Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Monday, 03 Aug 20 - Tux Machines is a community-driven public service/news site which has been around for over a decade and a half and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Type Title Author Replies Last Postsort icon
Story today's howtos Roy Schestowitz 02/08/2020 - 11:55pm
Story Today in Techrights Roy Schestowitz 02/08/2020 - 11:36pm
Story DragonFlyBSD Pulls In AMD Temperature Driver, SMN Support From FreeBSD Roy Schestowitz 02/08/2020 - 10:57pm
Story BunsenLabs Linux Lithium Release Hits Stable After Two Years, Based on Debian Buster Roy Schestowitz 02/08/2020 - 10:51pm
Story openSUSE 15.2 Is The Mercedes-Benz of Linux Distributions Roy Schestowitz 02/08/2020 - 7:46pm
Story today's leftovers Roy Schestowitz 02/08/2020 - 7:05pm
Story Programming: Perl, Python, Java, Fortran and More Roy Schestowitz 02/08/2020 - 7:00pm
Story Games: “Reality Check,” Valve's Steam, and Fedora 32 Roy Schestowitz 02/08/2020 - 6:42pm
Story Android Leftovers Rianne Schestowitz 1 02/08/2020 - 6:38pm
Story today's howtos Roy Schestowitz 02/08/2020 - 6:33pm

Linux Weekly Roundup: Firefox, Telegram, Kodi, BootHole Security Issue and More

Filed under
News

Here’s a recap for the week in the form of weekly roundup, curated for you from the Linux and opensource world on application updates, new releases, distribution updates, major news, and upcoming trends.
Read more

Manjaro vs Arch Linux: What’s the Difference? Which one is Better?

Filed under
Linux

Manjaro or Arch Linux? If Manjaro is based on Arch, how come is it different from Arch? Read how Arch and Manjaro are different in this comparison article.
Read more

Linux Mint 19.3 Is The Most Popular Point Release: Mint 20 Edges Closer

In June, Linux Mint 20 “Ulyana” came in three editions: Cinnamon, MATE, and Xfce, along with many new features. Subsequently, it received a lot of feedback, including both good and bad.

You can check out our review of Linux Mint 20 with features scoring good ratings. Nonetheless, according to the latest popularity statistics revealed in the July month blog, Linux Mint 19.3 “Tricia” is currently the most popular point release compared to any other Mint version.

As you can see in the graph, more than 50% of Linux Mint users use Linux Mint 19.x series. This is even more than combining both the old Mint 18.x and the brand new Mint 20, which represents about 20% of the user base.

Read more

Nitrux 1.3.1 is available to download

Filed under
GNU
KDE
Linux

We are pleased to announce the launch of Nitrux 1.3.1. This new version brings together the latest software updates, bug fixes, performance improvements, and ready-to-use hardware support.

Nitrux 1.3.1 is available for immediate download.

Read more

KDE Plasma 5 August 2020 release for Slackware

Filed under
KDE
Slack

New Plasma5 packages for Slackware-current are ready for download & installation. I skipped July (holiday season) and so here is KDE-5_20.08 aka my August 2020 release. Be sure to read the upgrade instructions very carefully to prevent breakage, because starting with my June batch the goal is to remove Slackware’s ConsoleKit2 and replace it with elogind!.

It would not harm if you (re-)read my previous blog article about Plasma5, “Replacing ConsoleKit2 with elogind – first steps“. It has a lot more detail about the reasons for this move as well as guidance on using the Wayland Window Manager (as a test) instead of regular X.Org. Note that Wayland sessions still need a lot of maturing and X.Org will remain Slackware’s default choice.

Read more

IBM/Red Hat/Fedora Leftovers

Filed under
Red Hat

Debian: Ben Hutchings, Chris Lamb, and Jonathan Carter

Filed under
Debian

  • Ben Hutchings: Debian LTS work, July 2020

    I was assigned 20 hours of work by Freexian's Debian LTS initiative, but only worked 5 hours this month and returned the remainder to the pool.

    Now that Debian 9 'stretch' has entered LTS, the stretch-backports suite will be closed and no longer updated. However, some stretch users rely on the newer kernel version provided there. I prepared to add Linux 4.19 to the stretch-security suite, alongside the standard package of Linux 4.9. I also prepared to update the firmware-nonfree package so that firmware needed by drivers in Linux 4.19 will also be available in stretch's non-free section. Both these updates will be based on the packages in stretch-backports, but needed some changes to avoid conflicts or regressions for users that continue using Linux 4.9 or older non-Debian kernel versions. I will upload these after the Debian 10 'buster' point release.

  •        

  • Chris Lamb: Free software activities in July 2020

    As part of being on the board of directors of the Open Source Initiative and Software in the Public Interest I attended their respective monthly meetings and participated in various licensing and other discussions occurring on the internet, as well as the usual internal discussions regarding logistics and policy etc. This month, it was SPI's Annual General Meeting and the OSI has been running a number of remote strategy sessions for the board.

