Language Selection

English French German Italian Portuguese Spanish

LWN

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Updated: 1 hour 29 min ago

coreutils-9.0 released

Friday 24th of September 2021 03:49:40 PM
The GNU Core Utilities (coreutils) has announced the release of version 9.0 of "the basic file, shell and text manipulation utilities" used by the GNU operating system and various Linux distributions. In the year and a half or so since the last major release (8.32), various new features were added, including: cp has changed how it handles data
  • enables CoW [copy on write] by default (through FICLONE ioctl),
  • uses copy offload where available (through copy_file_range),
  • detects holes differently (though SEEK_HOLE)
  • This also applies to mv and install.

Security updates for Friday

Friday 24th of September 2021 02:17:42 PM
Security updates have been issued by Debian (mupdf), Fedora (ghostscript, gifsicle, and ntfs-3g), openSUSE (kernel and nodejs14), and SUSE (curl, ffmpeg, gd, hivex, kernel, nodejs14, python-reportlab, sqlite3, and xen).

Poettering: Authenticated Boot and Disk Encryption on Linux

Thursday 23rd of September 2021 03:35:55 PM
Here's a lengthy missive from Lennart Poettering taking Linux distributors to task for inadequately protecting systems from physical attacks.

So, does the scheme so far implemented by generic Linux distributions protect us against the latter two scenarios? Unfortunately not at all. Because distributions set up disk encryption the way they do, and only bind it to a user password, an attacker can easily duplicate the disk, and then attempt to brute force your password. What's worse: since code authentication ends at the kernel — and the initrd is not authenticated anymore —, backdooring is trivially easy: an attacker can change the initrd any way they want, without having to fight any kind of protections.

The article contains a lot of suggestions for how to do things better.

[$] Improvements to GCC's -fanalyzer option

Thursday 23rd of September 2021 03:11:07 PM
For the second year in a row, the GNU Tools Cauldron (the annual gathering of GNU toolchain developers) has been held as a dedicated track at the online Linux Plumbers Conference. For the 2021 event, that track started with a talk by David Malcolm on his work with the GCC -fanalyzer option, which provides access to a number of static-analysis features. Quite a bit has been happening with -fanalyzer and more is on the way with the upcoming GCC 12 release, including, possibly, a set of checks that have already found at least one vulnerability in the kernel.

Security updates for Thursday

Thursday 23rd of September 2021 02:38:07 PM
Security updates have been issued by Debian (ruby-kaminari and tomcat8), Mageia (389-ds-base, ansible, apache, apr, cpio, curl, firefox, ghostscript, gifsicle, gpac, libarchive, libgd, libssh, lynx, nextcloud-client, openssl, postgresql, proftpd, python3, thunderbird, tor, and vim), openSUSE (chromium, ffmpeg, grilo, hivex, linuxptp, and samba), Oracle (go-toolset:ol8, kernel, kernel-container, krb5, mysql:8.0, and nodejs:12), SUSE (ffmpeg, firefox, grilo, hivex, kernel, linuxptp, nodejs14, and samba), and Ubuntu (ca-certificates, edk2, sqlparse, and webkit2gtk).

[$] LWN.net Weekly Edition for September 23, 2021

Thursday 23rd of September 2021 12:35:43 AM
The LWN.net Weekly Edition for September 23, 2021 is available.

Courtès: What's in a package

Wednesday 22nd of September 2021 08:21:45 PM
Over at the Guix-HPC blog, Ludovic Courtès writes about trying to package the PyTorch machine-learning library for the Guix distribution. Building from source in a user-verifiable manner is part of the philosophy behind Guix, but there were a number of problems that were encountered: The first surprise when starting packaging PyTorch is that, despite being on PyPI, PyTorch is first and foremost a large C++ code base. It does have a setup.py as commonly found in pure Python packages, but that file delegates the bulk of the work to CMake.

The second surprise is that PyTorch bundles (or "vendors", as some would say) source code for no less than 41 dependencies, ranging from small Python and C++ helper libraries to large C++ neural network tools. Like other distributions such as Debian, Guix avoids bundling: we would rather have one Guix package for each of these dependencies. The rationale is manifold, but it boils down to keeping things auditable, reducing resource usage, and making security updates practical.

