Language Selection

English French German Italian Portuguese Spanish

LWN

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Updated: 38 min 13 sec ago

[$] Containers as kernel objects

5 hours 40 min ago
The kernel has, over the years, gained comprehensive support for containers; that, in turn, has helped to drive the rapid growth of a number of containerization systems. Interestingly, though, the kernel itself has no concept of what a container is; it just provides a number of facilities that can be used in the creation of containers in user space. David Howells is trying to change that state of affairs with a patch set adding containers as a first-class kernel object, but the idea is proving to be a hard sell in the kernel community.

LibreOffice leverages Google’s OSS-Fuzz to improve quality of office suite

10 hours 4 min ago
The Document Foundation looks at the progress made in improving the quality and reliability of LibreOffice's source code by using Google's OSS-Fuzz. "Developers have used the continuous and automated fuzzing process, which often catches issues just hours after they appear in the upstream code repository, to solve bugs - and potential security issues - before the next binary release. LibreOffice is the first free office suite in the marketplace to leverage Google's OSS-Fuzz. The service, which is associated with other source code scanning tools such as Coverity, has been integrated into LibreOffice's security processes - under Red Hat's leadership - to significantly improve the quality of the source code."

Security updates for Tuesday

12 hours 55 min ago
Security updates have been issued by Arch Linux (lynis), CentOS (kdelibs, libtirpc, rpcbind, and samba), Debian (miniupnpc), Fedora (chromium, chromium-native_client, and kernel), Oracle (kdelibs and samba), Red Hat (libtirpc and rpcbind), and Scientific Linux (kdelibs, libtirpc, rpcbind, and samba).

Hughes: Updating Logitech Hardware on Linux

13 hours 30 min ago
Richard Hughes describes his work to address the MouseJack vulnerability in Logitech (and other) receivers. This vulnerability allows an attacker to pair new devices with the receiver with no user interaction or awareness, and, thus, take over the machine. "This makes sitting in a café quite a dangerous thing to do when any affected hardware is inserted, which for the unifying dongle is quite likely as it’s explicitly designed to remain in an empty USB socket."

Logitech has provided firmware updates, but not for "unsupported" platforms like Linux. Hughes has filled that gap by getting documentation and a fixed firmware image from Logitech and adding support for these devices to fwupd. He is now looking for testers to ensure that the whole thing works across all devices. This is important work that is well worth supporting.

GNU Guix & GuixSD 0.13.0 released

Monday 22nd of May 2017 06:11:40 PM
GNU Guix and GuixSD 0.13.0 have been released. GNU Guix is a transactional package manager for the GNU system and the Guix System Distribution, GuixSD, is an advanced distribution of the GNU system. A couple of highlights in this version: Guix can now be used on aarch64 systems, and GuixSD now supports Btrfs and adds the LXDE desktop as an option. See the announcement for more information.

FreeBSD quarterly status report

Monday 22nd of May 2017 04:28:08 PM
FreeBSD has released its status report for the first quarter of 2017. As usual there are reports from the FreeBSD Core Team, the FreeBSD Foundation, the FreeBSD Ports Collection, and the FreeBSD Release Engineering Team, followed by more information about ongoing projects, and more.

Security updates for Monday

Monday 22nd of May 2017 03:22:40 PM
Security updates have been issued by Arch Linux (fop), Debian (dropbear, icu, and openjdk-7), Fedora (chicken, cinnamon-settings-daemon, jbig2dec, libtirpc, sane-backends, and smb4k), Mageia (flash-player-plugin, vlc, and webmin), Oracle (libtirpc and rpcbind), Red Hat (kdelibs, libtirpc, rpcbind, and samba), and SUSE (kernel).

The end of Parsix GNU/Linux

Monday 22nd of May 2017 02:01:24 PM
The Debian-based Parsix distribution has announced that it will be shutting down six months after the Debian "Stretch" release. "Parsix GNU/Linux 8.15 (Nev) will be fully supported during this time and users should be able to upgrade their installations to Debian Stretch without any significant issues. We will make all necessary changes, and updates to ensure a smooth transition to Debian Stretch."

