LWN.net is a comprehensive source of news and opinions from
and about the Linux community. This is the main LWN.net feed,
listing all articles which are posted to the site front page.
Posodobljeno: 19 min 24 sec nazaj
Čet, 04/20/2023 - 02:10
The LWN.net Weekly Edition for April 20, 2023 is available.
Sre, 04/19/2023 - 18:45
Vanilla OS, a lightweight,
immutable operating system designed for developers and advanced users, has
been using
Ubuntu as its base. However, a
recent
announcement
has revealed that, in the upcoming Vanilla OS 2.0 Orchid release, the
project will be shifting to
Debian unstable (Sid) as
its new base
operating system. Vanilla OS is making the switch due to Ubuntu's changes to
its version of the
GNOME desktop environment along with the distribution's
reliance on the
Snap packaging format.
The decision has generated a fair amount of interest and
discussion within the open-source community.
Sre, 04/19/2023 - 14:37
The desktop-oriented
Solus distribution
has been through a difficult period;
this post describes
the extensive changes that have been made in response.
Notably, innovation in the Linux ecosystem is presently centered
around the use of application sandboxing, containers and the
development of immutable operating systems with a well understood
Software Bill of Materials. Each of these concepts allow for a
degree of separation and stability when developing, testing and
certifying software and products.
The current Solus tooling, as well as the resulting packaging and
development experience, is somewhat ill-suited to this objective
and would most likely need a wholesale re-engineering of the tools
before this becomes feasible.
However, there is a more straightforward path for Solus: Rebasing
onto Serpent OS.
Sre, 04/19/2023 - 14:26
Security updates have been issued by Debian (asterisk), Fedora (lldpd and openssh), Red Hat (curl, kernel, and openvswitch2.13), SUSE (compat-openssl098, glib2, grafana, helm, libgit2, openssl, and openssl-1_1), and Ubuntu (linux, linux-aws, linux-aws-5.15, linux-azure, linux-azure-5.15,
linux-azure-fde, linux-gcp, linux-gcp-5.15, linux-gke, linux-gke-5.15,
linux-gkeop, linux-ibm, linux-kvm, linux-lowlatency,
linux-lowlatency-hwe-5.15, linux-oracle, linux-oracle-5.15, linux-raspi, linux, linux-aws, linux-azure, linux-gcp, linux-hwe-5.19, linux-kvm,
linux-lowlatency, linux-oracle, linux-raspi, and vim).
Tor, 04/18/2023 - 23:41
The 2023 Linux Plumbers Conference (November 13-15, Richmond VA, USA) has
put out its calls for proposals for
the
refereed track (due August 6) and
the
microconference track (June 1). Proposals are also being accepted
for the kernel-summit track.
Tor, 04/18/2023 - 20:55
For developers seeking to create applications with terminal user
interfaces (TUIs), options have been relatively limited compared to the
vast number of graphical user interface (GUI) frameworks available. As a
result, many command-line applications reinvent the same user interface
elements.
Textual aims to
remedy this: it's a rapid-application-development framework for
Python TUI applications. Offering cross-platform support, Textual
incorporates layouts, CSS-like styles, and an expanding collection of
widgets.
Tor, 04/18/2023 - 20:09
Richard Brown has posted
an
update on the status of the SUSE Adaptable Linux Platform (ALP) project
and what it means for the openSUSE distribution.
The ALP concept should be flexible enough that these openSUSE
Products will be able to leverage all the stuff SUSE is doing for
SUSE's ALP Products, but then we (community) can add anything we
want. If we find it is not flexible enough, then we (SUSE) will
work to adapt it to make it possible for the community to build
what it wants.
So, if we the community want to build something like old Leap, that
should be totally technically feasible.
Tor, 04/18/2023 - 17:11
Version 5.13 of the LXD virtual-machine manager has been released. New
features include fast live migration, support for AMD's secure enclaves,
and more. See
this
announcement for details.
Tor, 04/18/2023 - 15:48
The
Fedora 38
release is available. Fedora has mostly moved past its old pattern of
late releases, but it's still a bit surprising that this release came out
one week
ahead of the scheduled date. Some of the changes in this
release, including
reduced shutdown timeouts
and
frame pointers have been covered here
in the past; see the announcement and the
Workstation-edition
"what's
new" post for details on the rest.
If you want to use Fedora Linux on your mobile device, F38
introduces a Phosh image. Phosh is a Wayland shell for mobile
devices based on Gnome. This is an early effort from our Mobility
SIG. If your device isn’t supported yet, we welcome your
contributions!
Tor, 04/18/2023 - 15:23
Security updates have been issued by Debian (protobuf), Fedora (libpcap, libxml2, openssh, and tcpdump), Mageia (kernel and kernel-linus), Oracle (firefox, kernel, kernel-container, and thunderbird), Red Hat (thunderbird), Scientific Linux (thunderbird), SUSE (gradle, kernel, nodejs10, nodejs12, nodejs14, openssl-3, pgadmin4, rubygem-rack, and wayland), and Ubuntu (firefox).
