Language Selection

English French German Italian Portuguese Spanish

Gentoo

Funtoo Linux 1.4 Released

Filed under
GNU
Linux
Gentoo

Drobbins has announced the new release of Funtoo Linux 1.4 on Sep 11, 2019.

This release is based on a 21 June 2019 snapshot of Gentoo Linux with significant updates to key parts of the system, such as compiler and OpenGL subsystem.

This is the fourth release of the Funtoo Linux 1.x series, which may be the last update of this release, as the developer said he would start developing 2.0 a month later.

Read more

A Look at Redcore Linux: Gentoo based Linux Distribution

Filed under
GNU
Linux
Gentoo
Reviews

Many people in the technology world have heard, at least in passing, of the Linux distribution Gentoo. Gentoo is one of the most famous distributions to the point of becoming a joke; with it’s complexity and depth, installing Gentoo has been a daunting task for many.

Redcore is one of the latest distributions to attempt to bring the power of Gentoo to the everyday user.

I previously wrote an article in 2017 about Sabayon Linux, another popular Gentoo based system; but Redcore Linux holds its own and pulls its own weight.

Read more

[Gentoo] AArch64 (arm64) profiles are now stable!

Filed under
Gentoo

The ARM64 project is pleased to announce that all ARM64 profiles are now stable.

While our developers and users have contributed significantly in this accomplishment, we must also thank our Packet sponsor for their contribution. Providing the Gentoo developer community with access to bare metal hardware has accelerated progress in acheiving the stabilization of the ARM64 profiles.

Read more

Verifying Gentoo election results via Votrify

Filed under
Gentoo

Gentoo elections are conducted using a custom software called votify. During the voting period, the developers place their votes in their respective home directories on one of the Gentoo servers. Afterwards, the election officials collect the votes, count them, compare their results and finally announce them.

The simplified description stated above suggests two weak points. Firstly, we rely on honesty of election officials. If they chose to conspire, they could fake the result. Secondly, we rely on honesty of all Infrastructure members, as they could use root access to manipulate the votes (or the collection process).

To protect against possible fraud, we make the elections transparent (but pseudonymous). This means that all votes cast are public, so everyone can count them and verify the result. Furthermore, developers can verify whether their personal vote has been included. Ideally, all developers would do that and therefore confirm that no votes were manipulated.

Currently, we are pretty much implicitly relying on developers doing that, and assuming that no protest implies successful verification. However, this is not really reliable, and given the unfriendly nature of our scripts I have reasons to doubt that the majority of developers actually verify the election results. In this post, I would like to shortly explain how Gentoo elections work, how they could be manipulated and introduce Votrify — a tool to explicitly verify election results.

Read more

Michał Górny (Gentoo) and Daniel Kahn Gillmor (Debian) on OpenPGP Security

Filed under
GNU
Linux
Gentoo
Security
Debian
  • Michał Górny: SKS poisoning, keys.openpgp.org / Hagrid and other non-solutions

    The recent key poisoning attack on SKS keyservers shook the world of OpenPGP. While this isn’t a new problem, it has not been exploited on this scale before. The attackers have proved how easy it is to poison commonly used keys on the keyservers and effectively render GnuPG unusably slow. A renewed discussion on improving keyservers has started as a result. It also forced Gentoo to employ countermeasures. You can read more on them in the ‘Impact of SKS keyserver poisoning on Gentoo’ news item.

    Coicidentally, the attack happened shortly after the launch of keys.openpgp.org, that advertises itself as both poisoning-resistant and GDPR-friendly keyserver. Naturally, many users see it as the ultimate solution to the issues with SKS. I’m afraid I have to disagree — in my opinion, this keyserver does not solve any problems, it merely cripples OpenPGP in order to avoid being affected by them, and harms its security in the process.

    In this article, I’d like to shortly explain what the problem is, and which of the different solutions proposed so far to it (e.g. on gnupg-users mailing list) make sense, and which make things even worse. Naturally, I will also cover the new Hagrid keyserver as one of the glorified non-solutions.

