• Chrome OS 75 rolling out with Linux improvements, playing DRM video on external displays

  After rolling out to Android, Mac, Windows, and Linux, version 75 of Chrome OS is now available. Notable features include Linux improvements and more parental control options with Family Link.

  Linux on Chrome OS pick up support for Android devices over USB and VPN connections. Linux apps can access Android devices connected over USB, with this particularly useful for Android developers debugging and pushing APKs.

  Meanwhile, Linux applications can utilize existing Android or Chrome OS VPNs. All traffic from the Linux VM will automatically be routed through an established connection.

• New laptop: ThinkPad X390

  The 13” 1920x1080 screen at ~160 dpi is a bit uncomfortable to use with my poor eyesight, so first I tried to use GNOME Tweaks to scale fonts to 120%. This worked okay-ish (a shame that Firefox ignores this and I had to tweak it separately) until I plugged in an external monitor (~80 dpi) where the large fonts were cartoonishly too large. Next, I enabled GNOME’s experimental fractional scaling support (I use a Ubuntu on Wayland session instead of the default one) and (after a reboot) set the zoom level on the internal screen to 125% (after resetting font scaling back to 100%, of course). Wayland apps look nice and crisp, X11 apps (Firefox) look fuzzy, but shrug at least I can read the text without squinting.

• Concurrent Real-Time Introduces RedHawk Linux for NVIDIA's Jetson AGX Xavier

  In supporting the AGX Xavier, RedHawk Linux is well positioned for embedded applications in aerospace, defense, automotive, industrial and medical markets that require high-performance, low-power consumption and deterministic response. RedHawk provides a guaranteed response time of less than 50 microseconds on the AGX Xavier.

• IGEL Drives the Rapid Growth of Linux OS-Based Devices at the Edge

  ...in 2018 Linux, for the first time, surpassed Windows shipments for thin clients, growing 6% per annum from 2015 to 2018 while Windows OS shrank 5% per annum during the same period.

• LinuxQuestions.org Turns Nineteen

  I'm proud to announce that LQ turned 19 yesterday! I'd like to once again thank each and every LQ member for their participation and feedback. While there is always room for improvement, that LQ has remained a friendly and welcoming place for new Linux members despite its constantly growing member-base and geographic distribution is a testament to the community.

  To say that feedback has been absolutely critical to our success is an understatement. As has become tradition, I'd like to use this thread to collect as much feedback as possible about LQ. What are we doing well and where can we improve? Where are we failing? What can we do to ensure long time members remain engaged and willing to help? What can we do to ensure new members feel welcome? What should we be doing differently?

  As part of our 19 year anniversary, we'll be randomly selecting 19 posts from this thread and upgrading that member to "Contributing Member" status for one year. Stay tuned, and thanks again for being a member. Together, I think we can make LQ even better.

• Flea Madness sound like a ridiculously fun multiplayer game where you eat your enemies

  Flea Madness, currently in development by Priple is a fast-paced multiplayer action game that looks good and the idea sounds pretty amusing too.

  Each player assumes the role of an alien flea, a biological weapon with a singular purpose—eat everything. As you hunt and eat others, you evolve into a more dangerous creature too. Spread across the maps, you will find insects to eat, which will also give you various abilities although not all of them good for you. Some might speed you up, turn you invisible or reverse your controls.

• Steam’s Summer Sale 2019 Is Live With A New Way To Earn Free Games

  Steam’s annual event, which PC gamers eagerly await each year, has finally started. The Steam Summer Sale 2019 is now live and will run through July 9, offering gamers a seemingly endless list of games to choose from.

  “Start your engines, everybody… the Steam Summer Sale has begun! For the next 14 days, enjoy great savings on a huge selection of games and join in the Steam Grand Prix 2019 event until July 7th 10AM PDT,” Steam says in a blog post.

  Thousands of games across various genres are now available on discount, so if you don’t have a Steam wishlist, it could prove difficult to choose the games you want. However, to help you make a choice, we have listed some of the best deals from the Steam Summer Sale 2019.

• GCC 10 Lands Support For Intel Tiger Lake's AVX-512 VP2INTERSECT

  Similar to the recent LLVM compiler work, the in-development GCC 10 compiler also now has support for the AVX-512 VP2INTERSECT instructions being introduced on Intel Tiger Lake CPUs.

• DisplayPort 2.0 Published For 3x Increase In Data Bandwidth Performance

  VESA announced their first major update to the DisplayPort interface in three years.

  DisplayPort 2.0 provides for a three fold increase in data bandwidth performance compared to DP 1.4a, support beyond 8K resolutions, higher refresh rates and HDR at higher resolutions, and other enhancements. DisplayPort 2.0 will work both on DisplayPort connectors and USB Type-C with backwards compatibility.

• SiFive CEO Says RISC-V Servers are 'Five Years Away'

  Last year he thought smartphones and servers were five and 10 years away, respectively, but he's had to "pull in his targets."

