Language Selection

English French German Italian Portuguese Spanish

LWN

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Updated: 1 hour 55 min ago

[$] Making containers safer

Wednesday 21st of August 2019 02:24:10 PM
On day one of the Linux Security Summit North America (LSS-NA), Stéphane Graber and Christian Brauner gave a presentation on the current state and the future of container security. They both work for Canonical on the LXD project; Graber is the project lead and Brauner is the maintainer. They looked at the different kernel mechanisms that can be used to make containers more secure and provided some recommendations based on what they have learned along the way.

Security updates for Wednesday

Wednesday 21st of August 2019 01:13:32 PM
Security updates have been issued by Fedora (ghostscript, pango, and squirrelmail), openSUSE (libcryptopp, squid, tcpdump, and wireshark), SUSE (flatpak), and Ubuntu (giflib and NLTK).

Announcing notqmail

Tuesday 20th of August 2019 11:17:21 PM
The notqmail project has announced its existence and shipped an initial release. It's a new fork of the venerable qmail mail transport system. "Our first release is informed, conservative, and careful — but bold. It reflects our brand-new team’s rapid convergence on where we’re going and how we’ll get there."

Open source POWER ISA takes aim at Intel and Arm (TechRepublic)

Tuesday 20th of August 2019 11:11:12 PM
TechRepublic reports on the opening of the POWER instruction-set architecture. "While the POWER ISA was itself licensable following the creation of the OpenPOWER Foundation in 2013, that came at a cost. Now, the POWER ISA is available royalty-free, inclusive of patent rights." The OpenPOWER Foundation is also being folded into the Linux Foundation.

Security updates for Tuesday

Tuesday 20th of August 2019 01:17:52 PM
Security updates have been issued by Debian (flask), openSUSE (clementine, dkgpg, libTMCG, openexr, and zstd), Oracle (kernel, mysql:8.0, redis:5, and subversion:1.10), SUSE (nodejs6, python-Django, and rubygem-rails-html-sanitizer), and Ubuntu (cups, docker, docker-credential-helpers, kconfig, kde4libs, libreoffice, nova, and openldap).

[$] On-disk format robustness requirements for new filesystems

Monday 19th of August 2019 11:17:00 PM
The "Extendable Read-Only File System" (or "EROFS") was first posted by Gao Xiang in May 2018; it was merged into the staging tree for the 4.19 release. There has been a steady stream of work on EROFS since then, and its author now thinks that it is ready to move out of staging and join the other official filesystems in the kernel. It would seem, though, that there is one final hurdle that it may have to clear: robustness in the face of a corrupted on-disk filesystem image. That raises an interesting question: to what extent do new filesystems have to exhibit a level of robustness that is not met by the filesystems that are currently in heavy use?

Stapelberg: distri: a Linux distribution to research fast package management

Monday 19th of August 2019 01:46:11 PM
Michael Stapelberg has announced the first release of "distri", a distribution focused on simplifying and accelerating package management. "distri’s package manager is extremely fast. Its main bottleneck is typically the network link, even at high speed links (I tested with a 100 Gbps link). Its speed comes largely from an architecture which allows the package manager to do less work."

Security updates for Monday

Monday 19th of August 2019 01:39:31 PM
Security updates have been issued by CentOS (kernel and openssl), Debian (ffmpeg, golang-1.11, imagemagick, kde4libs, openldap, and python3.4), Fedora (gradle, hostapd, kdelibs3, and mgetty), Gentoo (adobe-flash, hostapd, mariadb, patch, thunderbird, and vlc), Mageia (elfutils, mariadb, mythtv, postgresql, and redis), openSUSE (chromium, kernel, LibreOffice, and zypper, libzypp and libsolv), Oracle (ghostscript), Red Hat (rh-php71-php), SUSE (bzip2, evince, firefox, glib2, glibc, java-1_8_0-openjdk, polkit, postgresql10, python3, and squid), and Ubuntu (firefox).

A new chair for the openSUSE board

Monday 19th of August 2019 01:21:45 PM
Richard Brown has announced that he is stepping down as the chair of the openSUSE board. "I have absolute confidence in the openSUSE Board; Indeed, I don't think I would be able to make this decision at this time if I wasn't certain that I was leaving openSUSE in good hands. On that note, SUSE has appointed Gerald Pfeifer as my replacement as Chair. Gerald is SUSE's EMEA-based CTO, with a long history as a Tumbleweed user, an active openSUSE Member, and upstream contributor/maintainer in projects like GCC and Wine."