  • Daniel Kahn Gillmor: WKD for debian.org

    By default, this will show you any matching certificate that you already have in your GnuPG local keyring. But if you don't have a matching certificate already, it will fall back to using WKD.

    These certificates are extracted from the debian keyring and published at https://openpgpkey.debian.org/.well-known/debian.org/, as defined in the WKD spec. We intend to keep them up-to-date when ever the keyring-maint team publishes a new batch of certificates. Our tooling uses some repeated invocations of gpg to extract and build the published tree of files.

    Debian is current not implementing the Web Key Directory Update Protocol (and we have no plans to do so). If you are a Debian developer and you want your OpenPGP certificate updated in WKD, please follow the normal procedures for Debian keyring maintenance like you always have.

Review: Sabayon 19.03

Filed under
Gentoo
Reviews

Sabayon's claim that it is a "beginner-friendly" distro that is "bleeding edge" and "stable and reliable" is a bit of a stretch. I doubt "beginners" will comprehend the instructions for what to do after installing Sabayon - and that is assuming inexperienced users will find the information in the first place. Similarly, the systemd and GNOME versions are rather old for a distro that claims to be "bleeding edge". That said, I did find Sabayon's GNOME edition to be stable and reliable, bar a few minor issues (such as the notification about the VirtualBox kernel service not running).

I don't think it is entirely fair to ask if Sabayon lives up to the bold marketing slogans on its home page. Personally, I see Sabayon as a friendly and interesting distro for tinkerers and distro-hoppers, and a very good one at that. I should also mention that, in general, Sabayon's use of language is refreshingly informal; both the graphical Rigo package manager and the wiki put a smile on my face more than once. Even Equo has some jokes built in - the command equo moo prints an ASCII cow that says "Entromoooo!".

Sabayon does still has some way to go to become the sophisticated operating system it wants to be. With 19.03 the distro switched from the Anaconda to the Calamares installer which, to my mind at least, is a good decision. However, contrary to what is claimed in the release notes, the disk encryption issue has not been resolved yet and the wiki still talks about how to find your way through the Anaconda installer. Work on the new wiki announced in the release notes seems to be at a very early stage.

I also couldn't fail to notice that Sabayon's forums are rather quiet. Lively forums don't necessarily equate to a thriving community, but the overall feeling I got is that Sabayon could do with a bit more momentum. That shouldn't discourage you from giving Sabayon a try though. On the contrary, if you are a Linux-loving tinkerer then Sabayon might be the distro for you.

Read more

Gentoo News: Nitrokey partners with Gentoo Foundation to equip developers with USB keys

Filed under
Gentoo
Security

The Gentoo Foundation has partnered with Nitrokey to equip all Gentoo developers with free Nitrokey Pro 2 devices. Gentoo developers will use the Nitrokey devices to store cryptographic keys for signing of git commits and software packages, GnuPG keys, and SSH accounts.

Thanks to the Gentoo Foundation and Nitrokey’s discount, each Gentoo developer is eligible to receive one free Nitrokey Pro 2. To receive their Nitrokey, developers will need to register with their @gentoo.org email address at the dedicated order form.

A Nitrokey Pro 2 Guide is available on the Gentoo Wiki with FAQ & instructions for integrating Nitrokeys into developer workflow.

Read more

Sabayon 19.03 - New stable release

Filed under
Gentoo

The team behind Sabayon is excited to present you the latest stable release: Sabayon 19.03.

Sabayon is a modern and easy to use distribution based on Gentoo, which follows a reliable rolling release model.

Please read on or download your flavour Smile

19.03 is a long awaited release, coming with a lot of new features and enhancements...

Read more

Also: Gentoo-Based Sabayon 19.03 - Finally Supports Full Disk Encryption, Python 3 Default

Gentoo-Based Sabayon 19.03 - Finally Supports Full Disk Encryption, Python 3 Default

A Look at the New Gentoo Based Sabayon 19.03 and Gentoo Based ChromeOS

Filed under
Gentoo
Google
  • Sabayon 19.03 overview | The beginner-friendly Gentoo-based Linux distribution.