[$] A discussion on folios

Wednesday 22nd of September 2021 06:52:16 PM
A few weeks ago, Matthew Wilcox might have guessed that his session at the 2021 Linux Plumbers Conference would be focused rather differently. But, as we reported earlier in September, his folio patch set ran into some, perhaps unexpected, opposition and, ultimately, did not land in the mainline for 5.15. Instead of discussing how to use folios as part of the File Systems microconference, he led a discussion that was, at least in part, on the path forward for them.

GNOME 41 released

Wednesday 22nd of September 2021 06:11:41 PM
The GNOME project has announced the release of GNOME 41. The most notable changes this in release include an improved Software app, new multitasking settings, and enhanced power management features. With these changes, GNOME is smarter, more flexible, and offers a richer and more engaging experience than ever before.

The new release also comes with significant improvements for developers, including a new developer documentation website, a major new version of the Human Interface Guidelines, new features in the Builder IDE, GTK 4 enhancements, and much more.

Postgres 14: It's The Little Things (Kerstiens)

Wednesday 22nd of September 2021 04:31:40 PM
Craig Kerstiens highlights some of the "little things" featured in the upcoming PostgreSQL 14 release.

And now in PostgreSQL 14 there is this seemingly small update, pipeline mode, which, according to the docs, allows applications to send a query without having to read the result of the previously sent query. Taking advantage of the pipeline mode, a client will wait less for the server, since multiple queries/results can be sent/received in a single network transaction.

An update on Memory Safety in Chrome

Wednesday 22nd of September 2021 04:27:54 PM
The Google security blog provides an overview of what is being done to address memory-safety problems in the Chrome browser.

In parallel, we’ll be exploring whether we can use a memory safe language for parts of Chrome in the future. The leading contender is Rust, invented by our friends at Mozilla. This is (largely) compile-time safe; that is, the Rust compiler spots mistakes with pointers before the code even gets to your device, and thus there’s no performance penalty. Yet there are open questions about whether we can make C++ and Rust work well enough together. Even if we started writing new large components in Rust tomorrow, we’d be unlikely to eliminate a significant proportion of security vulnerabilities for many years.

A set of stable kernels

Wednesday 22nd of September 2021 03:30:29 PM
Stable kernels 5.14.7, 5.10.68, 5.4.148, 4.19.207, 4.14.247, 4.9.283, and 4.4.284 have been released. They all contain important fixes and users should upgrade.

Security updates for Wednesday

Wednesday 22nd of September 2021 03:15:23 PM
Security updates have been issued by Debian (grilo), Fedora (curl, firefox, mingw-python-pillow, python-pillow, python2-pillow, and webkit2gtk3), openSUSE (chromium, grafana-piechart-panel, kernel, libcroco, php-composer, and xen), Oracle (curl, kernel, and nss and nspr), Red Hat (nodejs:12), Slackware (alpine), SUSE (ghostscript, grafana-piechart-panel, kernel, and xen), and Ubuntu (linux, linux-hwe, linux-hwe-5.11, linux-hwe-5.4, linux-raspi, linux-raspi-5.4, and linux-raspi2).

Rosenzweig: Panfrost achieves OpenGL ES 3.1 conformance on Mali-G52

Tuesday 21st of September 2021 09:00:10 PM
Alyssa Rosenzweig reports that the open-source Panfrost driver for Mali GPUs has achieved official conformance on Mali-G52 for OpenGL ES 3.1. This important milestone is a step forward for the open source driver, as it now certifies Panfrost for use in commercial products containing Mali G52 and paves the way for further conformance submissions on other Mali GPUs.

[$] Weaponizing middleboxes

Tuesday 21st of September 2021 08:09:19 PM
Middleboxes are, unfortunately in many ways, a big part of today's internet. While middleboxes inhabit the same physical niche as routers, they are not aimed at packet forwarding; instead they are meant to monitor and manipulate the packets that they see. The effects of those devices on users of the networks they reign over may be unfortunate as well, but the rest of the internet is only affected when trying to communicate with those users—or so it was thought. Based on some recently reported research, it turns out that middleboxes can be abused to inflict denial-of-service (DoS) attacks elsewhere on the net.

