Language Selection

English French German Italian Portuguese Spanish

LWN

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Updated: 1 hour 22 min ago

[$] Audacity gets a CLA

1 hour 57 min ago
The Audacity multi-track audio editor and recorder got its start in the previous century; it is a popular application that is available for multiple platforms, and it is licensed under the GPLv2 or later. But Audacity has been acquired by a newly formed organization called Muse Group; that event has caused something of an uproar in its community. The problem, at least in part, is the new Contributor License Agreement (CLA) required to contribute to Audacity.

FSFE: REUSE Booster helps Free Software projects with licensing and copyright

7 hours 29 min ago
The Free Software Foundation Europe introduces REUSE Booster. REUSE is a set of best practices to make Free Software licensing easier. "With REUSE Booster, we go one step further. We invite Free Software projects to register for getting help by the FSFE's legal experts. As the name suggests, this will boost the process of adopting the best practices as well as general understanding of licensing and copyright." The registration deadline is July 8.

linux.dev mailboxes for kernel developers

9 hours 43 min ago
Konstantin Ryabitsev has announced a new service providing @linux.dev mailboxes for people to use with kernel development. The documentation page has more information. "This is a BETA offering. Currently, it is only available to people listed in the MAINTAINERS file. We hope to be able to offer it to everyone else who can demonstrate an ongoing history of contributions to the Linux kernel (patches, git commits, mailing list discussions, etc)."

Security updates for Tuesday

11 hours 30 min ago
Security updates have been issued by CentOS (389-ds-base, dhcp, firefox, glib2, hivex, kernel, postgresql, qemu-kvm, qt5-qtimageformats, samba, and xorg-x11-server), Fedora (kernel and kernel-tools), Oracle (kernel and postgresql), Red Hat (dhcp and gupnp), Scientific Linux (gupnp and postgresql), SUSE (postgresql10 and xterm), and Ubuntu (imagemagick).

A possible copyright-policy change for glibc

12 hours 17 min ago
The GNU C Library developers are asking for comments on a proposal to stop requiring developers to assign their copyrights to the Free Software Foundation. This mirrors the recent change by GCC, except that the community is being consulted first. "The changes to accept patches with or without FSF copyright assignment would be effective on August 2nd, and would apply to all open branches. The glibc stewards, like the GCC SC, continue to affirm the principles of Free Software, and that will never change."

Aya: writing BPF in Rust

13 hours 11 min ago
The first release of the Aya BPF library has been announced; this project allows the writing of BPF programs in the Rust language. "Over the last year I've talked with many folks interested in using eBPF in the Rust community. My goal is to get as many of you involved in the project as possible! Now that the rustc target has been merged, it's time to build a solid foundation so that we can enable developers to write great eBPF enabled apps".

[$] quotactl_path() becomes quotactl_fd()

Monday 14th of June 2021 10:45:43 PM
The quotactl() system call is used to manipulate disk quotas on a filesystem; it can be used to turn quota enforcement on or off, change quotas, retrieve current usage information, and more. The 5.13 merge window brought in a new variant of that system call that was subsequently disabled due to API concerns; its replacement is now taking form.

Google's fully homomorphic encryption package

Monday 14th of June 2021 05:34:59 PM
The Google Developers Blog has this announcement describing the release of a fully homomorphic encryption project under the Apache license. "With FHE, encrypted data can travel across the Internet to a server, where it can be processed without being decrypted. Google’s transpiler will enable developers to write code for any type of basic computation such as simple string processing or math, and run it on encrypted data. The transpiler will transform that code into a version that can run on encrypted data. This then allows developers to create new programming applications that don’t need unencrypted data." See this white paper for more details on how it all works.

Security updates for Monday

Monday 14th of June 2021 03:36:00 PM
Security updates have been issued by Arch Linux (apache, gitlab, inetutils, isync, kube-apiserver, nettle, polkit, python-urllib3, python-websockets, thunderbird, and wireshark-cli), Debian (squid3), Fedora (glibc, libxml2, mingw-openjpeg2, and openjpeg2), Mageia (djvulibre, docker-containerd, exif, gnuchess, irssi, jasper, kernel, kernel-linus, microcode, python-lxml, python-pygments, rust, slurm, and wpa_supplicant, hostapd), openSUSE (389-ds and pam_radius), Oracle (.NET Core 3.1, container-tools:3.0, container-tools:ol8, krb5, microcode_ctl, postgresql:12, postgresql:13, and runc), Red Hat (dhcp, postgresql, postgresql:10, postgresql:12, postgresql:9.6, rh-postgresql10-postgresql, rh-postgresql12-postgresql, and rh-postgresql13-postgresql), Scientific Linux (dhcp and microcode_ctl), SUSE (ardana-neutron, ardana-swift, cassandra, crowbar-openstack, grafana, kibana, openstack-dashboard, openstack-ironic, openstack-neutron, openstack-neutron-gbp, openstack-nova, python-Django1, python-py, python-pysaml2, python-xmlschema, rubygem-activerecord-session_store, venv-openstack-keystone, crowbar-openstack, grafana, kibana, monasca-installer, python-Django, python-py, rubygem-activerecord-session_store, freeradius-server, libjpeg-turbo, spice, and squid), and Ubuntu (rpcbind).