    In this video, i am going to show an overview of Sabayon 19.03 and some of the applications pre-installed.

  • Google I/O 2019 schedule goes live with sessions on Stadia, Dark Mode, Linux on Chrome OS, and more

    Google I/O is one of the biggest developer conferences held by Google every year, wherein they announce upcoming changes to Google services and how developers should react in order to prepare themselves for these changes. Google I/O 2019 is scheduled to begin on May 7, 2019 at the Shoreline Amphitheatre in Mountain View, California (USA), and now, Google has posted the initial schedule for the conference.

    As expected, I/O 2019 will kick off with the main Google keynote at 10AM PDT, and will be hosted by key Google executives, including Mr. Sundar Pichai, in all likelihood. As it does every year, this event will provide an overview of upcoming changes to Google products and services, including Android and its next version, Android Q. This event will be livestreamed, so you won’t be missing out on too much if you did not manage to score a ticket.

  • 4K Video Editing on Chromebooks May Be Possible Soon

    If Google’s Stadia project ends up delivering the way it promises, there will be a totally viable gaming solution for Chromebooks. For photo and graphic editing, there are options like Pixlr, Gravit Designer on the web and Photoshop or Lightroom on Android. Add to that a very workable solution in GIMP and Inkscape in Linux and you have most of your photo and graphic editing needs met.

Gentoo GNOME 3.30 for all init systems

Filed under
Gentoo
GNOME

GNOME 3.30 is now available in Gentoo Linux testing branch.
Starting with this release, GNOME on Gentoo once again works with OpenRC, in addition to the usual systemd option. This is achieved through the elogind project, a standalone logind implementation based on systemd code, which is currently maintained by a fellow Gentoo user. It provides the missing logind interfaces currently required by GNOME without booting with systemd.

For easier GNOME install, the desktop/gnome profiles now set up default USE flags with elogind for OpenRC systems, while the desktop/gnome/systemd profiles continue to do that for systemd systems. Both have been updated to provide a better initial GNOME install experience. After profile selection, a full install should be simply a matter of `emerge gnome` for testing branch users. Don’t forget to adapt your system to any changed USE flags on previously installed packages too.

Read more

Syndicate content

More in Tux Machines

today's howtos

Openwashing and Linux Foundation Openwash

  • Huobi’s ‘Regulator-Friendly’ Blockchain Goes Open Source

    Huobi Chain, the regulator-facing public blockchain of exchange Huobi Group, is now open source and publicly available to all developers on GitHub, the firm said Tuesday. Nervos, a blockchain development startup, is providing part of the technical infrastructure for the project. The firms are developing pluggable components for the network that could enable regulators to supervise contract deployments, asset holdings and transfers, as well as the enforcement of anti money laundering regulations, Bo Wang, a Nervos researcher, told CoinDesk. The components will also allow financial institutions, such as banks and regulatory agencies, to freeze assets and accounts in case of emergencies via sidechains, according to Wang.

  • Is Open Source Broken?

    The movement to develop software applications and all manner of IT services through the open source model is fundamentally rooted in the notion of community contribution, but things have shifted.

  • Managing all your enterprise's APIs with new management gateways for review
  • See you at KubeCon!

    It’s that time of year again! We’re getting ready to head on out to San Diego for KubeCon + CloudNativeCon NA. For me, KubeCon always makes for an exciting and jam-packed week. 

  • Amazon Web Services, Genesys, Salesforce Form New Open Data Model

    To accelerate digital transformation, organizations in every industry are modernizing their on-premises technologies by adopting cloud-native applications. According to the International Data Corporation (IDC), global spend on cloud computing will grow from $147 billion in 2019 to $418 billion by 2024. Almost half of that investment will be tied to technologies that help companies deliver personalized customer experiences. One major challenge of this shift to cloud computing is that applications are typically created with their own data models, forcing developers to build, test, and manage custom code that’s necessary to map and translate data across different systems. The process is inefficient, delays innovation, and ultimately can result in a broken customer experience.

