Language Selection

English French German Italian Portuguese Spanish

Gentoo

[Gentoo] AArch64 (arm64) profiles are now stable!

Filed under
Gentoo

The ARM64 project is pleased to announce that all ARM64 profiles are now stable.

While our developers and users have contributed significantly in this accomplishment, we must also thank our Packet sponsor for their contribution. Providing the Gentoo developer community with access to bare metal hardware has accelerated progress in acheiving the stabilization of the ARM64 profiles.

Read more

Verifying Gentoo election results via Votrify

Filed under
Gentoo

Gentoo elections are conducted using a custom software called votify. During the voting period, the developers place their votes in their respective home directories on one of the Gentoo servers. Afterwards, the election officials collect the votes, count them, compare their results and finally announce them.

The simplified description stated above suggests two weak points. Firstly, we rely on honesty of election officials. If they chose to conspire, they could fake the result. Secondly, we rely on honesty of all Infrastructure members, as they could use root access to manipulate the votes (or the collection process).

To protect against possible fraud, we make the elections transparent (but pseudonymous). This means that all votes cast are public, so everyone can count them and verify the result. Furthermore, developers can verify whether their personal vote has been included. Ideally, all developers would do that and therefore confirm that no votes were manipulated.

Currently, we are pretty much implicitly relying on developers doing that, and assuming that no protest implies successful verification. However, this is not really reliable, and given the unfriendly nature of our scripts I have reasons to doubt that the majority of developers actually verify the election results. In this post, I would like to shortly explain how Gentoo elections work, how they could be manipulated and introduce Votrify — a tool to explicitly verify election results.

Read more

Michał Górny (Gentoo) and Daniel Kahn Gillmor (Debian) on OpenPGP Security

Filed under
GNU
Linux
Gentoo
Security
Debian
  • Michał Górny: SKS poisoning, keys.openpgp.org / Hagrid and other non-solutions

    The recent key poisoning attack on SKS keyservers shook the world of OpenPGP. While this isn’t a new problem, it has not been exploited on this scale before. The attackers have proved how easy it is to poison commonly used keys on the keyservers and effectively render GnuPG unusably slow. A renewed discussion on improving keyservers has started as a result. It also forced Gentoo to employ countermeasures. You can read more on them in the ‘Impact of SKS keyserver poisoning on Gentoo’ news item.

    Coicidentally, the attack happened shortly after the launch of keys.openpgp.org, that advertises itself as both poisoning-resistant and GDPR-friendly keyserver. Naturally, many users see it as the ultimate solution to the issues with SKS. I’m afraid I have to disagree — in my opinion, this keyserver does not solve any problems, it merely cripples OpenPGP in order to avoid being affected by them, and harms its security in the process.

    In this article, I’d like to shortly explain what the problem is, and which of the different solutions proposed so far to it (e.g. on gnupg-users mailing list) make sense, and which make things even worse. Naturally, I will also cover the new Hagrid keyserver as one of the glorified non-solutions.

  • Daniel Kahn Gillmor: WKD for debian.org

    By default, this will show you any matching certificate that you already have in your GnuPG local keyring. But if you don't have a matching certificate already, it will fall back to using WKD.

    These certificates are extracted from the debian keyring and published at https://openpgpkey.debian.org/.well-known/debian.org/, as defined in the WKD spec. We intend to keep them up-to-date when ever the keyring-maint team publishes a new batch of certificates. Our tooling uses some repeated invocations of gpg to extract and build the published tree of files.

    Debian is current not implementing the Web Key Directory Update Protocol (and we have no plans to do so). If you are a Debian developer and you want your OpenPGP certificate updated in WKD, please follow the normal procedures for Debian keyring maintenance like you always have.

Review: Sabayon 19.03

Filed under
Gentoo
Reviews

Sabayon's claim that it is a "beginner-friendly" distro that is "bleeding edge" and "stable and reliable" is a bit of a stretch. I doubt "beginners" will comprehend the instructions for what to do after installing Sabayon - and that is assuming inexperienced users will find the information in the first place. Similarly, the systemd and GNOME versions are rather old for a distro that claims to be "bleeding edge". That said, I did find Sabayon's GNOME edition to be stable and reliable, bar a few minor issues (such as the notification about the VirtualBox kernel service not running).

