Language Selection

English French German Italian Portuguese Spanish

SUSE

Operating Systems: Debian, Clear Linux, OpenSUSE and Vista 10

Filed under
GNU
Linux
Microsoft
Debian
SUSE
  • John Goerzen: Tips for Upgrading to, And Securing, Debian Buster

    Wow.  Once again, a Debian release impresses me — a guy that’s been using Debian for more than 20 years.  For the first time I can ever recall, buster not only supported suspend-to-disk out of the box on my laptop, but it did so on an encrypted volume atop LVM.  Very impressive!

    For those upgrading from previous releases, I have a few tips to enhance the experience with buster.

  • Clear Linux Could Soon Be Faster Within Containers On AVX2 Systems

    While Clear Linux as part of its standard bare metal installations has long defaulted to having an AVX2-optimized GNU C Library installed by default, it turns out that it wasn't part of the default os-core bundle as used by containers. That though is changing and should yield even better out-of-the-box performance when running Clear Linux within containers.

    Intel's William Douglas sent out the proposal for adding the AVX2 version of the Glibc libraries into the os-core bundle in order to get picked up by containers and other bare/lightweight Clear configurations.

  • OpenSUSE Enables LTO By Default For Tumbleweed - Smaller & Faster Binaries

    The past few months openSUSE developers have been working on enabling LTO by default for its packages while now finally with the newest release of the rolling-release openSUSE Tumbleweed this goal has been accomplished. 

    As of today, the latest openSUSE Tumbleweed release is using Link-Time Optimizations (LTO) by default. For end-users this should mean faster -- and smaller -- binaries thanks to the additional optimizations performed at link-time. Link-time optimizations allow for different optimizations to be performed at link-time for the different bits comprising a single module/binary for the entire program. Sadly not many Linux distributions are yet LTO'ing their entire package set besides the aggressive ones like Clear Linux. 

  • Investigating why my 7-year old Windows 10 laptop became unbearably slow

    The laptop had also begun to run into blue screens of death (BSoD) whenever I used the built-in camera and when I opened Spotify or Netflix in a web browser. The slowdown and crashes were actually related, but I didn’t realize this at first. The camera-induced BSoD error message blamed the camera vendor’s driver without any further details. This sounds believable enough for a 7-year old laptop so I didn’t think any more of it.

People of openSUSE: Sébastien Poher

Filed under
Interviews
SUSE

I got into Linux in two steps, first, in 2007 but I was the only one among my friends to use it so I ended up sticking to the shitty OS I had. My next re-discovery of Linux was later in 2012 when I started professional training in system administration.

Read more

Tumbleweed’s July Snapshots Are Trending Strong

Filed under
SUSE

There have been a total of five openSUSE Tumbleweed snapshots since the beginning of July and all the snapshots have a strong, stable rating.

The rolling release had the most updates arrive in the 20190702 snapshot. The packages update in that snapshot included Mesa 19.1.1 and Mesa-drivers 19.1.1 that had fixes for Intel ANV and AMD RADV driver as well as Nouveau and R300 Gallium3D drivers. The bzip2 file compression application fixed undefined behavior in the macros in version 1.0.7 and fixed a low impact Common Vulnerabilities and Exposures (CVE). The programing language package guilef was updated to version 2.2.5 and provided bootstrap optimization. Portability improvements were made in the library for encryption, decryption, signatures and password hashing with libsodium 1.0.18. A major release of the PulseAudio’s Volume Control package pavucontrol 4.0 was made; the new version dropped support for Gtk+ 2 and added more than a handful of new language translations.

The most recent snapshot, 20190708, didn’t offer a changelog due to the server that the web app uses to produce the changelogs being upgraded to Leap 15.1. The changelog is expected to be included in the next snapshot that is released.

Read more

OpenSUSE Leap 15.1 - A dream come untrue

Filed under
Reviews
SUSE

OpenSUSE Leap 15.1 is significantly better than the first edition. It fixes tons of the problems that the previous version had. But then, it still retains lots of problems and introduces some new ones. You get decent media and phone support, but it's not a perfect record. Network support is average, and overall, the hardware compatibility with the 2010 Pavilion machine is meh.