  •        

  • Jonathan Carter: Free Software Activities for 2020-07

    Here are my uploads for the month of July, which is just a part of my free software activities, I’ll try to catch up on the rest in upcoming posts. I haven’t indulged in online conferences much over the last few months, but this month I attended the virtual editions of Guadec 2020 and HOPE 2020. HOPE isn’t something I knew about before and I enjoyed it a lot, you can find their videos on archive.org.

The Best Authenticator Apps for Linux Desktop

Filed under
GNU
Linux
Security

If you have ever used two-factor authentication before, then you have probably heard of tools like Google Authenticator. To make use of many of these services, you’ll have to have your phone near you. Luckily, there are desktop authenticator apps that can provide you with the secret key you need to log in to your account. Below are the best authenticator apps for the Linux desktop.

[...]

Yubico works with a hardware security token known as the Yubikey. You can store your credentials on this as opposed to on your device. This hardware security token can even be further secured by choosing to unlock it with either FaceID or TouchID.

With Yubico, you will also be able to easily transition between devices, even after upgrading. The Yubico app lets you generate multiple secrets across devices, making it simple for you to switch.

I have to admit that the security offered by a physical token like the Yubikey is great. However, users must bear in mind that they must have the key with them if they wish to use two-factor authentication. I know you may argue and say this is no better than having to carry a phone with you. However, you can’t put your phone on a keychain! Additionally, it’s tough to crack a hardware token. Someone would have to steal it from you if they wanted to access your data. Even after doing that, they still won’t know any of your passwords or anything else of the sort.

With Yubico Authenticator, you first have to insert your key before you can add services to the app. After inserting your key, you can then add a security token from a service you want to enable two-factor authentication for. This is an app more for a power user due to the steps that must be taken to get it set up.

Read more

today's leftovers

Filed under
Misc

  • oneAPI compatibility with all openSUSE

    As leader of the openSUSE Innovator initiative, openSUSE member and official oneAPI innovator, I tested the new release of the tool on openSUSE Leap 15.1, 15.2 and Tumbleweed. With the total success of the work, I made available in the SDB an article on how to install this solution on the openSUSE platform. More information here: https://en.opensuse.org/SDB:Install_oneAPI.

    oneAPI is an Unified, Standards-Based Programming Model. Modern workload diversity necessitates the need for architectural diversity; no single architecture is best for every workload. XPUs, including CPUs, GPUs, FPGAs, and other accelerators, are required to extract high performance.

    This technology have the tools needed to deploy applications and solutions across these architectures. Its set of complementary toolkits—a base kit and specialty add-ons—simplify programming and help developers improve efficiency and innovation. The core Intel oneAPI DPC++ Compiler and libraries implement the oneAPI industry specifications available at https://www.oneapi.com/open-source/.

  • openSUSE Tumbleweed – Review of the week 2020/31

    Week 31 has seen a steady flow of snapshots. The biggest snapshot was 0721, for which we had to do a full rebuild due to changes in the krb5 package, that moved some files around. In order for all packages to keep up with this change, the full rebuild was needed. The week in total has seen 7 snapshots being published (0721, 0724, 0726, 0727, 0728, 0729 and 0730)

  • Does Your Organization Need an Open Source Program Office?

    Every modern enterprise uses some open source software, or at the very least uses software that has open-source components. In an enterprise setting, the number of different open source projects an organization might use could easily be in the hundreds of thousands, and there could also easily be just as many engineers using those open source projects.

    While the reality is that enterprises use open source software, open source communities have a completely different culture — one focused on collaboration in a way that is foreign to most standard business environments.

    “As a business, it’s a culture change,” explained Jeff McAffer, who ran Microsoft’s Open Source Program Office for years and now is a director of product at GitHub focused on promoting open source in enterprises. “Many companies, they’re not used to collaboration. They’re not used to engaging with teams outside of their company.”

    What exactly are Open Source Program Offices (OSPOs)? What do they do, who needs them and why? We spoke with a couple of people who lead open source program offices to learn more.

  •        

  • 50 Open Badges awarded for top LibreOffice translators!

    A few months ago, we announced Open Badges for LibreOffice contributors. These are custom images with embedded metadata, awarded to our most active community members to say thanks for their great work!

    The metadata describes the contributor’s work, and the badge can be verified using an external service. Open Badges are used by other free software projects, such as Fedora.

  • Ordering Browser Tabs Chronologically to Support Task Continuity

    Product teams working on Firefox at Mozilla have long been interested in helping people get things done, whether that’s completing homework for school, shopping for a pair of shoes, or doing one’s taxes. We are deeply invested in how we can support task continuity, the various steps that people take in getting things done, in our browser products. And we know that in our browsers, tabs play an important role for people carrying out tasks.

    [...]

    Fast forward to this year and the team working on Firefox for iOS was interested in how we might support task continuity involving leaving tabs open. We continued to see in user research the important role that tabs play in task continuity, and we wanted to explore how to make tab retrieval and overall tab management easier.