• syslog-ng and Elasticsearch 7: getting started on RHEL/CentOS

• MongoDB Monitoring with Grafana & Prometheus

• Arch Linux as a Server?! Setting up Tiny Tiny RSS on a Cloud Instance

• GNOME Has a Hidden Classic Mode, Here’s How to Unlock it on Ubuntu

• How to use Wget to download web-based packages on Windows

• Tracking down library injections on Linux

• 2 Tools For Monitoring Nvidia GPUs On Linux (GUI And Command Line)

  This article presents 2 tools for monitoring Nvidia graphics cards on Linux: one that comes with a terminal user interface (TUI), so it runs in a console, and another one that uses a graphical user interface.

• MuseScore 3.2 Released with Dozens of Bug Fixes

  Free scorewriter MuseScore 3.2 was released a day ago with dozens of bug-fixes as well as some improvements to user interface.

• Cockpit 197

  Cockpit is the modern Linux admin interface. We release regularly. Here are the release notes from version 197.

• New Oracle Java 11 Installer For Ubuntu Or Linux Mint (Using Local Oracle Java .tar.gz)

  As many of you already know, Oracle Java requires logging in to an Oracle account to download most versions (all except Oracle Java 12). A while back I created Oracle Java 11 and 12 installer packages (based on the package by Web Upd8), and a PPA for Ubuntu and Linux Mint.

  Since Oracle Java 11 can't be directly downloaded from Oracle any more, the installer no longer works, so I created a new installer that requires the user to create an Oracle account, download the Oracle Java 11 .tar.gz archive (the same version as the installer), and place the archive in /var/cache/oracle-jdk11-installer-local/. After this, you can install the oracle-java11-installer-local package, and it will set up Oracle Java 11 for you.

  Everything else works as before. You can install the oracle-java11-set-default-local package to set Oracle Java 11 as default for example (not only set it as default using a .jinfo file and update-alternatives, but also export the JAVA_HOME environment variable, etc.).

• My first month on GSoC

  This first month of GSoC was a great learning experience for me, when speaking to my colleagues of how Summer of Code is being important to my professional life, I always respond that I’m finally learning to code and the basic of C++.

  Yes, maybe this is strange, I’m a second year undergraduate Computer Science student, have two year experience with C++. I should have learn to code by now right? Well, at least on my Campus you don’t learn to code applications or how to build stable, clean code. You learn to solve problems, and that’s something I got pretty good at, but when it came to code, well, I’m learning that now and I’m liking it a lot.

• Snapshot Docker

  The idea of snapshots is to make copies of the current document and allow users to return to them at a later time. This is a part of my whole Google Summer of Code project, which aims to bring Krita a better undo/redo system. When fully implemented, it will fully replace the current mechanism that stores actions with one that stores different states. That is to say, Krita will create a snapshot of the document for every undoable step.

  [...]

  Another interesting thing is the palettes. Krita 4.2.0 allows documents to store their own, local palettes. The palette list is but a QList<KoColorSet *>, meaning that only creating a new QList of the same pointers will not work. This is because, the palettes are controlled by canvas resource manager, which takes the responsibility to delete them. Therefore, when taking snapshots, we had better take deep copies of the KoColorSets. And then another problem comes: the snapshots own their KoColorSets because they are not controlled by the resource manager in any way; but the KisDocument in the view does not. So we have to set up another flag, ownsPaletteList, to tell the document whether it should delete the palettes in the destructor.

  And now the work has shifted to the refactoring of kritaflake, the library that mainly handles vector layers and shapes. I converted the whole KoShape hierarchy to implicit sharing where possible, but some tests are broken. I am now on Windows, where unit tests do not run. I will continue the development of flake as soon as I get access to my Linux laptop.

• Fedora Workstation 31 to come with Wayland support, improved core features of PipeWire, and more

  On Monday, Christian F.K. Schaller, Senior Manager for Desktop at Red Hat, shared a blog post that outlined the various improvements and features coming in Fedora Workstation 31. These include Wayland improvements, more PipeWire functionality, continued improvements around Flatpak, Fleet Commander, and more.

• Fedora's AAC Support Finally Seeing Audio Quality Improvements

  Fedora's version of the FDK-AAC library that they began shipping in 2017 to finally provide AAC audio support strips out what was patented encumbered functionality. But that gutting of the code did cause some problems like audio playback glitches that are now being addressed.

  Fortunately, better AAC support is on the way to Fedora. There is this F30 update pending to provide an updated AAC implementation with quality enhancements.

• Chris Pearce: Firefox's Gecko Media Plugin & EME Architecture

  For rendering audio and video Firefox typically uses either the operating system's audio/video codecs or bundled software codec libraries, but for DRM video playback (like Netflix, Amazon Prime Video, and the like) and WebRTC video calls using baseline H.264 video, Firefox relies on Gecko Media Plugins, or GMPs for short.

  This blog post describes the architecture of the Gecko Media Plugin system in Firefox, and the major class/objects involved, as it looked in June 2019.

  For DRM video Firefox relies upon Google's Widevine Content Decryption Module, a dynamic shared library downloaded at runtime. Although this plugin doesn't conform to the GMP ABI, we provide an adapter to allow it to be run through the GMP system. We use the same Widevine CDM plugin that Chrome uses.

  For decode and encode of H.264 streams for WebRTC, Firefox uses OpenH264, which is provided by Cisco. This plugin implements the GMP ABI.