The installer is no longer as awesome as it used to be, the package management is quite broken, and the system wasn't stable enough to be fun and enjoyable, before or after my tweaks. The Plasma desktop is sweet, and while SUSE does have tricks most other distros don't have, like YaST, BTRFS, Snapper and such, it feels raw and jumbled and hastily put together. There were too many rough edges and errors and application crashes for me to consider this for serious work. Alas, my dream of using openSUSE in my production setup was dashed once again. All in all, Leap 15.1 deserves something like 4/10, a far cry from the legend it used to be. Maybe, maybe one day. But hey, at the current rate, 15.2 might be quite all right. We shall see.

Read more

Openwashing by SUSE: Can You Have Open Source without True Partnership?

Leftovers: OpenSUSE, SUSE and Red Hat

Filed under
Red Hat
SUSE
  • openSUSE.Asia Summit 2019 Logo Competition Winner

    The votes are in and the openSUSE Project is happy to announce that the openSUSE.Asia Summit 2019 logo competition winner is Hervy Qurrotul from Indonesia. Congratulations Hervy! As the winner, Hervy will receive a “mystery box” from the committee.

    On this logo competition, we have 18 submissions from all over the world. All the designs are great. This logo competition is voted by openSUSE.Asia Committee and Local Team. Thank you for your vote.

  • Cloud Application Platform vs Container as a Service vs VM hosted application

    In the “old days,” applications were always hosted in a traditional way on a physical server or a group of physical servers. However, physical servers are expensive, hard to maintain and hard to grow and scale. That’s when virtual machines (VM) grew in popularity. VMs provided a better way to maintain, grow and scale. That is, they were easier to backup and restore and migrate from one region to another and they were easier to replicate across multiple domains/zones/regions.

  • Sysadmin vs SRE: What's the difference?

    In the IT world, there has always been a pull between generalist and specialist. The stereotypical sysadmin falls in the generalist category 99 times out of 100. The site reliability engineer (SRE) role is specialized, however, and grew out of the needs of one of the first companies to know real scale: Google. Ultimately, these two roles have the same goal for the applications whose infrastructure they operate: providing a good experience for the applications’ consumers. Yet, these roles have drastically different starting points.

Open Build Service bids farewell to old UI and – what did you just ship there?

Filed under
Development
SUSE

Open Build Service (OBS), an open source system to build and distribute binary packages from source code, is now available in version 2.10. After a year in the works, the openSUSE-nurtured project now comes with better container support and GitLab integration amongst other things.

The work on the former is only reasonable, given the burgeoning interest in containers as a means of shipping and deploying. To help with delivery, OBS 2.10 comes with an integrated registry that can be built into a release workflow. It also makes use of binary tracking, so that ops can get the full insight into who has shipped what when. Improved parsing of Dockerfiles, container layer deduplication and support for multi-arch container manifest generation should help spark interest in the containerisation community as well.

Read more

LWN's Latest: An OpenSUSE 'Foundation', Security, Programming and Kernel (Linux)

Filed under
Development
Linux
SUSE
  • An openSUSE foundation proposal

    The idea of spinning openSUSE out into a foundation is not new; it has come up multiple times along the way. The most recent push started back in April at two separate board meetings where it was discussed. It picked up steam during a board meeting at the openSUSE Conference 2019 in late May. While waiting for the outcome from that meeting (though there was a panel session with the board [YouTube] at the conference where some of the thinking was discussed), the community discussed ideas for a name for the foundation (and, possibly, the project itself). Now, board member Simon Lees has posted a draft of the foundation proposal for review.

    The proposal outlines the current thinking of the board. It notes that the move to a foundation is not meant to pull away from SUSE, "but to add more capabilities to the openSUSE Project". In particular, having a separate entity will allow the project to "receive and provide sponsorships (in terms of money, hardware, or contracted services)". Currently, any kind of agreement between the project and some other organization has to be done via SUSE, which can complicate those efforts. The new foundation would be able to partner with others, receive donations, spend money, and sign contracts with venues, service providers, and the like, all on behalf of the openSUSE project.

