Language Selection

English French German Italian Portuguese Spanish

LWN

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Updated: 2 hours 15 min ago

Release of the Open Build Service, Version 2.10

Friday 5th of July 2019 02:37:08 PM
The Open Build Service (OBS) project has announced the release of version 2.10 of OBS, which is a system to build and distribute binary packages built from source code. The new version has revamped the web user interface and upgraded the container delivery mechanisms. Beyond that, it has fixed plenty of bugs (of course), added a bunch of smaller features, and now provides integration with other online tools: "Another trend in the professional software world is to plug various tools together into grand continuous integration/deployment cycles (CI/CD). You, of course, also want to throw the OBS into the mix and we traditionally supported you to do that on GitHub with webhooks. The 2.10 release now brings the same kind of support to other tools like Gitlab and Pagure. You can trigger all kinds of actions on OBS for every git commit or other events that happen on those tools."

Security updates for Friday

Friday 5th of July 2019 01:22:23 PM
Security updates have been issued by SUSE (firefox, mozilla-nss, mozilla-nspr, helm-mirror, libu2f-host, and libu2f-host, pam_u2f) and Ubuntu (bzip2 and irssi).

[$] Soft CPU affinity

Thursday 4th of July 2019 03:03:57 PM
On NUMA systems with a lot of CPUs, it is common to assign parts of the workload to different subsets of the available processors. This partitioning can improve performance while reducing the ability of jobs to interfere with each other. The partitioning mechanisms available on current kernels might just do too good a job in some situations, though, leaving some CPUs idle while others are overutilized. The soft affinity patch set from Subhra Mazumdar is an attempt to improve performance by making that partitioning more porous.

Security updates for Thursday

Thursday 4th of July 2019 01:56:24 PM
Security updates have been issued by CentOS (libssh2 and qemu-kvm), Debian (lemonldap-ng), Fedora (tomcat), Oracle (kernel), and SUSE (elfutils, kernel, and php5).

[$] LWN.net Weekly Edition for July 4, 2019

Thursday 4th of July 2019 03:23:00 AM
The LWN.net Weekly Edition for July 4, 2019 is available.

[$] Fedora mulls its "python" version

Wednesday 3rd of July 2019 11:02:41 PM
There is no doubt that the transition from Python 2 to Python 3 has been a difficult one, but Linux distributions have been particularly hard hit. For many people, that transition is largely over; Python 2 will be retired at the end of this year, at least by the core development team. But distributions will have to support Python 2 for quite a while after that. As part of any transition, the version that gets run from the python binary (or symbolic link) is something that needs to be worked out. Fedora is currently discussing what to do about that for Fedora 31.

[$] Debian and code names

Wednesday 3rd of July 2019 05:02:28 PM
Debian typically uses code names to refer to its releases, starting with the Toy Story character names used (mostly) instead of numbers. The "Buster" release is due on July 6 and you will rarely hear it referred to as "Debian 10". There are some other code names used for repository (or suite) names in the Debian infrastructure; "stable", "testing", "unstable", "oldstable", and sometimes even "oldoldstable" are all used as part of the sources for the APT packaging tool. But code names of any sort are hard to keep track of; a discussion on the debian-devel mailing list looks at moving away from, at least, some of the repository code names.

Stable kernel updates

Wednesday 3rd of July 2019 02:52:24 PM
Stable kernels 5.1.16, 4.19.57, and 4.14.132 have been released. They all contain important fixes and users should upgrade.

Security updates for Wednesday

Wednesday 3rd of July 2019 02:44:51 PM
Security updates have been issued by Debian (pdns), Fedora (kernel and kernel-headers), Mageia (cgit and firefox), Oracle (libssh2 and qemu-kvm), Red Hat (openstack-ironic-inspector, openstack-tripleo-common, and qemu-kvm-rhev), Scientific Linux (libssh2 and qemu-kvm), SUSE (bzip2, cronie, libtasn1, nmap, php7, php72, python-Twisted, and taglib), and Ubuntu (thunderbird and znc).

[$] OpenPGP certificate flooding

Tuesday 2nd of July 2019 07:42:14 PM
A problem with the way that OpenPGP public-key certificates are handled by key servers and applications is wreaking some havoc, but not just for those who own the certificates (and keys)—anyone who has those keys on their keyring and does regular updates will be affected. It is effectively a denial of service attack, but one that propagates differently than most others. The mechanism of this "certificate flooding" is one that is normally used to add attestations to the key owner's identity (also known as "signing the key"), but because of the way most key servers work, it can be used to fill a certificate with "spam"—with far-reaching effects.

