Language Selection

English French German Italian Portuguese Spanish


What goes into default Debian?

Filed under

The venerable locate file-finding utility has long been available for Linux systems, though its origins are in the BSD world. It is a generally useful tool, but does have a cost beyond just the disk space it occupies in the filesystem; there is a periodic daemon program (updatedb) that runs to keep the file-name database up to date. As a recent debian-devel discussion shows, though, people have differing ideas of just how important the tool is—and whether it should be part of the default installation of Debian.

There are several variants of locate floating around at this point. The original is described in a ;login: article from 1983; a descendant of that code lives on in the GNU Find Utilities alongside find and xargs. After that came Secure Locate (slocate), which checks permissions to only show file names that users have access to, and its functional successor, mlocate, which does the same check but also merges new changes into the existing database, rather than recreating it, for efficiency and filesystem-cache preservation. On many Linux distributions these days, mlocate is the locate of choice.

Read more

Debian: Firebird, Tutanota Desktop on Sparky, and Steinar H. Gunderson's Project in LWN

Filed under

APT 2.2 released

Filed under

APT 2.2.0 marks the freeze of the 2.1 development series and the start of the 2.2 stable series.

Let’s have a look at what changed compared to 2.2. Many of you who run Debian testing or unstable, or Ubuntu groovy or hirsute will already have seen most of those changes.

Read more

Louis-Philippe Véronneau: What are the incentive structures of Free Software?

Filed under

Theory is nice, but it's even better when you can back it up with data. Sadly, most of the papers on the economic incentives of FOSS are either purely theoretical, or use sample sizes so small they could as well be.

Using the data from the StackOverflow 2018 survey, I thus tried to see if I could somehow confirm my previous assumptions.

With 129 questions and more than 100 000 respondents (which after statistical processing yields between 28 000 and 39 000 observations per variable of interest), the StackOverflow 2018 survey is a very large dataset compared to what economists are used to work with.

Sadly, it wasn't entirely enough to come up with hard answers. There is a strong and significant correlation between writing Free Software and having a higher salary, but endogeneity problems made it hard to give a reliable estimate of how much money this would represent. Same goes for writing code has a hobby: it seems there is a strong and significant correlation, but the exact numbers I came up with cannot really be trusted.

The results on community as an incentive to writing FOSS were the ones that surprised me the most. Although I expected the relation to be quite strong, the coefficients predicted were in fact quite small. I theorise this is partly due to only 8% of the respondents declaring they didn't feel like they belonged in the IT community. With such a high level of adherence, the margin for improvement has to be smaller.

As for altruism, I wasn't able get any meaningful results. In my opinion this is mostly due to the fact there was no explicit survey question on this topic and I tried to make up for it by cobbling data together.

Kinda anti-climatic, isn't it? I would've loved to come up with decisive conclusions on this topic, but if there's one thing I learned while writing this thesis, it is I don't know much after all.

Read more

AmpliPi – A Raspberry Pi-based whole house audio amplifier (Crowdfunding)

Filed under

Micro Nova has put together an open-source, whole house audio amplifier called AmpliPi based on Raspberry Pi Compute Module 3+. It is capable of streaming four independent sources to 6 stereo output zones, expandable to up to 36 stereo output zones through daisy-chained extender units.

AmpliPi specifically supports inputs from four networking streaming sources including AirPlay, Pandora, Spotify, and DLNA, as well as four analog RCA inputs for your media appliances.

Read more

Debian: Staying Free and New Release by Steinar H. Gunderson

Filed under
  • I love Free Software Day 2021: Show your love for Free Software

    On this day February 14th, Debian joins the Free Software Foundation Europe in celebration of "I Love Free Software" day. This day takes the time to appreciate and applaud all those who contribute to the many areas of Free Software.

    Debian sends all of our love and a giant “Thank you” to the upstream and downstream creators and maintainers, hosting providers, partners, and of course all of the Debian Developers and Contributors.

  • I'm not opposed to nonfree firmware in Debian, but I removed it, and my laptop still runs fine

    The debate over whether to include nonfree firmware in the Debian installer has emerged from the depths of the debian-devel mailing list under the title “Making Debian available.”