• Hacks.Mozilla.Org: How accessibility trees inform assistive tech

  The web is accessible by default. It was designed with features to make accessibility possible, and these have been part of the platform pretty much from the beginning. In recent times, inspectable accessibility trees have made it easier to see how things work in practice. In this post we’ll look at how “good” client-side code (HTML, CSS and JavaScript) improves the experience of users of assistive technologies, and how we can use accessibility trees to help verify our work on the user experience.

• QMO: Firefox 68 Beta 10 Testday Results

  As you may already know, Friday June 14th – we held a new Testday event, for Firefox 68 Beta 10.

• New Linux Worm Attacks IoT Devices [Ed: How to blame "Linux" for default passwords in devices (and some now also blame "Iran", citing a CIA 'proxy' Recorded Future in relation to this because they want war)]

  Silex has 'bricked' more than 2000 Linux-based IoT devices so far.

• Your server remote login isn't root:password, right? Cool. You can keep your data. Oh sh... your IoT gear, though? [Ed: All this "Silex" 'news' tries to blame Iran for cracking by guessing default passwords; but this is attempted every day by dozens of nations, every minute in a lot of cases. Any political motivation behind this Iran angle?]

  Earlier this week, infosec outfit Recorded Future claimed a Tehran-backed group known as Elfin, or APT33, has been increasingly active in recent months, largely targeting industrial facilities and companies within Saudi Arabia that do business with the US and other Western countries.

• 'Silex' Malware Renders Internet-of-Things Devices Useless. Here's How to Prevent It [Ed: War lovers' media, e.g. Fortune (see parent) and CBS (through ZDNet) push this whole "Iran" angle, manufactured in part by Recorded Future, which works with the CIA. This is the source of all these "Iran is cracking your gear" stories (every large nation does it all the time, so why the focus on Iran all of a sudden?)]

• Silex malware targeting IoT devices spotted by security researchers

• Daily News Roundup: Hackers Broke into Ten Telecom Networks [Ed: Definitely sounds like they used Windows, which executes malware without obstructing the users (who might just open an E-mail or click on a link)]

  Security researchers have revealed hackers spent years burrowing into ten different telecoms. Using a common method of an email with a link leading to malware, the hackers then used sophisticated techniques to target specific individuals.

  Security researchers at Cybereason revealed details of years-long attempts to break into telecom services (cell phone carriers). Starting in 2017, and possibly before, hackers sent emails to unsuspecting telecom employees with malicious links. The initial payload gave the hackers access to the telecom networks.

  Once in, the hackers ultimately compromised the network, gaining administrative privileges, and even creating a VPN on the system that let hackers access large amounts of data and empowered them even to shut down the telecom network entirely. The hackers had so much power that Amit Serper, Principal Security Researcher at Cybereason, described them as essentially a “de facto shadow IT department of the company.”

• The TCP SACK panic

  Selective acknowledgment (SACK) is a technique used by TCP to help alleviate congestion that can arise due to the retransmission of dropped packets. It allows the endpoints to describe which pieces of the data they have received, so that only the missing pieces need to be retransmitted. However, a bug was recently found in the Linux implementation of SACK that allows remote attackers to panic the system by sending crafted SACK information.

  Data sent via TCP is broken up into multiple segments based on the maximum segment size (MSS) specified by the other endpoint—or some other network hardware in the path it traversed. Those segments are transmitted to that endpoint, which acknowledges that it has received them. Originally, those acknowledgments (ACKs) could only indicate that it had received segments up to the first gap; so if one early segment was lost (e.g. dropped due to congestion), the endpoint could only ACK those up to the lost one. The originating endpoint would have to retransmit many segments that had actually been received in order to ensure the data gets there; the status of the later segments is unknown, so they have to be resent.

  In simplified form, sender A might send segments 20-50, with segments 23 and 37 getting dropped along the way. Receiver B can only ACK segments 20-22, so A must send 23-50 again. As might be guessed, if the link is congested such that segments are being dropped, sending a bunch of potentially redundant traffic is not going to help things.

• Short waits with umwait

  If a user-space process needs to wait for some event to happen, there is a whole range of mechanisms provided by the kernel to make that easy. But calling into the kernel tends not to work well for the shortest of waits — those measured in small numbers of microseconds. For delays of this magnitude, developers often resort to busy loops, which have a much smaller potential for turning a small delay into a larger one. Needless to say, busy waiting has its own disadvantages, so Intel has come up with a set of instructions to support short delays. A patch set from Fenghua Yu to support these instructions is currently working its way through the review process.

  The problem with busy waiting, of course, is that it occupies the processor with work that is even more useless than cryptocoin mining. It generates heat and uses power to no useful end. On hyperthreaded CPUs, a busy-waiting process could prevent the sibling thread from running and doing something of actual value. For all of these reasons, it would be a lot nicer to ask the CPU to simply wait for a brief period until something interesting happens.

  To that end, Intel is providing three new instructions. umonitor provides an address and a size to the CPU, informing it that the currently running application is interested in any writes to that range of memory. A umwait instruction tells the processor to stop executing until such a write occurs; the CPU is free to go into a low-power state or switch to a hyperthreaded sibling during that time. This instruction provides a timeout value in a pair of registers; the CPU will only wait until the timestamp counter (TSC) value exceeds the given timeout value. For code that is only interested in the timeout aspect, the tpause instruction will stop execution without monitoring any addresses.

