to invest in new and expensive equipment and it is also eco-friendly, as it reduces the amount of technological waste that is produced when you have to renew computers to adapt to more and more power-hungry software. GCompris works on Windows, Android and GNU/Linux computers, and on desktop machines, laptops, tablets and phones."

[$] ID mapping for mounted filesystems

Thursday 19th of November 2020 06:03:10 PM
Almost every filesystem (excepting relics like VFAT) implements the concept of the owner and group of each file; the higher levels of the operating system then use that information to control access to those files. For decades, it has usually sufficed to track a single owner and group for each file, but there is an increasing number of use cases wanting to make that ownership relative to the environment any given process is running in. Developers have been working for a few years to find solutions to this problem; the latest attempt is the ID-mapped mounts patch set from Christian Brauner.

Six new stable kernels

Thursday 19th of November 2020 03:47:57 PM
Greg Kroah-Hartman has released the 5.9.9, 5.4.78, 4.19.158, 4.14.207, 4.9.244, and 4.4.244 stable kernels. They all contain important fixes throughout the kernel tree; users of those series should upgrade.

Rust 1.48.0 released

Thursday 19th of November 2020 03:17:01 PM
Version 1.48.0 of the Rust language has been released. The biggest change appears to be improvements to the documentation system, but there's more: "The most significant API change is kind of a mouthful: [T; N]: TryFrom<Vec<T>> is now stable. What does this mean? Well, you can use this to try and turn a vector into an array of a given length".

Security updates for Thursday

Thursday 19th of November 2020 02:15:22 PM
Security updates have been issued by Arch Linux (chromium and firefox), CentOS (bind, curl, fence-agents, kernel, librepo, libvirt, microcode_ctl, python, python3, qt and qt5-qtbase, resource-agents, and tomcat), Debian (drupal7, firefox-esr, jupyter-notebook, packer, python3.5, and rclone), Fedora (firefox), Mageia (firefox, nss), openSUSE (gdm, kernel-firmware, and moinmoin-wiki), Oracle (net-snmp), SUSE (libzypp, zypper), and Ubuntu (c-ares).

[$] LWN.net Weekly Edition for November 19, 2020

Thursday 19th of November 2020 01:23:10 AM
The LWN.net Weekly Edition for November 19, 2020 is available.

[$] OpenWrt and self-signed certificates

Wednesday 18th of November 2020 09:58:49 PM
The move to secure most or all of web traffic using HTTPS is generally a good thing; lots of personal information is exchanged via web browsers, after all. Using HTTPS requires web sites to have TLS certificates, however, which has sometimes been an impediment, though Let's Encrypt has generally solved that problem for many. But there are systems out there that may need the HTTPS protection before their owners even have a chance to procure a certificate, IoT devices and home routers, for example. An October discussion among OpenWrt developers explored this problem a bit.

More in Tux Machines

5 Ways to Check Your Android Phone Hacked or Not

Do you suspect that your Android smartphone or tablet is infected with some malware or spyware? Well, there are several pointers that can indicate this is the case. For example, your device is unnecessarily slow and even freezes periodically, or displays popups. Experiencing these symptoms can mean that your device has been hacked but that is not always the case. Sometimes, devices act funny due to a handful of reasons including a security hack. In today’s article, we give you five tips on how to check whether your phone is infected with malicious software as well as how to ensure that it is safe/protected. Read more

Top Tips to Protect Your Linux System

Linux-based operating systems have a reputation for their high-security level. That's one of the reasons why the market share for Linux has been growing. The most commonly used operating systems such as Windows are often affected by targeted attacks in the form of ransomware infections, spyware, as well as worms, and malware. As a result, many personal, as well as enterprise users, are turning to Linux-based operating systems such as the Ubuntu-based Linux OS for security purposes. While Linux based systems are not targeted as frequently as other popular operating systems, they are not completely foolproof. There are plenty of risks and vulnerabilities for all types of Linux devices which put your privacy as well as your identity at risk. Read more

Kernel (Linux): Windows Assimilation, Wake-on-LAN, AMD and Intel

  • Tuxera First to Bring Network Bandwidth-Saving SMB Compression Feature to Linux Environments
  • Tuxera First to Bring Network Bandwidth-Saving SMB Compression Feature to Linux Environments

    Tuxera, a world-leader in quality-assured storage management and networking software, announced that the company's SMB server implementation, Fusion File Share by Tuxera, now offers transparent compression to platforms outside of Microsoft Windows. Compression is being rapidly and widely adopted in the storage industry as a feature in memory hardware, file system implementations, and also networking protocols such as Microsoft's server messaging block technology (SMB). The ability to compress files inline during transfer can significantly reduce bandwidth and transfer time. Microsoft released the transparent compression feature to their SMB protocol specification in early 2019. However, Tuxera is the first to implement SMB compression outside of Microsoft Windows, bringing this highly in-demand feature to Linux environments in enterprises around the world.