    In most web browsers on smartphones, tabs are ordered based on when a person first opened them, with the oldest tabs on one end of the interface (top, bottom, left, or right) and the newest tabs stacking to the opposite end of the interface. This ordering logic gets more complex if a new tab is prompted to open when someone taps on a link in an existing tab. A site may be designed to launch links in new tabs or a person may choose to open new tabs for links. The new tab, in that case, typically will open immediately next to the tab where the link was tapped, pushing all other later tabs toward the other end of the interface. All of this gets even trickier when managing more than just a few tabs. This brief demonstration illustrates tab ordering logic in Firefox for iOS before chronological tabs using the example of someone shopping for a good processor.

  • Tor’s Bug Smash Fund: Year Two!

    The Bug Smash Fund is back for its second year! In 2019, we launched Tor’s Bug Smash Fund to find and fix bugs in our software and conduct routine maintenance. Maintenance isn’t a flashy new feature, and that makes it less interesting to many traditional funders, but it’s what keeps the reliable stuff working--and with your support, we were able to close 77 tickets as a result.

    These bugs and issues ranged from maintenance on mechanisms for sending bridges via email and collecting metrics data to improving tor padding, testing, onion services, documentation, Tor Browser UX, and tooling for development. This work keeps Tor Browser, the Tor network, and the many tools that rely on Tor strong, safe, and running smoothly.

  • Say hello to the Linux Terminal 2.0 for Chrome OS

    Back in March, prior to the Chrome OS release calendar getting out of whack, the Linux terminal for Chrome OS was undergoing a major facelift that looked to be slated for the release of version 82. Since I generally live in the Canary channel, I was unaware that the update had not taken place. Instead, the refreshed Linux terminal actually arrived in the latest update to Chrome OS 84. Some of you reading this may be thinking “what the heck is a Linux terminal?” and that’s okay. Here’s a quick history lesson.

Linux Mint Monthly News and Ubuntu Leftovers

Filed under
Ubuntu

           

  • Linux Mint Monthly News – July 2020

    I’d like to thank you all for your support. Donations are usually quite high after a release and Linux Mint 20 is no exception. We received 924 donations in a single month! That’s quite an impressive number and it makes us feel really proud, both as a project and a community.

    Linux Mint 20 was well received but it introduced new challenges, both as a release and an upgrade. We’ll be focused on tackling these challenges for the next two years as well as implementing exciting refinements and new features in the upcoming point releases. Some of these are already listed on our Trello boards and roadmaps. I’d rather talk about them once they’re implemented and ready to be shipped though. Hopefully this time next month we’ll be able to give you a preview of some of them.

    In last month’s feedback we noted some users would like Linux Mint to package Chromium. We also observed confusion and lack of empowerment when it comes to dealing with foreign packages during the upgrade. These are two areas we’re looking into at the moment.

    LMDE 4 received many updates lately, including the new features from Linux Mint 20 and Cinnamon 4.6.

    A study on the popularity of Linux Mint releases showed some interested results and comforted some of the perception we had of our user base. 

  •        

  • Charmed OSM Release EIGHT available from Canonical

    Canonical is proud to announce the general availability of OSM release EIGHT images in it’s Charmed OSM distribution. As of Release SEVEN, OSM is able to orchestrate containerised network functions (CNFs) leveraging Kubernetes as the underlying infrastructure for next-generation 5G services. Release EIGHT follows the same direction and brings new features that allow for the orchestration of a broader range of network functions and production environments.

    Open Source MANO (OSM) Release EIGHT is the result of great community work in a project that drives the most complete open source network function virtualisation (NFV) orchestrator in the market.

  • Full Circle Magazine #159

    This month:
    * Command & Conquer
    * How-To : Python, Podcast Production, and Rawtherapee
    * Graphics : Inkscape
    * Graphics : Krita for Old Photos
    * Linux Loopback
    * Everyday Ubuntu
    * Ubports Touch
    * Review : Ubuntu Unity 20.04
    * Ubuntu Games : Mable And The Wood
    plus: News, My Opinion, The Daily Waddle, Q&A, and more.

Hardware and Devices With Linux or Similar

Filed under
Hardware
  • Amazing science from the winners of Astro Pi Mission Space Lab 2019–20
  • What is an IoT-Ready PC?

    Can your PC or laptop handle IoT applications? This means it should have the ruggedness and extra connectivity support for IoT devices such as Arduino or Raspberry Pi, while supporting OS such as Windows 10 IoT Core.

  • The PongMate CyberCannon Mark III is a surefire way to never lose at beer pong

    If you participate in beer pong, and your skills aren’t up to the challenge, you might be in for a rough time. While “practice makes perfect,” if you’d rather shortcut this process then engineers Nils Opgenorth and Grant Galloway have just the solution with their Arduino-powered PongMate CyberCannon Mark III.

    This wrist-mounted launcher uses a time-of-flight sensor, along with an inertial measurement unit to calculate the vertical and horizontal distance to the red Solo cup, marked with a small laser. Bubble levels help users fix the device in the horizontal direction and five programmable RGB LEDs indicate when it’s ready to shoot.

  • BCM MX4305UE Industrial Mini-ITX Motherboard Features Intel Celeron 4305UE Processor

    The board supports both Windows 10 and Linux distributions.

