Language Selection

English French German Italian Portuguese Spanish

LWN

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Updated: 1 hour 50 min ago

[$] Linux Mint drops Ubuntu Snap packages

Wednesday 8th of July 2020 04:46:34 PM
The Linux Mint project has made good on previous threats to actively prevent Ubuntu Snap packages from being installed through the APT package-management system without the user's consent. This move is the result of "major worries" from Linux Mint on Snap's impact with regard to user choice and software freedom. Ubuntu's parent company, Canonical, seems open to finding a solution to satisfy the popular distribution's concerns — but it too has interests to consider.

Security updates for Wednesday

Wednesday 8th of July 2020 03:01:39 PM
Security updates have been issued by Debian (roundcube), Fedora (chromium, firefox, and ngircd), Oracle (firefox and thunderbird), Scientific Linux (firefox), Slackware (seamonkey), SUSE (djvulibre, ffmpeg, firefox, freetds, gd, gstreamer-plugins-base, icu, java-11-openjdk, libEMF, libexif, librsvg, LibVNCServer, libvpx, Mesa, nasm, nmap, opencv, osc, perl, php7, python-ecdsa, SDL2, texlive-filesystem, and thunderbird), and Ubuntu (cinder, python-os-brick).

The "Open Usage Commons" launches

Wednesday 8th of July 2020 02:53:58 PM
Google has announced the creation of the Open Usage Commons, which is intended to help open-source projects manage their trademarks. From the organization's own announcement: "We created the Open Usage Commons because free and fair open source trademark use is critical to the long-term sustainability of open source. However, understanding and managing trademarks takes more legal know-how than most project maintainers can do themselves. The Open Usage Commons is therefore dedicated to creating a model where everyone in the open source chain – from project maintainers to downstream users to ecosystem companies – has peace of mind around trademark usage and management. The projects in the Open Usage Commons will receive support specific to trademark protection and management, usage guidelines, and conformance testing." Initial members include the Angular, Gerrit, and Istio projects.

Sandboxing in Linux with zero lines of code (Cloudflare blog)

Wednesday 8th of July 2020 02:36:54 PM
The Cloudflare blog is running an overview of sandboxing with seccomp(), culminating in a tool written there to sandbox any existing program. "We really liked the 'zero code seccomp' approach with systemd SystemCallFilter= directive, but were not satisfied with its limitations. We decided to take it one step further and make it possible to prohibit any system call in any process externally without touching its source code, so came up with the Cloudflare sandbox. It’s a simple standalone toolkit consisting of a shared library and an executable. The shared library is supposed to be used with dynamically linked applications and the executable is for statically linked applications."

[$] Hugo: a static-site generator

Tuesday 7th of July 2020 11:28:40 PM
Static web-site generators take page content written in a markup language and render it into fully baked HTML, making it easy for developers to upload the result and serve a web site simply and securely. This article looks at Hugo, a static-site generator written in Go and optimized for speed. It is a flexible tool that can be configured for a variety of use cases: simple blogs, project documentation, larger news sites, and even government services.

[$] Sleepable BPF programs

Tuesday 7th of July 2020 05:20:16 PM
When support for classic BPF was added to the kernel many years ago, there was no question of whether BPF programs could block in their execution. Their functionality was limited to examining a packet's contents and deciding whether the packet should be forwarded or not; there was nothing such a program could do to block. Since then, BPF has changed a lot, but the assumption that BPF programs cannot sleep has been built deeply into the BPF machinery. More recently, classic BPF has been pushed aside by the extended BPF dialect; the wider applicability of extended BPF is now forcing a rethink of some basic assumptions.

Security updates for Tuesday

Tuesday 7th of July 2020 02:46:24 PM
Security updates have been issued by Debian (php7.3), Fedora (gst), Mageia (libvirt, mariadb, pdns-recursor, and ruby), openSUSE (chocolate-doom, coturn, kernel, live555, ntp, python3, and rust, rust-cbindgen), Oracle (virt:ol), Red Hat (file, firefox, gettext, kdelibs, kernel, kernel-alt, microcode_ctl, nghttp2, nodejs:10, nodejs:12, php, qemu-kvm, ruby, and tomcat), SUSE (libjpeg-turbo, mozilla-nspr, mozilla-nss, mozilla-nss, nasm, openldap2, and permissions), and Ubuntu (coturn, glibc, nss, and openexr).