Tor, 04/18/2023 - 15:06
Matthew Garrett
points
out that many Linux systems using encrypted disks were installed with a
relatively weak key derivation function that could make it relatively easy
for a well-resourced attacker to break the encryption:
So, in these days of attackers with access to a pile of GPUs, a
purely computationally expensive KDF is just not a good
choice. And, unfortunately, the subject of this story was almost
certainly using one of those. Ubuntu 18.04 used the LUKS1 header
format, and the only KDF supported in this format is PBKDF2. This
is not a memory expensive KDF, and so is vulnerable to GPU-based
attacks. But even so, systems using the LUKS2 header format used to
default to argon2i, again not a memory expensive KDF. New versions
default to argon2id, which is. You want to be using argon2id.
The article includes instructions on how to (carefully) switch an installed
system to a more secure setup.
Pon, 04/17/2023 - 21:45
The
digiKam photo-management tool has
announced its 8.0.0 release, after two years of development, bug fixing, and testing. Major new features include a documentation overhaul (with a new
web site), support for more file formats, a new optical character recognition (OCR) tool, improved metadata handling, a neural-net-based image quality classifier, better integration with
G'MIC-Qt, a Qt6-compatible code base, and lots more. See the announcement for all the details.
Pon, 04/17/2023 - 16:46
The kernel subsystem maintainers out there probably have a deep
understanding of the sinking feeling that results from opening one's inbox
and seeing a response from Linus Torvalds to a pull request. When all goes
well, pull requests are acted upon silently; a response usually means that
all has not gone well. Several maintainers got to experience that
feeling during the 6.3 merge window, which seemed to generate more than the
usual number of grumpy responses related to merge commits. Avoiding that
situation is not hard, though, with a bit of attention paid to how merges
are done.
Pon, 04/17/2023 - 15:34
Security updates have been issued by Debian (chromium, rails, and ruby-rack), Fedora (firefox, ghostscript, libldb, samba, and tigervnc), Mageia (ceph, davmail, firefox, golang, jpegoptim, libheif, python-certifi, python-flask-restx, thunderbird, and tomcat), Oracle (firefox), Red Hat (firefox), Scientific Linux (firefox), SUSE (apache2-mod_auth_openidc, aws-nitro-enclaves-cli, container-suseconnect, firefox, golang-github-prometheus-prometheus, harfbuzz, java-1_8_0-ibm, kernel, liblouis, php7, tftpboot-installation images, tomcat, and wayland), and Ubuntu (chromium-browser, imagemagick, kamailio, and libreoffice).
Pon, 04/17/2023 - 02:54
The
6.3-rc7 kernel prepatch is out for
testing. "Let's hope we have just one more calm week, and we'll have
had a nice uneventful release cycle. Knock wood".
Sob, 04/15/2023 - 00:53
On her blog, Máirín Duffy
writes
about using open-source software to run a virtual conference. The
Fedora design team
recently ran the first
Creative
Freedom Summit as a virtual conference for FOSS creative tools. The team
could have used the same non-open-source platform that is used by the
Flock Fedora conference, but took a
different path:
Using Matrix's Element client, we embedded the live stream video and an
Etherpad into a public Matrix room for the conference. We used attendance
in the channel to monitor overall conference attendance. We had live chat
going throughout the conference and took questions from audience members
both from the chat and the embedded Q&A Etherpad.
Back in 2020, the Linux Plumbers Conference also put together a virtual conference using free
software, as did LibrePlanet and likely others.
Pet, 04/14/2023 - 17:19
One-time passwords (OTPs) are increasingly used as a defense against
phishing and other password-stealing attacks, usually as a part of a
two-factor authentication process. Perhaps the most commonly
used technique is sending a numeric code to a phone via SMS, but SMS OTPs
have security problems of their own. An alternative is to use
time-based
one-time passwords (TOTPs). The normal TOTP situation is to have all
of the data locked into a proprietary phone app, but it need not be that
way.
Pet, 04/14/2023 - 15:09
Security updates have been issued by Debian (haproxy and openvswitch), Fedora (bzip3, libyang, mingw-glib2, thunderbird, xorg-x11-server, and xorg-x11-server-Xwayland), and Ubuntu (apport, ghostscript, linux-bluefield, node-thenify, and python-flask-cors).
Čet, 04/13/2023 - 17:09
Greg Kroah-Hartman has announced the release of the
6.2.11,
6.1.24, and
5.15.107 stable kernels. They contain another
collection of important fixes throughout the kernel tree.
Čet, 04/13/2023 - 15:27
The
kernel
samepage merging (KSM) feature can save significant amounts of memory
with some types of workloads, but security concerns have greatly limited
its use. Even when KSM can be safely enabled, though, the control interface
provided by the kernel makes it unlikely that KSM actually will be used. A
small
patch
series from Stefan Roesch aims to change this situation by improving
and simplifying how KSM is managed.