• Dueling memory-management performance regressions

  The 2019 Linux Storage, Filesystem, and Memory-Management Summit included a detailed discussion about a memory-management fix that addressed one performance regression while causing another. That fix, which was promptly reverted, is still believed by most memory-management developers to implement the correct behavior, so a patch posted by Andrea Arcangeli in early May has relatively broad support. That patch remains unapplied as of this writing, but the discussion surrounding it has continued at a slow pace over the last month. Memory-management subsystem maintainer Andrew Morton is faced with a choice: which performance regression is more important?

  The behavior in question relates to the intersection of transparent huge pages and NUMA policy. Ever since this commit from Aneesh Kumar in 2015, the kernel will, for memory areas where madvise(MADV_HUGEPAGE) has been called, attempt to allocate huge pages exclusively on the current NUMA node. It turns out that the kernel will try so hard that it will go into aggressive reclaim and compaction on that node, forcing out other pages, even if free memory exists on other nodes in the system. In essence, enabling transparent huge pages for a range of memory has become an equivalent to binding that memory to a single NUMA node. The result, as observed by many, can be severe swap storms and a dramatic loss of performance.

  In an attempt to fix this problem, Arcangeli applied a patch in November 2018 that loosened the tight binding to the current node. But, it turned out, some workloads want that binding behavior. Local huge pages will perform better than huge pages on a remote node; even local small pages tend to be better than remote huge pages. For some tasks, the performance penalty for using remote pages is high enough that it is worth going to great lengths — even enduring a swap storm at application startup — to avoid it. No such workload has been publicly posted, but the patch was reverted by David Rientjes in December after a huge discussion.

• Rebasing and merging in kernel repositories

  What follows is a kernel document I have been working on for the last month in the hope of reducing the number of subsystem maintainers who run into trouble during the merge window. If all goes according to plan, this text will show up in 5.3 as Documentation/maintainer/rebasing-and-merging.txt. On the off chance that some potentially interested readers might not be monitoring additions to the nascent kernel maintainer's handbook, I'm publishing the text here as well.
  Maintaining a subsystem, as a general rule, requires a familiarity with the Git source-code management system. Git is a powerful tool with a lot of features; as is often the case with such tools, there are right and wrong ways to use those features. This document looks in particular at the use of rebasing and merging. Maintainers often get in trouble when they use those tools incorrectly, but avoiding problems is not actually all that hard.

  One thing to be aware of in general is that, unlike many other projects, the kernel community is not scared by seeing merge commits in its development history. Indeed, given the scale of the project, avoiding merges would be nearly impossible. Some problems encountered by maintainers result from a desire to avoid merges, while others come from merging a little too often.

• Years Late But Saitek R440 Force Racing Wheel Support Is On The Way For Linux

  If you happen to have a Saitek R440 Force Wheel or looking to purchase a cheap and used racing wheel for enjoying the various Linux racing game ports or even the number of games working under Steam Play like F1 2018 and DiRT Rally 2.0, Linux support is on the way.

  The Saitek R440 Force Wheel can still be found from the likes of eBay for those wanting a cheap/used PC game racing wheel. Now coming soon to the Linux kernel is support for this once popular gaming wheel -- which was originally released back in 2004. The Linux kernel patch originally adding the Saitek R440 was sent last year only to be resent out recently in an attempt for mainline acceptance.

Python has followed an 18-month release cycle for many years now; each new 3.x release comes at that frequency. It has worked well, overall, but there is interest in having a shorter cycle, which would mean that new features get into users' hands more quickly. But changing that longstanding cycle has implications in many different places, some of which have come up as part of a discussion on switching to a cycle of a different length.

Łukasz Langa, who is the release manager for the upcoming 3.8 release, as well as the manager for the date-to-be-determined release of 3.9, has proposed PEP 596 ("Python 3.9 Release Schedule (doubling the release cadence)"). As its name would imply, the PEP proposes halving the current release cycle to nine months, which would make the 3.9 release happen in June 2020. As described in PEP 569 ("Python 3.8 Release Schedule"), the Python 3.8 release is slated for October of this year; it is in beta at this point, so no new features can be added. The beta release also marks the start of development for the next release, so work on 3.9 has already begun. With that overlap, a nine-month cycle would actually allow seven or eight months for feature development and four or five months for shaking out the bugs from the first beta release on.

Also: 7 Python Function Examples with Parameters, Return and Data Types

At KubeCon + CloudNativeCon Europe 2019 there was a public meeting of the Cloud Native Computing Foundation (CNCF) Technical Oversight Committee (TOC); its members outlined the current state of the CNCF and where things are headed. What emerged was a picture of how the CNCF's governance is evolving as it brings in more projects, launches a new special interest group mechanism, and contemplates what to do with projects that go dormant.

The CNCF has several levels in its organizational structure with the Governing Board handling the overall operation, budget, and finances, while the TOC handles the technical vision and direction, as well as approving new project additions. Though the TOC currently acts as a sort of gatekeeper for admitting projects into the CNCF, there is more that TOC member Joe Beda, the developer who made the first commit to Kubernetes, said can be done. "The TOC helps to decide which projects come in, but I think we could do an expanded role to actually make sure that we're serving those projects better and that we're creating a great value proposition for projects, so that it's a really great two-way street between the CNCF and the projects to really build some sustainability," he said.

