Vue normale

À partir d’avant-hierLWN

[$] Back In Time back from the dead

Par : daroc
8 novembre 2024 à 18:49

Back In Time is a GPL-2.0-licensed backup tool based on rsync and written in Python. It has both graphical and command-line interfaces, and supports backups to local disks or over SSH. Back In Time was originally written by Oprea Dan and released in 2009. The tool has been through some rough patches over the years, and is currently on its third set of maintainers. Christian Buhtz, one of the current maintainers, explained to me how he and his co-maintainers had revived the project, as well as why he thought Back In Time stood out from all of the existing backup solutions.

[$] Pondering systemd-homed for Fedora

Par : jzb
8 novembre 2024 à 16:05

Fedora Linux, as a rule, handles version upgrades reasonably well. However, there are times when users may want to do a fresh installation rather than an upgrade but preserve existing users and data under /home. This is a scenario that the Fedora installer, currently, does not address. Users can maintain a separate /home partition, of course, but the installer does not incorporate existing users into the new install—that is an exercise left to the user to handle. One solution might be to use systemd-homed, a systemd service for managing users and home directories. However, a discussion proposing the use systemd-homed as part of Fedora installation uncovered some hurdles, such as trying to blend its approach to managing users with tools that centralize user management.

Cohen: gccrs: An alternative compiler for Rust

Par : corbet
8 novembre 2024 à 15:04
Arthur Cohen has posted a detailed introduction to the gccrs project on the Rust Blog, seemingly with the goal of convincing the Rust community about the value of the project.

Likewise, many GCC plugins are used for increasing the safety of critical projects such as the Linux kernel, which has recently gained support for the Rust programming language. This makes gccrs a useful tool for analyzing unsafe Rust code, and more generally Rust code which has to interact with existing C code. We also want gccrs to be a useful tool for rustc itself by helping pan out the Rust specification effort with a unique viewpoint - that of a tool trying to replicate another's functionality, oftentimes through careful experimentation and source reading where the existing documentation did not go into enough detail.

(LWN last looked at gccrs in October).

Security updates for Friday

Par : daroc
8 novembre 2024 à 14:17
Security updates have been issued by AlmaLinux (edk2), Debian (webkit2gtk), Fedora (thunderbird), Oracle (bzip2, container-tools:ol8, edk2, go-toolset:ol8, libtiff, python-idna, python3.11, and python3.12), Slackware (expat), and SUSE (apache2, govulncheck-vulndb, grub2, java-1_8_0-openjdk, python3, python39, qemu, xorg-x11-server, and xwayland).

[$] The trouble with struct sockaddr's fake flexible array

Par : corbet
7 novembre 2024 à 16:34
Flexible arrays — arrays that are declared as the final member of a structure and which have a size determined at run time — have long drawn the attention of developers seeking to harden the kernel against buffer-overflow vulnerabilities. These arrays have reliably been a source of bugs, so anything that can be done to ensure that operations on them stay within bounds is a welcome improvement. While many improvements, including the recent counted-by work, have been made, one of the most difficult cases remains. Now, however, developers who are interested in using recent compiler bounds-checking features are trying to get a handle on struct sockaddr.

Security updates for Thursday

Par : jake
7 novembre 2024 à 16:14
Security updates have been issued by AlmaLinux (bcc, bpftrace, bzip2, container-tools:rhel8, grafana-pcp, haproxy, kernel, kernel-rt, krb5, libtiff, python-gevent, python3.11, python3.11-urllib3, python3.12, python3.12-urllib3, xmlrpc-c, and xorg-x11-server and xorg-x11-server-Xwayland), Debian (puma and pypy3), Fedora (firefox), Gentoo (libgit2), Mageia (libarchive), SUSE (ghostscript, go1.22-openssl, go1.23-openssl, htmldoc, kmail-account-wizard, libarchive, libgsf, libmozjs-128-0, openssl-3, python-jupyterlab, python-mysql-connector-python, python36, and ruby2.1), and Ubuntu (cinder, linux-aws, linux-aws-6.8, linux-oracle, linux-oracle-6.8, linux-aws, linux-azure-5.4, linux-kvm, linux-oracle, linux-xilinx-zynqmp, and linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency).

[$] Building secure images with NixOS

Par : daroc
6 novembre 2024 à 16:35

Image-based Linux distributions have seen increasing popularity, recently. They promise reliability and security, but pose packaging problems for existing distributions. Ryan Lahfa and Niklas Sturm spoke about the work that NixOS has done to enable an image-based workflow at this year's All Systems Go! conference in Berlin. Unfortunately, LWN was not able to cover the conference for scheduling reasons, but the videos of the event are available for anyone interested in watching the talks. Lahfa and Sturm explained that it is currently possible to create a NixOS system that cryptographically verifies the kernel, initrd, and Nix store on boot — although doing so still has some rough edges. Making an image-based NixOS installation is similarly possible.

Funding restored for man-page maintenance

Par : corbet
6 novembre 2024 à 15:48
Man pages maintainer Alejandro Colomar announced in September that he was suspending his work due to a lack of support. He has now let it be known that funding has been found for the next year at least:

We've been talking for a couple of months, and we have already agreed to sign a contract through the LF [Linux Foundation], where a number of companies provide the funds for the contract. The contract will cover the next 12 months for the agreed amount, and we should sign it in the following days. Since I've already seen a draft of the contract, and it looks good, I've already started maintaining the project again, starting on Nov 1st.