Security updates for Tuesday

Tuesday 2nd of July 2019 02:38:41 PM
Security updates have been issued by Arch Linux (firefox, firefox-developer-edition, libarchive, and vlc), CentOS (firefox, thunderbird, and vim), Debian (firefox-esr, openssl, and python-django), Fedora (glpi and xen), Mageia (thunderbird), openSUSE (ImageMagick, irssi, libheimdal, and phpMyAdmin), Red Hat (libssh2 and qemu-kvm), Scientific Linux (firefox, thunderbird, and vim), SUSE (389-ds, cf-cli, curl, dbus-1, dnsmasq, evolution, glib2, gnutls, graphviz, java-1_8_0-openjdk, and libxslt), and Ubuntu (python-django).

[$] TurboSched: the return of small-task packing

Monday 1st of July 2019 10:24:25 PM
CPU scheduling is a difficult task in the best of times; it is not trivial to pick the next process to run while maintaining fairness, minimizing energy use, and using the available CPUs to their fullest potential. The advent of increasingly complex system architectures is not making things easier; scheduling on asymmetric systems (such as the big.LITTLE architecture) is a case in point. The "turbo" mode provided by some recent processors is another. The TurboSched patch set from Parth Shah is an attempt to improve the scheduler's ability to get the best performance from such processors.

Hansen: SKS Keyserver Network Under Attack

Monday 1st of July 2019 06:54:52 PM
GnuPG contributors Robert J. Hansen (rjh) and Daniel Kahn Gillmor (dkg) were victims of a certificate spamming attack over the past week.

This attack exploited a defect in the OpenPGP protocol itself in order to "poison" rjh and dkg's OpenPGP certificates. Anyone who attempts to import a poisoned certificate into a vulnerable OpenPGP installation will very likely break their installation in hard-to-debug ways. Poisoned certificates are already on the SKS keyserver network. There is no reason to believe the attacker will stop at just poisoning two certificates. Further, given the ease of the attack and the highly publicized success of the attack, it is prudent to believe other certificates will soon be poisoned.

This attack cannot be mitigated by the SKS keyserver network in any reasonable time period. It is unlikely to be mitigated by the OpenPGP Working Group in any reasonable time period. Future releases of OpenPGP software will likely have some sort of mitigation, but there is no time frame. The best mitigation that can be applied at present is simple: stop retrieving data from the SKS keyserver network.

(Thanks to Kareem Khazem.)

Google's Fuchsia OS Developer Site Debuts (Forbes)

Monday 1st of July 2019 03:29:25 PM
Forbes reports that Google has launched a new website, fuchsia.dev, with documentation and source for Fuchsia OS, including the Zircon microkernel. "Zircon was previously known as Magenta and it was designed to scale to any application from embedded RTOS (Real-Time Operating Systems) to mobile and desktop devices of all kinds. As a result, there has been much speculation that Fuchsia will be the natural successor to Android and Chrome OS, combining capabilities of both with backwards compatibility to run legacy applications built on either. In short, this thing is designed to run on anything from 32-bit or 64-bit ARM cores to 64-bit X86 processors and it has a potential to be rather disruptive."

Security updates for Monday

Monday 1st of July 2019 02:48:26 PM
Security updates have been issued by Debian (expat, golang-go.crypto, gpac, and rdesktop), Fedora (chromium, GraphicsMagick, kernel, kernel-headers, pdns, and xen), openSUSE (chromium, dbus-1, evince, libvirt, postgresql96, tomcat, and wireshark), Oracle (thunderbird and vim), Scientific Linux (thunderbird), Slackware (irssi), SUSE (gvfs), and Ubuntu (linux-lts-xenial, linux-aws, linux-azure and linux-oem, linux-oracle, linux-raspi2, linux-snapdragon).

Mageia 7 released

Monday 1st of July 2019 01:52:15 PM
The Mageia distribution has released version 7. "Mageia 7 comes with a huge variety of desktops and window managers, improved support for Wayland and for hybrid graphics cards. On a more fun note, an effort was made to enhance gaming in Mageia, so there are many new upgrades and additions to the game collection." See the release notes for details.

Kernel prepatch 5.2-rc7

Sunday 30th of June 2019 09:14:53 PM
The 5.2-rc7 kernel prepatch is out for testing. "All small and fairly uninteresting. Arch updates, networking, core kernel, filesystems, misc drivers. Nothing stands out - just read the appended shortlog."

FreeDOS turns 25 years old: An origin story (Opensource.com)

Friday 28th of June 2019 11:51:13 PM
Over on Opensource.com, FreeDOS founder Jim Hall writes about the origin of the MS-DOS replacement on the 25th anniversary of FreeDOS. "While I announced the project as PD-DOS (for "public domain," although the abbreviation was meant to mimic IBM's "PC-DOS"), we soon changed the name to Free-DOS and later FreeDOS. I started working on it right away. First, I shared the utilities I had written to expand the DOS command line. Many of them reproduced MS-DOS features, including CLS, DATE, DEL, FIND, HELP, and MORE. Some added new features to DOS that I borrowed from Unix, such as TEE and TRCH (a simple implementation of Unix's tr). I contributed over a dozen FreeDOS utilities By sharing my utilities, I gave other developers a starting point. And by sharing my source code under the GNU General Public License (GNU GPL), I implicitly allowed others to add new features and fix bugs."