I don't think it is entirely fair to ask if Sabayon lives up to the bold marketing slogans on its home page. Personally, I see Sabayon as a friendly and interesting distro for tinkerers and distro-hoppers, and a very good one at that. I should also mention that, in general, Sabayon's use of language is refreshingly informal; both the graphical Rigo package manager and the wiki put a smile on my face more than once. Even Equo has some jokes built in - the command equo moo prints an ASCII cow that says "Entromoooo!".

Sabayon does still has some way to go to become the sophisticated operating system it wants to be. With 19.03 the distro switched from the Anaconda to the Calamares installer which, to my mind at least, is a good decision. However, contrary to what is claimed in the release notes, the disk encryption issue has not been resolved yet and the wiki still talks about how to find your way through the Anaconda installer. Work on the new wiki announced in the release notes seems to be at a very early stage.

I also couldn't fail to notice that Sabayon's forums are rather quiet. Lively forums don't necessarily equate to a thriving community, but the overall feeling I got is that Sabayon could do with a bit more momentum. That shouldn't discourage you from giving Sabayon a try though. On the contrary, if you are a Linux-loving tinkerer then Sabayon might be the distro for you.

Read more

Gentoo News: Nitrokey partners with Gentoo Foundation to equip developers with USB keys

Filed under
Gentoo
Security

The Gentoo Foundation has partnered with Nitrokey to equip all Gentoo developers with free Nitrokey Pro 2 devices. Gentoo developers will use the Nitrokey devices to store cryptographic keys for signing of git commits and software packages, GnuPG keys, and SSH accounts.

Thanks to the Gentoo Foundation and Nitrokey’s discount, each Gentoo developer is eligible to receive one free Nitrokey Pro 2. To receive their Nitrokey, developers will need to register with their @gentoo.org email address at the dedicated order form.

A Nitrokey Pro 2 Guide is available on the Gentoo Wiki with FAQ & instructions for integrating Nitrokeys into developer workflow.

Read more

Sabayon 19.03 - New stable release

Filed under
Gentoo

The team behind Sabayon is excited to present you the latest stable release: Sabayon 19.03.

Sabayon is a modern and easy to use distribution based on Gentoo, which follows a reliable rolling release model.

Please read on or download your flavour Smile

19.03 is a long awaited release, coming with a lot of new features and enhancements...

Read more

Also: Gentoo-Based Sabayon 19.03 - Finally Supports Full Disk Encryption, Python 3 Default

Gentoo-Based Sabayon 19.03 - Finally Supports Full Disk Encryption, Python 3 Default

A Look at the New Gentoo Based Sabayon 19.03 and Gentoo Based ChromeOS

Filed under
Gentoo
Google
  • Sabayon 19.03 overview | The beginner-friendly Gentoo-based Linux distribution.

    In this video, i am going to show an overview of Sabayon 19.03 and some of the applications pre-installed.

  • Google I/O 2019 schedule goes live with sessions on Stadia, Dark Mode, Linux on Chrome OS, and more

    Google I/O is one of the biggest developer conferences held by Google every year, wherein they announce upcoming changes to Google services and how developers should react in order to prepare themselves for these changes. Google I/O 2019 is scheduled to begin on May 7, 2019 at the Shoreline Amphitheatre in Mountain View, California (USA), and now, Google has posted the initial schedule for the conference.

    As expected, I/O 2019 will kick off with the main Google keynote at 10AM PDT, and will be hosted by key Google executives, including Mr. Sundar Pichai, in all likelihood. As it does every year, this event will provide an overview of upcoming changes to Google products and services, including Android and its next version, Android Q. This event will be livestreamed, so you won’t be missing out on too much if you did not manage to score a ticket.

  • 4K Video Editing on Chromebooks May Be Possible Soon

    If Google’s Stadia project ends up delivering the way it promises, there will be a totally viable gaming solution for Chromebooks. For photo and graphic editing, there are options like Pixlr, Gravit Designer on the web and Photoshop or Lightroom on Android. Add to that a very workable solution in GIMP and Inkscape in Linux and you have most of your photo and graphic editing needs met.