    The gist of this extremely long e-mail thread (and Debian is a mailing list culture, despite attempts to pull it into the 21st century is that the Debian Project is hostile to new users because its standard install images do not include nonfree firmware, and installations on most laptops will go poorly because the Linux kernel and free firmware might not support their WiFi or display systems.

    Images with nonfree firmware are available, but they are hard to find and aren’t linked on the main Debian web site.

    Even a search for nonfree firmware on the Debian web site isn’t much help.A Google search for debian nonfree takes you right where you need to go.

    I use the nonfree-firmware Debian images almost all the time. After my attempt at an in-place upgrade from Buster to Bullseye failed a week or so ago, I downloaded a nonfree image and used it to install Bullseye. I restored my user files from a backup (ALWAYS have a backup) and everything is now working.

  • Steinar H. Gunderson: plocate 1.1.4 released

    I made a minor release of plocate; as usual, has the tarballs and such.

Things Most People Do After Installing Debian

Filed under

Debian is a rock-solid distro of choice for many Linux users, both new and skilled alike. It has a reputation of not breaking very often, and because of that, it’s used as a base for many other Linux distributions, such as Ubuntu, Linux Mint Debian Edition, Kali Linux, Devuan, Deepin, Raspberry Pi OS, BunsenLabs Linux, Qubes OS, Tails, SteamOS, and many others.

It’s one of the more mature Linux distros, with its first public release (version 0.01) on 1993-09-15, and its first stable release (version 1.1), named “buzz”, on 1996-06-17.

Many people know the core Debian tools quite well, although often because they are using a Debian derivative such as Ubuntu or Linux Mint (which is in fact an Ubuntu derivative). The popularity of these derived distros is mostly due to their creators’ small amount of effort making fancy-looking desktop themes, and their large marketing budgets. These distros are not much different than Debian itself, and they all have mostly the same free software available to install in their official online package repositories as Debian.

Other notable differences include the decision of which of those packages should be installed by default, and which Debian “update stream” they choose to base themselves off of. Debian has three main update streams, each with their own software repositories, which are known as “Stable”, “Testing”, and “Unstable (a.k.a. Sid)”. Stable is regularly audited by security researcher volunteers and other software experts, and any safety or stability issues found in any of the packages available in this update stream are promptly fixed.

For anyone who doesn’t need that level of safety and stability, it’s usually fine to use the Testing update stream. It can be beneficial in some cases, for example, if you want newer Windows games to work properly with Wine or Proton, sometimes you’ll need the newer Xorg or GPU drivers from the Testing stream for those games to run properly.

Read more

Data Suggests CoC + Outreachy Hasn't Helped Increase Female Participation In Debian

Filed under

An informal case study suggests that since Debian enacted its Code of Conduct and began participating in the Outreachy internship program hasn't helped in increasing female participation within the open-source project but is actually trending lower compared to the early years of this original GNU/Linux distribution.

Daniel Pocock who is a former Debian Developer, O'Reilly author, and Fedora/EPEL packager, carried out a "case study" to see if embracing the Code of Conduct (CoC) and participation in the Outreachy internship program has helped increase female involvement with the Debian GNU/Linux project.

Surprisingly, the data from Pocock points to there actually being less women (including trans) involved in Debian in the more recent years since the Code of Conduct was enacted and Debian's ongoing participation in Outreachy. Pocock looked at the women participation rate (including trans developers) from 2004 through 2013 against that of 2014 through 2020. It was in 2013 that Debian started Outreachy/OPW for the first time and has continued since while their CoC was formalized in 2014.

Read more

[Debian] bullseye froze softly

Filed under

Dear all,

Soft Freeze

Following our release calendar, we have frozen bullseye a bit [1]. That
means that from now on we expect all uploads to be small, targeted fixes
and no new source packages are allowed into bullseye. Source packages
must also no longer add or drop binary packages. All packages will have
to age at least 10 days in unstable before they are eligible for
migration (including those having autopkgtests). Quoting from the policy:

Starting 2021-02-12, only small, targeted fixes are appropriate for
bullseye. We want maintainers to focus on small, targeted fixes.


Please note that new transitions, new versions of packages that are part
of (build-)essential or large/disruptive changes remain inappropriate.


