Language Selection

English French German Italian Portuguese Spanish

LWN

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Updated: 2 hours 11 sec ago

[$] Renaming openSUSE

Thursday 6th of June 2019 03:52:14 PM
In mid-May, LWN reported on the discussions in the openSUSE project over whether a separation from SUSE would be a good move. It would appear that this issue has been resolved and that openSUSE will be setting up a foundation as its new home independent of the SUSE corporation. But now the community has been overtaken by a new, related discussion that demonstrates a characteristic of free-software projects: the hardest issues are usually related to naming.

Severe vulnerability in Exim

Thursday 6th of June 2019 01:49:16 PM
Qualys has put out an advisory on a vulnerability in the Exim mail transfer agent, versions 4.87 through 4.91; it allows for easy command execution by a local attacker and remote execution in some scenarios. "To remotely exploit this vulnerability in the default configuration, an attacker must keep a connection to the vulnerable server open for 7 days (by transmitting one byte every few minutes). However, because of the extreme complexity of Exim's code, we cannot guarantee that this exploitation method is unique; faster methods may exist." Sites running Exim should upgrade to 4.92 if they have not already.

Security updates for Thursday

Thursday 6th of June 2019 12:56:01 PM
Security updates have been issued by Arch Linux (binutils), Debian (exim4 and poppler), Fedora (deepin-api, kernel, kernel-headers, kernel-tools, and php), openSUSE (cronie), and Ubuntu (apparmor, exim4, mariadb-10.1, php5, and php7.0, php7.2).

[$] LWN.net Weekly Edition for June 6, 2019

Thursday 6th of June 2019 01:01:42 AM
The LWN.net Weekly Edition for June 6, 2019 is available.

[$] Seeking consensus on dh

Wednesday 5th of June 2019 09:58:57 PM

Debian takes an almost completely "hands off" approach to the decisions that Debian developers (DDs) can make in regard to the packaging and maintenance of their packages. That leads to maximal freedom for DDs, but impacts the project in other ways, some of which may be less than entirely desirable. New Debian project leader (DPL) Sam Hartman started a conversation about potential changes to the Debian packaging requirements back in mid-May. In something of a departure from the Debian tradition of nearly endless discussion without reaching a conclusion (and, possibly, punting the decision to the technical committee or a vote in a general resolution), Hartman has instead tried to guide the discussion toward reaching some kind of rough consensus.

[$] How many kernel test frameworks?

Wednesday 5th of June 2019 03:52:37 PM

The kernel self-test framework (kselftest) has been a part of the kernel for some time now; a relatively recent proposal for a kernel unit-testing framework, called KUnit, has left some wondering why both exist. In a lengthy discussion thread about KUnit, the justification for adding another testing framework to the kernel was debated. While there are different use cases for kselftest and KUnit, there was concern about fragmenting the kernel-testing landscape.

Security updates for Wednesday

Wednesday 5th of June 2019 02:55:29 PM
Security updates have been issued by Debian (python-django), openSUSE (curl and libtasn1), Oracle (kernel), Red Hat (etcd, kernel-alt, and rh-python36-python-jinja2), Scientific Linux (thunderbird), SUSE (libvirt), and Ubuntu (db5.3, linux, linux-aws, linux-gcp, linux-kvm, linux-raspi2, linux, linux-aws, linux-gcp, linux-kvm, linux-raspi2, linux-snapdragon, linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon, linux-aws-hwe, linux-hwe, linux-oracle, linux-hwe, and linux-raspi2, linux-snapdragon).

CockroachDB relicensed

Tuesday 4th of June 2019 09:09:11 PM
The CockroachDB database management system has been relicensed; the new license is non-free. "CockroachDB users can scale CockroachDB to any number of nodes. They can use CockroachDB or embed it in their applications (whether they ship those applications to customers or run them as a service). They can even run it as a service internally. The one and only thing that you cannot do is offer a commercial version of CockroachDB as a service without buying a license."