Cook: package hardening asymptote

Friday 28th of June 2019 11:43:59 PM
On his blog, Kees Cook looks at some graphs of package hardening efforts in Ubuntu and Debian, noting that they have nearly completely flattened out over the last few years. He wonders what might be the next hardening feature on the horizon and speculates some on that: "What new compiler feature adoption could be measured? I think there are still a few good candidates… How about enabling -fstack-clash-protection (only in GCC, Clang still hasn’t implemented it). Or how about getting serious and using forward-edge Control Flow Integrity? (Clang has -fsanitize=cfi for general purpose function prototype based enforcement, and GCC has the more limited -fvtable-verify for C++ objects.) Where is backward-edge CFI? (Is everyone waiting for CET?)"

[$] The io.weight I/O-bandwidth controller

Friday 28th of June 2019 03:26:36 PM
Part of the kernel's job is to arbitrate access to the available hardware resources and ensure that every process gets its fair share, with "its fair share" being defined by policies specified by the administrator. One resource that must be managed this way is I/O bandwidth to storage devices; if due care is not taken, an I/O-hungry process can easily saturate a device, starving out others. The kernel has had a few I/O-bandwidth controllers over the years, but the results have never been entirely satisfactory. But there is a new controller on the block that might just get the job done.

More in Tux Machines

Debian: Introducing Noir, miniDebConf19 Vaumarcus and New FAI.me Feature

  • Introducing Noir

    Noir is a drop-in replacement for Black (the uncompromising code formatter), with the default line length set to PEP-8's preferred 79 characters. If you want to use it, just replace black with noir in your requirements.txt and/or setup.py and you're good to go. Black is a Python code formatter that reformats your code to make it more PEP-8 compliant. It implements a subset of PEP-8, most notably it deliberately ignores PEP-8's suggestion for a line length of 79 characters and defaults to a length of 88. I find the decision and the reasoning behind that somewhat arbitrary. PEP-8 is a good standard and there's a lot of value in having a style guide that is generally accepted and has a lot of tooling to support it. When people ask to change Black's default line length to 79, the issue is usually closed with a reference to the reasoning in the README. But Black's developers are at least aware of this controversial decision, as Black's only option that allows to configure the (otherwise uncompromising) code formatter, is in fact the line length. Apart from that, Black is a good formatter that's gaining more and more popularity. And, of course, the developers have every right to follow their own taste. However, since Black is licensed under the terms of the MIT license, I tried to see what needs to be done in order to fix the line length issue.

  • miniDebConf19 Vaumarcus – Oct 25-27 2019 – Registration is open

    The Vaumarcus miniDebConf19 is happening! Come see the fantastic view from the shores of Lake Neuchâtel, in Switzerland! We’re going to have two-and-a-half days of presentations and hacking in this marvelous venue and anybody interested in Debian development is welcome.

  • New FAI.me feature

    FAI.me, the build service for installation and cloud images has a new feature. When building an installation images, you can enable automatic reboot or shutdown at the end of the installation in the advanced options. This was implemented due to request by users, that are using the service for their VM instances or computers without any keyboard connected.

FreeBSD's Executive Director Calls For Linux + BSD Devs To Work Together

While called the Open-Source Summit, the event is primarily about Linux as after all it's hosted by the Linux Foundation. But at this week's Open-Source Summit in San Diego, Deb Goodkin as the executive director of the FreeBSD Foundation presented. Deb's talk was of course on FreeBSD but also why FreeBSD and Linux developers should work together. The presentation covered FreeBSD's development workflow and various features of this open-source operating system project for those unfamiliar as well as some of the companies utilizing FreeBSD and their different use-cases. It's a good overview for those not familiar with FreeBSD. Read more

Enlightenment DR 0.23.0 Release

Highlights: New padded screenshot option Meson build now is the build system Music Control now supports rage mpris dbus protocol Add Bluez5 support with totally new and redone module and gadget Add dpms option to turn it off or on Alt-tab window switcher allows moving of windows while alt-tabbing Lots of bug fixes, compile warning fixes etc. Massive improvements to Wayland support Read more Also: Enlightenment 0.23 Released With Massive Wayland Improvements

LG Has Been Working On Reduced Boot Times With Hibernation Optimizations

LG Electronics has been exploring improvements around hibernation/suspend-to-disk to speed-up the Linux boot process for consumer electronics rather than performing cold boots and as part of that is working towards upstream optimizations. While hibernation-based booting is generally quicker than performing cold boots, suspending to disk does yield extra writes to the NAND flash memory on these consumer devices and that is one of the things they are seeking to avoid. So it's been an effort not only to speed-up the hibernation boot process but also reducing the amount of data that needs to be written out to the flash storage. Read more