Packages that are not in testing will not be allowed to migrate to
testing. This applies to new packages as well as to packages that were
removed from testing (either manually or by auto-removals).


Dropping or adding binary packages to a source package, moving binaries
between source packages or renaming source or binary packages is no
longer allowed. Packages with these changes will not be allowed to
migrate to testing. These changes are also no longer appropriate in

Please note that packages that are in bullseye at the start of the soft
freeze can still be removed if they are buggy. This can happen manually
or by the auto-removals. Once packages are removed, they will not be
allowed to come back.


Don't upload changes to unstable that are not targeted for bullseye.
Having changes in unstable that are not targeted/appropriate for
bullseye could complicate fixes for your package and related packages
(like dependencies and reverse dependencies).

State of bullseye

That said, we currently believe the state of bullseye is pretty good, so
we're aiming for a record short freeze  However, not all is fine.
We're pretty concerned about a couple of known RC bugs which need the
proper attention of people familiar with upgrade paths as there's
potential to leave upgrading systems unbootable and/or without a working
apt. / libcrypt / libcrypt / libgcc-s1

We ask everybody to work on fixing the other RC bugs too. has the list we should drive down to zero together.
Please try out upgrading your buster systems to bullseye now and report
issue you encounter.


As always, talk to us, preferably via the bts, if you experience issues
that we need to be aware of or where you need help. Please be aware it's
now a very busy time for us, so bear with us.

Our freeze policy is at [1].

On behalf of the release team,


Read more

Also: Debian 11 "Bullseye" Begins Its Soft Freeze

Dev boards showcase Rockchip’s new RK3568 and RK3566

Filed under

Geniatech’s “RK3568 Development Board” runs Android or Linux on Rockchip’s new quad -A55 RK3568, featuring SATA III and M.2 with PCIe 3.0. There is also a similar board based on the slightly lower-spec RK3566.

Rockchip’s premiere system-on-chip launch for 2021 will be the octa-core -A76 and -A55, NPU-equipped Rockchip RK3588, due in Q3, which we covered at the end of the intro to our catalog of 150 Linux hacker boards. Yet, perhaps even more embedded Linux systems will tap two other new quad-core, Cortex-A55 Rockchip SoCs: the RK3568 and slightly stripped down RK3566. First to show its cards is Geniatech, which has posted product pages for a pair of SBCs that tap the new NPU-equipped SoCs.

Read more

Syndicate content

More in Tux Machines

Free Software Leftovers

  • From Clean & Green Mockup to OpenBSD cwm(1) desktop

    If the words CGA or Hercules raise sweet memories from your far away youth, the Mockup Clean & Green from u/awareofdistractions may hit you right in the heart. And if you like it so much, it may be used for real-life desktop environment using OpenBSD stock and ports material.

  • Learning more about our users

    At the Tor Project we practice user-centered design. This means we put our users at the heart of our development process, making a conscious effort to understand the contexts in which people use our tools and paying particular attention to the bumps they encounter along the way.

    Many digital product companies rely heavily on data gathered from invasive tracking scripts to better understand their users’ behavior, further fueling the surveillance economy. However that’s not how we do things at Tor – instead, we aim to conduct research that respects the basic principles of privacy and consent.

  • New Release: Tor Browser 10.5a11

    Tor Browser 10.5a11 is now available from the Tor Browser Alpha download page and also from our distribution directory.

    Note: This is an alpha release, an experimental version for users who want to help us test new features. For everyone else, we recommend downloading the latest stable release instead.

  • FSFE20 +++ IloveFS +++ Job vacancy

    In our February Newsletter, we interview our founding president Georg Greve as part of our publication series to celebrate 20 Years FSFE, we reflect on I love Free Software Day and our FOSDEM participation, we advertise our new job vacancy and as usual we report on our diverse community activities.

  • Keeping platforms open

    My previous article, Whatsapp and the domestication of users, got more attention than I was expecting. Some responses gave me a lot to think about,1 especially regarding actions we can take. I suggest reading that article first; it explained what “user domestication” is and why it’s a problem. It enumerated three countermeasures: FOSS, simplicity, and open platforms.