[$] Home Assistant improves performance in 0.112 release

Monday 6th of July 2020 05:23:13 PM
The Home Assistant project has released version 0.112 of the open-source home automation hub we have previously covered, which is the eighth release of the project this year. While previous releases have largely focused on new integrations and enhancements to the front-end interface, in this release the focus has shifted more toward improving the performance of the database. It is important to be aware that there are significant database changes and multiple potential backward compatibility breaks to understand before attempting an upgrade to take advantage of the improvements.

Security updates for Monday

Monday 6th of July 2020 02:37:30 PM
Security updates have been issued by Debian (chromium, php7.0, and thunderbird), Fedora (ceph, gssdp, gupnp, libfilezilla, libldb, mediawiki, python-pillow, python36, samba, and xpdf), Mageia (curl, docker, firefox, libexif, libupnp, libvncserver, libxml2, mailman, ntp, perl-YAML, python-httplib2, tcpreplay, tomcat, and vlc), openSUSE (chocolate-doom, python3, and Virtualbox), Slackware (libvorbis), and SUSE (mozilla-nspr, mozilla-nss, systemd, tomcat, and zstd).

Kernel prepatch 5.8-rc4

Monday 6th of July 2020 03:54:28 AM
The 5.8-rc4 kernel prepatch is out for testing. "The end result is that it's been fairly calm, and there's certainly been discussion of upcoming fixes, but I still have the feeling that 5.8 is looking fairly normal and things are developing smoothly despite the size of this release."

Book: Perl 7: A Risk-Benefit Analysis

Friday 3rd of July 2020 06:32:31 PM
Dan Book has done a detailed analysis of the Perl 7 transition. "Large amount of CPAN modules will not work in Perl 7; plans for working around this would either involve every affected CPAN author, which is a virtual impossibility for the stated 1 year time frame; or the toolchain group, a loose group of people who each maintain various modules and systems that are necessary for CPAN to function, who either have not been consulted as of yet or have not revealed their plans related to the tools they maintain. Going into this potential problem sufficiently would be longer than this blog post, but suffice to say that a Perl where highly used CPAN modules don't seamlessly work is not Perl."

Security updates for Friday

Friday 3rd of July 2020 03:15:37 PM
Security updates have been issued by Debian (docker.io and imagemagick), Fedora (alpine, firefox, hostapd, and mutt), openSUSE (opera), Red Hat (rh-nginx116-nginx), SUSE (ntp, python3, and systemd), and Ubuntu (firefox, linux, linux-aws, linux-aws-hwe, linux-gcp, linux-gcp-4.15, linux-gke-4.15, linux-hwe, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon, linux, linux-aws, linux-gcp, linux-kvm, linux-oracle, linux-riscv, linux, linux-azure, linux-gcp, linux-gcp-5.3, linux-hwe, linux-kvm, linux-oracle, linux-oracle-5.3, linux-gke-5.0, linux-oem-osp1, net-snmp, and samba).

[$] Netflix releases open-source crisis-management tool

Friday 3rd of July 2020 03:01:23 PM
Earlier this year, Netflix developed and released a new Apache-licensed project named Dispatch. It is designed to coordinate the response to and the resolution of security-related incidents, but the project aims for more than just that. Rather, it hopes to be valuable for any type of one-off incident that needs coordination across an organization, such as a service outage.

LPC town hall #2: the kernel report

Thursday 2nd of July 2020 07:43:27 PM
The Linux Plumbers Conference has announced the second in a brief series of "town hall" events leading up to the full (virtual) conference starting August 24. This one features LWN editor Jonathan Corbet presenting a version of his "Kernel Report" talk covering the current and future state of the kernel-development community. This talk is scheduled for July 16 at 9:00AM US/Mountain time (8:00AM US/Pacific, 3:00PM UTC). Mark your calendars.

[$] Btrfs at Facebook

Thursday 2nd of July 2020 03:18:56 PM
The Btrfs filesystem has had a long and sometimes turbulent history; LWN first wrote about it in 2007. It offers features not found in any other mainline Linux filesystem, but reliability and performance problems have prevented its widespread adoption. There is at least one company that is using Btrfs on a massive scale, though: Facebook. At the 2020 Open Source Summit North America virtual event, Btrfs developer Josef Bacik described why and how Facebook has invested deeply in Btrfs and where the remaining challenges are.

