Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Thursday, 24 Sep 20 - Tux Machines is a community-driven public service/news site which has been around for over a decade and a half and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

PostgreSQL 13 Released!

Filed under
Server
OSS

  • PostgreSQL 13 Released!

    The PostgreSQL Global Development Group today announced the release of PostgreSQL 13, the latest version of the world’s most advanced open source database.

    PostgreSQL 13 includes significant improvements to its indexing and lookup system that benefit large databases, including space savings and performance gains for indexes, faster response times for queries that use aggregates or partitions, better query planning when using enhanced statistics, and more.

    Along with highly requested features like parallelized vacuuming and incremental sorting, PostgreSQL 13 provides a better data management experience for workloads big and small, with optimizations for daily administration, more conveniences for application developers, and security enhancements.

  • PostgreSQL 13 released

    Version 13 of the PostgreSQL database management system is out. "PostgreSQL 13 includes significant improvements to its indexing and lookup system that benefit large databases, including space savings and performance gains for indexes, faster response times for queries that use aggregates or partitions, better query planning when using enhanced statistics, and more. Along with highly requested features like parallelized vacuuming and incremental sorting, PostgreSQL 13 provides a better data management experience for workloads big and small, with optimizations for daily administration, more conveniences for application developers, and security enhancements."

  • PostgreSQL 13 Released With Performance Improvements

    PostgreSQL 13.0 is out this morning as the latest major update to this widely-used relational database server.

    There are many improvements to find with PostgreSQL 13.0 from better performance to helpful additions for database administrators. Among the PostgreSQL 13 highlights are:

    - Larger databases will find improvements to its indexing and lookup performance for indexes, faster response times for some queries, space savings, better query planning, and more.

IBM/Red Hat Leftovers

Filed under
Red Hat
  • New C++ features in GCC 10

    The GNU Compiler Collection (GCC) 10.1 was released in May 2020. Like every other GCC release, this version brought many additions, improvements, bug fixes, and new features. Fedora 32 already ships GCC 10 as the system compiler, but it’s also possible to try GCC 10 on other platforms (see godbolt.org, for example). Red Hat Enterprise Linux (RHEL) users will get GCC 10 in the Red Hat Developer Toolset (RHEL 7), or the Red Hat GCC Toolset (RHEL 8).

    This article focuses on the part of the GCC compiler on which I spend most of my time: The C++ front end. My goal is to present new features that might be of interest to C++ application programmers. Note that I do not discuss developments in the C++ language itself, although some language updates overlap with compiler updates. I also do not discuss changes in the standard C++ library that comes with GCC 10.

    We implemented many C++20 proposals in GCC 10. For the sake of brevity, I won’t describe them in great detail. The default dialect in GCC 10 is -std=gnu++14; to enable C++20 features, use the -std=c++20 or -std=gnu++20 command-line option. (Note that the latter option allows GNU extensions.)

  • Yes, you can run VMs on Kubernetes with KubeVirt

    Cloud-native apps stand on four pillars: containers, DevOps, continuous integration/continuous delivery (CI/CD), and microservices. Migrating a legacy, monolithic application to become cloud-native usually demands a significant refactoring effort. Sometimes a VM is better than a container, for example, with LDAP/Active Directory applications, tokenization applications, and applications requiring intensive GPU workloads.
    But it can get complicated when you have some cloud-native applications running on a Kubernetes platform and other applications running on non-Kubernetes platforms. What if you could run both containers and VMs on a Kubernetes platform? Wouldn't the world be beautiful?

    Enter KubeVirt, an open source project distributed under an Apache 2.0 License. It was created by Red Hat engineers to enable Kubernetes to provision, manage, and control VMs alongside container resources. KubeVirt can make it easier for an enterprise to move from a VM-based infrastructure to a Kubernetes and container-based stack, one application at a time.

  • 7 things you can do with Ansible right now

    As a computer geek, I tend to unintentionally collect computers. Sometimes they're computers I rescue from the rubbish bin, other times they're computers people give me as payment for helping them transfer their data to their newer computer, and still other times, it's a small fleet of machines I manage for charity organizations lacking finances for a "real IT guy." I can attest that anything from two to 200 computers is too many to set up and configure manually.