Security updates for Tuesday

Tuesday 21st of September 2021 03:07:36 PM
Security updates have been issued by Debian (webkit2gtk, wpewebkit, and xen), Oracle (kernel), Red Hat (curl, go-toolset:rhel8, krb5, mysql:8.0, nodejs:12, and nss and nspr), and Ubuntu (curl and tiff).

Hoyt: Structural pattern matching in Python 3.10

Monday 20th of September 2021 10:40:36 PM
Ben Hoyt has published a critical overview of the Python 3.10 pattern-matching feature.

As shown above, there are cases where match really shines. But they are few and far between, mostly when handling syntax trees and writing parsers. A lot of code does have if ... elif chains, but these are often either plain switch-on-value, where elif works almost as well, or the conditions they’re testing are a more complex combination of tests that don’t fit into case patterns (unless you use awkward case _ if cond clauses, but that’s strictly worse than elif).

(Pattern matching has been covered here as well).

[$] More Rust concepts for the kernel

Monday 20th of September 2021 04:27:05 PM
The first day of the Kangrejos (Rust for Linux) conference introduced the project and what it was trying to accomplish; day 2 covered a number of core Rust concepts and their relevance to the kernel. On the third and final day of the conference, Wedson Almeida Filho delved deeper into how Rust can be made to work in the Linux kernel, covered some of the lessons that have been learned so far, and discussed next steps with a number of kernel developers.

Security updates for Monday

Monday 20th of September 2021 03:26:49 PM
Security updates have been issued by Debian (gnutls28, nettle, nextcloud-desktop, and openssl1.0), Fedora (dovecot-fts-xapian, drupal7, ghostscript, haproxy, libtpms, lynx, wordpress, and xen), openSUSE (xen), Red Hat (rh-ruby27-ruby), and SUSE (openssl, openssl1, and xen).

Kernel prepatch 5.15-rc2

Monday 20th of September 2021 01:17:26 PM
The 5.15-rc2 kernel prepatch is out for testing.

So I've spent a fair amount of this week trying to sort out all the odd warnings, and I want to particularly thank Guenter Roeck for his work on tracking where the build failures due to -Werror come from.

Is it done? No. But on the whole I'm feeling fairly good about this all, even if it has meant that I've been looking at some really odd and grotty code. Who knew I'd still worry about some odd EISA driver on alpha, after all these years? A slight change of pace ;)

More in Tux Machines

9to5Linux Weekly Roundup: October 24th, 2021

This week has been really educational for Linux fans as we were able to install the UnityX desktop environment on Arch Linux, as well as the KDE Plasma 5.23 desktop environment on Kubuntu 21.10. In addition, we were able to test drive the upcoming Ubuntu 22.04 LTS distribution and Ubuntu’s new Desktop Installer. On top of that, this week we saw new releases of the lightweight and systemd-free MX Linux 21 distribution, Gentoo-based Redcore Linux, as well as the Porteus Kiosk distribution for public computers and kisoks. Read more

Programming Leftovers

  • GNU Toolchain Begins Landing LoongArch Support - Phoronix

    In addition to Loongson working on Linux kernel support for their MIPS-derived LoongArch CPU architecture, the first bits of the GNU toolchain support for this Chinese CPU architecture have been merged. The GNU Compiler Collection (GCC) LoongArch support hasn't yet been merged but the GNU Binutils archive saw the initial collection of LoongArch patches merged on Sunday morning.

  • Capacitive Touch Controller for FPGAs

    Most projects that interface with the real world need some sort of input device. Obviously this article is being written from a standardized “human interface device” but when the computers become smaller the problem can get more complicated. We can’t hook up a USB keyboard to every microcontroller since we often only need a few buttons, but even buttons can be a little bit too cumbersome for some applications. For something even simpler, we would like to turn your attention to capacitive touch controllers.

  • Meson v0.60 Build System Brings Numerous Improvements

    Meson 0.60 was released on Sunday as the newest version of this increasingly popular and widely-used cross-platform build system.