  • Apollo Lake industrial mini-PC supports Linux

    Vecow’s Linux-ready, -40 to 75°C tolerant “SPC-4010C” industrial mini-PC is built around a dual-core Apollo Lake SoC with up to 8GB RAM, 2x GbE, SATA, HDMI, 4x USB, and 2x mini-PCIe with SIM card and mSATA.

    Vecow announced a minor revision to its Apollo Lake based SPC-4010 mini-PC called the SPC-4010C. If you already know about the SPC-4010, all you need to do is read the following paragraph. However, if like us, you are new to the SPC-4000 series, you may be interested in joining us for a brief tour of all six Apollo Lake based SPC-4000 models below. The fanless systems supports Linux and Win 10 for machine vision, robot control, infotainment, factory automation, intelligent control, and other compact AIoT applications.

Programming Leftovers

Filed under
Development
  • New Tax Collection Tech Replaces 50-Year-Old System

    Fried said recent updates to the old system had fallen mainly to a single employee who had worked for the office for most of the five decades the system had been in place - and finding another programmer with similar skills would have been challenging. The old system used the COBOL programming language and a traditional mainframe computer, whereas the new system is cloud-based and can be managed entirely remotely.

  • Call for Code Daily: tech for the disabled, chatbots, and the final push to submission close
  • Godot Release candidate: 3.2.3 RC 3

    Godot 3.2.2 was released on June 26 with over 3 months' worth of development, including many bugfixes and a handful of features. Some regressions were noticed after the release though, so we decided that Godot 3.2.3 would focus mainly on fixing those new bugs to ensure that all Godot users can have the most stable experience possible.

    Here's a third Release Candidate for the upcoming Godot 3.2.3 release. Please help us test it to ensure that no new regressions have slipped through code review and testing.

    Note: The previous 3.2.3 RC 2 was actually not built from the intended commit, and reflected the same changeset as RC 1. Tests made on RC 2 are still valid and useful, but did not help validate the very latest commits, hence this third release candidate. The changes new in this build are thus the ones made between RC 1 and RC 3.

  • What Is Fuzz Testing? A Guide.

    Not all software testing techniques have origin stories, but fuzz testing does: On a stormy evening in 1988, Barton Miller, a computer science professor at the University of Wisconsin-Madison, was using a dial-up connection to work remotely on a Unix computer from his apartment. He was attempting to feed input information into a computer program, only to see the program repeatedly crash.

    He knew that the electrical noise from the thunderstorm was distorting his inputs into the program as they traveled through the phone line. The distorted inputs were different from what the software needed from the user, resulting in errors. But as he describes in his book, Fuzzing for Software Security Testing and Quality Assurance, Miller was surprised that even programs he considered robust were crashing as a result of the unexpected input, instead of gracefully handling the error and asking for input again.

    [...]

    Miller’s concern about what he saw during his thunderstorm experience extended beyond the annoyance of having applications crash unexpectedly. Applications that are not able to handle unexpected input also pose security concerns. Errors that aren’t handled by the program are vulnerabilities that attackers can exploit to hack into systems.

    In fact, attackers often use fuzz testing tools to locate vulnerabilities in applications, according to Jared DeMott, the CEO of VDA Labs security testing company and the instructor of several Pluralsight courses on testing.

    “If you follow what we call a secure development lifecycle… fuzzing is one piece of the lifecycle that relates to the testing portion of it,” DeMott said.

  • [Old] Infinite scrolling on the web is complexity layered on top of complexity layered on top of complexity

    Does all that stuff sound hard? Sorry, but it’s worse.

Games: GNOME, Core Defense, Steam and Monster Crown

Filed under
GNOME

  • Implementing Recently Played Collection in GNOME Games

    In my previous blog post, I talked about how I added a Favorites Collection to Games. Favorites Collection lists all the games that’s marked as favorite. In this post I’ll talk about what went into adding a Recently Played Collection, which helps you get to recently played games more quickly.

    Since most of the ground work for supporting non-user collections are already done as part of introducing Favorites Collection, it required much less work to add another non-user collection. For Recently Played collection, the main differences from Favorites Collection in terms of implementation are...

  • Core Defense offers up a different kind of Tower Defense with deck-building

    Core Defense is a Tower Defense game at it's core but it's quite unusual in how it sprinkles in the content and it's out now with full Linux support. After being in Early Access on itch.io for a few months, it's looking good.

    It takes the usual wave-based approach from your typical TD game but instead of giving you set tower types and specific placements, it's a little more open-ended. As you progress through the waves, you build up your defences based on what cards you pick as rewards, a little like a deck-builder and you use these unlocks to gradually build through the blank canvas of a map you're given.

  • 4 ways to back up Steam games on Linux

    Are you a Linux gamer? Do you play a lot of Steam video games? Trying to figure out how to back up your games so you don’t have to keep re-downloading them? If so, this list is for you! Follow along as we talk about 4 ways to back up Steam games on Linux!