  • Share Ceph Storage Between Kubernetes Clusters With OpenShift Container Storage

    This week Red Hat announced the release of OpenShift Container Storage 4.5. We invited Pete Brey, Sr. Product Marketing Manager at Red Hat to deep dive into this release. One of the major highlights of this release is ‘External Mode’ that allow customer to tap into their standalone Ceph Storage platform that’s not connected to any Kubernetes cluster. It allows users to set-up a shared storage platform between different Kubernetes Clusters.

Where’s the Yelp for open-source tools?

Filed under
OSS

It would be great if there were a genuinely useful rating system that would help people discover excellent but less-visible open-source projects. But an easy way to work out which of the tens of thousands of projects are the vital, important ones – a software Yelp, if you will – doesn’t exist. It may never come to be.

Hope springs eternal. Brian Profitt, Red Hat‘s Open Source Program Office (OSPO) manager, is working with others on a new project to make it easy to evaluate open-source projects: Project CHAOSS. This Linux Foundation project is devoted to creating analytics and metrics that help define open-source community health.

Read more

DragonFly 5.8.2 released

Filed under
BSD

I tagged and built 5.8.2 today, and it should be appearing on a mirror near you, momentarily.

Read more

Deepin Desktop Review: A Stylish Distro and Desktop Environment

Filed under
Linux
Reviews

In this Linux Desktop Environment review, we have a slightly controversial choice. Deepin, both as a distribution and as a Desktop Environment, is one that not everybody feels comfortable using and trusting. However, we’ll be setting that aside, dispelling some myths, and looking at the beautiful Deepin Desktop Environment (DDE), its user experience, some notable features, and giving some recommendations on where to experience it and who should use it.

Read more

The 10 Best Raspberry Pi Emulators Available in 2020

Filed under
Linux

Raspberry Pi is a mini-computer as well as a marker board that comes with all the hardware built-in and is designed to make coding easier. You will find everything necessary, including RAM, CPU, and GPU on the boards. However, no matter how perfect Raspberry Pi looks, it isn’t capable of doing a lot of things, including running x86 apps. As a result, we need the Raspberry pi emulators to help us with the problems. One of the most amazing uses of these emulators is to play any of your favorite classic retro games using them on your Pi board.

Read more

The 10 Best GNOME based Linux Distributions in 2020

Filed under
Linux
GNOME

GNOME, short for GNU Network Object Model Environment, was released back in 1999 as a part of the GNU Project. However, throughout its development, the acronym was dropped as it no longer resonated with the evolving GNOME vision. At the time of writing, GNOME 3 is its latest iteration and is currently one of the most popular desktop environment used by almost every major Linux distro.

It offers a modern desktop focused on delivering an intuitive user experience for all users – programmers and non-programmers alike.

In terms of functionality, new features and options are regularly getting added to GNOME with every point release. Right now, GNOME 3.38 just came out. You can check out its unique features over here.

Read more

Games: Breakpoint, Last Stand and Unrailed!

Filed under
Gaming
  • Breakpoint is an arcade high-score seekers dream and it's ridiculously fun

    Breakpoint released today and it's an absolute joy. I don't need to bury the lead on this one, as I just want to tell you how freaking-awesome it is.

    What do you get when you take a bright neon twin-stick shooter, where the shooting has been taken away from you and replaced with exploding melee weapons? A whole lot of action and insane amount of fun that's what. I get a big smile on my face each time I load it up, as it's just genuine easy-going entertainment. Even the intro was brilliantly done, as it's both a tiny tutorial and a logo screen as you smash things and get shown the logos. Excellent touch.

  • The Last Stand update for Left 4 Dead 2 is out, plus big sale and free weekend

    The day no doubt many of our readers have been waiting for is here, as Valve worked with the community to create a brand new update to Left 4 Dead 2 named The Last Stand.

    Made in partnership with over 30 members of the modding community, it's been a long time since Valve came back to Left 4 Dead 2 in any sizeable way which is why it's so exciting. What exactly does it include? A lot. Seriously, there's loads. Some highlights include: The Last Stand Campaign and over 20 survival maps, new melee weapons, new animations, new voice lines and so much more.

    [...]

    The player count is already spiking up dramatically compared to the usual amounts. Looking on SteamDB, it took all of 15 minutes to jump another 15,000+ players on top of around that amount already online. Considering it's one of Valve's most popular games, it's not exactly surprising. This new update might even keep those counts up for some time.