Kernel prepatch 4.12-rc2

Monday 22nd of May 2017 02:54:28 AM
The 4.12-rc2 kernel prepatch is out. "I'm back on the usual Sunday schedule, and everything else looks fairly normal too. This rc2 is maybe a bit bigger than usual, but the whole merge window was bigger than most, so maybe it's just that. And it's not like it's huge".

Stable kernels for everybody

Saturday 20th of May 2017 02:59:38 PM
The 4.11.2, 4.10.17, 4.9.29, 4.4.69, and 3.18.54 stable kernel updates have all been released with the usual set of important fixes. Note that this is the final update for the 4.10 kernel.

[$] Revisiting "too small to fail"

Saturday 20th of May 2017 01:58:16 PM
Back in 2014, the revelation that the kernel's memory-management subsystem would not allow relatively small allocation requests to fail created a bit of a stir. The discussion has settled down since then, but the "too small to fail" rule still clearly creates a certain amount of confusion in the kernel community, as is evidenced by a recent discussion inspired by the 4.12 merge window. It would appear that the rule remains in effect, but developers are asked to act as if it did not.

zetcd: running ZooKeeper apps without ZooKeeper

Friday 19th of May 2017 11:15:14 PM
The CoreOS Blog introduces the first beta release, v0.0.1, of zetcd. "Distributed systems commonly rely on a distributed consensus to coordinate work. Usually the systems providing distributed consensus guarantee information is delivered in order and never suffer split-brain conflicts. The usefulness, but rich design space, of such systems is evident by the proliferation of implementations; projects such as chubby, ZooKeeper, etcd, and consul, despite differing in philosophy and protocol, all focus on serving similar basic key-value primitives for distributed consensus. As part of making etcd the most appealing foundation for distributed systems, the etcd team developed a new proxy, zetcd, to serve ZooKeeper requests with an unmodified etcd cluster."

Security updates for Friday

Friday 19th of May 2017 03:14:08 PM
Security updates have been issued by Debian (deluge, jbig2dec, mysql-connector-java, and nss), Fedora (jasper), Mageia (mhonarc and radicale), openSUSE (smb4k), SUSE (kdelibs4 and rpcbind), and Ubuntu (jasper and openjdk-7).

[$] The trouble with SMC-R

Thursday 18th of May 2017 07:52:25 PM
Among the many features merged for the 4.11 kernel was the "shared memory communications over RDMA" (SMC-R) protocol from IBM. SMC-R is a high-speed data-center communications protocol that is claimed to be much more efficient than basic TCP sockets. As it turns out, though, the merging of this code was a surprise — and an unpleasant one at that — to a relevant segment of the kernel development community. This issue and the difficulties in resolving it are an indicator of how the increasingly fast-paced kernel development community can go off track.

Security updates for Thursday

Thursday 18th of May 2017 03:36:21 PM
Security updates have been issued by Debian (shadow), Fedora (rpcbind), Gentoo (gst-plugins-bad and tomcat), Red Hat (ansible and openshift-ansible, openstack-heat, and Red Hat OpenStack Platform director), and Ubuntu (bash, FreeType, linux-aws, linux-gke, linux-raspi2, linux-snapdragon, and linux-lts-xenial).

[$] LWN.net Weekly Edition for May 18, 2017

Thursday 18th of May 2017 12:17:22 AM
The LWN.net Weekly Edition for May 18, 2017 is available.

What’s New in Android: O Developer Preview 2

Wednesday 17th of May 2017 09:00:08 PM
The Android Developers blog looks at the latest Android O Developer Preview, which is now in public beta. The developer preview also contains an early version of a project called Android Go which is built specifically for Android devices that have 1GB or less of memory.

[$] Restricting pathname resolution with AT_NO_JUMPS

Wednesday 17th of May 2017 08:35:24 PM
On April 29, Al Viro posted a patch on the linux-api mailing list adding a new flag to be used in conjunction with the ...at() family of system calls. The flag is for containing pathname resolution to the same filesystem and subtree as the given starting point. This is a useful feature to have for implementing file I/O in programs that accept pathnames as untrusted user input. The ensuing discussion made it clear that there were multiple use cases for such a feature, especially if the granularity of its restrictions could be increased.