Security updates for Wednesday

Par : jzb
6 novembre 2024 à 14:13
Security updates have been issued by AlmaLinux (libtiff), Debian (context, libheif, and thunderbird), Fedora (php-tcpdf, syncthing, and thunderbird), Gentoo (EditorConfig core C library, Flatpak, Neat VNC, and Ubiquiti UniFi), Oracle (bcc, bpftrace, grafana-pcp, haproxy, kernel, krb5, libtiff, python-gevent, python3.11-urllib3, python3.12-urllib3, and xmlrpc-c), Red Hat (python3.11-urllib3), SUSE (audacity, curl, govulncheck-vulndb, gradle, htmldoc, libgsf, python310, and qbittorrent), and Ubuntu (linux-aws-5.4, linux-oracle-5.4, mpg123, and python-werkzeug).

LXQt 2.1.0 released

Par : jzb
5 novembre 2024 à 15:17

Version 2.1.0 of the LXQt lightweight Qt desktop environment has been released. The highlight of this release is support for multiple Wayland compositors:

Through its new component lxqt-wayland-session, LXQt 2.1.0 supports 7 Wayland sessions (with Labwc, KWin, Wayfire, Hyprland, Sway, River and Niri), has two Wayland back-ends in lxqt-panel (one for kwin_wayland and the other general), and will add more later. All LXQt components that are not limited to X11 — i.e., most components — work fine on Wayland. [...]

Of course, the X11 session will be supported indefinitely. Wayland is optional and rather experimental.

[$] Safety in an unsafe world

Par : daroc
5 novembre 2024 à 15:16

Joshua Liebow-Feeser took to the stage at RustConf to describe the methodology that his team uses to encode arbitrary constraints in the Rust type system when working on the Fuchsia operating system (slides). The technique is not unknown to the Rust community, but Liebow-Feeser did a good job of both explaining the method and making a case for why it should be used more widely.

The BPF instruction set architecture is now RFC 9669

Par : corbet
5 novembre 2024 à 14:43
After a couple of years of effort, the BPF instruction set architecture has been accepted as RFC 9669, giving it a standard outside of the in-kernel implementation. This message from David Vernet (who also contributed an article on the standardization process last year) describes the process and why it is important:

Though some vendors have already implemented BPF offloading capabilities without having a standardized ISA, others are not quite as risk tolerant. As Christoph [Hellwig] discussed at LSFMM 2022, certain NVMe vendors have expressed an interest in building BPF offloading capabilities for various use cases such as eXpress Resubmission Path (XRP), but they simply can't fund such a project without certain components of BPF being standardized. Hence, the effort to standardize BPF was born.

Security updates for Tuesday

Par : corbet
5 novembre 2024 à 14:42
Security updates have been issued by AlmaLinux (firefox, openexr, and thunderbird), Fedora (llama-cpp and python-quart), Oracle (firefox, openexr, thunderbird, and xorg-x11-server and xorg-x11-server-Xwayland), SUSE (chromium, govulncheck-vulndb, openssl-1_1, python311, and python312), and Ubuntu (linux-azure, linux-bluefield, linux-azure, linux-gcp, linux-ibm, openjpeg2, and ruby3.0, ruby3.2, ruby3.3).

[$] The OpenWrt One system

Par : corbet
4 novembre 2024 à 16:04
OpenWrt is, despite its relatively low profile, one of our community's most important distributions; it runs untold numbers of network routers and has served as the base on which a lot of network-oriented development (including the bufferbloat-reduction work) has been done. At the beginning of 2024, a few members of the project announced a plan to design and produce a router device specifically designed to run OpenWrt. This device, dubbed the "OpenWrt One", is now becoming available; the kind folks at the Software Freedom Conservancy were kind enough to ship one to LWN, where the desire to play with a new toy is never lacking.

Security updates for Monday

Par : jake
4 novembre 2024 à 14:29
Security updates have been issued by AlmaLinux (firefox, grafana, kernel, and mod_http2), Debian (chromium, openssl, and thunderbird), Fedora (chromium, krb5, mysql8.0, polkit, python-single-version, and webkitgtk), Mageia (bind, buildah, podman, skopeo, kernel, kmod-xtables-addons. kmod-virtualbox, kernel-firmware & kernel-firmware-nonfree radeon-firmware, and kernel-linus), SUSE (apache2, chromedriver, cups-filters, docker-stable, firefox, gama, govulncheck-vulndb, java-11-openjdk, java-17-openjdk, java-23-openjdk, libnss_slurm2, openssl-1_1, openssl-3, python-waitress, python3, python310-waitress, ruby2.5, rubygem-actionmailer-5_1, rubygem-actionpack-5_1, rubygem-bundler, webkit2gtk3, and xorg-x11-server), and Ubuntu (linux-azure-6.8).

Kernel prepatch 6.12-rc6

Par : corbet
4 novembre 2024 à 00:41
The 6.12-rc6 kernel prepatch is out for testing. Linus says: "Another week, another rc. Nothing odd or special seems to be going on - this may be a bit on the bigger side for an rc6, but not hugely so, and nothing stands out."

[$] OSI board AMA at All Things Open

Par : jzb
1 novembre 2024 à 17:14

Members of the Open Source Initiative (OSI) board sat down for a 45-minute "Ask Me Anything" (AMA) session at All Things Open in Raleigh, NC on October 29. Though the floor was open to any topic the audience might want to ask of the OSI board, many of the questions were focused on the Open Source AI Definition (OSAID), which was announced the day before. The new definition has been somewhat controversial, and the board spent a lot of time addressing concerns about it during the session, as well as questions on open washing, and a need for more education about open source in general.

❌
❌