  • Unrailed! is a brilliant and often incredibly frantic co-op game - out now

    Unrailed! from Indoor Astronaut and Daedalic Entertainment has now left Early Access as a finished and highly entertaining co-op experience all about keeping a train going as long as you can.

    Chop trees, mine for iron and get building. Simple mechanics but it quickly becomes absolute chaos. As you progress and stop at each station for a quick breather and upgrade, the train will then set off slightly quicker than your last run. The train will catch fire, llamas will come along and drink all your water, a thief will steal your resources and so much more. Unrailed! is a game of constant movement and it really is hilarious.

    [...]

    The big 1.0 release pulls in a new biome to build through, a "Kids" difficulty mode if Easy was still to difficult, an Extreme difficulty mode if you like to be punished, a new wagon to attach to your train, new characters and something that looks like another wagon but they kept it secret so you just have to find out.

Python Programming

Filed under
Development
  • Dynamically Regrouping QuerySets In Templates - Building SaaS #73

    In this episode, we worked on a new view to display course resources. While building out the template, I used some template tags to dynamically regroup a queryset into a more useful data format for rendering.

    I started a new view before the stream to display content, but I had not filled it in before the stream started.

    We added new data to the context, and did some adjustments to the URL based on the required inputs for the view.

    Once I had the data, I quickly iterated in the template to see the parts that I included. I needed to display the course resources in a different way from how the queryset provided them so I used the built-in regroup template tag to organize the data differently. regroup saved me from doing a bunch of manipulation in the view code.

  • PyCharm: Webinar: “virtualenv – a deep dive” with Bernat Gabor

    virtualenv is a tool that builds virtual environments for Python. It was first created in September 2007 and just went through a rewrite from scratch. Did you ever want to know what parts virtual environments can be broken down into? Or how they work? And how does virtualenv differ from the Python builtin venv? This is the webinar you want.

  • Python 3.8.6

    This is the sixth maintenance release of Python 3.8

    The Python 3.8 series is the newest major release of the Python programming language, and it contains many new features and optimizations.

  • Python 3.8.6 is now available

    Python 3.8.6 is the sixth maintenance release of Python 3.8.

  • Facial Detection in Python with OpenCV

    Facial detection is a powerful and common use-case of Machine Learning. It can be used to automatize manual tasks such as school attendance and law enforcement. In the other hand, it can be used for biometric authorization.

    In this article, we'll perform facial detection in Python, using OpenCV.

    [...]

    With OpenCV installed, we can import it as cv2 in our code.

    To read an image in, we will use the imread() function, along with the path to the image we want to process. The imread() function simply loads the image from the specified file in an ndarray. If the image could not be read, for example in case of a missing file or an unsupported format, the function will return None.

  • Sending Emails With CSV Attachment Using Python

    In this tutorial, we will learn how to send emails with CSV attachments using Python.

    Pre-Requirements

    I am assuming you already have an SMTP server setup if not you can use the Gmail SMTP or Maligun or anything similar to that.

  • Sending Email With Zip Files Using Python

    In this tutorial, we will learn how to send emails with zip files using Python’s built-in modules.

    Pre-Requirements

    I am assuming that you already have an SMTP (Simple Mail Transfer Protocol ) server setup if not you can use Gmail SMTP or something like mailgun. A simple google search will land you on multiple ways to get free SMTP servers.

  • Is Python better than R for data science?

    If data science is going to remain a main-stream in the next 5 years, it needs to add value not only in terms of proof of concept (as it is doing now) but also in terms of production (as it is failing in over 70% of cases, as Gartner recently surveyed). While R is an absolute winner in terms of classical pattern recognition libraries and statistical methods, python has a better ability to write production-ready codes.

    Above point raises another important point, that is best practices of software engineering (e.g., uml architecture designs, unit testing, coding review, scrum) are going to be absolute requirements in near future for data scientists, in addition to the expected knowledge in machine learning and statistics. The reason is that proper software, production ready, codes require proper architecture design, with proper reviews and testing.

WhatIP – Graphical Tool to Tell Public / Local IP Address, Ports, Local Devices

Filed under
Software

Want to check your IP address, listening ports, or local network devices but hate Linux commands? Well, What IP is a simple graphical tool to do the job.