Kernel prepatch 5.3-rc5

Monday 19th of August 2019 01:17:34 PM
Linus has released the 5.3-rc5 kernel prepatch, saying: "It's been calm, and nothing here stands out, except perhaps some of the VM noise where we un-reverted some changes wrt node-local vs hugepage allocations."

Git v2.23.0 released

Sunday 18th of August 2019 03:06:10 PM
Version 2.23.0 of the Git source-code management system is out. There's a lot of new features, including a new "git merge --quit" option, new "git switch" and "git restore" commands, and more.

[$] Reconsidering unprivileged BPF

Friday 16th of August 2019 03:11:47 PM
The BPF virtual machine within the kernel has seen a great deal of work over the last few years; as that has happened, its use has expanded to many different kernel subsystems. One of the objectives of that work in the past has been to make it safe to allow unprivileged users to load at least some types of BPF programs into the kernel. A recent discussion has made it clear, though, that the goal of opening up BPF to unprivileged users has been abandoned as unachievable, and that further work in that direction will not be accepted by the BPF maintainer.

kdevops: a devops framework for Linux kernel development

Friday 16th of August 2019 02:58:56 PM
Luis Chamberlain has announced the "kdevops" kernel-development framework. "I'm announcing the release of kdevops which aims at making setting up and testing the Linux kernel for any project as easy as possible. Note that setting up testing for a subsystem and testing a subsystem are two separate operations, however we strive for both. This is not a new test framework, it allows you to use existing frameworks, and set those frameworks up as easily can humanly be possible. It relies on a series of modern hip devops frameworks, it relies on ansible, vagrant and terraform, ansible roles through the Ansible Galaxy, and terraform modules."

Stable kernels 5.2.9, 4.19.67, and 4.14.139

Friday 16th of August 2019 02:43:55 PM
Three new stable kernels have been announced by Greg Kroah-Hartman: 5.2.9, 4.19.67, and 4.14.139. There are important fixes in each; users should upgrade.

Security updates for Friday

Friday 16th of August 2019 01:52:52 PM
Security updates have been issued by Debian (freetype, libreoffice, and openjdk-7), Fedora (edk2, mariadb, mariadb-connector-c, mariadb-connector-odbc, python-django, and squirrelmail), Gentoo (chromium, cups, firefox, glibc, kconfig, libarchive, libreoffice, oracle-jdk-bin, polkit, proftpd, sqlite, wget, zeromq, and znc), openSUSE (bzip2, chromium, dosbox, evince, gpg2, icedtea-web, java-11-openjdk, java-1_8_0-openjdk, kconfig, kdelibs4, mariadb, mariadb-connector-c, nodejs8, pdns, polkit, python, subversion, and vlc), Oracle (ghostscript and kernel), Red Hat (mysql:8.0 and subversion:1.10), SUSE (389-ds, libvirt and libvirt-python, and openjpeg2), and Ubuntu (nginx).

KDE Applications 19.08 Brings New Features to Konsole, Dolphin, Kdenlive, Okular and Dozens of Other Apps (KDE.News)

Thursday 15th of August 2019 11:36:02 PM
KDE.News reports on the release of KDE Applications 19.08. The release has updates for many different applications, as can also be seen in the official announcement. "Take Konsole, our powerful terminal emulator, which has seen major improvements to its tiling abilities. We've made tiling a bit more advanced, so now you can split your tabs as many times as you want, both horizontally and vertically. The layout is completely customizable, so feel free to drag and drop the panes inside Konsole to achieve the perfect workspace for your needs. Dolphin, KDE's file explorer, introduces features that will help you step up your file management game. Let's start with bookmarks, a feature that allows you to create a quick-access link to a folder, or save a group of specific tabs for future reference. We've also made tab management smarter to help you declutter your desktop. Dolphin will now automatically open folders from other apps in new tabs of an existing window, instead of in their own separate windows."

[$] PHP and P++

Thursday 15th of August 2019 02:03:33 PM
PHP is the Fortran of the world-wide web: it demonstrated the power of code embedded in web pages, but has since been superseded in many developers' minds by more contemporary technologies. Even so, as with Fortran, there is far more PHP code out there than one might think, and PHP is still chosen for new projects. There is a certain amount of tension in the PHP development community between the need to maintain compatibility for large amounts of ancient code and the need to evolve the language to keep it relevant for current developers. That tension has now come into the open with a proposal to split PHP into two languages.

Security updates for Thursday

Thursday 15th of August 2019 01:26:37 PM
Security updates have been issued by openSUSE (irssi, ledger, libheimdal, libmediainfo, libqb, and libsass) and Slackware (mozilla).