  • The Linux Kernel Mentorship program was a life changing experience

    Operating systems, computer architectures and compilers have always fascinated me. I like to go in depth to understand the important software components we depend on! My life changed when engineers from IBM LTC (Linux Technology Center) came to my college to teach us the Linux Kernel internals. When I heard about the Linux Kernel Mentorship program, I immediately knew that I wanted to be a part of it to further fuel my passion for Linux. One of the project in the lists of projects available to work during the Linux Kernel Mentorship program was on “Predictive Memory Reclamation”. I really wanted the opportunity to work on the core kernel, and I began working with my mentor Khalid Aziz immediately during the application period where he gave me a task regarding the identification of anonymous memory regions for a process. I learned a lot in the application period by reading various blogs, textbooks and commit logs. During my mentorship period, I worked to develop a predictive memory reclamation algorithm in the Linux Kernel. The aim of the project was to reduce the amount of time the Linux kernel spends in reclaiming memory to satisfy processes requests for memory when there is memory pressure, i.e not enough to satisfy the memory allocation of a process. We implemented a predictive algorithm that can forecast memory pressure and proactively reclaim memory to ensure there is enough available for processes.

GNU Guix: Spreading the news

Developers keep adding crazy features, fixing bugs, and generally improving things. But how good is it if users aren’t aware of these new things? As an example, since June, our build farm has been offering lzip-compressed binaries, which results in better performance when installing software. But to take advantage of that, users need to be aware of its existence, and they need to upgrade their Guix daemon. Likewise, how do we get people to learn about the new guix deploy command that’s now available at their fingertips, about security issues that were fixed, about important infrastructure changes, new options added to existing commands, and so forth? Our (frustrating!) experience has been that release notes, blog posts, and mailing list announcements aren’t quite enough to get the word out. There’s always people who’ll miss important info and realize when it’s already late, sometimes too late. Hence this simple idea: wouldn’t it be nice if important information would reach users right in their terminal? [...] Since it was applied a bit more than a month ago, we’ve already put the news mechanism to good use on quite a few occasions: giving users instructions on how to deal with locales after the last glibc upgrade, giving them upgrade info for CVE-2019-18192, telling them about new command-line options, and more. In parallel, given that reading the mailing lists is akin to “drinking from a fire hose” as they say, Christopher Baines has been thinking about how to provide regular development updates to interested users and developers. Chris announced last week a prototype of a “Guix Weekly News” web site that would aggregate information about package updates automatically extracted from the Guix Data Service, along with manually written updates. It would seem that this service could readily grab info from channel news as well. Read more

Events: FSF, GStreamer, LibreOffice, Qt World Summit

  • Hang out with the FSF staff in Seattle, November 15

    We are hosting this get-together to show our appreciation for your support of the FSF's work and to provide an opportunity to meet other FSF members and supporters in the area. We'll give updates on what the FSF is currently working on and we are curious to hear your thoughts, as well as answer any questions you may have.

  • GStreamer Conference 2019
  • GStreamer Conference 2019 Videos Now Available Online

    Taking place at the end of October during the Linux Foundation events in Lyon, France was the GStreamer Conference to align with the annual developer festivities. GStreamer Conference 2019 was once again livestreamed by the fantastic folks at Ubicast.tv with their great quality video/audio recordings of the conference now for many years.

  • Event report: Google Summer of Code presentation in Ankara, Turkey

    The Google Summer of Code – aka GSoC – is a global programme focused on bringing more student developers into free and open source software development. In 2019, LibreOffice was once again a participating project, and we describe the results here.

  • Qt World Summit 2019

    We also had a dedicated table for our mobile effort where we showcased our KDE apps for Android and of course Plasma Mobile. The latter of which we had running on a good ol’ Nexus 5X and more importantly the Librem 5 Dev Kit by Purism. Unfortunately, the Pinephone developer kits we were hoping to show as well weren’t shipped in time for the event. Anyway, if you’re interested in learning more about what’s going on with Plasma Mobile go check out our new weekly blog series!