  • Monster Crown has a new adult take on Pokemon and it's now in Early Access

    With a darker tone, a setting aimed at adults and creatures that might give a few pixelated nightmares, Monster Crown has entered Early Access as a new breed in the genre of monster catching.

    Monster Crown definitely captures some of the spirit of early Pokemon games, with a new and unique take on it. Instead of throwing a magical ball to capture creatures and force them to your will, Monster Crown gets you to offer them a contract and see if they want to join you. It's a little odd but an interesting spin.

Audiocasts/Shows: Linux Headlines, Free As In Freedom, Ubuntu Podcast from the UK LoCo

Filed under
GNU
Linux

  • 2020-07-31 | Linux Headlines

    Mitigating the BootHole vulnerability is proving difficult for several major Linux distributions, KDE’s Ark tool issues a security advisory, Cloudflare reduces perceived delays in worker process startup time, and Tor brings back its Bug Smash Fund for a second year.

  •        

  • Free As In Freedom Friday - LIVE

    Just another random GNU/Linux-y live stream. I will converse with the YouTube chat so feel free to post freedom-respecting questions and comments.

  •        

  • Ubuntu Podcast from the UK LoCo: S13E19 – Three manholes

    This week we’ve been going retro; making an Ubuntu Retro Remix and playing ET:Legacy. We discuss the new release of digiKam, Intel GPU driver tweaks, Ubuntu Web Remix, Thunderbird 78 and Mir 2.0! We also round up our picks from the tech news.

  •        

  • Kubernetes from cloud to edge: a workshop for the US

Security and Some FUD/Alarmist Slant

Filed under
Security

           

  • Reproducible Builds (diffoscope): diffoscope 154 released

    The diffoscope maintainers are pleased to announce the release of diffoscope version 154. This version includes the following changes:

    [ Chris Lamb ]
    
    
    
    
    * Add support for F2FS filesystems.
      (Closes: reproducible-builds/diffoscope#207)
    * Allow "--profile" as a synonym for "--profile=-".
    * Add an add_comment helper method so don't mess with our _comments list
      directly.
    * Add missing bullet point in a previous changelog entry.
    * Use "human-readable" over unhyphenated version.
    * Add a bit more debugging around launching guestfs.
    * Profile the launch of guestfs filesystems.
    * Correct adding a comment when we cannot extract a filesystem due to missing
      guestfs module.
    
  • BootHole fixes causing boot problems across multiple Linux distros
  •        

  • Red Hat Security Update Renders Systems Unbootable

    Update, shared by PAjamian: Red Hat is now recommending that users do not apply grub2, fwupd, fwupdate or shim updates until new packages are available.

  • Red Hat and CentOS systems aren’t booting due to BootHole patches

    Early this morning, an urgent bug showed up at Red Hat's bugzilla bug tracker—a user discovered that the RHSA_2020:3216 grub2 security update and RHSA-2020:3218 kernel security update rendered an RHEL 8.2 system unbootable. The bug was reported as reproducible on any clean minimal install of Red Hat Enterprise Linux 8.2.

  • Bug in widely used bootloader opens Windows, Linux devices to persistent compromise

    CVE-2020-10713, named “BootHole” by the researchers who discovered it, can be used to install persistent and stealthy bootkits or malicious bootloaders that will operate even when the Secure Boot protection mechanism is enabled and functioning.

    “The vulnerability affects systems using Secure Boot, even if they are not using GRUB2. Almost all signed versions of GRUB2 are vulnerable, meaning virtually every Linux distribution is affected,” the researchers explained.

    “In addition, GRUB2 supports other operating systems, kernels and hypervisors such as Xen. The problem also extends to any Windows device that uses Secure Boot with the standard Microsoft Third Party UEFI Certificate Authority. Thus the majority of laptops, desktops, servers and workstations are affected, as well as network appliances and other special purpose equipment used in industrial, healthcare, financial and other industries. This vulnerability makes these devices susceptible to attackers such as the threat actors recently discovered using malicious UEFI bootloaders.”

    The researchers have done a good job explaining in detail why the why, where and how of the vulnerability, and so did Kelly Shortridge, the VP of Product Management and Product Strategy at Capsule8. The problem effectively lies in the fact that a GRUB2 configuration file can be modified by attackers to make sure that their own malicious code runs before the OS is loaded.

  • Security updates for Friday

    Security updates have been issued by Debian (grub2 and mercurial), Fedora (chromium, firefox, and freerdp), Oracle (firefox and kernel), Red Hat (firefox), Scientific Linux (firefox, grub2, and kernel), and SUSE (ghostscript and targetcli-fb). 

  •  

  • Linux warning: TrickBot malware is now infecting your systems [Ed: "Linux warning" is alarmism because it does not do anything on its own, it's just exploiting already-compromised servers, e.g. weak password and misconfiguration]
  • Beware! TrickBot Malware Is Now Infecting Linux Devices

Kernel: Coming up in Linux 5.8 and Stuff to be Merged Into Linux 5.9.