Jeff Brewer had a different perspective on how the TOC can help projects, based on his role, which is as an end user of CNCF projects. He is excited about the fact that end users of Kubernetes are talking with one another and helping to bring a customer focus to the TOC. By having that focus, the TOC can help to ensure that the projects it takes in aren't just cool projects that nobody actually uses, but rather are efforts that have practical utility. "We have over 80 end-user organization members and we look for them to really help us lead the way with the technical direction of the CNCF," he said.

• A Native Kubernetes Operator Tailored for Cloud Foundry

  At the recent Cloud Foundry Summit in Philadephia, Troy Topnik of SUSE and Enrique Encalada of IBM discussed the progress being made on cf-operator, a project that’s part of the CF Containerization proposal. They show what the operator can do and how Cloud Foundry deployments can be managed with it. They also delve deeper, and talk about implementation techniques, Kubernetes Controllers and Custom Resources. This is a great opportunity to learn about how Cloud Foundry can work flawlessly on top of Kubernetes.

  Cloud Foundry Foundation has posted all recorded talks form CF Summit on YouTube. Check them out if you want to learn more about what is happening in the Cloud Foundry world! I’ll be posting more SUSE Cloud Application Platform talks here over the coming days. Watch Troy and Enrique’s talk below:

• Ubuntu Server development summary – 26 June 2019

  The purpose of this communication is to provide a status update and highlights for any interesting subjects from the Ubuntu Server Team. If you would like to reach the server team, you can find us at the #ubuntu-server channel on Freenode. Alternatively, you can sign up and use the Ubuntu Server Team mailing list or visit the Ubuntu Server discourse hub for more discussion.

• Redefining RHEL: Introduction to Red Hat Insights

  At Red Hat Summit we redefined what is included in a Red Hat Enterprise Linux (RHEL) subscription, and part of that is announcing that every RHEL subscription will include Red Hat Insights. The Insights team is very excited about this, and we wanted to take an opportunity to expand on what this means to you, and to share some of the basics of Red Hat Insights.

  We wanted to make RHEL easier than ever to adopt, and give our customers the control, confidence and freedom to help scale their environments through intelligent management. Insights is an important component in giving organizations the ability to predict, prevent, and remediate problems before they occur.

• Red Hat Shares ― Special edition: Red Hat Summit recap

• OpenShift Commons Briefing: OKD4 Release and Road Map Update with Clayton Coleman (Red Hat)

  In this briefing, Red Hat’s Clayton Coleman, Lead Architect, Containerized Application Infrastructure (OpenShift, Atomic, and Kubernetes) leads a discussion about the current development efforts for OKD4, Fedora CoreOS and Kubernetes in general as well as the philosophy guiding OKD 4 develpoment efforts. The briefing includes discussion of shared community goals for OKD4 and beyond and Q/A with some of the engineers currently working on OKD.
  The proposed goal/vision for OKD 4 is to be the perfect Kubernetes distribution for those who want to continuously be on the latest Kubernetes and ecosystem components combining an up-to-date OS, the Kubernetes control plane, and a large number of ecosystem operators to provide an easy-to-extend distribution of Kubernetes that is always on the latest released version of ecosystem tools.

• OpenStack Foundation Joins Open Source Initiative as Affiliate Member

  The Open Source Initiative ® (OSI), steward of the Open Source Definition and internationally recognized body for approving Open Source Software licenses, today announces the affiliate membership of The OpenStack Foundation (OSF).

  Since 2012, the OSF has been the home for the OpenStack cloud software project, working to promote the global development, distribution and adoption of open infrastructure. Today, with five active projects and more than 100,000 community members from 187 countries, the OSF is recognized across industries as both a leader in open source development and an exemplar in open source practices.

  The affiliate membership provides both organizations a unique opportunity to work together to identify and share resources that foster community and facilitate collaboration to support the awareness and integration of open source technologies. While Open Source Software is now embraced and often touted by organizations large and small, for many just engaging with the community—and even some longtime participants—challenges remain. Community-based support and resources remain vital, ensuring those new to the ecosystem understand the norms and expectations, while those seeking to differentiate themselves remain authentically engaged. The combined efforts of the OSI and the OSF will compliment one another and contribute to these efforts.

• Raspberry Digital Sigange details

  system starts in digital signage mode with the saved settings; the admin interface is always displayed after the machine bootstrap (interface can be password-protected in the donors’ build) and if not used for a few seconds, it will auto-launch the kiosk mode; the web interface can be also used remotely;

  SSH remote management is available: you can login as pi or root user with the same password set for the admin interface. Operating system can be completely customized by the administrator using this feature (donors version only);
  screen can be rotated via the graphical admin interface: normal, inverted, left, right (donors version only);

• Databases Microconference Accepted into 2019 Linux Plumbers Conference

  We are pleased to announce that the Databases Microconference has been accepted into the 2019 Linux Plumbers Conference! Linux plumbing is heavily important to those who implement databases and their users who expect fast and durable data handling.

  Durability is a promise never to lose data after advising a user of a successful update, even in the face of power loss. It requires a full-stack solution from the application to the database, then to Linux (filesystem, VFS, block interface, driver), and on to the hardware.