    SUSE would clearly have a role in the new foundation; the board is requesting some funding to set up the organization as well as one or two people to help with the administrative side. The new foundation's board would take the place of the existing project board, with the same election rules as there are today (which results in a board of six, five elected from the members of the project and the chair appointed by SUSE).

    The board is looking at setting up a German stiftung foundation as the legal entity for the new organization, though that was not clearly specified in the draft proposal. An eingetragener Verein (e. V.) was considered, but the structure of that type of entity is inflexible; in addition, the purpose of an e. V. can be changed if there was a "hostile takeover" at some point. Umbrella organizations (e.g. the Linux Foundation) and simply keeping things the same were also looked at, but were deemed unworkable for various reasons.

    There is also a handful of open questions, including logistical issues such as whether SUSE or the new foundation would own the IT infrastructure, trademarks, and so on. Also, who would be responsible (in a GDPR sense) for the project's data collection and storage. The biggest open issue is to create a charter for the foundation, which requires legal advice. The Document Foundation (TDF) is something of a model for what openSUSE is trying to achieve; it is also a stiftung and shares some of the attributes with the proposed structure.

  • CVE-less vulnerabilities

    More bugs in free software are being found these days, which is good for many reasons, but there are some possible downsides to that as well. In addition, projects like OSS-Fuzz are finding lots of bugs in an automated fashion—many of which may be security relevant. The sheer number of bugs being reported is overwhelming many (most?) free-software projects, which simply do not have enough eyeballs to fix, or even triage, many of the reports they receive. A discussion about that is currently playing out on the oss-security mailing list.

  • C, Fortran, and single-character strings

    The calling interfaces between programming languages are, by their nature, ripe for misunderstandings; different languages can have subtly different ideas of how data should be passed around. Such misunderstandings often have the effect of making things break right away; these are quickly fixed. Others can persist for years or even decades before jumping out of the shadows and making things fail. A problem of the latter variety recently turned up in how some C programs are passing strings to Fortran subroutines, with unpleasant effects on widely used packages like LAPACK.

    The C language famously does not worry much about the length of strings, which simply extend until the null byte at the end. Fortran, though, likes to know the sizes of the strings it is dealing with. When strings are passed as arguments to functions or subroutines, the GCC Fortran argument-passing conventions state that the length of each string is to be appended to the list of arguments. 

  • Statistics from the 5.2 kernel — and before

    As of this writing, just over 13,600 non-merge changesets have been pulled into the mainline repository for the 5.2 development cycle. The time has come, once again, for a look at where that work came from and who supported it. There are some unique aspects to 5.2 that have thrown off some of the usual numbers.
    1,716 developers contributed changes for the 5.2 kernel, 245 of whom made their first contribution during this cycle. Those 1,716 developers removed nearly 490,000 lines of code, which is a lot, but the addition of 596,000 new lines of code means that the kernel still grew by 106,000 lines. 

  • Lockdown as a security module

    Technologies like UEFI secure boot are intended to guarantee that a locked-down system is running the software intended by its owner (for a definition of "owner" as "whoever holds the signing key recognized by the firmware"). That guarantee is hard to uphold, though, if a program run on the system in question is able to modify the running kernel somehow. Thus, proponents of secure-boot technologies have been trying for years to provide the ability to lock down many types of kernel functionality on secure systems. The latest attempt posted by Matthew Garrett, at an eyebrow-raising version 34, tries to address previous concerns by putting lockdown under the control of a Linux security module (LSM).
    The lockdown patches have a long and controversial history; LWN first wrote about them in 2012. Opposition has come at all kinds of levels; some developers see lockdown as a way of taking control of systems away from their owners, while others see it as ultimately useless security theater. There does appear to be some value, though, in making a system as resistant to compromise as possible, so these patches have persisted and are often shipped by distributors. Disagreement over more recent versions of the lockdown patch set were focused on details like whether lockdown should be tied to the presence of secure boot or integration with the integrity-measurement infrastructure.