    Hard problems, by definition, lack easy solutions. Simply choosing (or creating) a platform that avoids user domestication isn’t enough if that platform can change. The price of freedom is eternal vigilance; in addition to settling on the right platform, we must ensure that it honors its users in both the present and the future. Keeping a platform FOSS and simple is more straightforward2 than keeping a platform “open”.

    How do we keep an open platform from becoming a closed platform in the future?

Programming Leftovers

  • 6 Top Data Analysis Tools for Big Data

    Big Data is an all-inclusive term that refers to data sets so large and complex that they need to be processed by specially designed hardware and software tools. The data sets are typically of the order of tera or exabytes in size. These data sets are created from a diverse range of sources: sensors that gather climate information, publicly available information such as magazines, newspapers, articles. Other examples where big data is generated include purchase transaction records, web logs, medical records, military surveillance, video and image archives, and large-scale e-commerce. There is a heightened interest in Big Data and Big Data analysis and the implications they have for businesses. Big Data analysis is the process of examining huge quantities of data to find patterns, correlations, and other useful information that can help firms become more responsive to change, and to make better informed decisions. Big Data analysis can be performed with data mining software. However, the unstructured data sources used for big data analysis are not necessarily suitable for investigation by traditional data mining software.

  • 50 Years of Pascal

    Pascal was easy to teach, and it covered a wide spectrum of applications, which was a significant advantage over Algol, Fortran, and Cobol. The Pascal System was efficient, compact, and easy to use. The language was strongly influenced by the new discipline of structured programming, advocated primarily by E.W. Dijkstra to avert the threatening software crisis (1968).

  • How to use Django Serializers – Linux Hint

    Serializer is used in Django to convert the model instances or querysets into python supported data types that can be easily rendered into JSON, XML, or other formats. The deserialization can also be done by serializers to get back the original data from the serialized data. This feature is available in Django REST Framework. So, the users have to install this framework to use the serializers. Any webpage of the website may contain HTML, CSS, and data from the database tables. But the API does not understand these types of content, and it can understand the raw data only, that is, JSON data. How the serializers can be used to convert the model instance into JSON format has shown in this tutorial.

  • How to use queryset in django – Linux Hint

    Most of the web applications are implemented with the database now. queryset is used in the Django application to retrieve records by filtering or slicing or ordering the database table without changing the original data. The model used Django to create the table in the database. So, the knowledge of using the model in Django is necessary to understand the use of queryset. The main function of the queryset is to iterate the records of database tables by converting them into SQL queries. It can be used from the python command line or by writing the python script to display the browser’s output. The uses of queryset for retrieving data from a database table in different ways have been explained in this tutorial.

  • This Week In Rust: This Week in Rust 379 [Ed: The usual paradox of developing "openly" while requiring people to get an account with Microsoft and then use proprietary software of Microsoft, which attacks Free software.]

    This Week in Rust is openly developed on GitHub.

  • What Is BC in a Bash Script? – Linux Hint

    BC, which stands for Basic Calculator, is a command in Bash that is used to provide the functionality of a scientific calculator within a Bash script. This can be useful for scripting with various arithmentic use cases and scenarios. This article shows you how to use BC in a Bash script.

Security Leftovers

  • How often should I rotate my ssh keys?

    My story for today is about ssh and how even public keys, while much better than simple passwords, are still not a perfect solution.

    The danger is credential theft, which is a fancy way of saying “someone stole your private keys.” Back in the 1990s, that problem was pretty far from our minds; Windows 98 didn’t even have the concept of a separate administrator account, never mind the idea of app sandboxing or the inkling that someone might intentionally want to load malware onto your computer and encrypt all your files for ransomware. Those were the days when some people thought ActiveX controls (essentially loading .exe files from web sites) might be a good idea. Actually, maybe even a great idea as long as there was an “are you sure?” dialog box first.

  • 4 of the Best LastPass Alternatives

    LastPass has recently changed its free account usage policy to be only available on one device, and a lot of its users are not happy about it. If you are a LastPass Free user and are looking to switch, here are four great LastPass alternatives you should check out. These services reserve their pricing tiers for more advanced, business-oriented users while still leaving free users with a powerful set of features to safeguard their online accounts data.