Gentoo GNOME 3.30 for all init systems

Filed under
Gentoo
GNOME

GNOME 3.30 is now available in Gentoo Linux testing branch.
Starting with this release, GNOME on Gentoo once again works with OpenRC, in addition to the usual systemd option. This is achieved through the elogind project, a standalone logind implementation based on systemd code, which is currently maintained by a fellow Gentoo user. It provides the missing logind interfaces currently required by GNOME without booting with systemd.

For easier GNOME install, the desktop/gnome profiles now set up default USE flags with elogind for OpenRC systems, while the desktop/gnome/systemd profiles continue to do that for systemd systems. Both have been updated to provide a better initial GNOME install experience. After profile selection, a full install should be simply a matter of `emerge gnome` for testing branch users. Don’t forget to adapt your system to any changed USE flags on previously installed packages too.

Read more

Don't Look For Gentoo's CPU Optimization Options To Land In The Mainline Linux Kernel

Filed under
Linux
Gentoo

Gentoo's Linux kernel build has long offered various CPU options in allowing those building their distribution to optimize their kernel build to the CPU being used. Every so often the patch is suggested for upstreaming to the mainline Linux kernel before being quickly rejected by the upstream maintainers.

This week the kernel CPU options patch was suggested for mainlining in the Linux kernel. The patch adds extra CPU options to the kernel configuration (Kconfig) area for adjusting the GCC optimization values for various generations of Intel/AMD CPUs. It allows building the kernel ranging from -march=k8-sse3 to -march=cannonlake, among other prominent generations of Intel/AMD processors over the years.

Read more

Redcore Linux Gives Gentoo a Nice Facelift

Filed under
Linux
Gentoo
Reviews

I like the overall look and feel of Redcore Linux. I generally do not use Gentoo-based Linux distros.

However, this distro does a good job of leveling the field of differences among competing Linux families. I especially like the way the LXQt and the KDE Plasma desktops have a noticeable common design that makes the Redcore distro stand out.

Read more

Syndicate content

More in Tux Machines

Bashtop on openSUSE | Terminal

I am generally behind the curve when it comes to the new hotness out there. Not sure what it is, maybe I am out of phase with the rest of the world, maybe just behind on my podcast listening or not really paying attention, so while everyone else has moved on to the next new hotness, I am hanging out in one-month-ago time and have enjoyed this thing called “Bashtop” What is Bashtop and why do I care? If you are a nerd about what your system is doing and like to see the numbers, charts graphs, etc, than Bashtop is going to be an application you absolutely adore. The little bits of information it gives you from CPU load, load average, and frequency is superb. The chart it produces on the CPU usage looks fantastic and really makes you wonder how they accomplished this when it is only in text mode. Truly a feat of terminal engineering! [...] I have historically made htop my go-to terminal system monitoring application. I still think htop is good but I happen to enjoy the experience of Bashtop just a bit more. It feels more like a full fledged product as opposed to a terminal application. If you like such technical information, I highly recommend installing and trying bashtop. I believe you will really enjoy it. I have been informed, today, that there is yet another system resource application to try in the terminal called bpytop. That means, more relishable application exploration is on the horizon! Linux and open source software is so much fun! Read more

today's leftovers

  • openSUSE Tumbleweed – Review of the week 2020/48 – Dominique a.k.a. DimStar (Dim*)

    After last week being filled with problems, this week felt like a ‘relaxing one’ – not that there would be fewer changes incoming, but we could focus on those changes instead of cuddling the infrastructure. And so it comes that we managed to publish 5 snapshots during this week (1119, 1121, 1123, 1124, and 1125).

  • Red Hat Process Automation Manager 7.9 brings Apache Kafka integration and more - Red Hat Developer

    Red Hat Process Automation Manager 7.9 brings bug fixes, performance improvements, and new features for process and case management, business and decision automation, and business optimization. This article introduces you to Process Automation Manager’s out-of-the-box integration with Apache Kafka, revamped business automation management capabilities, and support for multiple decision requirements diagrams (DRDs). I will also guide you through setting up and using the new drools-metric module for analyzing business rules performance, and I’ll briefly touch on Spring Boot integration in Process Automation Manager 7.9.