  Fast means getting a database user a response in less that tens of milliseconds, which requires that Linux filesystems, memory and CPU management, and the networking stack do everything with the utmost effectiveness and efficiency.

• Ten Years of "Linux in the GNU/South": an Overview of SELF 2019

  The tenth annual SouthEast LinuxFest (SELF) was held on the weekend of June 14–16 at the Sheraton Charlotte Airport Hotel in Charlotte, North Carolina. Still running strong, SELF serves partially as a replacement for the Atlanta Linux Showcase, a former conference for all things Linux in the southeastern United States. Since 2009, the conference has provided a venue for those living in the southeastern United States to come and listen to talks by speakers who all share a passion for using Linux-based operating systems and free and open-source software (FOSS). Although some of my praises of the conference are not exclusive to SELF, the presence of such a conference in the "GNU/South" has the long-term potential to have a significant effect on the Linux and FOSS community.

  Despite facing several challenges along the way, SELF's current success is the result of what is now ten years of hard work by the conference organizers, who currently are led by Jeremy Sands, one of the founding members of the conference. Scanning through the materials for SELF 2019, however, there is no mention that this year's conference marked a decade of "Linux in the GNU/South". It actually wasn't until the conference already was over that I realized this marked SELF's decennial anniversary. I initially asked myself why this wasn't front and center on event advertisements, but looking back on SELF, neglecting questions such as "how long have we been going?" and instead focusing on "what is going on now?" and "where do we go from here?" speaks to the admirable spirit and focus of the conference and its attendees. This focus on the content of SELF rather than SELF itself shows the true passion for the Linux community rather than any particular organization or institution that benefits off the community.

  Another element worthy of praise is SELF's "all are welcome" atmosphere. Whether attendees were met with feelings of excitement to return to an event they waited 362 days for or a sense of apprehension as they stepped down the L-shaped hall of conference rooms for the first time, it took little time for the contagious, positive energy to take its effect. People of all ages and all skill levels could be seen intermingling and enthusiastically inviting anybody who was willing into their conversations and activities. The conference talks, which took all kinds of approaches to thinking about and using Linux, proved that everybody is welcome to attend and participate at the event.

• Linux Security Summit North America 2019: Schedule Published

  This year, there are some changes to the format of LSS-NA. The summit runs for three days instead of two, which allows us to relax the schedule somewhat while also adding new session types. In addition to refereed talks, short topics, BoF sessions, and subsystem updates, there are now also tutorials (one each day), unconference sessions, and lightning talks.

• EuroPython 2019: Mobile Conference App available

• Invitation to the EuroPython Society General Assembly 2019

  We would like to invite all EuroPython attendees and EuroPython Society (EPS) members to attend this year’s EPS General Assembly (GA), which we will run as in-person meeting at the upcoming EuroPython 2019, held in Basel, Switzerland from July 8 - 14.

• Easyhacking: How to create a new “Tip-Of-The-Day” dialog

  LibreOffice is an application with a large number of expert features, and though aimed to be easy to use there are always surprising shortcuts to achieve a goal. We post every day a tip on Twitter, and with the upcoming release 6.3 there will be also a tip-of-the-day messagebox when you start the program. This post aims to show how such a simple messagebox can be implemented (the complete patch is here).

• bibisect-win64-6.4 is available for cloning!

  The LibreOffice Quality Assurance ( QA ) Team is happy to announce the bisect repository from libreoffice-6-3-branch-point to latest master for Windows is available for cloning at Gerrit. As a novelty, it’s the first time the bisect repository for Windows is built for 64 bits instead of 32 as in previous repositories. Future repositories will be built for 64 bits as well.

• LibreOffice Appliances project (GSoC 2019)

  So I finally managed to build LibreOffice for armv7 and I have LibreOfficeDev on my TV screen right now. There’s a link to build instructions above and I’ll update it with the autogen flags I used. They’re somewhat arbitrary but yeah.

I collected these numbers on my i7-7500U CPU @ 2.70GHz 2-core laptop, with no particular performance tuning, running each benchmark 10 times, waiting 2 seconds between measurements. The bar value indicates the median elapsed time, and above each bar is an overlayed histogram of all results for that scenario. Note that the y axis is on a log scale. The 2.9.3* version corresponds to unreleased Guile from git.

Good news: Guile has been getting significantly faster over time! Over decades, true, but I'm pleased.

where are we? static edition

How good are Guile's numbers on an absolute level? It's hard to say because there's no absolute performance oracle out there. However there are relative performance oracles, so we can try out perhaps some other language implementations.

First up would be the industrial C compilers, GCC and LLVM. We can throw in a few more "static" language implementations as well: compilers that completely translate to machine code ahead-of-time, with no type feedback, and a minimal run-time.

We have all read stories about people who have experimented living without spending any money whatsoever. By growing their own food, washing in the river, using a solar panel to provide electricity, and bartering for certain goods and services, these adventures have met with limited success. However, for us mere mortals the simple fact is that we need money. Money to buy food, to purchase clothes, to pay our bills, as well as indulging in our other infinite wants and desires.