  • Security updates for Thursday

    Security updates have been issued by Arch Linux (ansible-base, keycloak, mumble, and postgresql), Debian (firefox-esr and nodejs), Fedora (dotnet3.1, dotnet5.0, keylime, php-horde-Horde-Text-Filter, radare2, scap-security-guide, and wireshark), openSUSE (postgresql, postgresql13 and python-djangorestframework), Red Hat (Ansible, firefox, and thunderbird), Scientific Linux (firefox and thunderbird), SUSE (php7, postgresql-jdbc, python-cryptography, rpmlint, and webkit2gtk3), and Ubuntu (dnsmasq, linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-hwe-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4, linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-dell300x, linux-gcp, linux-gcp-4.15, linux-gke-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2, linux-snapdragon, linux, linux-aws, linux-azure, linux-gcp, linux-hwe-5.8, linux-kvm, linux-oracle, linux-raspi, linux, linux-aws, linux-kvm, linux-lts-xenial, linux-raspi2, linux-snapdragon, linux-oem-5.10, linux-oem-5.6, screen, and xterm).

  • Biden signs executive order calling for semiconductor supply chain review

    President Biden signed an executive order Wednesday addressing growing concern over a global semiconductor shortage hampering the production of goods like automobiles and smartphones.

    The White House’s executive order directs the federal government to conduct 100-day reviews of supply chains in four sets of products, including computer chips and large capacity batteries, like those used in electric vehicles, according to administration officials.

  • Biden Orders Review to Shore Up Supply Chain Resiliency

    On top of the 100-day review of the four key industries, Biden’s order will also direct yearlong reviews for six sectors: defense, public health, information technology, transportation, energy and food production.

    Biden said his administration will implement the recommendations as soon as they are available. “We're not going to wait for the review to be completed before we start closing the existing gaps,” he said.

  • Technology Executives Say All Evidence Points To Russia In Major Hack Of Computer Networks

    Smith told the committee that the true scope of the intrusions is still unknown because most victims are not legally required to disclose attacks unless they involve sensitive information about individuals.

  • Finnish IT Giant Hit with Ransomware Cyberattack [iophk: Windows TO]

    Norwegian business journal E24 reported the attack on Espoo, Finland-based TietoEVRY on Tuesday, claiming to have spoken with Geir Remman, a communications director at the company. Remman acknowledged technical problems with several services that TietoEVRY provides to 25 customers, which are “due to a ransom attack,” according to the report.

    Remman told E24 that the company considers the attack “a serious criminal act.” TietoEVRY turned off the unspecified services and infrastructure affected “as a preventative measure” until it can recover relevant data, and restart systems “in a controlled manner,” he said.

Ubuntu Leftovers

  • Ubuntu Aims For Higher Quality LTS Point Releases - Phoronix

    New restrictions will be in place beginning with Ubuntu 20.04.3 LTS this summer to try to enforce better quality releases with less regressions by enforcing better quality control. The change beginning with Ubuntu 20.04.3 LTS will require that stable release update (SRU) procedures are followed even for release blockers. This will require that every fix follows the same verification, regression analysis, and aging period process. The tighter quality controls will likely lead to slips in release targets if bugs are found in the release candidates for new point releases, as it will first need to go through the verification and aging process.

  • DFI Partners With Ubuntu For IoT Hardware, OTA Updates - Phoronix

    Most of you probably haven't heard of DFI much in nearly two decades since the days of their colorful "LanParty" motherboards that were well known at the time, but these days they are focused on the industrial computer industry and have now teamed up with Canonical to partake in the Ubuntu IoT Hardware Certification Partner Program. DFI is the first industrial computer vendor joining the Ubuntu IoT Hardware Certification Partner Program for Ubuntu-certified hardware focused on the Internet of Things and embracing over-the-air software updates.

  • What is MEC ? The telco edge.

    MEC, as ETSI defines it, stands for Multi-access Edge Computing and is sometimes referred to as Mobile edge computing. MEC is a solution that gives content providers and software developers cloud-computing capabilities which are close to the end users. This micro cloud deployed in the edge of mobile operators’ networks has ultra low latency and high bandwidth which enables new types of applications and business use cases. On top of that an application running on MEC can have real-time access to a subset of radio network information that can improve the overall experience.