    One outcome from the most recent discussion was a concern that the lockdown patches were wiring too much policy into the kernel itself. The kernel has long had a mechanism for pushing security-policy decisions out to user space — the security-module mechanism. So it arguably makes sense to move lockdown decision-making into an LSM; that is indeed what the more recent versions of the patch set do.

    First, though, there is the problem of initialization. LSMs exist to apply policies to actions taken by user space, so as long as the LSM infrastructure is running by the time user space starts, everything is fine. Lockdown, though, must act earlier: it needs to be able to block the action of certain types of command-line parameters and must be functional even before a security policy can be loaded. So the patch set starts by creating a new type of "early security module" that is initialized toward the beginning of the boot process. At this point, the module can't do much — even basic amenities like kmalloc() are not available — but it's enough to register its hooks and take control.

openSUSE Leap 42.3 Linux OS Reached End of Life, Upgrade to openSUSE Leap 15.1

Filed under
SUSE

Released two years ago, on July 26th, 2017, the OpenSuSE Leap 42.3 operating system was the third maintenance update to the openSUSE Leap 42 series, which is also the last to be based on the SUSE Linux Enterprise (SLE) 12 operating system series.

openSUSE Leap 42.3 was based on the packages from SUSE Linux Enterprise 12 Service Pack 3 and was powered by the long-term supported Linux 4.4 kernel series. It was initially supposed to be supported until January 2019, but the openSUSE and SUSE projects decided to give users more time to upgrade to the major openSUSE Leap 15 series.

Read more

LibreOffice's LibOCon and SUSE's openSUSE.Asia

Filed under
LibO
SUSE
  • LibOCon Almeria Call for Papers New Deadline

    Call for Papers deadline for LibOCon Almeria, in Spain, has been extended to July 15, 2019. The event is scheduled for early September, from Wednesday 11 to Friday 13.

    Whether you are a seasoned presenter or have never spoken in public before, we want to hear from you! So, if you have not yet submitted your talk proposal and have something interesting to share about LibreOffice or the Document Liberation Project, you still have time to act!

  • openSUSE.Asia Summit 2020: Call for Host

    The openSUSE.Asia Summit is the largest annual openSUSE conference in Asia, attended by contributors and enthusiasts from all over Asia. The event focuses primarily on the openSUSE distribution, its applications for personal and enterprise use, and open source culture. It brings together the openSUSE community in Asia, providing a forum for users, developers, foundation leaders, governments and businesses to discuss the present technology and future developments.

    The Summit’s preference is to find new locations each year as we spread openSUSE throughout Asia, and we are looking for local organizers to rise to the challenge of organizing an excellent openSUSE event in 2020. We need individuals and communities to get together and organize a successful openSUSE.Asia Summit. The openSUSE.Asia organization committee assists throughout the process.

Servers: SUSE, Ubuntu, Red Hat, OpenStack and Raspberry Digital Sigange

Filed under
Red Hat
Server
SUSE
Ubuntu
  • A Native Kubernetes Operator Tailored for Cloud Foundry

    At the recent Cloud Foundry Summit in Philadephia, Troy Topnik of SUSE and Enrique Encalada of IBM discussed the progress being made on cf-operator, a project that’s part of the CF Containerization proposal. They show what the operator can do and how Cloud Foundry deployments can be managed with it. They also delve deeper, and talk about implementation techniques, Kubernetes Controllers and Custom Resources. This is a great opportunity to learn about how Cloud Foundry can work flawlessly on top of Kubernetes.

    Cloud Foundry Foundation has posted all recorded talks form CF Summit on YouTube. Check them out if you want to learn more about what is happening in the Cloud Foundry world! I’ll be posting more SUSE Cloud Application Platform talks here over the coming days. Watch Troy and Enrique’s talk below:

  • Ubuntu Server development summary – 26 June 2019

    The purpose of this communication is to provide a status update and highlights for any interesting subjects from the Ubuntu Server Team. If you would like to reach the server team, you can find us at the #ubuntu-server channel on Freenode. Alternatively, you can sign up and use the Ubuntu Server Team mailing list or visit the Ubuntu Server discourse hub for more discussion.