[$] IPv6 segment routing

Wednesday 17th of May 2017 06:31:58 PM

In November 2016, a new networking feature, IPv6 segment routing (also known as "IPv6 SR" or "SRv6"), was merged into net-next and subsequently included in Linux 4.10. In this article, we explain this new feature, describe key elements of its implementation, and present a few performance measurements.

[$] Vulnerability hoarding and Wcry

Wednesday 17th of May 2017 06:06:12 PM
A virulent ransomware worm attacked a wide swath of Windows machines worldwide in mid-May. The malware, known as Wcry, Wanna, or WannaCry, infected a number of systems at high-profile organizations as well as striking at critical pieces of the infrastructure—like hospitals, banks, and train stations. While the threat seems to have largely abated—for now—the origin of some of its code, which is apparently the US National Security Agency (NSA), should give one pause.

More in Tux Machines

Android Leftovers

  • Pimp your smartphone with the latest Android O Pixel launcher
    If your device is running Android 6.0.1 Marshmallow or above, you can now pimp it out with the latest Google O Pixel launcher. One of the contributors on the XDA Developers forum has recently posted the APK file, which you can install on your smartphone. Before you download the file, make sure your device can install apps that aren’t listed on the Play Store. To do so, open up the Settings menu, tap on Security, and enable the “Unknown sources” option. Once that’s done, all you have to do is download the file and then tap on it in the notification shade to install the launcher on your device.
  • Google is killing off Android's emoji blobs
    The best emojis on the market are no more: Google’s weird blobs are being retired in favour of more conventional circular yellow faces.
  • Google I/O: What about Android on Chrome OS?
    The hottest tech-show ticket these days is Google I/O. In the just-finished 2017 conference, Google announced lots of great stuff, including a lightweight version of Android, Android Go; a first look at the next version of Android, Android O; and a major upgrade to Google Home. One thing that was noticeably missing, however: big news about Android apps on Chrome OS.
  • RaspAnd Marshmallow 6.0.1 Android OS Now Available for Raspberry Pi 3 and 2 SBCs
    After informing us about the availability of a new build of his RaspAnd Nougat operating system for Raspberry Pi 3 and 2 SBCs based on Android 7.1.2, Arne Exton released an updated RaspAnd Marshmallow 6 version.

today's howtos

LinuxAndUbuntu Distro Review Of The Week - Deepin OS

​Depth/Deepin OS is not just another Linux Distro, but one with something new to show. Deepin OS is simply speaking, just beautiful. Deepin OS, formerly known as Deepin, Linux Deepin, and Hiweed GNU/Linux is a Linux distro with an identity crisis. Seriously, this distro has undergone name changes you always have to check twice if the name is still the same. And that is all the negative you are going to say about this distro. Honestly speaking, Deepin OS is surely going to blow you away. I have been keeping an eye on this distro since 2013 and it still manages to impress me. Read more

KDE Leftovers: digikam, KDevelop, Kate, GSoC, and Akademy

  • [digikam] Call to Test the Pre-Release of 5.6.0
    Once again a lot has been going on behind the scenes since the last release. The HTML gallery tool is back, database shrinking (e.g. purging stale thumbnails) is also supported on MySQL, grouping has been improved and additional sidecars can now be specified. Therefore the release of 5.6.0 will be (is already) delayed, as we would like to invite you to test all these features. As usual they are available in the pre-release bundles or obviously directly from the git repository. Please report any dysfunctions, unexpected behaviour or suggestions for improvement to our bug tracker.
  • KDevelop runtimes: Docker and Flatpak integration
    On my last blog post I discussed about how some assumptions such as the platform developed on can affect our development. We need to minimize it by empowering the developers with good tools so that they can develop properly. To that end, I introduced runtimes in our IDE to abstract platforms (much like on Gnome’s Builder or Qt Creator).
  • Kate 17.04.1 available for Windows
  • GSoC - Community Bonding Period with Krita
  • First month report: my feelings about gsoc
  • My Akademy Plans
    The Akademy programme (saturday, sunday) is actually pretty long; the conference days stretch into feels-like-evening to me. Of course, the Dutch are infamous for being “6pm at the dinner table, and eat potatoes” so my notion of evening may not match what works on the Mediterranean coast. Actually, I know it doesn’t since way back when at a Ubuntu Developer Summit in Sevilla it took some internal-clock-resetting to adjust to dinner closer to midnight than 18:00.