Language Selection

English French German Italian Portuguese Spanish

LWN

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Updated: 29 min 49 sec ago

Announcing coreboot 4.14

Tuesday 11th of May 2021 04:36:10 PM
The coreboot firmware project has released version 4.14. "These changes have been all over the place, so that there's no particular area to focus on when describing this release: We had improvements to mainboards, to chipsets (including much welcomed work to open source implementations of what has been blobs before), to the overall architecture."

Two stable kernels

Tuesday 11th of May 2021 03:32:30 PM
Stable kernels 5.10.36 and 5.4.118 have been released. They both contain important fixes throughout the tree. Users should upgrade.

Security updates for Tuesday

Tuesday 11th of May 2021 03:20:22 PM
Security updates have been issued by Debian (hivex), Fedora (djvulibre and thunderbird), openSUSE (monitoring-plugins-smart and perl-Image-ExifTool), Oracle (kernel and kernel-container), Red Hat (kernel and kpatch-patch), SUSE (drbd-utils, java-11-openjdk, and python3), and Ubuntu (exiv2, firefox, libxstream-java, and pyyaml).

DragonFly BSD 6.0

Monday 10th of May 2021 08:39:08 PM
DragonFly BSD 6.0 has been released. "This version has a revamped VFS caching system, various filesystem updates including HAMMER2, and a long list of userland updates."

[$] The second half of the 5.13 merge window

Monday 10th of May 2021 08:30:53 PM
By the time the last pull request was acted on and 5.13-rc1 was released, a total of 14,231 non-merge commits had found their way into the mainline. That makes the 5.13 merge window larger than the entire 5.12 development cycle (13,015 commits) and just short of all of 5.11 (14,340). In other words, 5.13 looks like one of the busier development cycles we have seen for a little while. About 6,400 of these commits came in after the first-half summary was written, and they include a number of significant new features.

Security updates for Monday

Monday 10th of May 2021 03:13:35 PM
Security updates have been issued by Debian (libxml2), Fedora (autotrace, babel, kernel, libopenmpt, libxml2, mingw-exiv2, mingw-OpenEXR, mingw-openexr, python-markdown2, and samba), openSUSE (alpine, avahi, libxml2, p7zip, redis, syncthing, and vlc), and Ubuntu (webkit2gtk).

Kernel prepatch 5.13-rc1

Monday 10th of May 2021 02:04:29 AM
The first 5.13 kernel prepatch is out for testing, and the merge window is closed for this development cycle. "This was - as expected - a fairly big merge window, but things seem to have proceeded fairly smoothly. Famous last words." In the end, 14,231 non-merge changesets were pulled into the mainline during the merge window — more than were seen during the entire 5.12 cycle.

An IEEE statement on the UMN paper

Friday 7th of May 2021 10:31:02 PM
The IEEE, whose Symposium on Security and Privacy conference had accepted the "hypocrite commits" paper for publication, has posted a statement [PDF] on the episode.

The paper was reviewed by four reviewers in the Fall S&P 2021 review cycle and received a very positive overall rating (2 Accept and 2 Weak Accept scores, putting it in the top 5% of submitted papers). The reviewers noted that the fact that a malicious actor can attempt to intentionally add a vulnerability to an open source project is not new, but also acknowledged that the authors provide several new insights by describing why this might be easier than expected, and why it might be difficult for maintainers to detect the problem. One of the PC members briefly mentioned a possible ethical concern in their review, but that comment was not significantly discussed any further at the time; we acknowledge that we missed it.

The statement concludes with some actions to be taken by IEEE to ensure that ethically questionable papers are not accepted again.

[$] Noncoherent DMA mappings

Friday 7th of May 2021 02:18:04 PM
While it is sometimes possible to perform I/O by moving data through the CPU, the only way to get the required level of performance is usually for devices to move data directly to and from memory. Direct memory access (DMA) I/O has been well supported in the Linux kernel since the early days, but there are always ways in which that support can be improved, especially when hardware adds some challenges of its own. The somewhat confusingly named "non-contiguous" DMA API that was added for 5.13 shows the kinds of things that have to be done to get the best performance on current systems.

Five new stable kernels

Friday 7th of May 2021 02:15:57 PM
New stable kernels 5.12.2, 5.11.19, 5.10.35, 5.4.117, and 4.19.190 have been released. They contain a relatively short list of updates throughout the tree; users of those series should upgrade.

Security updates for Friday

Friday 7th of May 2021 01:55:27 PM
Security updates have been issued by Debian (mediawiki and unbound1.9), Fedora (djvulibre and samba), Mageia (ceph, messagelib, and pagure), openSUSE (alpine and exim), Oracle (kernel and postgresql), Scientific Linux (postgresql), and Ubuntu (thunderbird and unbound).