  • Josef Strzibny: You can in fact use schemas in migrations

    I saw well-intended recommendations not to use schemas in migrations lately. Although the advice of switching to raw SQL is a good one, we don’t have to give up on schemas entirely.

  • Software Development Life Cycle (SDLC) Automation

    Gone are the days when manual labor used to go through a rigorous time taking process in order to furnish quality products. Today, organizations have shifted their attention towards automated software. Each software goes through a development lifecycle to meet customer requirements of a high-quality product known as SDLC. In the growing software industry, developers compete to produce high-quality software while remaining within their range of cost and time limits. SDLC Automation helps achieve the above goals with minimum manual labor, time, and cost while maintaining a high level of productivity as well as efficiency. This article expounds upon the need for automation in the SDLC process and further sheds light on some of the aspects that software companies must start automating.

  • What is the Difference Between =, == and === in JavaScript?

    JavaScript is a programming language that allows us to create and develop web applications and web pages as well as make our websites more dynamic/interactive. Data can be calculated, manipulated, and validated using JavaScript. Like any other language, JavaScript has operators. An operator produces a result by performing some action on a single or multiple operands (data value). Let’s look at an example of 2+2 where the numbers are left and right side operands and the + is the operator. This + operator adds the two numbers together. With examples, we’ll examine and answer the question that what is the difference between the =,==, and === operators in JavaScript in this article.

  • Is JavaScript Object-Oriented?

    Object-Oriented Programming (OOP), is a programming approach that is used by every developer at some point in their life to organize software design around objects or data rather than logic or functions where an object is an entity that has some properties and some type. The benefits of using the OOP technique include modularity, reusability, security, productivity, flexibility, and is easily scalable and upgradeable.

  • TOAST.UI: Free, Open-source Interactive JavaScript application components

    While working on a project, I need a calendar library. As I do for every project, I tend to not use previously used libraries and try to learn and use something new. That's how I found Toast.ui, an open-source features-rich UI library for building production-ready apps.

  • YAML vs JSON – Which is better?

    Nowadays, almost every person is familiar with the standard format of JSON. Contrarily, individuals who use Docker are surely familiar with YAML. In simpler words, Docker is a toolkit which permits developers to run, build, deploy, modify as well as stop packages through a single API or commands. YAML is a new but popular language used to serialize data. First of all, we should perceive what data serialization is. Data serialization is the most common way of transforming data objects into byte streams used to store, transfer and distribute data on devices. However, they have similar objectives to store structures and data objects into files but distinctive ways to work. In this article, we first go through the features of JSON and YAML, then compare them in-depth to completely comprehend their advantages, and then briefly discuss which one is better.

  • Some Perl Code In Memory of a Great Scientist | martin [blogs.perl.org]

    On August 21, 2021, famous Polish mathematician Andrzej Schinzel passed away at the age of 84. He was one of the great minds behind modern number theory. May he rest in peace. I have extended one of my CPAN modules relating to his work and dedicated the release to his memory.

  • Remove None from the List Python

    In python, when a function returns nothing, it indirectly returns ‘None’. Due to the forthcoming ML (Machine Learning), our focus is now on understanding the None values. The goal behind this is that it is the crucial phase of data preprocessing. Hence, elimination of None values is crucial, so you must know how important it is. Let’s discuss certain techniques in which this is achieved. To replace none in python, we use different techniques such as DataFrame, fillna, or Series. No keyword in python declares the null objects and variables. In python, none refers to the class ‘NoneType’. We can allot None to many variables, and they all point toward a similar object. The interesting fact about none is that we can’t consider false as any. None is a blank string or a 0. Let’s demonstrate it with the help of examples. We use the Spyder compiler or different strategies to explain how python removes null values from the list.

  • Python LDAP example

    LDAP is a LIGHTWEIGHT DIRECTORY ACCESS PROTOCOL. It is an internet protocol that works on TCP/IP, and it is used to access/fetch the information from the directories. All the directories are not preferable; it is usually used to access those directories that are active.