Kernel prepatch 5.13-rc6

Sunday 13th of June 2021 11:27:16 PM
The 5.13-rc6 kernel prepatch is out for testing. "Nothing particularly special to say about this - rc6 is certainly smaller than rc5 was, so we're moving in the right direction".

[$] Code humor and inclusiveness

Friday 11th of June 2021 10:41:14 PM
Free-software development is meant to be fun, at least some of the time. Even developers of database-management systems seem to think that it is fun; there is no accounting for taste, it seems. Part of having fun is certainly allowing the occasional exercise of one's sense of humor while working on the code. But, as some recent "fix" attempts show, humor does not always carry through to developers all over the planet. Balancing humor and inclusiveness is always going to be a challenge for our community.

Privacy analysis of FLoC (Mozilla blog)

Friday 11th of June 2021 10:40:46 PM
Over on the Mozilla blog, Eric Rescorla looks into some of the privacy implications of the Federated Learning of Cohorts (FLoC), which is a Google effort to replace third-party cookies with a different type of identifier that is less trackable. But less tracking does not equal no tracking. "People's interests aren't constant and neither are their FLoC IDs. Currently, FLoC IDs seem to be recomputed every week or so. This means that if a tracker is able to use other information to link up user visits over time, they can use the combination of FLoC IDs in week 1, week 2, etc. to distinguish individual users. This is a particular concern because it works even with modern anti-tracking mechanisms such as Firefox's Total Cookie Protection (TCP). TCP is intended to prevent trackers from correlating visits across sites but not multiple visits to one site. FLoC restores cross-site tracking even if users have TCP enabled."

Poettering: The Wondrous World of Discoverable GPT Disk Images

Friday 11th of June 2021 10:08:05 PM
In a lengthy blog post, Lennart Poettering describes the advantages of using the unique IDs (UUIDs) and flags from the discoverable partitions specification to label the entries in a GUID Partition Table (GPT). That information can be used to tag disk images in a self-descriptive way, so that external configuration files (such as /etc/fstab) are not needed to assemble the filesystems for the running system. Systemd can use this information in a variety of ways, including for running the image in a container: "If a disk image follows the Discoverable Partition Specification then systemd-nspawn has all it needs to just boot it up. Specifically, if you have a GPT disk image in a file foobar.raw and you want to boot it up in a container, just run systemd-nspawn -i foobar.raw -b, and that's it (you can specify a block device like /dev/sdb too if you like). It becomes easy and natural to prepare disk images that can be booted either on a physical machine, inside a virtual machine manager or inside such a container manager: the necessary meta-information is included in the image, easily accessible before actually looking into its file systems."

Security updates for Friday

Friday 11th of June 2021 02:02:52 PM
Security updates have been issued by Debian (libwebp), Fedora (firefox, lasso, mod_auth_openidc, nginx, redis, and squid), Oracle (.NET 5.0, container-tools:2.0, dhcp, gupnp, hivex, kernel, krb5, libwebp, nginx:1.16, postgresql:10, and postgresql:9.6), SUSE (containerd, docker, runc, csync2, and salt), and Ubuntu (libimage-exiftool-perl, libwebp, and rpcbind).

[$] Implementing eBPF for Windows

Thursday 10th of June 2021 10:19:11 PM
Extended BPF (eBPF), the general-purpose execution engine inside of the Linux kernel, has proved helpful for tracing and monitoring the system, for processing network packets, or generally for extending the behavior of the kernel. So helpful, in fact, that developers working on other operating systems have been watching it. Dave Thaler and Poorna Gaddehosur, on behalf of Microsoft, recently published an implementation of eBPF for Windows. A Linux feature making its way to Windows, in itself, deserves attention. Even more so when that feature has brought new degrees of programmability to the Linux kernel over the last few years. This makes it especially interesting to look at what the new project can do, and to ponder how the current ecosystem might evolve as eBPF begins its journey toward Windows.