Filed under
Linux

  • Eight Great Features Of Linux 5.8

    If all goes well the Linux 5.8 kernel will be released as stable this weekend. Linus Torvalds last weekend expressed some uncertainty whether an extra release candidate would be required, but so far this week the kernel Git activity is light, thus for the moment at least is looking like 5.8 will be christened on Sunday. 

    In any case, Linux 5.8 stable should be out either this Sunday or the following weekend on 9 August. After the 5.8 merge window in June we wrote the Linux 5.8 feature overview, but if you forgot about those changes, here is a shorter list looking at eight of the most prominent new features of this kernel...

  •          

  • Intel PMT Framework + Tiger Lake Telemetry Support Updated For Linux

    Back in May I wrote about Intel working on Platform Monitoring Technology or hardware telemetry capabilities that are coming with Tiger Lake. The Linux support continues to be worked on for this "PMT" functionality although it looks like the work won't be ready in time for the imminent Linux 5.9 kernel merge window.

  •          

  • "Speakup" Promoted Out Of Staging For Linux 5.9

    The Speakup screen reader that is built into the kernel and allows for speaking all text printed to the text console from boot-up to shutdown for assisting blind individuals is now being promoted out of staging with Linux 5.9. 

    Speakup has been around for more than a decade so blind users can interact with the video console / VT. There are a number of speech synthesizers supported and has been organized via Linux-Speakup.org as "basically a bunch of blind people who like messing around with Linux and writing cool and, hopefully useful, software." 

Graphics: Alpha of Wayland's Weston 9.0, Emulating Input Devices In Wayland, Raspberry Pi 4 "V3DV" Vulkan Driver and X.Org/X11 Security

Filed under
Graphics/Benchmarks

  • weston 8.0.91
    This is the alpha release for Weston 9.0.0. This release cycle has been
    pretty quiet, with just a few new features:
    
    
    
    
    - A new kiosk shell allows to display regular desktop apps in an
      always-fullscreen mode
    - Improved testing infrastructure: the test harness has been
      redesigned, DRM tests are now supported, DRM and OpenGL tests are now
      enabled in our CI
    - DRM panel orientation property support
    
    
    
    
    As always, a number of bug fixes are included as well.
    
    
    
    
    Thanks to all contributors!
    
    
    
    
    Full commit history below.
    
  •        

  • Wayland's Weston 9.0 Reaches Alpha

    Weston 9.0 release preparations are getting underway. At least compared to the original Weston 9.0 release plans, this Wayland compositor is running about a month behind those plans but in any case the release is now making its way to reality. 

    On Thursday shortly after the Weston kiosk/full-screen shell was merged, Weston 9.0 Alpha was tagged in getting the release process moving forward. Simor Ser is again serving as release manager. 

  • RFC: libei - emulated input in Wayland compositors
    I've been working on a new approach for allowing emulated input devices in
    Wayland. Or in short - how can we make xdotool and synergy work? And
    eventually replace them.
    
    
    
    
    The proposal I have is a library for Emulated Input, in short libei.
      https://gitlab.freedesktop.org/whot/libei/
    
    
    
    
    libei has two parts, the client side (libei) for applications and
    a server side (libeis) for the compositor. The two libraries communicate
    with each other (how? doesn't matter, it's an implementation detail) to
    negotiate input devices.
    
    
    
    
    The process is roughly:
    - the libei client connects and says "I am org.freedesktop.SomeApplication
      and I want a pointer and a keyboard device"
    - the libeis server says "ok, you can have a pointer device and a keyboard
      device"
    - the libei client says 'move the pointer by 1/1', etc. and the server does
      just that. or not, depending on context.
    
    
    
    
    There are more details, see the README in the repo and the libei.h and
    libeis.h header files that describe the API.
    
    
    
    
    The sticking point here is: emulated input comes via a separate channel.
    The server a) knows it's emulated input, b) knows who it is coming from and
    c) has complete control over the input.
    
    
    
    
    a) is interesting because you can differ between the events internally. The
    API right now is very similar to libinput's events so integrating it into a
    compositor should be trivial.
    
    
    
    
    b) is somewhat handwavy if an application runs outside a sandbox - any
    information will be unreliable. Flatpak gives you an app-id though and
    with that we can (eventually) do things like storing the allow/deny
    decisions of the user in the portal implementation.
    
    
    
    
    c) allows you to e.g. suspend the client when convenient or just ignore
    certain sequences altogether. The two made-up examples are: suspend EI
    during a password prompt, or allow EI from the software yubikey *only*
    during a password prompt.
    
    
    
    
    Now, the next question is: how do they *start* talking to each other?
    libei provides multiple backends for the initial connection negotiation. My
    goal is to have this work with flatpak portals so an application running
    within the sandbox can be restricted accordingly. Alternatives to this could
    be public DBus interfaces, simple fd passing or (as is implemented right
    now) a named unix socket.
    
    
    
    
    The aim is that a client can simply iterate through all of the options until
    finds a connection. Once that's found, the actual code for emulating input is
    always the same so it's trivial to implement a client that works on any
    compositor that supports some backend of libeis.
    The server part only needs to care about the negotiation mechanisms it
    allows, i.e. GNOME will only have dbus/portal, sway will only have... dunno,
    fd exchange maybe?
    