[$] LWN.net Weekly Edition for August 15, 2019

Thursday 15th of August 2019 12:51:42 AM
The LWN.net Weekly Edition for August 15, 2019 is available.

[$] Hardening the "file" utility for Debian

Wednesday 14th of August 2019 06:47:49 PM
The file command would seem to be an ideal candidate for sandboxing; it routinely handles untrusted input. But an effort to add seccomp() filtering to file for Debian has run aground. The upstream file project has added support for sandboxing via seccomp() but it does not play well with other parts of the Debian world, package building in particular. This situation provides further evidence that seccomp() filtering is brittle and difficult to use.

More in Tux Machines

Games: vkBasalt, Ikey Doherty, Crusader Kings II, Sunless Skies

  • vkBasalt, an open source Vulkan post processing layer for Contrast Adaptive Sharpening

    This is an interesting open source project! vkBasalt is a new Vulkan post processing layer that currently supports Contrast Adaptive Sharpening. Unlike Radeon Image Sharpening, vkBasalt supports Linux and works with both NVIDIA and AMD. This isn't entirely reinventing the wheel though, as it's partly based upon the ReShade port of AMD's CAS. Still, it's fun to see what hackers are able to do with little layers like this, especially when we don't have official support.

  • Ikey Doherty Launches Open-Source Focused Game/Software Development Company

    Well known open-source figure Ikey Doherty who rose to prominence for his work on the Solus Linux distribution and then went on to work on Intel's Clear Linux project is now having his hand at game engine development. Ikey shared with us that he left Intel back in May to begin his new adventure: Lispy Snake. Lispy Snake is a UK software development firm that at least initially is working on a game engine and games. Given Ikey's experience, the firm is focused on leveraging open-source technologies.

  • After making Crusader Kings II free, Paradox are now giving away The Old Gods expansion

    It's been a bit of a whirlwind of Paradox news recently and we have even more to share. With a tiny amount of effort, you can get The Old Gods expansion for Crusader Kings II free. This is after Crusader Kings II was set free to play and Crusader Kings III was announced just like I suggested it would be.

  • Failbetter Games are upgrading owners of Sunless Skies to the Sovereign Edition next year

    Failbetter Games have announced that Sunless Skies is getting a bit of an upgrade with the Sovereign Edition and it's going to be free to existing purchasers when it's release next year. Part of the reason, is that it will be releasing on Consoles so they're polishing the experience up some more. It's not just a special console edition though, it's coming with a bunch of new content and various improvements to the flow of it. To release on PC at the same time as Consoles, free for existing players.

What To Do After Installing Ubuntu 19.10 Eoan Ermine

In this traditional article special for Ubuntu 19.10 Eoan Ermine you will find my suggestions and recommendations in 3 parts, work (including date/time adjustments, productivity tools), non-work (including extensions, podcasts, RSS, codecs), and system maintenance (including CPU-X, repository setup, auto-backup). I also have suggestion for you wanting Global Menu on this Eoan Ermine OS at the end. Adjust it once and use freely everyday. Finally, I hope Ubuntu 19.10 will be your best tool you could imagine to use without worry. Happy working! Read more

Python Programming Leftovers

  • Pylint: Making your Python code consistent

    Pylint is a higher-level Python style enforcer. While flake8 and black will take care of "local" style: where the newlines occur, how comments are formatted, or find issues like commented out code or bad practices in log formatting. Pylint is extremely aggressive by default. It will offer strong opinions on everything from checking if declared interfaces are actually implemented to opportunities to refactor duplicate code, which can be a lot to a new user. One way of introducing it gently to a project, or a team, is to start by turning all checkers off, and then enabling checkers one by one. This is especially useful if you already use flake8, black, and mypy: Pylint has quite a few checkers that overlap in functionality.

  • PyDev of the Week: Sophy Wong

    This week we welcome Sophy Wong (@sophywong) as our PyDev of the Week! Sophy is a maker who uses Circuit Python for creating wearables. She is also a writer and speaker at Maker events. You can see some of her creations on her Youtube Channel or her website. Let’s take a few moments to get to know her better!

  • Erik Marsja: Converting HTML to a Jupyter Notebook

    In this short post, we are going to learn how to turn the code from blog posts to Jupyter notebooks.

Proper Linux Screen Sharing Coming to Chromium & Electron Apps like Discord

A patch to add ‘screen enumeration’ to the Chromium browser is currently pending merge upstream. Once this fix is accepted Chromium and Chromium-based apps (like Discord) will finally support full screen sharing on Linux in a manner similar to that on Windows and macOS. Not being a multi-monitor user, or someone who shares their screen often, I wasn’t aware of this particular limitation until recently. So I’ll explain. Read more