While it can be a struggle to make ends meet, it is possible to make life easier through better money management. Financial management is about planning income and expenditure and making informed decisions that enable you to survive financially. With austerity still with us, it’s even more important to look after your finances, if only to make sure there are no nasty surprises when you receive your next bank statement.

Linux offers a number of really good financial applications that are more than capable of handling both personal and small-business accounting operations. We feature the finest personal finance software.

We also recommend software that helps individuals keep track of stock market movements, analyze the markets, and identify stock worth buying.

There’s software for organizations with excellent open source business software, a couple of Bitcoin clients, and a calculator.

The VIA Mobile360 D700 Drive Recorder is a fleet management dashcam system with interior and exterior HD cameras, CANBus telematics monitoring, 4G, and GPS that runs Linux on a dual -A53 Novatek NT96685T.

VIA Technologies has launched a Linux-driven camera and telematics system for fleet management that joins other Mobile360 branded systems such as its Android-based VIA Mobile360 Surround View Sample Kit. While the Surround View system has four cameras, a 7-inch touchscreen, ruggedization features, and optional ADAS, the new VIA Mobile360 D700 Drive Recorder is a smaller, simpler affair with dual cameras and a dashcam form factor. The system “enables fleet operators to achieve greater asset efficiency, reduce operational costs, and improve driver safety,” says VIA.

If you’re considering giving Linux a try, you might be put off by the risk of a steep learning curve. Not every Linux distro is as hard to get your head around as Arch, however. A number of Linux distros are perfectly well-suited to beginners.

Let’s take a closer look at five ideal Linux distros for beginners taking their first steps into the Linux world.

• Debian Installer Buster RC2 Released

  With Debian 10 "Buster" aiming to be released in early July, a second release candidate of the Debian Installer has been made available.

• Debian Installer Buster RC 2 release

  The Debian Installer team[1] is pleased to announce the second release candidate of the installer for Debian 10 "Buster".

• June 2019 Matrix on Debian update

  Unfortunately, the recently published Synapse 1.0 didn’t make it into Debian Buster, which is due to be released next week, so if you install 0.99.2 from Buster, you need to update to a newer version which will be available from backports shortly after the release.

  Originally, 0.99 was meant to be the last version before 1.0, but due to a bunch of issues discovered since then, some of them security-related, new incompatible room format was introduced in 0.99.5. This means 0.99.2 currently in Debian Buster is going to only see limited usefulness, since rooms are being upgraded to the new format as 1.0 is being deployed across the network.

  For those of you running forever unstable Sid, good news: Synapse 1.0 is now available in unstable! ACME support has not yet been enabled, since it requires a few packages not yet in Debian (they’re currently in the NEW queue). We hope it will be available soon after Buster is released.

• Support your local Hackerspace

  My first Hackerspace was Noisebridge. It was full of smart and interesting people and I never felt like I belonged, but I had just moved to San Francisco and it had interesting events, like 5MoF, and provided access to basic stuff I hadn’t moved with me, like a soldering iron. While I was never a heavy user of the space I very much appreciated its presence, and availability even to non-members. People were generally welcoming, it was a well stocked space and there was always something going on.

  These days my local hackerspace is Farset Labs. I don’t have a need for tooling in the same way, being lucky enough to have space at home and access to all the things I didn’t move to the US, but it’s still a space full of smart and interesting people that has interesting events. And mostly that’s how I make use of the space - I attend events there. It’s one of many venues in Belfast that are part of the regular Meetup scene, and for a while I was just another meetup attendee. A couple of things changed the way I looked at. Firstly, for whatever reason, I have more of a sense of belonging. It could be because the tech scene in Belfast is small enough that you’ll bump into the same people at wildly different events, but I think that’s true of the tech scene in most places. Secondly, I had the realisation (and this is obvious once you say it, but still) that Farset was the only non-commercial venue that was hosting these events. It’s predominantly funded by members fees; it’s not getting Invest NI or government subsidies (though I believe Weavers Court is a pretty supportive landlord).

• Sam Hartman: AH/DAM/DPL Meet Up

  All the members of the Antiharassment team met with the Debian Account Managers and the DPL in that other Cambridge— the one with proper behaviour, not the one where pounds are weight and not money.

  I was nervous. I was not part of decision making earlier this year around code of conduct issues. I was worried that my concerns would be taken as insensitive judgment applied by someone who wasn’t there.

  I was worried about whether I would find my values aligned with the others. I care about treating people with respect. I also care about freedom of expression. I value a lot of feminist principles and fighting oppression. Yet I’m happy with my masculinity. I acknowledge my privilege and have some understanding of the inequities in the world. Yet I find some arguments based on privilege problematic and find almost all uses of the phrase “check your privilege” to be dismissive and to deny any attempt at building empathy and understanding.

  And Joerg was there. He can be amazingly compassionate and helpful. He can also be gruff at times. He values brevity, which I’m not good at. I was bracing myself for a sharp, brief, gruff rebuke delivered in response to my feedback. I know there would be something compassionate under such a rebuke, but it might take work to find.

• GNOME meets Panfrost

• GNOME Meets Panfrost

  Bring-up of GNOME required improving the driver’s robustness and performance, focused on Mali’s tiled architecture. Typically found in mobile devices, tiling GPU architectures divide the screen into many small tiles, like a kitchen floor, rendering each tile separately. This allows for unique optimizations but also poses unique challenges.