OpenSUSE Leap 15.2 released

Thursday 2nd of July 2020 01:43:13 PM
The openSUSE Leap 15.2 release is now available; see the announcement for a long list of new features. "In general, software packages in the distribution grew by the hundreds. Data fusion, Machine Learning and AI aren't all that is new in openSUSE Leap 15.2; a Real-Time Kernel for managing the timing of microprocessors to ensure time-critical events are processed as efficiently as possible is available in this release."

Security updates for Thursday

Thursday 2nd of July 2020 01:17:05 PM
Security updates have been issued by Debian (chromium and firefox-esr), Fedora (chromium and ntp), SUSE (ntp and unbound), and Ubuntu (libvncserver).

[$] LWN.net Weekly Edition for July 2, 2020

Thursday 2nd of July 2020 12:44:27 AM
The LWN.net Weekly Edition for July 2, 2020 is available.

[$] The (non-)return of the Python print statement

Wednesday 1st of July 2020 09:52:17 PM
In what may have seemed like an April Fool's Day joke to some, Python creator Guido van Rossum recently floated the idea of bringing back the print statement—several months after Python 2, which had such a statement, reached its end of life. In fact, Van Rossum acknowledged that readers of his message to the python-ideas mailing list might be checking the date: "No, it's not April 1st." He was serious about the idea—at least if others were interested in having the feature—but he withdrew it fairly quickly when it became clear that there were few takers. The main reason he brought it up is interesting, though: the new parser for CPython makes it easy to bring back print from Python 2 (and before).

A set of stable kernels

Wednesday 1st of July 2020 03:51:16 PM
Stable kernels 5.7.7, 5.4.50, 4.19.131, 4.14.187, 4.9.229, and 4.4.229 have been released. They all contain important fixes and users should upgrade.

More in Tux Machines

Linspire 9.0 Released

Today our development team is excited to announce the release of Linspire 9.0; packed with a TON of improvements and security updates, this is a major update that we’ve been working hard to get out to our faithful users. The global pandemic has delayed its release, but the development team has worked diligently and meticulously behind-the-scenes over the past few months, fine-tuning every detail of what is widely considered to be the premier Linux desktop on the market today. The Linspire 9.0 series will be the last one featuring the 18.04 LTS codebase; upcoming Linspire X will be based on the 20.04 LTS code and kernel. Read more Also: Linspire 9.0 Officially Released, Based on Ubuntu 18.04 LTS and Linux 5.4 LTS

today's leftovers

  • Fast Bare Metal provisioning and infrastructure automation with MAAS
  • [Updated] Michael Stapelberg: Optional dependencies don’t work

    In the i3 projects, we have always tried hard to avoid optional dependencies. There are a number of reasons behind it, and as I have recently encountered some of the downsides of optional dependencies firsthand, I summarized my thoughts in this article.

  • Benchmarking NetBSD, second evaluation report

    This report was written by Apurva Nandan as part of Google Summer of Code 2020. This blog post is in continuation of GSoC Reports: Benchmarking NetBSD, first evaluation report blog and describes my progress in the second phase of GSoC 2020 under The NetBSD Foundation. In this phase, I worked on the automation of the regression suite made using Phoronix Test Suite (PTS) and its integration with Anita. The automation framework consists of two components Phoromatic server, provided by Phoronix Test Suite in pkgsrc, and Anita, a Python tool for automating NetBSD installation.

  • Interest in Kodi Declines After a Turmultuous Few Years of Piracy Headlines

    After many years of being mentioned in the same breath as movie and TV show piracy, interest in the Kodi media player appears to have peaked and is now on the decline. That's according to Google Trends data which suggests that after reaching a high in early 2017, interest via search is now on a continuous downward trend.

Programming Leftovers

  • RcppSimdJson 0.1.1: More Features

    A first update following for the exciting RcppSimdJson 0.1.0 release last month is now on CRAN. Version 0.1.1 brings further enhancements such direct parsing of raw chars, working with compressed files as well as much expanded querying ability all thanks to Brendan, some improvements to our demos thanks to Daniel as well as a small fix via a one-liner borrowed from upstream for a reported UBSAN issue. RcppSimdJson wraps the fantastic and genuinely impressive simdjson library by Daniel Lemire and collaborators. Via very clever algorithmic engineering to obtain largely branch-free code, coupled with modern C++ and newer compiler instructions, it results in parsing gigabytes of JSON parsed per second which is quite mindboggling. The best-case performance is ‘faster than CPU speed’ as use of parallel SIMD instructions and careful branch avoidance can lead to less than one cpu cycle use per byte parsed; see the video of the talk by Daniel Lemire at QCon (also voted best talk).