  • Python Multiply List by Scalar

    In Python, the most elementary data building is the sequence. Each sequence element allotted a number – its index or placement. The starting point of the index is ‘0’, the second point is ‘1’, and so forth. Python offers six in-built types of sequences, but the most important or commonly used are lists, which we would discuss in this guide. Python list is the most useful data type. It can be written within a square bracket, and a comma separates every item in the list.

Rocky Linux: An Enterprise-Ready CentOS Replacement

For a long time, CentOS was a reliable choice for a Linux-based servers, because it was effectively a free version of Red Hat Enterprise Linux (RHEL). All the features that made RHEL the dominant enterprise-class Linux were included in CentOS. On December 8th, 2020, Red Hat, which had acquired the CentOS project, abruptly announced a change in its focus in the wake of Red Hat’s acquisition by IBM. They announced they would be shifting all of their investment in CentOS Linux from the popular downstream CentOS distribution. This move also meant that CentOS would be upstream of RHEL, rather than downstream, so CentOS users would be in effect beta testers for RHEL. Since there were so many users relying on a CentOS version that would be unsupported sooner than they planned for, the community sensed a need for a new project. In response, the original CentOS founder Gregory Kurtzer is leading the effort to create a new version of the distro, to achieve the original goals of CentOS. Kurtzer told he was thinking about creating a new version of CentOS ever since Red Hat acquired it in 2014. Read more

Open Hardware/Modding With Components, Arduino

  • Automating Pool Monitoring And Chemical Dosing | Hackaday

    The project uses a TI SimpleLink wireless-enabled microcontroller to run the show, which allows data to be offloaded to a base station for graphing with Grafana. The system can monitor pH levels as well as ORP (oxidation/reduction potential) levels using probes attached via BNC connectors. Based on these readings, the device can dose chlorine into the pool as needed using a peristaltic pump driven by a TI DRV8426 stepper motor driver.

  • $99 Lepton FS module cuts the cost of FLIR thermal cameras by half - CNX Software

    Thermal cameras based on FLIR Lepton modules are pretty cool, but also quite expensive. Teledyne FLIR Lepton FS offers a much more cost-effective solution with the non-radiometric 160 x 120 resolution micro thermal camera module going for $99, or about 50% less than other FLIR thermal camera modules. The lower cost was achieved with some tradeoffs, notably a reduction of thermal sensitivity and scene dynamic range, as well as up to 3% inoperable pixels. But Ron Justin, GroupGets founder, told CNX Software that the lower specs are more than worth it for users only needing an imager, as opposed to a radiometric sensor.

  • Raspberry Pi Weekly Issue #374 - Raspberry Pi <3 LEGO Education

    The collaboration of your dreams launched this week. We worked with LEGO® Education to design the new Raspberry Pi Build HAT, a brand-new product that for the first time makes it easy to integrate LEGO® Technic™ motors and sensors with Raspberry Pi computers.

  • Bring That Old Hi-Fi Into The 2020s | Hackaday

    It’s a distressing moment for some of us, when a formerly prized piece of electronic equipment reaches a point of obsolescence that we consider jettisoning it. [Jon Robinson] ran into this dilemma by finding the Kenwood Hi-Fi amplifier his 17-year-old self had spent his savings on. It was a very good amp back in the day, but over two decades later, it’s no longer an object of desire in a world of soundbars and streaming music boxes. After a earlier upgrade involving an Arduino to auto-power it he’s now given it an ESP32 and an i2S codec which performs the task of digital audio streaming as well as a better job than the Arduino of controlling the power.

  • This Arduino Terminal Does All The Characters | Hackaday

    The job of a dumb terminal was originally to be a continuation of that performed by a paper teletype, to send text from its keyboard and display any it receives on its screen. But as the demands of computer systems extended beyond what mere ASCII could offer, their capabilities were extended with extra characters and graphical extensions whose descendants we see in today’s Unicode character sets and thus even in all those emojis on your mobile phone. Thus a fully-featured terminal has a host of semigraphics characters from which surprisingly non-textual output can be created. It’s something [Michael Rule] has done some work on, with his ILI9341TTY, a USB serial terminal monitor using an Arduino Uno and an ILI9341 LCD module that supports as many of the extended characters as possible.