What IP is a free open-source tool written in Python 3 with GTK+ 3 framework.

Read more

20+ Distraction-free Text Editors for Linux, Windows, macOS and The Cloud

Filed under
Software

While writing, it's essential to have a distraction-free environment. That will help the writer formulate his ideas into words.

Most of the text processor software and document editor programs are full of tools, customization options which make them distracting the writer, and they already take large portion of the screen.

Distraction-free editors are required by writers, screenwriters, novelists, researchers and journalists.

Distraction-free modes have several criteria that starts from minimal user-interface, full-screen mode, few tools in the user-interface and focus mode.

Read more

Leftovers: Canonical on Banks, Raspberry Pi and Curl

Filed under
Misc
  • A ‘Connected’ Bank – The power of data and analytics

    The next 10 years will redefine banking. What will differentiate top banks from their competitors? Data and derived insights.

    Banks across the globe have been immersed in their digital agenda and with customers adopting digital banking channels aggressively, banks are collecting massive volumes of data on how customers are interacting at various touch points. Apart from the health of balance sheets, what will differentiate top banks from the competition is how effectively these data assets will be used to make banking simpler and improve their products and services. The challenge for large global banks so far has been to capitalise on huge volumes of data that their siloed business units hold and are often constrained by manual processes, data duplication and legacy systems.

    The use cases for data and analytics in banking are endless. Massive data assets will mean that banks can more accurately gauge the risk of offering a loan to a customer. Banks are using data analytics to improve efficiency and increase productivity. Banks will be able to use their data to train machine learning (ML) algorithms that can automate many of their processes. Artificial Intelligence (AI) solutions have the potential to transform how banks deal with regulatory compliance issues, financial fraud and cybercrime. Banks will have to get better at using customer data for greater personalisation, enabling them to offer products and services tailored to individual consumers in real time. Today, banks have only just scratched the surface of data analytics.

    [...]

    For data analytics initiatives, banks now have the option of leveraging the best of open source technologies. Open source databases such as PostgreSQL, MongoDB and Apache Cassandra can deliver insights and handle any new source of data. With data models flexible enough for rich modern data, a distributed architecture built for cloud scale, and a robust ecosystem of tools, open source data platforms can help banks break free from data silos and enable them to scale their innovation.

  • Embedding computational thinking skills in our learning resources
  • Daniel Stenberg: Reducing mallocs for fun

    Everyone needs something fun to do in their spare time. And digging deep into curl internals is mighty fun!

    One of the things I do in curl every now and then is to run a few typical command lines and count how much memory is allocated and how many memory allocation calls that are made. This is good project hygiene and is a basic check that we didn’t accidentally slip in a malloc/free sequence in the transfer path or something.

    We have extensive memory checks for leaks etc in the test suite so I’m not worried about that. Those things we detect and fix immediately, even when the leaks occur in error paths – thanks to our fancy “torture tests” that do error injections.

    The amount of memory needed or number of mallocs used is more of a boiling frog problem. We add one now, then another months later and a third the following year. Each added malloc call is motivated within the scope of that particular change. But taken all together, does the pattern of memory use make sense? Can we make it better?

  • Daniel Stenberg: a Google grant for libcurl work

    Earlier this year I was the recipient of a monetary Google patch grant with the expressed purpose of improving security in libcurl.

    This was an upfront payout under this Google program describing itself as “an experimental program that rewards proactive security improvements to select open-source projects”.

    I accepted this grant for the curl project and I intend to keep working fiercely on securing curl. I recognize the importance of curl security as curl remains one of the most widely used software components in the world, and even one that is doing network data transfers which typically is a risky business. curl is responsible for a measurable share of all Internet transfers done over the Internet an average day. My job is to make sure those transfers are done as safe and secure as possible. It isn’t my only responsibility of course, as I have other tasks to attend to as well, but still.

Web Browsing: Mozilla Firefox, Project Maelstrom and FreeTube on PCLinuxOS

Filed under
Moz/FF
Web
  • Firefox usage is down 85% despite Mozilla's top exec pay going up 400%

    One of the most popular and most intuitive ways to evaluate an NGO is to judge how much of their spending is on their programme of works (or "mission") and how much is on other things, like administration and fundraising. If you give money to a charity for feeding people in the third world you hope that most of the money you give them goes on food - and not, for example, on company cars for head office staff.