  • Jonathan Dowland: Generic Haskell

    When I did the work described earlier in template haskell, I also explored generic programming in Haskell to solve a particular problem. StrIoT is a program generator: it outputs source code, which may depend upon other modules, which need to be imported via declarations at the top of the source code files. The data structure that StrIoT manipulates contains information about what modules are loaded to resolve the names that have been used in the input code, so we can walk that structure to automatically derive an import list. The generic programming tools I used for this are from Structure Your Boilerplate (SYB), a module written to complement a paper of the same name.

  • 9 reasons I upgraded from AngularJS to Angular

    In 2010, Google released AngularJS, an open source, JavaScript-based frontend structure for developing single-page applications (SPAs) for the internet. With its move to version 2.0 in 2016, the framework's name was shortened to Angular. AngularJS is still being developed and used, but Angular's advantages mean it's a smart idea to migrate to the newer version.

  • [Old/Odd] 5 news feautures of PHP-7.2

    Before PHP 7.2 the object keyword was used to convert one data type to another (boxing and unboxing), for example, an array to an object of the sdtClass class and/or vice versa, as of PHP 7.2 the object data type can be used as parameter type or as function return type.

  • This Week In Rust: This Week in Rust 351

Proprietary Software and Linux Foundation

  • [PCLinuxOS] Opera Browser updated to 70.0.3728.106

    Opera is a Chromium-based browser using the Blink layout engine. It differentiates itself because of a distinct user interface and other features.

  • Vivaldi Explains Why They Make "Proprietary Garbage"

    It is unfair to say that Vivaldi is not open source at all as someone like Distrotube has done, the way the company behind Vivaldi has decided to handle this application is by using a dual licensing system where the open source portion of the application is licensed under an open source BSD license but that's not the point of today, the point is to explain why they have decided to license their software in such a way.

  • Scientists Forced To Change Names Of Human Genes Because Of Microsoft's Failure To Patch Excel

    Six years ago, Techdirt wrote about a curious issue with Microsoft's Excel. A default date conversion feature was altering the names of genes, because they looked like dates. For example, the tumor suppressor gene DEC1 (Deleted in Esophageal Cancer 1) was being converted to "1-DEC". Hardly a widespread problem, you might think. Not so: research in 2016 found that nearly 20% of 3500 papers taken from leading genomic journals contained gene lists that had been corrupted by Excel's re-interpretation of names as dates. Although there don't seem to be any instances where this led to serious errors, there is a natural concern that it could distort research results. The good news is this problem has now been fixed. The rather surprising news is that it wasn't Microsoft that fixed it, even though Excel was at fault. As an article in The Verge reports:

  • The Linux Foundation Wants Open-Source Tech to Address Future Pandemics

    The Linux Foundation, which supports open-source innovation in blockchain tech, launched the Linux Foundation Public Health Initiative (LFPHI) at the end of July. The LFPHI’s goal is to promote the use of open source by public health authorities, which can be scrutinized by anyone, to fight not just COVID-19 but future pandemics as well.

  • LF Edge’s Akraino Project Release 3 Now Available, Unifying Open Source Blueprints Across MEC, AI, Cloud and Telecom Edge

    LF Edge, an umbrella organization within the Linux Foundation that aims to establish an open, interoperable framework for edge computing independent of hardware, silicon, cloud, or operating system, today announced the availability of Akraino Release 3 (“Akraino R3”). Akraino’s third and most mature release to date delivers fully functional edge solutions– implemented across global organizations– to enable a diversity of edge deployments across the globe. New blueprints include a focus on MEC, AI/ML, and Cloud edge. In addition, the community authored the first iteration of a new white paper to bring common open edge API standards to align the industry.

  • Linux Foundation Launches Jenkins X Training Course

    Linux Foundation has launched a new training course, LFS268 – CI/CD with Jenkins X. Developed in conjunction with the Continuous Delivery Foundation, the course will introduce the fundamentals of Jenkins X.