Privilege escalation with polkit: How to get root on Linux with a seven-year-old bug (GitHub blog)

Thursday 10th of June 2021 10:01:51 PM
On the GitHub blog, Kevin Backhouse writes about a privilege escalation vulnerability in polkit, which "enables an unprivileged local user to get a root shell on the system" CVE-2021-3560 "is triggered by starting a dbus-send command but killing it while polkit is still in the middle of processing the request. [...] Why does killing the dbus-send command cause an authentication bypass? The vulnerability is in step four of the sequence of events listed above. What happens if polkit asks dbus-daemon for the UID of connection :1.96, but connection :1.96 no longer exists? dbus-daemon handles that situation correctly and returns an error. But it turns out that polkit does not handle that error correctly. In fact, polkit mishandles the error in a particularly unfortunate way: rather than rejecting the request, it treats the request as though it came from a process with UID 0. In other words, it immediately authorizes the request because it thinks the request has come from a root process."

Another batch of stable kernels

Thursday 10th of June 2021 04:06:13 PM
The 5.12.10, 5.10.43, 5.4.125, 4.19.194, 4.14.236, 4.9.272, and 4.4.272 stable kernels have been released. As usual, they contain fixes all over the kernel tree and users of those series should upgrade.

Security updates for Thursday

Thursday 10th of June 2021 02:08:24 PM
Security updates have been issued by Debian (htmldoc, lasso, and rails), Fedora (exiv2, firefox, and microcode_ctl), openSUSE (python-HyperKitty), Oracle (389-ds-base, qemu-kvm, qt5-qtimageformats, and samba), Red Hat (container-tools:3.0, container-tools:rhel8, postgresql:12, and postgresql:13), Scientific Linux (389-ds-base, hivex, libwebp, qemu-kvm, qt5-qtimageformats, samba, and thunderbird), SUSE (caribou, djvulibre, firefox, gstreamer-plugins-bad, kernel, libopenmpt, libxml2, python-Pillow, qemu, spice, spice-gtk, and ucode-intel), and Ubuntu (rpcbind).

[$] LWN.net Weekly Edition for June 10, 2021

Thursday 10th of June 2021 12:00:51 AM
The LWN.net Weekly Edition for June 10, 2021 is available.

[$] When and how to evaluate Python annotations

Wednesday 9th of June 2021 04:57:04 PM
Annotations in Python came late to the party; they were introduced in Python 3 as a way to attach information to functions describing their arguments and return values. While that mechanism had obvious applications for adding type information to Python functions, standardized interpretations for the annotations came later with type hints. But evaluating the annotations at function-definition time caused some difficulties, especially with respect to forward references to type names, so a Python Enhancement Proposal (PEP) was created to postpone their evaluation until they were needed. The PEP-described behavior was set to become the default in the upcoming Python 3.10 release, but that is not to be; the postponement of evaluation by default has itself been postponed in the hopes of unwinding things.

More in Tux Machines

WordPress 5.8 Beta 2 and a Milestone for Kiwi TCMS

  • WordPress 5.8 Beta 2

    WordPress 5.8 Beta 2 is now available for testing! This software is still in development, so it’s not recommended to run this version on a production site. Consider setting up a test site to play with it.

  • Kiwi TCMS: Thank you for downloading Kiwi TCMS 500000 times

    We are happy to announce that Kiwi TCMS has been downloaded more than 500000 times via Docker Hub! You can check the real-time stats here.

Listen to LibrePlanet 2021, FSF Drops the Mic on Freenode

  • Listen to LibrePlanet 2021 audio in your podcast app

    LibrePlanet 2021 had a fantastic range of talented speakers, and we want to showcase their terrific talks in every way we can. So if you prefer listening to viewing, it's time to plan a long afternoon walk, fire up your favorite free podcasting app, and listen to LibrePlanet! The audio from this year's entertaining and educational talks is now available. We have uploaded the sessions in conjunction with an RSS feed you can import into your favorite podcasting app or RSS reader, enabling you to listen using a free podcast app like AntennaPod via Android, or gPodder, if you are on your desktop computer.

  • Update to the FSF and GNU's plan to move IRC channels to Libera.Chat

    Following our announcement of a planned gradual switch from the Freenode IRC network to Libera.Chat, Freenode staff, with no notice, seized control of the #fsf and #gnu channels away from FSF staff and GNU volunteers during the early hours of Sunday morning (EDT). This happened despite members of Freenode staff participating in the community meeting, as well as reassuring us publicly and privately that they would respect and support the resulting review and our decision. These channels were seized without informing the FSF or GNU representatives of any disagreements Freenode staff had with our plan, whether by means of the group contact system or otherwise. Adding to the situation's instability was their switch to a new IRC daemon late last night, also without notice, which dropped all existing nicks and channels from the database. This has forced us to adjust our plans for the transition, a move that was already necessary due to an abrupt change in Freenode policy that occurred shortly after our announcement, which eliminated the distinction between # and ## channels that we planned to use to pass ownership of the #fsf and #gnu channels over to the wider free software community.