  • Getting started with Fedora CoreOS

    Fedora CoreOS (FCOS) came from the merging of CoreOS Container Linux and Fedora Atomic Host. It is a minimal and monolithic OS focused on running containerized applications. Security being a first class citizen, FCOS provides automatic updates and comes with SELinux hardening. For automatic updates to work well they need to be very robust. The goal being that servers running FCOS won’t break after an update. This is achieved by using different release streams (stable, testing and next). Each stream is released every 2 weeks and content is promoted from one stream to the other (next -> testing -> stable). That way updates landing in the stable stream have had the opportunity to be tested over a long period of time.

  • Slimjet – SparkyLinux

    Slimjet is built on top of the Chromium open-source project on which Google Chrome is also based. It enjoys the same speed and reliablity provided by the underlying blink engine as Google Chrome. However, many additional features and options have been added in Slimjet to make it more powerful, intelligent and customizable than Chrome. In addition to that, Slimjet DOES NOT send any usage statistics back to Google’s server like Google Chrome, which is a growing concern for many Chrome users due to the ubiquitous presence and reach of the advertising empire. Slimjet is compatible with all extensions and plugins designed for Google Chrome available from the Chrome web store.

  • Better handling of cached field results in Writer

    Writer now has much better support for preserving the cached result of fields in documents. This is especially beneficial for Word formats where the input document may have a field result which is not only a cache, but re-calculating the formula would yield a different result, even in Word. [...] Collabora intends to continue supporting and contributing to LibreOffice, the code is merged so we expect all of this work will be available in TDF’s next release too (7.1).

  • Argus: The Linux Commander – Manila Bulletin

    If you are like me who uses a Mac to manage Linux servers, then you may find this little menu bar tool a little nifty. Argus, currently on version 1.3, is a free download from https://argus-app.net. Argus already supports Big Sur and the new Apple Silicon M1 SoC. Installing Argus is just like any other MacOS application — drag and drop. Since this is a monitoring tool for remote Linux servers, you will need to add basic server information so Argus can set it up and gather the data from it. Argus creates an SSH tunnel to the server, so it requires SSH credentials (of course this means that the remote server has SSH properly configured). You can use your username-password pair, but I’d advise that you set up your certificates first to make it more secure (and easier). Once you have provided the server information and SSH credentials, Argus will connect to it and start downloading the Argus daemon. Installing the daemon will require root privileges, so make sure that you have sudo access, as your password will be asked during the install. Configure all the other remote servers that you wish to monitor through the Preferences pane.

  • Additional Linux Power For SAP Business One

    The migration from ERP/ECC 6.0 to S/4 Hana continues to be one of the main challenges in the SAP community. It is worthwhile to also take a look at SAP Business One on Hana in this context. It’s well known that more and more companies of all shapes and sizes are taking the first step towards S/4 Hana or are already operating it. What’s not as well known, however, is that Business One (B1), a solution for smaller and mid-sized companies, has been on a steep growth trajectory for a few years now. Experts put the estimated number of B1 installations at 100,000 worldwide.

  • Master boot vinyl record: It just gives DOS on my IBM PC a warmer, more authentic tone

    Looking for something to do in quarantine? How about booting DOS from a 10-inch vinyl record? While booting an operating system nowadays usually sees the software loaded from disk or flash memory, some of us of a certain age recall the delights of shovelling bytes in memory via the medium of tape, such as an audio cassette sending noise into the RAM of a home computer. Tinkerer Jozef Bogin has taken things a little further by booting an elderly IBM PC from a record player. Bogin used an old IBM PC and took advantage of a boot loader that would cause the hardware to fall back to the PC's cassette interface should everything else (floppies etc) fail. An analogue recording of bootable, read-only RAM drive was played through the interface, containing a version of FreeDOS tweaked by Bogin to fit into the memory constraints, a tiny COMMAND.COM and a patched version of INTERLINK to shovel data through the printer cable.

