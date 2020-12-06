Debian Installer Bullseye Alpha 3 Released and More Debian News
Debian Installer Bullseye Alpha 3 release
The Debian Installer team[1] is pleased to announce the third alpha release of the installer for Debian 11 "Bullseye". Improvements in this release ============================ * apt-setup: - Remove mention of volatile repo from generated sources.list file (#954460). * base-installer: - Improve test architecture, adding support for Linux 5.x versions. * brltty: - Improve hardware detection and driver support. * cdebconf: - Make text interface report progress more accurately: from the very beginning, and also as soon as an answer to a question has been given. * choose-mirror: - Update Mirrors.masterlist. * console-setup: - Improve support for box-drawing characters (#965029). - Sync Terminus font with the xfonts-terminus package. - Fix Lithuanian layout (#951387). * debian-cd: - Only include Linux udebs for the latest ABI, making small installation images more useful. * debian-installer: - Bump Linux kernel ABI to 5.9.0-4 - Drop fontconfig tweaks introduced in the Debian Installer Buster Alpha 1 release (See: #873462). - Install kmod-udeb instead of libkmod2-udeb. - Mimick libgcc1 handling, for libgcc-s1. - Clean up the list of fake packages. - Replace the mklibs library reduction pass with a hack, copying libgcc_s.so.[124] from the host filesystem for the time being. - Add explicit build-depends on fdisk on arm64, amd64 and i386 now that util-linux doesn't depend on it anymore. - Add grub2 to built-using (#968998). - Fix FTBFS with fakeroot by adjusting the /dev/console check (see #940056). * debian-installer-utils: - Adjust fetch-url's use of file descriptors for recent udev versions (#967546). * debootstrap: - Only install apt-transport-https on stretch and earlier, HTTPS support was merged into the core apt package for buster (#920255, #879755). * finish-install: - Drop upstart support entirely (#923845). * fonts-noto: - Fix Sinhala support in the installer (#954948). * grub-installer: - Update templates, to make them fit for UEFI systems and new kind of system storage media (#954718). * kmod: - Split kmod-udeb off of libkmod2-udeb and actually ship the libraries in libkmod2-udeb (#953952). * locale-chooser: - Activate new languages: Kabyle, Occitan. * partman-auto: - Bump /boot sizes in most recipes from between 128 and 256M to between 512 and 768M (#893886, #951709). - Import partman-auto/cap-ram support from Ubuntu, to allow capping RAM size as used for swap partition calculations (#949651, #950344). This allows us to cap the minimum size of swap partitions size to 1*CAP, and their maximum size to a maximum of 2 or 3*CAP depending on architecture. Default is set to 1024, thus capping swap partitions to between 1 and 3GB. * partman-efi: - Remount /cdrom read-write if it also happens to be used as /boot/efi (#967918). - Remove usage of the efivars module, and stop looking for /proc/efi. efivarfs is the current interface, and /proc/efi went away a long time ago. * partman-partitioning: - Include ntfs-3g-udeb on arm64. * partman-target: - Add a hint to the new fstab about using `systemctl daemon-reload` after changing /etc/fstab (#963573). * systemd: - Install 60-block.rules in udev-udeb (#958397). The block device rules were split out from 60-persistent-storage.rules in v220. This fixes a longstanding bug where UUIDs would not be used for filesystems on initial installation. * util-linux: - Take over eject-udeb (#737658). * win32-loader: - Introduce UEFI boot manager and Secure Boot support (#918863). Hardware support changes ======================== * debian-cd: - Enable graphical installer for arm64. - Exclude lilo-installer and elilo-installer udebs for all archs. - Stop making XFCE single CD images. - Stop making DVD ISO images 2 and 3 for amd64/i386 (they are still available via jigdo). * debian-installer: - Update Firefly-RK3288 image for new u-boot version. - [arm64] Add support for firefly-rk3399, pinebook-pro-rk3399, rockpro64-rk3399, rock64-rk3328 and rock-pi-4-rk3399 to u-boot images and netboot SD card images. - [arm64] Make all netboot sdcard images start at offset 32768, for compatibility with rockchip platforms. - Add OLPC XO-1.75 laptop support (#949306). - Enable GTK build for arm64. - Add support for NanoPi NEO Air (#928863). - Add wireless-regdb-udeb to Linux builds that include nic-wireless-modules. - efi-image: Improve sizing calculation to reduce wasted space. - efi-image: Include DTB files in the ESP for armhf and arm64 systems. This should make U-Boot based systems work better when booting via UEFI. * flash-kernel: - Add FriendlyARM NanoPi NEO Plus2 (#955374). - Add Pinebook (#930098). - Add Pinebook Pro. - Add Olimex A64-Olinuxino and A64-Olinuxino-eMMC (#931195). - Add SolidRun LX2160A Honeycomb and Clearfog CX (#958023). - Add SolidRun Cubox-i Solo/DualLite variants (#939261). - Add Turris MOX (#961303). * linux: - Move any compression modules to kernel-image udeb; drop compress-modules udeb. - Make input-modules udeb depend on crc-modules. - [arm64] Add i2c_mv64xxx to i2c-modules udeb. - [arm64] Add drivers/pinctrl to kernel-image udeb. - [arm64] Add analogix-anx6345, pwm-sun4i, sun4i-drm and sun8i-mixer to fb-modules udeb. - [arm64] Add pwm-sun4i to fb-modules udeb. - [arm64] Add armada_37xx_wdt to kernel-image udeb (#961086). - [mips*] Drop hfs-modules udeb. - [x86] Add crc32_pclmul to crc-modules udeb. - Add crc32_generic to crc-modules udeb. - Reverse order of cdrom-core and isofs/udf udebs: the latter ones now require the former. - Drop zlib-modules udeb (zlib_deflate is now always built-in). - Add f2fs-modules udeb. Localization status =================== * 78 languages are supported in this release. * New languages: Kabyle, Occitan. * Full translation for 16 of them. Known bugs in this release ========================== * There seems to be no known major bug as of yet. See the errata[2] for details and a full list of known issues. Feedback for this release ========================= We need your help to find bugs and further improve the installer, so please try it. Installation images, and everything else you will need are available at our web site[3]. Thanks ====== The Debian Installer team thanks everybody who has contributed to this release. 1. https://wiki.debian.org/DebianInstaller/Team 2. https://www.debian.org/devel/debian-installer/errata 3. https://www.debian.org/devel/debian-installer Cheers,
Debian Installer Bullseye Alpha 3 Switches To Linux 5.9, Larger /boot - Phoronix
While the Debian 11 "Bullseye" freezes don't get started until January, the Debian Installer for Bullseye has been in alpha for just over a year. Today marks the third alpha release of the Debian Installer for Bullseye.