    
    
    
    Next: because we have a separate channel for emulated input we can hook up
    XTEST to use libei to talk to a compositor. I have a PoC implementation for
    weston and Xwayland:
      https://gitlab.freedesktop.org/whot/weston/-/commits/wip/eis
      https://gitlab.freedesktop.org/whot/xserver/-/commits/wip/xwayland-eis
    With that xdotool can move the pointer. Note this is truly the most minimal
    code just to illustrate the point but you can fill in the blanks and do
    things like the compositor preventing XTEST or not, etc.
    
    
    
    
    This is all in very early stages with very little error checking so things
    will probably crash or disconnect unexpectedly. I've tried to document the
    API to make the intentions clear but there are still some very handwavy
    bits.
    
    
    
    
    Do let me know if you have any questions or suggestions please though.
    
    
    
    
    Cheers,
      Peter
    
    
    
    
    
  • LIBEI Yields New Effort For Emulating Input Devices In Wayland

    Red Hat's input expert Peter Hutterer has started writing another library to help the Linux input ecosystem: LIBEI. This new library is focused on offering emulated input device support for Wayland in order to support use-cases like xdotool for automating input events. 

    The LIBEI library is working to support emulated input use-cases on Wayland to offer functionality akin to X11's xdotool automation software or the Synergy software for sharing keyboard/mouse setups between systems. LIBEI consists of a client library for applications and then a server-side library (LIBEIS) for the Wayland compositor integration. These two libraries communicate with each other for negotiating the emulated input events.

  • Alejandro Piñeiro: v3dv status update 2020-07-31

    Pipeline cache objects allow the result of pipeline construction to be reused. Usually (and specifically on our implementation) that means caching compiled shaders. Reuse can be achieved between pipelines creation during the same application run by passing the same pipeline cache object when creating multiple pipelines. Reuse across runs of an application is achieved by retrieving pipeline cache contents in one run of an application, saving the contents, and using them to preinitialize a pipeline cache on a subsequent run.

    Note that it can happens that a pipeline cache would not improve the performance of an application once that it starts to render. This is because application developers are encourage to create all the pipelines in advance, to avoid any hiccup during rendering. On that situation pipeline cache would help to reduce load times. In any case, that is not always avoidable. In that case the pipeline cache would allow to reduce the hiccup, as a cache hit is far faster than a shader recompilation.

    One specific detail about our implementation is that internally we keep a default pipeline cache, used if the user doesn’t provide a pipeline cache when creating a pipeline, and also to cache the custom shaders we use for internal operations. This allowed to simplify our code, discarding some custom caches that had alread implemented.

  • Raspberry Pi 4 "V3DV" Vulkan Driver Begins Tackling MSAA, Other Improvements

    This month the Raspberry Pi Foundation funded "V3DV" open-source Vulkan driver for the Raspberry Pi 4 began being able to run vkQuake. In ending out July, the developers at consulting firm Igalia who are working on this driver for the Raspberry Pi Foundation shared some of their latest driver activity. 

  •         

  • X.Org's Latest Security Woes Are Bugs In LibX11, Xserver

    The X.Org/X11 Server has been hit by many security vulnerabilities over the past decade as security researchers eye more open-source software. Some of these vulnerabilities date back to even the 80's and 90's given how X11 has built up over time. The X.Org Server security was previously characterized as being even worse than it looks while today the latest vulnerabilities have been made public. 

    CVE-2020-14344 is now public and covers multiple integer overflows and signed/unsigned comparison issues within the X Input Method implementation in the libX11 library. These issues can lead to heap corruption when handling malformed messages from an input method. 

Syndicate content

More in Tux Machines

Audiocasts/Shows: Debian 10.5 KDE Plasma Run Through, Late Night Linux, Linux Headlines

  • Debian 10.5 KDE Plasma Run Through

    In this video, we are looking at Debian 10.5. Enjoy!

  • Late Night Linux – Episode 95

    A look back at the year in Linux so far, some speculation about what’s coming, Lineage OS on the Raspberry Pi, and KDE Korner.

  • 2020-08-03 | Linux Headlines

    Linux kernel 5.8 is out, BunsenLabs rebases to Debian 10 “Buster,” Mastodon releases version 3.2 with multimedia enhancements, and The Linux Foundation forms the Open Source Security Foundation.

today's howtos

Android Leftovers

today's leftovers

  • KDE NEON 20200723 overview | The latest and greatest of KDE community

    In this video, I am going to show an overview of KDE NEON 20200723 and some of the applications pre-installed.

  • Vulkan 1.2.149 Released With Another Extension For Helping The Likes Of DXVK

    Vulkan 1.2.149 is out today and its lone new extension is yet another addition to the Vulkan API for helping translation layers like DXVK map other graphics APIs on top. Vulkan has been quite welcoming of additions to help run graphics APIs like OpenGL and Direct3D on top of it. With today's release of Vulkan 1.2.149 there is another addition to help in that multi-project effort and it's VK_EXT_4444_formats.