    Mozilla looks bad when considered in this light. Fully 30% of all expenditure goes on administration. Charity Navigator, an organisation that measures NGO effectiveness, would give them zero out of ten on the relevant metric. For context, to achieve 5/10 on that measure Mozilla admin would need to be under 25% of spending and, for 10/10, under 15%.

  • This is a pretty dire assessment of Mozilla

    Back to Mozilla -- in my humble but correct opinion, Mozilla should be doing two things and two things only:

    1. Building THE reference implementation web browser, and

    2. Being a jugular-snapping attack dog on standards committees.

    3. There is no 3.

  • The Talospace Project: Firefox 81 on POWER

    Firefox 81 is released. In addition to new themes of dubious colour coordination, media controls now move to keyboards and supported headsets, the built-in JavaScript PDF viewer now supports forms (if we ever get a JIT going this will work a lot better), and there are relatively few developer-relevant changes.

    This release heralds the first official change in our standard POWER9 .mozconfig since Fx67. Link-time optimization continues to work well (and in 81 the LTO-enhanced build I'm using now benches about 6% faster than standard -O3 -mcpu=power9), so I'm now making it a standard part of my regular builds with a minor tweak we have to make due to bug 1644409. Build time still about doubles on this dual-8 Talos II and it peaks out at almost 84% of its 64GB RAM during LTO, but the result is worth it.

  • What happened to BitTorrent’s Project Maelstrom web browser?

    In April 2015, BitTorrent Inc. announced the public beta of Project Maelstrom; its new experimental peer-to-peer web browser. The browser reimagined the web using the company’s name sake file-sharing protocol. Websites would be distributed equally by its visitors instead of being hosted by an expensive central webserver. The company published a beta and some blog posts, but then never mentioned Project Maelstrom again. What happened to it?

    Project Maelstrom was launched four years after Opera had launched Opera Unite (Project Alien). Unite gave everyone their own web server built right into its web browser. It enabled anyone to host a website, share photos, and do all sorts of web things like music streaming directly from their own computer. Unite failed to account for people wanting to shut their computers — now servers — off at the end of the day, however.

    BitTorrent’s Project Maelstrom sought to fix this limitation by making everyone who visited a website help contribute to its distribution! As long as someone else was hosting a copy of it, you could shut down your computer for the night without taking your website offline with it.

  • Freetube 0.7.3 added to repository

    FreeTube is a YouTube client built around using YouTube more privately. You can enjoy your favorite content and creators without your habits being tracked. All of your user data is stored locally and never sent or published to the internet. Being powered by the Invidious API, FreeTube has become one of the best methods to watch YouTube privately on the desktop.

Programming Leftovers

Filed under
Development
  • News from PHP: releases, features, and syntax

    The PHP project has recently released three new versions; two in the PHP 7 series (7.3.22 and 7.4.10) and PHP 8.0beta3. Both PHP 7 releases were for bug fixes, addressing approximately 20 issues which can be seen in the release notes for 7.4.10 and 7.3.22. The most notable of these fixes addressed a language-wide memory leak when using compound assignments, and crash fixes when xml_parser_free() and array_merge_recursive() are called.

    While the project continues to provide bug-fix releases for PHP 7, development on PHP 8.0 is steaming ahead. The community has succeeded thus far in keeping with its release schedule; it is still on-target for general availability of PHP 8.0 on November 26. One noteworthy recent decision by the project was to drop support for OpenSSL version 1.0.1.

    Originally, PHP 8.0beta3 was to be the last beta release before entering into the release-candidate (RC) phase, when implementation details regarding APIs and behavior should stop changing. That plan changed, however, at the request of Nikita Popov. In the request to release manager Sara Golemon, Popov said more time was needed, suggesting eliminating the final RC5 release in exchange for an extra beta release...

  • How to use C++ String Literal

    The computer keyboard has characters printed on them. When you press a key, you see the character on the screen. Note: space is also a character. A string literal is a sequence of characters. This article explains how to use C++ string literals. You should know about C++ arrays and pointers to understand this article.