An Interview With Linus Torvalds: Open Source And Beyond - Part 2 (Tag1)

Friday 7th of May 2021 01:45:28 PM
The second half of the interview with Linus Torvalds on the Tag1 Consulting site has been posted.

I think one of the reasons Linux succeeded was exactly the fact that I actually did NOT have a big plan, and did not have high expectations of where things would go, and so when people started sending me patches, or sending me requests for features, to me that was all great, and I had no preconceived notion of what Linux should be. End result: all those individuals (and later big companies) that wanted to participate in Linux kernel development had a fairly easy time to do so, because I was quite open to Linux doing things that I personally had had no real interest in originally.

[$] A pair of memory-allocation improvements in 5.13

Thursday 6th of May 2021 02:23:05 PM
Among the many changes merged for 5.13 can be found performance improvements throughout the kernel. This work does not always stand out the way that new features do, but it is vitally important for the future of the kernel overall. In the memory-management area, a couple of long-running patch sets have finally made it into the mainline; these provide a bulk page-allocation interface and huge-page mappings in the vmalloc() area. Both of these changes should make things faster, at least for some workloads.

Security updates for Thursday

Thursday 6th of May 2021 01:29:53 PM
Security updates have been issued by Debian (python-django), Fedora (java-latest-openjdk, libopenmpt, python-yara, skopeo, thunderbird, and yara), openSUSE (ceph and openexr), Red Hat (postgresql), SUSE (libxml2), and Ubuntu (exim4 and gnome-autoar).

[$] LWN.net Weekly Edition for May 6, 2021

Thursday 6th of May 2021 03:41:27 AM
The LWN.net Weekly Edition for May 6, 2021 is available.

[$] A replacement for third-party cookies?

Wednesday 5th of May 2021 10:19:39 PM
The era of tracking users all across the web using third-party cookies is coming to a close; that type of cookie is something of a zombie at this point. All of the major browsers, save one, are blocking third-party cookies by default and the holdout, Google Chrome, plans to make that change next year. But Google, which has a business model built around advertising that benefits greatly from the status quo, has offered up an alternative scheme to "replace" third-party cookies. The Federated Learning of Cohorts (FLoC) is an in-browser mechanism to pigeonhole users in a way that will be useful to advertisers, but the only reason the idea has any traction at all is because it is being implemented in Chrome—the dominant browser today.

The TAB report on the UMN affair

Wednesday 5th of May 2021 05:46:43 PM
The Linux Foundation Technical Advisory Board has issued its report on the submission of (intentionally and unintentionally) buggy patches from the University of Minnesota.

This report summarizes the events that led to this point, reviews the "Hypocrite Commits" paper that had been submitted for publication, and reviews all known prior kernel commits from UMN paper authors that had been accepted into our source repository. It concludes with a few suggestions about how the community, with UMN included, can move forward.

The recommendations include establishing an internal review process for patches submitted by the community and the creation (by the TAB in cooperation with researchers) of a "best practices" document for researchers working with the kernel community.

(LWN editor Jonathan Corbet played a small part in the writing of this report).

Security updates for Wednesday

Wednesday 5th of May 2021 03:23:52 PM
Security updates have been issued by Debian (cgal, exim4, and mediawiki), Fedora (axel, libmicrohttpd, libtpms, perl-Image-ExifTool, pngcheck, python-yara, and yara), Gentoo (exim), Mageia (kernel-linus), openSUSE (bind and postsrsd), SUSE (avahi, openexr, p7zip, python-Pygments, python36, samba, sca-patterns-sle11, and webkit2gtk3), and Ubuntu (nvidia-graphics-drivers-390, nvidia-graphics-drivers-418-server, nvidia-graphics-drivers-450, nvidia-graphics-drivers-450-server, nvidia-graphics-drivers-460, nvidia-graphics-drivers-460-server).

[$] Rustls: memory safety for TLS

Tuesday 4th of May 2021 08:45:06 PM
The movement toward using memory-safe languages, and Rust in particular, has picked up a lot of steam over the past year or two. Removing the possibility of buffer overflows, use-after-free bugs, and other woes associated with unmanaged pointers is an attractive feature, especially given that the majority of today's vulnerabilities stem from memory-safety issues. On April 20, the Internet Security Research Group (ISRG) announced a funding initiative targeting the Rustls TLS library in order to prepare it for more widespread adoption—including by ISRG's Let's Encrypt project.

Security updates for Tuesday

Tuesday 4th of May 2021 03:49:37 PM
Security updates have been issued by Debian (bind9, chromium, exim4, and subversion), Fedora (exiv2 and skopeo), openSUSE (gsoap), Oracle (bind, kernel, and sudo), SUSE (bind, ceph, ceph, deepsea, permissions, and stunnel), and Ubuntu (clamav, exim4, openvpn, python-django, and samba).