  • Redefining RHEL: Introduction to Red Hat Insights

    At Red Hat Summit we redefined what is included in a Red Hat Enterprise Linux (RHEL) subscription, and part of that is announcing that every RHEL subscription will include Red Hat Insights. The Insights team is very excited about this, and we wanted to take an opportunity to expand on what this means to you, and to share some of the basics of Red Hat Insights.

    We wanted to make RHEL easier than ever to adopt, and give our customers the control, confidence and freedom to help scale their environments through intelligent management. Insights is an important component in giving organizations the ability to predict, prevent, and remediate problems before they occur.

  • Red Hat Shares ― Special edition: Red Hat Summit recap
  • OpenShift Commons Briefing: OKD4 Release and Road Map Update with Clayton Coleman (Red Hat)

    In this briefing, Red Hat’s Clayton Coleman, Lead Architect, Containerized Application Infrastructure (OpenShift, Atomic, and Kubernetes) leads a discussion about the current development efforts for OKD4, Fedora CoreOS and Kubernetes in general as well as the philosophy guiding OKD 4 develpoment efforts. The briefing includes discussion of shared community goals for OKD4 and beyond and Q/A with some of the engineers currently working on OKD.
    The proposed goal/vision for OKD 4 is to be the perfect Kubernetes distribution for those who want to continuously be on the latest Kubernetes and ecosystem components combining an up-to-date OS, the Kubernetes control plane, and a large number of ecosystem operators to provide an easy-to-extend distribution of Kubernetes that is always on the latest released version of ecosystem tools.

  • OpenStack Foundation Joins Open Source Initiative as Affiliate Member

    The Open Source Initiative ® (OSI), steward of the Open Source Definition and internationally recognized body for approving Open Source Software licenses, today announces the affiliate membership of The OpenStack Foundation (OSF).

    Since 2012, the OSF has been the home for the OpenStack cloud software project, working to promote the global development, distribution and adoption of open infrastructure. Today, with five active projects and more than 100,000 community members from 187 countries, the OSF is recognized across industries as both a leader in open source development and an exemplar in open source practices.

    The affiliate membership provides both organizations a unique opportunity to work together to identify and share resources that foster community and facilitate collaboration to support the awareness and integration of open source technologies. While Open Source Software is now embraced and often touted by organizations large and small, for many just engaging with the community—and even some longtime participants—challenges remain. Community-based support and resources remain vital, ensuring those new to the ecosystem understand the norms and expectations, while those seeking to differentiate themselves remain authentically engaged. The combined efforts of the OSI and the OSF will compliment one another and contribute to these efforts.

  • Raspberry Digital Sigange details

    system starts in digital signage mode with the saved settings; the admin interface is always displayed after the machine bootstrap (interface can be password-protected in the donors’ build) and if not used for a few seconds, it will auto-launch the kiosk mode; the web interface can be also used remotely;

    SSH remote management is available: you can login as pi or root user with the same password set for the admin interface. Operating system can be completely customized by the administrator using this feature (donors version only);
    screen can be rotated via the graphical admin interface: normal, inverted, left, right (donors version only);

Syndicate content

More in Tux Machines

Security: Open Source Security Podcast, Screwed Drivers, and Voting Machines

  • Open Source Security Podcast: Episode 157 - Backdoors and snake oil in our cryptography

    Josh and Kurt talk about snakeoil cryptography at Black Hat and the new backdoored cryptography fight. Both of these problems will be with us for a very long time. These are fights worth fighting because it's the right thing to do.

  • Screwed Drivers – Signed, Sealed, Delivered

    Our analysis found that the problem of insecure drivers is widespread, affecting more than 40 drivers from at least 20 different vendors – including every major BIOS vendor, as well as hardware vendors like ASUS, Toshiba, NVIDIA, and Huawei. However, the widespread nature of these vulnerabilities highlights a more fundamental issue – all the vulnerable drivers we discovered have been certified by Microsoft. Since the presence of a vulnerable driver on a device can provide a user (or attacker) with improperly elevated privileges, we have engaged Microsoft to support solutions to better protect against this class of vulnerabilities, such as blacklisting known bad drivers.