  • Goneovim: Turning Vim Into Emacs One Step At A Time

    I've seen a few people recommending a GUI for vim and I had never really given one a shot so I decided to take up one of your suggestions and do so. Today we're looking at an application known as Goneovim which as the name implies is written in go, it has some neat features but is it worth running a GUI for, I'll let you see.

  • What if data was code?

    Code? Data? Data? Code?

  • I Write comment to Perl7 is a fork of values

    I think the current Perl 7 plan is very heavy for the resources available to the Perl community.

    Perl 7 will succeed if many people welcome it and everyone supports it.

    However, I think the remaining users of Perl will remain because of the stability of that Perl.

  • Perl Weekly Challenge 79: Count Set Bits and Trapped Rain Water

    These are some answers to the Week 79 of the Perl Weekly Challenge organized by Mohammad S. Anwar

    Spoiler Alert: This weekly challenge deadline is due in a couple of days (September 27, 2020). This blog post offers some solutions to this challenge, please don’t read on if you intend to complete the challenge on your own.

  • Sebastian Witowski: Sorting Lists

    There are at least two common ways to sort lists in Python:

    - With sorted function that returns a new list
    - With list.sort method that modifies list in place

    Which one is faster? Let’s find out!

Proprietary Software: Todoist, FreeOffice, and Even Worse

Filed under
Software
  • Todoist Takes on Trello with New Kanban Board Feature

    Todoist now has a Kanban board feature similar to that made popular by Trello.

    Kanban boards are an effective project management tool designed to make it easier to organise tasks within projects and get an overview of overall project status. While Kanban boards aren’t super fancy they are, for some, super useful.

    “A more visual way to organize your projects. Drag tasks between sections, visualize your progress, and simplify your teamwork,” Todoist say of the feature.

  • SoftMaker FreeOffice: A cross-platform Office suite that’s fully compatible to MS Office

    Most Linux users are well-acquainted with LibreOffice – many distributions have it pre-installed. Fewer know its powerful alternative: FreeOffice is a full-fledged office solution with full support for Microsoft Office file formats. It consists of a word processor, a spreadsheet and a presentation program. True to its name, FreeOffice is fully free and available for Linux in 32-bit and 64-bit versions.

    FreeOffice is far from a LibreOffice clone. The software is being developed by a German software company with a history going all the way back to 1987. Due to its background, FreeOffice has far more in common with Microsoft Office than with LibreOffice.

  • Cutting corners on cybersecurity can leave costly holes [iophk: Windows TCO]

    Such attacks can paralyse an organisation as it weighs up concerns over prolonged business interruption, reputational damage and data protection responsibilities against the financial impact and the ethical implications of capitulating to the demands. The decision to pay or not to pay is very much the question – especially when university budgets are so tight.

    The advice of the NCSC, as well as Jisc, is very clear: do not pay! A range of reasons are cited, but the prime one is the inability of institutions to be sure that the [attacker] will undo the damage and not exploit the data breach at a later date. Those who pay up justify doing so on the grounds of business criticality and expediency. They also rely on the “honour among thieves” paradigm that [attackers] will stick to their word so that victims of future attacks will also feel confident in paying up.

  • As critics call for deplatforming, defunding, and prosecution over Leila Khaled discussion, San Francisco State University president gets it right

    Yesterday, Zoom refused to allow the university to use its service for the discussion — a cancellation praised by FCC Commissioner Brendan Carr, who said there was no “need to hear both sides.” It is not yet clear whether the organizers of the event will switch to another channel of communication.

Security: Patches, Ease of Use and Debian Key Signing

Filed under
Security
  • Security updates for Wednesday

    Security updates have been issued by openSUSE (libetpan, libqt4, lilypond, otrs, and perl-DBI), Red Hat (kernel-rt), Slackware (seamonkey), SUSE (grafana, libmspack, openldap2, ovmf, pdns, rubygem-actionpack-5_1, and samba), and Ubuntu (debian-lan-config, ldm, libdbi-perl, and netty-3.9).