Notable with this alpha update is switching over to the Linux 5.9.0-4 kernel. Linux 5.9 is currently the latest stable kernel series. We'll see if Linux 5.10 ends up making it into Debian 11 "Bullseye" especially as this will be a Long-Term Support (LTS) kernel release maintained for a period of at least five years, so presumably they will try to align on this kernel version for Bullseye.
Offsite backups to rsync.net from an Asustor NAS
I have an Asustor (Nimbuster 4 / AS5304T) NAS at home, which allows me to perform regular backups. Unfortunately, I couldn't manage to find a way to configure remote backups from the NAS to rsync.net using the "Remote Sync" option of the "Backup & Restore" app provided in the ADM OS of the Asustor NAS.
I'm used to using rsync -e ssh commands and would have expected some such configuration to be possible... it may just be some UI issue, but I couldn't find how to add one for rsync.net.
Thorsten Alteholz: My Debian Activities in November 2020
Unfortunately a day only has 24h. As the freeze is approaching, I had to concentrate a bit more on keeping my packages in shape. So this month I only accepted nine packages. The good news, I rejected no package. The overall number of packages that got accepted was 328.
Garuda Linux "Imperial Eagle" (201205)
This time we focused on fixing some bugs & inconveniences as well as providing a more consistent, fresh look to some parts of the "Garuda experience". In order, you will find a refreshed look browsing our website, two new themes & improved existing ones for our forum, a sweetified Cinnamon & MATE theme while i3 is returning to its old look with Conky. Garuda network assistant and Garuda boot options were previously unthemed, now they correctly use the existing Kvantum theme. As some of you might have noticed, our garuda-* metapkgs were replaced by *-support packages. Since the plan was to move them to AUR rather than our GitLab the names had to be adjusted accordingly. Also, some of them were dropped entirely due to MWHD being responsible for VAAPI/VDPAU packages now too. As part of this update the standard kernel was changed from Linux-zen to Linux-tkg-bmq as this one has some advantages (read more here: https://github.com/Frogging-Family/linux-tkg) and performed better. There are also CPU specific versions of this one available on Chaotic-AUR. Along with the kernel change, the ISO names are now less confusing as the Lite tag was dropped (these are regular versions right now). As there were 2 KDE versions in the last release, KDE dr460nized became the new KDE standard edition.
The hypervisor advantage
Operating Systems (OSs) like Linux and Android are widely used in embedded systems but being large, complex and inevitably containing numerous flaws once compromised, an attacker can violate the security and take control of the whole system. A method for improving the security of these systems is to use a hypervisor based on a secure microkernel that guarantees separation between the system software components. The microkernel is a secure layer of software below the OS that runs at a higher privilege level than the OS and virtualizes the hardware resources, the hypervisor allows the guest OS to run as it would directly on hardware. Because of the higher privilege level, the integrity of the system remains intact even if the guest OS is compromised. A hypervisor that is designed to be secure and reliable from the ground up offers significant advantages over hardware for implementing low-level security. Also, it can provide multiple levels of privilege so that a service with sensitive data could run in an isolated “compartment”, or partition, alongside a service with less sensitive information. Since it is virtually impossible to test millions of lines of code, it is inevitable that Linux and Android will continue to contain security vulnerabilities and software bugs. Also, the increasingly interconnected nature of embedded systems allows hackers to exploit those vulnerabilities. To make such systems more secure, the first requirement is to lockdown and control capabilities of the whole device. Using a multilevel protection approach like Multiple Independent Levels of Security (MILS) is one way to ensure systems, running vulnerable operating systems, remain secure.
GStreamer 1.18.2 stable bug fix release
The GStreamer team is pleased to announce another bug fix release in the stable 1.18 release series of your favourite cross-platform multimedia framework! This release only contains bugfixes and it should be safe to update from 1.18.x. Also: Phoronix Test Suite 10.2 Milestone 2 Brings More Testing Enhancements
Linux 5.10-rc7
Things look pretty good (knock wood), and rc7 is solidly in the average size department, with nothing that looks particularly scary. There's patches all over: drivers, architectures, networking. filesystems, mm, tooling, etc. But most of it is pretty small. The exceptions are a revert of a new virtio MEI driver that wasn't quite ready, some changes to the IBM vnic driver, and some arm64 entry code fixes. But those don't feel particularly worrisome, and the rest all looks normal. So unless something odd and bad happens next week, we'll have a final 5.10 release next weekend, and then we'll get the bulk of the merge window for 5.11 over and done with before the holiday season starts. And in the meantime, please do give this all a whirl, LinusAlso: Linux 5.10-rc7 Arrives - Linux 5.10 LTS Debut Expected Next Weekend - Phoronix