  • Most states still aren’t set to audit paper ballots in 2020

    Despite some progress on voting security since 2016, most states in the US aren’t set to require an audit of paper ballots in the November 2020 election, according to a new report out this week from the Brennan Center for Justice.

    The report notes that experts and government officials have spent years recommending states adopt verifiable paper ballots for elections, but a handful still use electronic methods potentially vulnerable to cyberattacks. In 2016, 14 states used paperless machines, although the number today is 11, and the report estimates that no more than eight will use them in the 2020 election.

Linux Candy: WallGen – image generator tool

Who loves eye candy? Don’t be shy — you can raise both hands!! Linux Candy is a new series of articles covering interesting eye candy software. We’re only going to feature open-source software in this series. I’m not going to harp on about the tired proverb “All work and no play makes Jack a dull boy”. But there’s a certain element of truth here. If you spend all day coding neural networks, mastering a new programming language, sit in meetings feeling bored witless, you’ll need some relief at the end of the day. And what better way by making your desktop environment a bit more memorable. Let’s start our candy adventure with WallGen. It’s a small command-line utility that generates HQ poly wallpapers with only a few text arguments for inputs. Depending on these arguments, you can create shape-based patterns, randomly filled surfaces, and even image-based patterns. Read more

Richard Brown: Changing of the Guard

After six years on the openSUSE Board and five as its Chairperson, I have decided to step down as Chair of the openSUSE Board effective today, August 19. This has been a very difficult decision for me to make, with reasons that are diverse, interlinked, and personal. Some of the key factors that led me to make this step include the time required to do the job properly, and the length of time I’ve served. Five years is more than twice as long as any of my predecessors. The time required to do the role properly has increased and I now find it impossible to balance the demands of the role with the requirements of my primary role as a developer in SUSE, and with what I wish to achieve outside of work and community. As difficult as it is to step back from something I’ve enjoyed doing for so long, I am looking forward to achieving a better balance between work, community, and life in general. Serving as member and chair of the openSUSE Board has been an absolute pleasure and highly rewarding. Meeting and communicating with members of the project as well as championing the cause of openSUSE has been a joyous part of my life that I know I will miss going forward. openSUSE won’t get rid of me entirely. While I do intend to step back from any governance topics, I will still be working at SUSE in the Future Technology Team. Following SUSE’s Open Source policy, we do a lot in openSUSE. I am especially looking forward to being able to focus on Kubic & MicroOS much more than I have been lately. As I’m sure it’s likely to be a question, I wish to make it crystal clear that my decision has nothing to do with the Board’s ongoing efforts to form an independent openSUSE Foundation. The Board’s decision to form a Foundation had my complete backing as Chairperson, and will continue to have as a regular openSUSE contributor. I have absolute confidence in the openSUSE Board; Indeed, I don’t think I would be able to make this decision at this time if I wasn’t certain that I was leaving openSUSE in good hands. On that note, SUSE has appointed Gerald Pfeifer as my replacement as Chair. Gerald is SUSE’s EMEA-based CTO, with a long history as a Tumbleweed user, an active openSUSE Member, and upstream contributor/maintainer in projects like GCC and Wine. Read more

An introduction to bpftrace for Linux

Bpftrace is a new open source tracer for Linux for analyzing production performance problems and troubleshooting software. Its users and contributors include Netflix, Facebook, Red Hat, Shopify, and others, and it was created by Alastair Robertson, a talented UK-based developer who has won various coding competitions. Linux already has many performance tools, but they are often counter-based and have limited visibility. For example, iostat(1) or a monitoring agent may tell you your average disk latency, but not the distribution of this latency. Distributions can reveal multiple modes or outliers, either of which may be the real cause of your performance problems. Bpftrace is suited for this kind of analysis: decomposing metrics into distributions or per-event logs and creating new metrics for visibility into blind spots. Read more