  One natural question is: how big should tiles be? If the tiles are too big, there’s no point to tiling, but if the tiles are too small, the GPU will repeat unnecessary work. Mali offers a hybrid answer: allow lots of different sizes! Mali’s technique of “hierarchical tiling” allows the GPU to use tiles as small as 16x16 pixels all the way up to 2048x2048 pixels. This “sliding scale” allows different types of content to be optimized in different ways. The tiling needs of a 3D game like SuperTuxKart are different from those of a user interface like GNOME Shell, so this technique gets us the best of both worlds!

  Although primarily handled in hardware, hierarchical tiling is configured by the driver; I researched this configuration mechanism in order to understand it and improve our configuration with respect to performance and memory usage.

  Tiled architectures additionally present an optimization opportunity: if the driver can figure out a priori which 16x16 tiles will definitely not change, those tiles can be culled from rendering entirely, saving both read and write bandwidth. As a conceptual example, if the GPU composites your entire desktop while you’re writing an email, there’s no need to re-render your web browser in the other window, since that hasn’t changed. I implemented an initial version of this optimization in Panfrost, accumulating the scissor state across draws within a frame, rendering only to the largest bounding box of the scissors. This optimization is particularly helpful for desktop composition, ideally improving performance on workloads like GNOME, Sway, and Weston.

• MSM DRM Adding Snapdragon 835 / Adreno 540 Support In Linux 5.3

  Freedreno founder Rob Clark, who is now employed by Google to work on open-source graphics, has sent in the batch of MSM Direct Rendering Manager driver changes to DRM-Next ahead of the Linux 5.3 kernel cycle. 

  Notable to this feature update is Adreno 540 / Snapdragon 835 support. The Snapdragon 835 has been out since 2016 and has also been found in some of the Snapdragon laptops. The Adreno 540 supports Vulkan 1.1, OpenGL ES 3.2, and its quad-core GPU runs at 710/670MHz with 512 ALUs, 16 TMUs, and 12 ROPs. 

• Radeon Navi Support Pending For RadeonSI OpenGL Driver With 47k Line Worth Of Changes

  Last week AMD posted more than 400 patches providing the AMD Navi support within their AMDGPU DRM kernel driver while this week has brought dozens of patches amounting to 4,293 lines as a patch for their RadeonSI Gallium3D driver in order to provide OpenGL support on these next-gen GPUs being introduced next month as the Radeon RX 5700 series. 

  Well known AMD open-source developer Marek Olšák posted the Mesa patches yesterday for providing this initial Navi (10) support to Mesa. As is the case, AMD's Navi enablement is focused on the RadeonSI Gallium3D driver and not the unofficial/community driven RADV Radeon Vulkan driver also within Mesa. The RADV Navi support will be left up to those "community" contributors from the likes of Red Hat, Google, and yes the independent community members. 

• Security updates for Wednesday

• This Malware Created By A 14-Yr-Old Is Bricking Thousands Of Devices [Ed: "It's targeting any Unix-like system with default login credentials," the original source says.]

  A new malware called Silex is on its way to brick thousands of IoT devices. The malware has been developed by a 14-year old teenager known by the pseudonym Light Leafon. The malware strain is inspired by the infamous malware called BrickerBot, which is notorious for bricking millions of IoT devices way back in 2017.

• New Silex malware is bricking IoT devices, has scary plans

• Regulatory Compliance and Red Hat Security

  In today’s interconnected world, data security has never been more important. Virtually every industry, from healthcare to banking and everything in between, has rules for how businesses handle data. Failure to meet regulatory compliance spells serious trouble for your business. Depending on the severity of the infraction, you could end up with fines, loss of reputation/revenue, or jail time.

  Fortunately, these consequences are avoidable with a few proactive steps. By training your IT staff to keep your systems secure, you can prevent harmful or costly data breaches.

• Using Quay.io to find vulnerabilities in your container images

  You’ve created a container image that has all the packages that you and your team need to do something useful, or maybe you’ve built a public image that anybody can use. But, what if that image contains packages with known security vulnerabilities? Regardless of the severity of those vulnerabilities, you’ll want to learn more and take steps to mitigate them as soon as possible.

  Fortunately, your team uses Quay.io* as your registry. When you push an image to Quay.io, it automatically runs a security scan against that image.

After the recent upset caused by Canonical's plan to drop 32bit support in Ubuntu, then to turn around and change their plan due to the uproar caused by it, Valve now have a full statement out about their future support of Linux gaming.

Firstly, to get it out of the way, there's nothing to worry about here. Valve said they "remain committed to supporting Linux as a gaming platform", they're also "continuing to drive numerous driver and feature development efforts that we expect will help improve the gaming and desktop experience across all distributions" which they plan to talk more about later.

On the subject of Canonical's newer plan for Ubuntu 19.10 and onwards in regards to 32bit support, Valve said they're "not particularly excited about the removal of any existing functionality, but such a change to the plan is extremely welcome" and that it "seems likely that we will be able to continue to officially support Steam on Ubuntu".

Also: Steam Play updated as Proton 4.2-8 is out, DXVK also sees a new release with 1.2.3