  • Wake-on-LAN

    With Wake-on-LAN (WoL) it can be slightly easier to manage machines in-house. You can fire up the workstation and start the day’s compile jobs (to catch up with overnight work by the KDE community, say) while drinking an espresso downstairs and doomscrolling. [...] If all the administrative bits are in place, then the simple way to wake up a machine is wake <hostname>. This requires root, since it sends specially-crafted (broadcast) Ethernet packets, which isn’t something that regular users can do.

  • AMD+SUSE Tackling Frequency Invariance For AMD EPYC 7002 CPUs - Phoronix

    Thanks to work by AMD and SUSE engineers, the Linux kernel could soon be seeing frequency invariance support for EPYC 7002 "Rome" processors for yielding greater performance and power efficiency. Over the past year we have seen a lot of Linux kernel work for dealing with frequency invariance but to now that on the x86 side has been focused on Intel Xeon processors. Now through the cooperation of AMD with patches led by SUSE, frequency invariance is being worked on for the EPYC 7002 "Rome" processors.

  • Intel Begins Landing Their Open-Source Vulkan Driver Ray-Tracing Support

    This week marked the release of Vulkan 1.2.162 with the ray-tracing extensions now finalized. As such Intel's stellar open-source team has begun landing their work around Vulkan ray-tracing ahead of the Xe HPG hardware availability that will support this functionality. Back in October I wrote about Intel preparing their open-source driver support for Vulkan ray-tracing ahead of Xe HPG and now with the updated Vulkan spec out there they are able to push more of their work.

today's leftovers

  • Friends of GNOME Update – November 2020 – Getting to know GNOME

    The Seattle GNU/Linux Conference took place online this year and we were there. Executive Director Neil McGovern gave a presentation titled “Patently Obvious” about our legal case with a patent assertion entity and how the settlement impacts all of FOSS. Strategic Initiatives Manager M. de Blanc gave a surprise talk that had nothing to do with GNOME, but discussed the Foundation nonetheless. We also had talks at Linux Application Summit and GNOME.Asia, which you can read more about below.

  •  
  • Support UserFreedom by purchasing gifts from the GNU Press Shop

    To celebrate this year's thirty-fifth anniversary of the FSF, we designed and issued an extremely cool undersea-themed 35th Anniversary T-shirt. The initial run sold out faster than a weekend scuba diving trip, but we've reprinted them in a new color scheme worthy of Neptune himself -- lots of these are in stock and ready to send to you. But that's not all! So excited are we on the occasion of FSF's coral anniversary that we also made new socks. Warm your toes with the brand new FSF thirty-fifth anniversary socks -- crew-length socks whose coral, black, and blue color scheme will match your FSF 35th Anniversary Poster. Orders for these limited edition socks will be accepted on a "pre-order" basis until December 9th -- we'll collect customer orders, then print the socks, which I'll then ship to you. Be sure to order socks within the above time frame if you want them, because we won't have a lot of surplus after the orders are filled. [...] Finally, a note about shipping. The current pandemic places a lot of obstacles to buying and selling merchandise at FSF, so your order may be shipped less punctually than before -- but it absolutely will be shipped. This time of year, many customers place orders hoping to have them in hand by December 25. If this is you, and you are in the United States, please place your order before December 4, in order to provide us with the necessary lead time to make sure that your gifts are shipped on time. In any circumstance, it's advisable to place any order as soon as you can; I will endeavor to ship it as promptly as circumstances permit. As always, don't hesitate to email sales@fsf.org with any questions or concerns about shipping, inventory, payment, suggestions for future items for sale, or anything else -- this email address is the first thing I check every work day, especially at this time of year.

  • The Talospace Project: Firefox 83 on POWER

    LTO-PGO is still working great in Firefox 83, which expands in-browser PDF support, adds additional features to Picture-in-Picture (which is still one of my favourite tools in Firefox) and some miscellany developer changes. The exact same process, configs and patches to build a fully link-time and profile-guided optimized build work that was used in Firefox 82.

  • Presenting Cockpit Wicked | YaST

    If you are into systems management, you most likely have heard about Cockpit at some point. In a nutshell, it offers a good looking web-based interface to perform system tasks like inspecting the logs, applying system updates, configuring the network, managing services, and so on. If you want to give it a try, you can install Cockpit in openSUSE Tumbleweed just by typing zypper in cockpit. [...] Cockpit already features a nice module to configure the network so you might be wondering why not extending the original instead of creating a new one. The module shipped with Cockpit is specific to NetworkManager and adapting it to a different backend can be hard. In our case, we are trying to build something that could be adapted in the future to support more backends, but we are not sure how realistic this idea is.