  • GStreamer: IRC Channel has moved from Freenode to OFTC

    Due to the widely reported issues at the Freenode IRC network, the official GStreamer discussion IRC channel has moved to #gstreamer on the OFTC IRC network alongside other Freedesktop projects.

  • Developer chat moving

    For years, most development discussion for Krita has happened on the #krita channel on the Freenode IRC network. IRC is a venerable chat system (that’s to say, it’s old and quirky) but it works very well for us because it’s free and open source software and because it treats chat as chat: it doesn’t keep logs for you if you’re not in the channel, there are many clients and interaction is simple and limited to just text. However, the freenode IRC network is no longer a good host for our development work. The people currently managing the network are doing very strange things, and the people who used to manage the network have created a new network, libera.chat.

  • Freenode Is IRC; As In "Dumbest Takeover In History"

    Just today morning, freenode pulled the trigger on their servers and removed all channels, all users, all settings… Everything. And they say that they have restarted the network and will move to a new “fork”: [Global Notice 1/3] We are moving past legacy freenode to a new fork. The new freenode is launched. You will slowly be disconnected and when you reconnect, you will be on the new freenode. We patiently await to welcome you in freedom’s holdout – the freenode. [Global Notice 2/3] If you’re looking to connect now, you can already /server chat.freenode.net 6697 (ssl) or 6667 (plaintext). It’s a new genesis for a new era. Thank you for using freenode, and Hello World, from the future. freenode is IRC. freenode is FOSS. freenode is freedom. [Global Notice 3/3] When you connect, register your nickname and your channel and get started. It’s a new world. We’re so happy to welcome you and the millions of others. We will be posting more information in the coming days on our website and twitter. Otherwise, see you on the other side! freenode, which was the largest active IRC network, was taken over by Andrew Lee; The Korean crown prince. Former staff and volunteers say that there was absolutely no way this selling process could be legal, but due to his wealth and powerful relations, the Korean prince could not be stopped. Until today, by his own stupidity. The madman paid a large sum of money to buy the network – which is not yet disclosed – and then, started taking channels from their owners whenever they mentioned LiberaChat; an alternative to the freenode IRC network. One channel after another… Almost all FOSS community migrated away in a matter of few days when the controversy started. netsplit.de showed that 30-40K users migrated to the new network in less than a week.

Programming Leftovers

  • The curious world of check digits

    In many standardised numerical codes, one or more digits are special. They're called check digits and they can be used to check that the code hasn't changed due to human or computer error. For example, my Australian Business Number, or ABN, is 42 021 773 747. The last nine digits are my unique identifier and the first two digits are for checking.

  • Tau Station considered Dangerous: Game Review

    I thought I’d try out Tau Station for a couple of days and get a quick blog post out of it. That was three months and 11 levels ago. It took 2 months to wind down my obsessive nature and if not for Tau, I could have pushed a couple of new module versions to CPAN by now. That’s rather the reason that I don’t play games in the first place, so I can’t give great comparisons.

  • Live streaming the release of Perl 5.35.1

    In my talk at The Perl and Raku Conference in the Cloud 2021, I already announced it. I'm doing the release of the Perl developer version 5.35.1, and you can watch it live Sunday, 20th June on Twitch.

  • Daniel Stenberg: What goes into curl?

    curl is a command line tool and library for doing Internet data transfers. It has been around for a loooong time (over 23 years) but there is still a flood of new things being added to it and development being made, to take it further and to keep it relevant today and in the future. I’m the lead developer and head maintainer of the curl project. How do we decide what goes into curl? And perhaps more importantly, what does not get accepted into curl? Let’s look how this works in the curl factory.

  • Announcing Aya

    Aya was built with a focus on developer experience and operability. It does not require a C toolchain to build and doesn't even require kernel headers. Compiling the crate in release mode takes only a few seconds.

  • Aya: writing BPF in Rust

    The first release of the Aya BPF library has been announced; this project allows the writing of BPF programs in the Rust language. "Over the last year I've talked with many folks interested in using eBPF in the Rust community. My goal is to get as many of you involved in the project as possible! Now that the rustc target has been merged, it's time to build a solid foundation so that we can enable developers to write great eBPF enabled apps".