More in Tux Machines

Excellent Utilities: duf – disk usage utility

This is a series highlighting best-of-breed utilities. We cover a wide range of utilities including tools that boost your productivity, help you manage your workflow, and lots more besides. There’s a complete list of the tools in this series in the Summary section. The Command Line Interface (CLI) is a way of interacting with your computer. To harness all the power of Linux, it’s highly recommended mastering the interface. It’s true the CLI is often perceived as a barrier for users migrating to Linux, particularly if they’re grown up using GUI software exclusively. While Linux rarely forces anyone to use the CLI, some tasks are better suited to this method of interaction, offering inducements like superior scripting opportunities, remote access, and being far more frugal with a computer’s resources. duf is a simple disk usage utility that offers a more attractive representation than the classic df utility. It’s written in Go. Read more

Sway 1.6.1 Wayland Compositor Released With WLROOTS 0.14

Simon Ser has released Sway 1.6.1 as the newest version of this popular i3-inspired Wayland compositor. Sway 1.6 came back in April with better Flatpak/Snap application integration, smoother move/resize operations, X11 clipboard handling improvements, and many other improvements for this popular "indie" Wayland compositor. Read more

today's howtos

  • Kali Linux Man in the Middle Attack Tutorial for Beginners 2021

    Man in the middle attack is the most popular and dangerous attack in Local Area Network. With the help of this attack, A hacker can capture the data including username and password traveling over the network. He/she is not only captured data from the network he/she can alter data as well. For example, if you send a letter to your friend the hacker can capture the letter before reaching the destination, and can edit and then send to your friend a modified letter. But a good thing is this attack only can be performed in a local area network it means one of the victims must be in the same network of the attacker. May be possible you have heard that using a public Wi-Fi network is not as secure as your home network the only reason is a man in the middle attack.

  • How to Install chrome in Ubuntu 20.04 complete Guide

    Google Chrome is a web browser, most used widely in the world. It is fast, simple, and easy to use and secure browser built for the modern web. Neither Google Chrome comes with Ubuntu default, nor included in the Ubuntu repositories. But here, I am telling about another open-source web browser. It is available in the default Ubuntu repositories. If you don’t want to install chromium and looking only for chrome, this article will help you.

  • How to Install and Use Tilix Terminal Emulator in Linux

    Tilix is an open-source advanced Linux terminal emulator that uses GTK+ 3 and offers a lot of features that are not part of the default terminal that ships with Linux distributions.

  • How to Install NetBeans IDE 12 on Fedora 34/33 – TecAdmin

    NetBeans is an open-source integrated development environment for the application development on Windows, Mac, Linux, and Solaris operating systems. It offers excellent debugging capabilities, coding, plugins, and extensions with multiple out-of-the-box features. The NetBeans is widely used by the PHP and Java application developers. A shell script is provided by the official team for easier installation of Netbeans on Linux systems. However, we can have also use the Snap package to install the latest NetBeans IDE on the Fedora system quickly. This tutorial will help you to install NetBeans IDE on a Fedora system using the Snap package manager.

  • How to Fix 504 Gateway Timeout in Nginx Server

    I use NGINX a lot. I recently deployed a Node.js web application with NGINX as a reverse proxy server for it. One of the key features of the application is support for data imports using excel templates. However, it didn’t take long before users uploading bulky files started getting a 504 Gateway Timeout error from NGINX.

  • How To Install Next.js on Ubuntu 20.04 LTS - idroot

    In this tutorial, we will show you how to install Next.js on Ubuntu 20.04 LTS. For those of you who didn’t know, Next.js is a Javascript framework built on React.js, which allows developers to build static and dynamic websites and web applications. This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the Next.js open-source Javascript framework on Ubuntu 20.04 (Focal Fossa). You can follow the same instructions for Ubuntu 18.04, 16.04, and any other Debian-based distribution like Linux Mint.

  • How To Install AlmaLinux Desktop

    This tutorial explains the installation of AlmaLinux Desktop to computer. This begins with where to grab the OS itself, make a bootable medium of it, boot the computer with it, then starts the installation and partitioning until finished. The final result will be a fully functional computer with AlmaLinux GNOME.

  • Generate Rainbow Tables and Crack Hashes in Kali Linux Complete Guide

    Rcracki_mt is a tool used to crack hashes and found in kali linux by default. It is used rainbow tables to crack the password. Some other tools generate rainbow tables. You can download Rainbow table https://www.freerainbowtables.com/tables2/ if you don’t want to download rainbow table you can create you own by Using winrtgen in window and rtgen in Kali Linux

AMD SFH Linux Driver Updated For "Next Gen" Ryzen Laptops

There's the next chapter to the unfortunately rather sad state of the AMD Sensor Fusion Hub (SFH) driver support under Linux. Since 2018 with AMD Ryzen laptops there has been the Sensor Fusion Hub for various accelerometer/gyroscopic sensor functionality, among other uses and akin to Intel's Sensor Hub. It wasn't though until January 2020 that AMD published their SFH driver for Linux. Read more