  • Balancing Linux security with usability

    Building an operating system is a difficult balance, and a Linux distribution is no different. You need to consider the out-of-the-box functionality that most people are going to want, and accessibility for a wide swath of administrators' skillsets. If you make your distro very secure, but a newbie sysadmin can't figure out how to work with it…well, they're going to find an easier distribution to go learn on, and now you've lost that admin to another distribution. So it's really no surprise that, right after install time, most Linux distributions need a little bit of tweaking to lock them down. This has gotten better over the years, as the installers themselves have gotten easier to use and more feature-rich. You can craft a pretty custom system right from the GUI installer. A base Red Hat Enterprise Linux (RHEL) system, for example, if you've chosen the base package set, is actually pretty light on unnecessary services and packages.

    There was a time when that was not true. Can you imagine passwords being hashed, but available in /etc/password for any user to read? Or all system management being carried out over Telnet? SSH wasn't even on, by default. Host-based firewall? Completely optional. So, 20 years ago, locking down a newly installed Linux system meant a laundry list of tasks. Luckily, as computing has matured, so has the default install of just about any operating system.

  • Key signing in the pandemic era

    The pandemic has changed many things in our communities, even though distance has always played a big role in free software development. Annual in-person gatherings for conferences and the like are generally paused at the moment, but even after travel and congregating become reasonable again, face-to-face meetings may be less frequent. There are both positives and negatives to that outcome, of course, but some rethinking will be in order if that comes to pass. The process of key signing is something that may need to change as well; the Debian project, which uses signed keys, has been discussing the subject.

    In early August, Enrico Zini posted a note to the debian-project mailing list about people who are trying to get involved in Debian, but who are lacking the necessary credentials in the form of an OpenPGP key signed by other Debian project members. The requirements for becoming a Debian Maintainer (DM) or Debian Developer (DD) both involve keys with signatures from existing DDs; two signatures for becoming a DD or one for becoming a DM. Those are not the only steps toward becoming formal members of Debian, but they are ones that may be hampering those who are trying to do so right now.

    DDs and DMs use their keys to sign packages that are being uploaded to the Debian repository, so the project needs to have some assurance that the keys are valid and are controlled by someone that is not trying to undermine the project or its users. In addition, votes in Debian (for project leaders and general resolutions) are made using the keys. They are a fundamental part of the Debian infrastructure.

KDDockWidgets 1.0 has been released

Filed under
KDE

KDDockWidgets is an advanced docking system for Qt, with features that are not available in QDockWidget. See our first blog post, for a quick introduction and the motivation for a new docking framework.

We’ve come a long way since the initial announcement of KDDockWidgets. The 1.0 release represents the culmination of one year of using the library in production for five different huge projects — one year of incorporating real feedback in the form of new features, bug fixes, or simply making the framework more customizable.

Read more

Tumbleweed Gets New KDE Frameworks, systemd

Filed under
SUSE

KDE Frameworks 5.74.0 and systemd 246.4 became available in openSUSE Tumbleweed after two respective snapshots were released this week.

Hypervisor Xen, libstorage-ng, which is a C++ library used by YaST, and text editor vim were also some of the packages update this week in Tumbleweed.

The most recent snapshot released is 20200919. KDE Frameworks 5.74.0 was released earlier this month and its packages made it into this snapshot. KConfig introduced a method to query the KConfigSkeletonItem default value. KContacts now checks the length of the full name of an email address before trimming it with an address parser. KDE’s lightweight UI framework for mobile and convergent applications, Kirigami, made OverlaySheet of headers and footers use appropriate background colors, updated the app template and introduced a ToolBarLayout native object. Several other 5.74.0 Framework packages were update like Plasma Framework, KTestEditor and KIO. Bluetooth protocol bluez 5.55 fixed several handling issues related to the Audio/Video Remote Control Profile and the Generic Attribute Profile. A reverted Common Vulnerabilities and Exposures patch that was recommended by upstream in cpio 2.13 was once again added. GObject wrapper libgusb 0.3.5 fixed version scripts to be more portable. Documentation was fixed and translations were made for Finnish, Hindi and Russian in the 4.3.42 libstorage-ng update. YaST2 4.3.27 made a change to hide the heading of the dialog when no title is defined or the title is set to an empty string. Xen’s minor updated reverted a previous libexec change for a qemu compatibility wrapper; the path used exists in domU.xml files in the emulator field. The snapshot is trending stable at a 99 rating, according to the Tumbleweed snapshot reviewer.

Read more

Syndicate content