  • Linux 5.9 Dropping The Unicore 32-bit RISC Architecture

    It's arguably long overdue but with the just-opened Linux 5.9 kernel cycle the Unicore32 CPU architecture is being removed. Unicore is a 32-bit RISC architecture developed at China's Peking University. Unicore is an ARM-like architecture. But with Unicore not being too popular and this code not seeing any maintenance for the mainline kernel paired with no upstream compiler support, it's time to gut the code out of the kernel.

  • IO_uring Has Many Improvements Set To Go Into Linux 5.9

    Facebook's Jens Axboe who oversees the Linux storage/block code and leads the IO_uring efforts summed up the changes for Linux 5.9 as "hardening the code and/or making it easier to read and fixing [bits]." There is though a big change and that is proper async buffered reads support. That work was previously covered but didn't end up getting pulled into Linux 5.8 due to a branching difference but is now ready to go with Linux 5.9. The async buffered reads support for IO_uring has some nice performance advantages and lower CPU usage while also working its way off KThreads for the fast code path once the async buffered write support is in place.

  • New Helix by OnLogic brings GPU computing to the Edge

    Both systems can be configured with a range of Windows operating systems or Ubuntu Linux, and OnLogic plans to add imaging options for many of their software partners in the future, including Ignition by Inductive Automation, ThinManager, EdgeIQ, IGEL and AWS Greengrass.

  • Looks like the recent upwards trend of the Linux market share has calmed down [Ed: As if a Microsoft partner which pretends Android and ChromeOS etc. don't exist was ever painting an accurate picture...]

    For NetMarketShare, something pretty big happened over the last few months. Back in March the Linux share they recorded was only 1.36%, and then it quickly rocketed upwards to 3.61% in June after multiple months of rising. The kind of rise you can't easily just write-off since it continued happening. No one really knows what caused it, possibly a ton more people working from home and not attached to their corporate Windows workstation. Now though, it seems to be levelling out as July's figure now shows it as 3.57%. Considering more people are being told to go back to work, perhaps it was as a result of COVID19. Across that whole time though, it's worth noting StatCounter which also tracks it has hardly moved this whole time. So you may want to press X to doubt on it.

  • Librem 5 June 2020 Software Development Update

    This is another incarnation of the software development progress for the Librem 5. This time for June 2020 (weeks 23-26). Some items are covered in more detail in separate blog posts at https://puri.sm/news. The idea of this summary is to have a closer look at the coding and design side of things. It also shows how much we’re standing on the shoulders of giants reusing existing software and how contributions are flowing back and forth between upstream and downstream projects. This quickly gets interesting since we’re upstream for some projects (e.g. calls, phosh, chatty) and downstream for others (e.g Debian, Linux kernel, GNOME). So these reports are usually rather link heavy pointing to individual merge requests on https://source.puri.sm/ or to the upstream side (like e.g. GNOME’s gitlab).

  • Red Hat certification remote exams now available

    It’s not a new idea that organizations worldwide need and seek qualified IT professionals with the skills and knowledge needed to use Red Hat products successfully. And for the last two decades, Red Hat Training and Certification has provided a way for them to assess, train and validate skills. Last year, we launched preliminary exams as a way to provide experience with our hands-on approach to testing to a broader audience and to explore making this approach more widely available as online exams. This year, the COVID-19 pandemic has meant temporary site closures, lockdowns and social distancing. Going to a test center to take an exam is not an option in many places. Even if it is, candidates for certification might be understandably reluctant to visit a center to take an exam. With that in mind, Red Hat has accelerated our efforts, and I am very pleased to announce that several of our certification exams are now available remotely.

  • Red Hat Customer Success Stories: digital transformation through people, process and technology

    Condis Supermarcats is a family-owned supermarket chain that is a household name in central and northern Spain. The company operates more than 400 physical storefronts, ranging from hypermarkets to local convenience stores, and a growing digital business. In 2017, Condis began several high-profile projects as part of its digital transformation efforts, including launch of a new customer resource management (CRM) system and a customer-facing mobile application. To support these projects, Condis’s IT team sought to better integrate the company’s IT infrastructure with microservices. "Our architecture was not cloud-integrated or suited for the agile approach we needed to develop our digital business," said Sergio Murillo, Technology Development and IT Operations Manager at Condis. "For example, each Condis store has access to a customer database, centralized using a cloud-based tool. However, we needed this data exchange to be integrated seamlessly with our CRM."

  • 10 Years of OpenStack – Gary Kevorkian at Cisco

    Storytelling is one of the most powerful means to influence, teach, and inspire the people around us. To celebrate OpenStack’s 10th anniversary, we are spotlighting stories from the individuals in various roles from the community who have helped to make OpenStack and the global Open Infrastructure community successful.

  • The Month in WordPress: July 2020

    July was an action-packed month for the WordPress project. The month saw a lot of updates on one of the most anticipated releases – WordPress 5.5! WordCamp US 2020 was canceled and the WordPress community team started experimenting with different formats for engaging online events, in July. Read on to catch up with all the updates from the WordPress world.