Firefox adds tracking protection by default

Tuesday 4th of June 2019 09:06:27 PM
The Mozilla blog announces a new Firefox feature: "One of those initiatives outlined was to block cookies from known third party trackers in Firefox. Today, Firefox will be rolling out this feature, Enhanced Tracking Protection, to all new users on by default, to make it harder for over a thousand companies to track their every move. Additionally, we’re updating our privacy-focused features including an upgraded Facebook Container extension, a Firefox desktop extension for Lockwise, a way to keep their passwords safe across all platforms, and Firefox Monitor’s new dashboard to manage multiple email addresses."

[$] Fun with LEDs and CircuitPython

Tuesday 4th of June 2019 04:44:34 PM

Nina Zakharenko has been programming for a long time; when she was young she thought that "the idea that I could trick computers into doing what I tell them was pretty awesome". But as she joined the workforce, her opportunities for "creative coding" faded away; she regained some of that working with open source, but tinkering with hardware is what let her creativity "truly explode". It has taken her years to get back what she learned long ago, she said, and her keynote at PyCon 2019 was meant to show attendees the kinds of things can be built with Python—starting with something that attendees would find in their swag bag.

Three stable kernels

Tuesday 4th of June 2019 02:49:01 PM
Stable kernels 5.1.7, 5.0.21, and 4.19.48 have been released. They all contain the usual set of important fixes. This is the last 5.0.y release and users should move to 5.1.y now.

Security updates for Tuesday

Tuesday 4th of June 2019 02:35:47 PM
Security updates have been issued by Arch Linux (python-django and python2-django), Debian (heimdal), Fedora (kernel, kernel-headers, kernel-tools, and sqlite), openSUSE (containerd, docker, docker-runc, go, go1.11, go1.12, golang-github-docker-libnetwork and GraphicsMagick), Oracle (thunderbird), Red Hat (systemd and thunderbird), SUSE (bind and firefox), and Ubuntu (qtbase-opensource-src).

Šabić: eBPF and XDP for Processing Packets at Bare-metal Speed

Tuesday 4th of June 2019 02:04:17 PM
Nedim Šabić has written a tutorial article on using the eXpress Data Path for fast packet filtering. "Now comes the most relevant part of our XDP program that deals with packet’s processing logic. XDP ships with a predefined set of verdicts that determine how the kernel diverts the packet flow. For instance, we can pass the packet to the regular network stack, drop it, redirect the packet to another NIC and such. In our case, XDP_DROP yields an ultra-fast packet drop."

[$] Yet another try for fs-verity

Monday 3rd of June 2019 09:48:24 PM
The fs‑verity mechanism has its origins in the Android project; its purpose is to make individual files read-only and enable the kernel to detect any modifications that might have been made, even if those changes happen offline. Previous fs‑verity implementations have run into criticism in the development community, and none have been merged. A new version of the patch set was posted on May 23; it features a changed user-space API and may have a better chance of getting into the mainline.

Security updates for Monday

Monday 3rd of June 2019 03:02:59 PM
Security updates have been issued by Arch Linux (curl, lib32-curl, lib32-libcurl-compat, lib32-libcurl-gnutls, libcurl-compat, libcurl-gnutls, and live-media), Debian (doxygen and php5), Fedora (cryptopp, drupal7-context, drupal7-ds, drupal7-module_filter, drupal7-path_breadcrumbs, drupal7-uuid, drupal7-views, drupal7-xmlsitemap, and sleuthkit), openSUSE (axis, chromium, containerd, docker, docker-runc, go, go1.11, go1.12, golang-github-docker-libnetwork, curl, doxygen, GraphicsMagick, java-1_7_0-openjdk, libtasn1, libvirt, lxc, lxcfs, NetworkManager, php5, php7, screen, sles12sp3-docker-image, sles12sp4-image, system-user-root, and thunderbird), Oracle (kernel), SUSE (apache2-mod_jk and libpng16), and Ubuntu (doxygen).

Kernel prepatch 5.2-rc3

Monday 3rd of June 2019 01:17:48 PM
The 5.2-rc3 kernel prepatch has been released. "Anyway, even ignoring the SPDX changes, there's just a lot of small fixes spread all over, not anything that looks particularly scary or worrisome. Maybe next week is when the other shoe drops, but maybe this will just be a nice calm release. That would be lovely."