  • Testing cameras with lc-compliance on KernelCI

    Earlier this month, the very first KernelCI sprint or "hackfest" was held virtually, with more than a dozen engineers & developers from different communities in attendance. Initiated as a joint effort by the Google Chrome OS team and Collabora, the sprint's main objective was to extend KernelCI's coverage, including adding new tests such as the ability to detect regressions on the Linux kernel that can directly affect cameras. With Linux powering so many things and in so many different settings, there's great interest in making sure that it runs well in as many of them. KernelCI fills this purpose with an ever-increasing amount of tests and environments. The media subsystem is of course no exception, and it's just been joined by a new test suite.

  • C++ Coroutines, or "why are the templates failing aaaaaAAAAAAA"

    Qt's networking code has always been one of its more obtuse parts, requiring using signals for something that didn't quite seem right for them. A linear flow of code would become a jumbled mess of member functions and signal connections. When developing Challah's netcode, I quickly realised this wasn't going to suffice for the large amount of it I was going to be writing. Thus begins my journey through signal hell, arriving at many bumps before I discovered that integrating Qt's networking stuff with coroutines is possible.

  • Please welcome Boxy, Léo Lanteri Thauvin and the8472 to compiler-contributors

    Please welcome Boxy, Léo Lanteri Thauvin and the8472 to the compiler-contributors group! Boxy has been working on pushing const generics forward by implementing parts of the const_evaluatable_checked feature, fixing bugs and making rustdoc work with const generics. Boxy is also a frequent contributor to #project-const-generics discussions and meetings. Léo Lanteri Thauvin has been a consistent contributor of refactorings and improvements to rustc. Recently, Léo has been implementing a Major Change Proposal to migrate the unsafe checker to operate on THIR instead of MIR.

  • 1.53.0 pre-release testing | Inside Rust Blog

    The 1.53.0 pre-release is ready for testing. The release is scheduled for this Thursday, June 17th. Release notes can be found here.

Security and Privacy Leftovers

  • Security updates for Tuesday

    Security updates have been issued by CentOS (389-ds-base, dhcp, firefox, glib2, hivex, kernel, postgresql, qemu-kvm, qt5-qtimageformats, samba, and xorg-x11-server), Fedora (kernel and kernel-tools), Oracle (kernel and postgresql), Red Hat (dhcp and gupnp), Scientific Linux (gupnp and postgresql), SUSE (postgresql10 and xterm), and Ubuntu (imagemagick).

  • CloudLinux releases UChecker security tool for Linux servers | ZDNet

    Linux is more secure than Windows. We all know that. But that doesn't mean it has perfect security. Nothing does. CloudLinux is helping to improve Linux's operational security with the release of UChecker. The company is best-known for its Red Hat Enterprise Linux (RHEL)/CentOS server clone, CloudLinux, and its CentOS fork.

  • Privacy Redirect To A More Friendly Alternative

    Services like Nitter, Bibliogram, Open Street Maps and the countless private search engines are great but if you interact with normal people you will always end up on the original site as someone will send you a link, how about we fix that by just redirecting to where we want to go.

  • Apple's Subpoenas Show They Own You

    Most journalists seem to miss the larger civil liberties point when Big Tech companies get subpoenas for people’s digital archives. With the most recent example being where the Justice Department subpoenaed Apple while being gagged from disclosing such a subpoena, it is time to remind nearly everybody: You don’t own your digital life, Big Tech does. If you did own your digital files You would get the warrant not a tech giant. “Who gets the warrant?” is as defining of the evidence of ownership as “Follow the money” is to evidence of corruption. [...] Obviously at Purism we are investing heavily and working tirelessly daily to create products that are ever more convenient, with the end-goal of having a just alternative for society to avoid the freedom crushing status quo of products from Big Tech. We are a Social Purpose Corporation, whose reason for being—enshrined in our articles of incorporation— is to build products that respect the users right to freedom and civil liberties fully. This is why Purism will not get a warrant for your phone nor phone data—we don’t have it—because everything you buy from us you own fully. And every dollar of purchasing with Purism advances a future where your civil liberties will be respected in the digital world as well as the physical world. Think about Funding an App, or buying Purism products, to put your money toward a future you want to live in.

  • Western Australia rushes out legislation after cops access contact-tracing data to investigate serious crimes

    Police accessed COVID tracking QR check-in data to investigate a murder, causing the state of Western Australia (WA) to introduce urgent legislation in Parliament today. The app collecting the data, SafeWA, is free, mandatory, and has been used over 245 million times for people to register their presence at relevant venues in WA. The description for the app says the data is encrypted and stored for 28 days.