  • The Homer Car, But It's leinir's Laptop

    We are now into week three of me sitting in a virtual machine on my better half's laptop, while we wait for my replacement Dell XPS 13 2-in-1 (2019) to arrive, after Dell conceded that they could not fix the old one. Short version: The graphics fan went wonky and stopped spinning, so they sent an engineer out to replace the mainboard (because everything is soldered on, including the fan assembly), and then it stopped booting. So they sent out another, and that also immediately failed to post, and then decided that wasn't worth trying again, so they would send me a replacement laptop. Three weeks later, and i have a tracking number, with no updates for a couple of days, though it also isn't past the estimate they gave me for getting it (two weeks for an in stock item, from Ireland to England, nice...).

GNOME and KDE librsvg, calculator and more

  • Do not use librsvg 2.40.x

    Please do not use librsvg 2.40.x; it cannot render recent Adwaita icon themes correctly. The librsvg 2.40.x series is the last "C only" version of the library; it was deprecated in 2017. During the port to Rust, I rewrote the path parser to be spec-compliant, and fixed a few cases that the C version did not handle. One of this cases is for compact Arc data. The SVG path grammar allows one to remove whitespace between numbers if the next number starts with a sign. For example, 23-45 gets parsed as two numbers 23 -45. In addition, the arguments of the Arc commands have two flags in the middle of a bunch of numbers. The flags can be 0 or 1, and there may be no whitespace between the flags and the next number. For example, A1.98 1.98 0 0015 13.96 gets parsed as A1.98 1.98 0 0 0 15 13.96 — note the two 0 0 flags before the 15. [...] Please use at least librsvg 2.48.x; any earlier versions are not supported. Generally I keep an eye on the last two stable release sets (2.48.x and 2.50.x as of this writing), but only commit fixes to the latest stable series (2.50.x currently).

  • Pranali Deshmukh: GSoD Weekly Summary 9

    The idea here was to consolidate all documentation regarding the different operational modes of the calculator into a single section consisting of an overview page along with dedicated pages for each of the operational modes: Basic, Advanced, Financial, Programming and Keyboard modes.

  • Please give us your 20.12 releases features

    The KDE release service will make another bundle of releases next month on Dec 10th.

Devices and Open Hardware: Chomebox, MNT Reform, Arduino and More

  • ASUS Chromebox 4 features Intel Comet Lake processor, WiFi 6, up to 16GB RAM

    Chrome OS devices, be it Chromebook laptops, Chomebox mini PCs, or Chromebit PC sticks, used to be relatively low-cost devices designed to run the Chrome browser. But over the years. the versatility of the platform has increased with more powerful, yet still with low-power consumption, hardware, and improved software with support for Android apps, the Google Play Store, and even Linux programs. [...] I could not quite remember what BC 1.2 meant, and it stands for “Battery Charging 1.2” technology meant you’ll be able to charge your smartphone or other battery-powered devices faster through compatible ports.

  • How to choose a wireless protocol for home automation

    In the second article in this series, I talked about local control vs. cloud connectivity and some things to consider for your home automation setup. In this third article, I will discuss the underlying technology for connecting devices to Home Assistant, including the dominant protocols that smart devices use to communicate and some things to think about before purchasing smart devices.

  • MNT Reform Production Update November 2020 — MNT Research

    Shortly after the conclusion of the Crowd Supply campaign, we shipped 8 hand-built beta devices and collected some last minute feedback. Based on the feedback and our own learnings during this last test assembly phase, we further refined some aspects of the MNT Reform design.

  • uSVC Arduino VGA board – a portable and programmable retro-gaming console (crowdfunding)

    Itaca Innovation previously launched uChip, an Arduino-compatible board that has a Cortex M0+ MCU that features 0.3” spacing between rows. Now, next-hack joined Itaca Innovation to come up with an expansion board for uChip. The uChip Simple VGA Console (uSVC) Arduino based retro-gaming console is open hardware and is a programmable console. It will allow creating and playing retro “9-bit” games with standard USB controllers and keyboards.

  • Arduino Blog » Controlling a gas convection heater with a custom thermostat

    Redditor “Higgs8” had a gas convection heater that is (or was) controlled manually, but they wanted something a bit more. To accomplish this, they came up with a small Arduino-based thermostat. This allows you to set the desired temperature using a potentiometer, and it senses the current temperature value via a DS18B20 thermometer unit. It then adjusts the formerly manual knob with a stepper motor and custom gear reduction in response, maintaining the desired comfort level.