Five new stable kernels

Friday 31st of May 2019 04:15:32 PM
The 5.1.6, 5.0.20, 4.19.47, 4.14.123, and 4.9.180 stable kernels have been released. As usual, they contain important fixes throughout the kernel tree; users of those series should upgrade.

[$] SIGnals from KubeCon

Friday 31st of May 2019 03:04:05 PM
The basic organizational construct within the Kubernetes project is a set of Special Interest Groups (SIGs), each of which represents a different area of responsibility within the project. Introductions to what the various SIGs do, as well as more detailed sessions, were a core part of KubeCon + CloudNativeCon Europe 2019, as the different groups explained what they're doing now and their plans for the future. Two sessions, in particular, covered the work of the Release and Architecture SIGs, both of which have a key role in driving the project forward.

Security updates for Friday

Friday 31st of May 2019 01:38:14 PM
Security updates have been issued by Debian (miniupnpd and qemu), Fedora (drupal7-entity and xen), openSUSE (kernel), Oracle (bind and firefox), Red Hat (go-toolset-1.11-golang), SUSE (cronie, evolution, firefox, gnome-shell, java-1_7_0-openjdk, jpeg, and mailman), and Ubuntu (corosync, evolution-data-server, gnutls28, and libseccomp).

[$] A ring buffer for epoll

Thursday 30th of May 2019 04:26:00 PM
The set of system calls known collectively as epoll was designed to make polling for I/O events more scalable. To that end, it minimizes the amount of setup that must be done for each system call and returns multiple events so that the number of calls can also be minimized. But that turns out to still not be scalable enough for some users. The response to this problem, in the form of this patch series from Roman Penyaev, takes a familiar form: add yet another ring-buffer interface to the kernel.

More in Tux Machines

Games: Strange Loop Games and City Builder

Debian GNU/Linux riscv64 port in mid 2019

As it can be seen in the first graph, perhaps with some difficulty, is that the percent of arch-dependent packages built for riscv64 (grey line) has been around or higher than 80% since mid 2018, just a few months after the port was added to the infrastructure. Given than the arch-dependent packages are about half of the Debian['s main, unstable] archive and that (in simple terms) arch-independent packages can be used by all ports (provided that the software that they rely on is present, e.g. a programming language interpreter), this means that around 90% of packages of the whole archive has been available for this architecture from early on. Read more

Latest Security FUD

Software: Synapse, Qmmp and LibreOffice

  • How to install and use Synapse, the MacOS Spotlight alternative for Linux
    Mac OS is everybody’s favorite, and there are several reasons behind it. One of the most useful utilities you can find on Mac OS is Spotlight, which makes searching for things a piece of cake, all directly from the desktop. While most developers have already designed similar utilities for Windows, the open-source Linux based operating systems are no exception, as well. Most Linux operating systems like Ubuntu have its own search functionality, but it can sometimes be troublesome to reach there and isn’t as powerful as Spotlight. So with Synapse for Linux, you can do just that, and boost the power of the search functionality on your system. With Synapse for Ubuntu, you can even search for things on the web, which is cool, as well. Some Linux distros like Lubuntu, don’t offer decent search functionality, and Synapse can be a great solution in such cases. With Synapse, searching is easy with just the navigation buttons on your keyboard, and you are ready to go. Synapse can be downloaded and installed from the Linux official repository. Synapse can also be configured to run on startup so that too don’t need to search for, and open Synapse, each time you need to use it.
  • Qmmp 1.3.3 Released with Floating PulseAudio, ALSA, OSS4 Support
    Qmmp, Qt based audio player, released version 1.3.3 with improvements and bug fixes. Here’s how to install it in Ubuntu 16.04, Ubuntu 18.04, Ubuntu 18.10, Ubuntu 19.04.
  • Office Suites for Ubuntu 18.04
    Today we are looking at different office suites for Ubuntu 18.04. LibreOffice is the default LibreOffice suite for Ubuntu but it is by all means not the only one. In this article, we will look at different office suites for Ubuntu and all of its pros and cons. All these Office Suites are available for at least all Ubuntu based distros, and the installation method is the same for all the Ubuntu based distros.
  • Week 3 Report
    I continue working on Rewriting the logger messages with the new DSL grammar: