Language Selection

English French German Italian Portuguese Spanish

LWN

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Updated: 2 hours 40 min ago

[$] Debian, Rust, and librsvg

Wednesday 14th of November 2018 12:46:20 AM

Debian supports many architectures and, even for those it does not officially support, there are Debian ports that try to fill in the gap. For most user applications, it is mostly a matter of getting GCC up and running for the architecture in question, then building all of the different packages that Debian provides. But for packages that need to be built with LLVM—applications or libraries that use Rust, for example—that simple recipe becomes more complicated. How much the lack of Rust support for an unofficial architecture should hold back the rest of the distribution was the subject of a somewhat acrimonious discussion recently.

Security updates for Tuesday

Tuesday 13th of November 2018 03:43:54 PM
Security updates have been issued by Debian (firmware-nonfree and imagemagick), Fedora (cabextract, icecast, and libmspack), openSUSE (icecast), Red Hat (httpd24), Slackware (libtiff), SUSE (apache-pdfbox, firefox, ImageMagick, and kernel), and Ubuntu (clamav, spamassassin, and systemd).

[$] C library system-call wrappers, or the lack thereof

Monday 12th of November 2018 11:01:33 PM
User-space developers may be accustomed to thinking of system calls as direct calls into the kernel. Indeed, the first edition of The C Programming Language described read() and write() as "a direct entry into the operating system". In truth, user-level "system calls" are just functions in the C library like any other. But what happens when the developers of the C library refuse to provide access to system calls they don't like? The result is an ongoing conflict that has recently flared up again; it shows some of the difficulties that can arise when the system as a whole has no ultimate designer and the developers are not talking to each other.

Security updates for Monday

Monday 12th of November 2018 04:15:14 PM
Security updates have been issued by Arch Linux (curl, lib32-curl, lib32-libcurl-compat, lib32-libcurl-gnutls, libcurl-compat, libcurl-gnutls, systemd, and thunderbird), Debian (ansible, ghostscript, qemu, thunderbird, and xen), Fedora (community-mysql, gettext, links, mysql-connector-java, xen, and zchunk), Gentoo (icecast, libde265, okular, pango, and PHProjekt), Mageia (ansible, audiofile, iniparser, libtiff, mercurial, opencc, and python-dulwich), openSUSE (accountsservice, apache2, audiofile, curl, libarchive, ntfs-3g_ntfsprogs, opensc, python, python-base, qemu, soundtouch, and systemd), Oracle (git, java-1.7.0-openjdk, java-11-openjdk, kernel, python-paramiko, thunderbird, and xorg-x11-server), Red Hat (rh-git29-git), Scientific Linux (thunderbird), SUSE (kernel), and Ubuntu (gettext and libmspack).

Kernel prepatch 4.20-rc2

Monday 12th of November 2018 12:08:00 AM
The 4.20-rc2 kernel prepatch is out for testing. "Fairly normal week, aside from me traveling".

Some weekend stable kernel updates

Saturday 10th of November 2018 07:57:50 PM
The 4.18.18, 4.14.80, 4.9.136, 4.4.163, and 3.18.125 stable kernel updates have all been released; each contains a relatively large set of important fixes.

The 3.18.x updates may be about to come to an end, since it is not clear that anybody is using them. "And from what I can see in the 'real world', no one is actually updating devices that rely on 3.18.y to the newer kernel releases. So I think I'm going to stop maintaining this tree soon unless someone speaks up and says 'I am using it!''

The kernel pull-request tracker bot

Friday 9th of November 2018 05:19:36 PM
Since the beginning, one part of the kernel-development task has been watching the mainline to see whether one's work had been merged. That is about to change with the advent of the pull-request tracker bot, which will inform maintainers when one of their pull requests has made it into the mainline. Konstantin Ryabitsev, who put this service together, plans to expand it to other trees once things have settled down.

[$] ktask: optimizing CPU-intensive kernel work

Friday 9th of November 2018 04:21:12 PM
As a general rule, the kernel is supposed to use the least amount of CPU time possible; any time taken by the kernel is not available for the applications the user actually wants to run. As a result, not a lot of thought has gone into optimizing the execution of kernel-side work requiring large amounts of CPU. But the kernel does occasionally have to take on CPU-intensive tasks, such as the initialization of the large amounts of memory found on current systems. The ktask subsystem posted by Daniel Jordan is an attempt to improve how the kernel handles such jobs.

Security updates for Friday

Friday 9th of November 2018 03:17:23 PM
Security updates have been issued by Debian (nginx), Fedora (icu, java-1.8.0-openjdk-aarch32, libgit2, php-pear-CAS, roundcubemail, and ruby), Gentoo (firefox, libX11, openssl, and python), openSUSE (thunderbird), Oracle (java-11-openjdk, kernel, and spice-server), Red Hat (java-1.8.0-ibm and thunderbird), Scientific Linux (spice-server), SUSE (curl, libepubgen, liblangtag, libmwaw, libnumbertext, libreoffice, libstaroffice, libwps, myspell-dictionaries, xmlsec1, libxkbcommon, openssh, and xorg-x11-server), and Ubuntu (pyopenssl).

[$] iwd: simplifying WiFi management

Thursday 8th of November 2018 04:57:04 PM
It has been nearly 13 years since Jeff Garzik proclaimed that Linux was "proving its superiority in the area of crappy wireless (WiFi) support". Happily, the situation has improved somewhat since then, but that doesn't mean that things can't get better yet. During the Embedded Linux Conference portion of the 2018 Open Source Summit Europe, Marcel Holtmann described the work being done to create iwd, a new system for configuring and managing WiFi connections. If this project has its way, future users will have little room for complaint about how WiFi works on Linux systems.

PostgreSQL 11.1, 10.6, 9.6.11, 9.5.15, 9.4.20, and 9.3.25 released

Thursday 8th of November 2018 03:36:39 PM
There is a whole new set of PostgreSQL releases out there, the main purpose of which is to include an important security fix. "Using a purpose-crafted trigger definition, an attacker can run arbitrary SQL statements with superuser privileges when a superuser runs `pg_upgrade` on the database or during a pg_dump dump/restore cycle. This attack requires a `CREATE` privilege on some non-temporary schema or a `TRIGGER` privilege on a table. This is exploitable in the default PostgreSQL configuration, where all users have `CREATE` privilege on `public` schema." Note that this is the final update for the 9.3 series; users on that version should be planning an upgrade in the near future.

Security updates for Thursday

Thursday 8th of November 2018 02:47:47 PM
Security updates have been issued by CentOS (python-paramiko and thunderbird), Debian (firefox-esr, libdatetime-timezone-perl, and mariadb-10.0), Fedora (curl, NetworkManager, and xorg-x11-server), openSUSE (kernel), Oracle (java-1.7.0-openjdk, python-paramiko, thunderbird, and xorg-x11-server), Red Hat (java-11-openjdk and spice-server), SUSE (firefox, kernel, and SDL_image), and Ubuntu (nginx).

[$] LWN.net Weekly Edition for November 8, 2018

Thursday 8th of November 2018 12:34:45 AM
The LWN.net Weekly Edition for November 8, 2018 is available.

[$] A "joke" in the glibc manual

Wednesday 7th of November 2018 09:28:16 PM

A "joke" in the glibc manual—targeting a topic that is, at best, sensitive—has come up for discussion on the glibc-alpha mailing list again. When we looked at the controversy in May, Richard Stallman had put his foot down and a patch removing the joke—though opinions of its amusement value vary—was reverted. Shortly after that article was published, a "cool down period" was requested (and honored), but that time has expired. Other developments in the GNU project have given some reason to believe that the time is ripe to finally purge the joke, but that may not work out any better than the last attempt.

[$] Limiting the power of package installation in Debian

Wednesday 7th of November 2018 05:19:34 PM

There is always at least a small risk when installing a package for a distribution. By its very nature, package installation is an invasive process; some packages require the ability to make radical changes to the system—changes that users surely would not want other packages to take advantage of. Packages that are made available by distributions are vetted for problems of this sort, though, of course, mistakes can be made. Third-party packages are an even bigger potential problem because they lack this vetting, as was discussed in early October on the debian-devel mailing list. Solutions in this area are not particularly easy, however.

Security updates for Wednesday

Wednesday 7th of November 2018 03:42:14 PM
Security updates have been issued by Arch Linux (ghostscript), Debian (curl), Fedora (curl, thunderbird, and zchunk), openSUSE (thunderbird), Oracle (389-ds-base, binutils, curl and nss-pem, glusterfs, gnutls, jasper, kernel, krb5, libcdio, libkdcraw, libmspack, libvirt, openssl, ovmf, python, samba, setup, sssd, wget, wpa_supplicant, xerces-c, zsh, and zziplib), Red Hat (xerces-c), SUSE (libarchive and systemd), and Ubuntu (ppp and spamassassin).

[$] Zinc: a new kernel cryptography API

Tuesday 6th of November 2018 04:26:24 PM

We looked at the WireGuard virtual private network (VPN) back in August and noted that it is built on top of a new cryptographic API being developed for the kernel, which is called Zinc. There has been some controversy about Zinc and why a brand new API was needed when the kernel already has an extensive crypto API. A recent talk by lead WireGuard developer Jason Donenfeld at Kernel Recipes 2018 would appear to be a serious attempt to reach out, engage with that question, and explain the what, how, and why of Zinc.

Security updates for Tuesday

Tuesday 6th of November 2018 04:18:54 PM
Security updates have been issued by Debian (glusterfs, gthumb, and mysql-5.5), Red Hat (389-ds-base, kernel, and xerces-c), Slackware (mariadb), SUSE (accountsservice, curl, icinga, kernel, and opensc), and Ubuntu (libxkbcommon, openssh, and ruby1.9.1, ruby2.0, ruby2.3, ruby2.5).

[$] 4.20 Merge window part 2

Monday 5th of November 2018 05:00:58 PM
At the end of the 4.20 merge window, 12,125 non-merge changesets had been pulled into the mainline kernel repository; 6,390 came in since last week's summary was written. As is often the case, the latter part of the merge window contained a larger portion of cleanups and fixes, but there were a number of new features in the mix as well.

Stable kernel updates

Monday 5th of November 2018 03:57:28 PM
Stable kernels 4.19.1, 4.18.17, and 4.14.79 have been released. As usual, there are important fixes and users should upgrade.

More in Tux Machines

Google Shows Off New Android Dev Tools

After years of teasing and speculation, it finally looks as though foldable screen smartphones are headed to market. Google's dev announcement followed closely on the heels of Samsung's announcement at its own developer conference of a folding phone/tablet prototype with Infinity Flex Display. The Android tools will take advantage of the new display technology, which literally bends and folds, noted Stephanie Cuthbertson, director of product management at Google. The technology is based on two variations of screen design: two-screen devices and one-screen devices. Read more

More Empty Promises From Microsoft

today's howtos

Today in Techrights