Vue lecture
Cockpit project releases Cockpit Files plugin
The Cockpit project has announced the first release of Cockpit Files, a plugin for Cockpit that allows file management on your server via a web browser:
Cockpit Files was initially started by Google Summer of Code (GSoC) student Mahmoud Hamdy and is now under active development by the Cockpit team. The goal is to replace the functionality of the cockpit-navigator plugin from 45Drives and include automated testing per commit, a standard PatternFly-based interface, and consistency with the rest of Cockpit.
Development builds for Fedora are available via a Copr repository, and packages are expected for Arch, Debian, and Fedora. LWN covered the Cockpit project in March.
[$] Elevating CentOS 7 to a new life
CentOS Linux 7 was first released in July 2014, and is due to go end-of-life (EOL) on June 30. By now, anyone who pays attention to such things is aware that Red Hat pulled the plug on CentOS Linux in late 2020 to be replaced by CentOS Stream instead. CentOS Linux 8 support was wound down at the end of 2021 rather than in 2029 as originally stated. CentOS Linux 7 was allowed to serve out its full lifespan—but that EOL is approaching rapidly and there's no direct upgrade path. Users and organizations looking for a lifeline might want to consider AlmaLinux's ELevate utility, which allows CentOS users to migrate to alternate enterprise Linux (EL) operating systems.
Nominations are open for the PSF Board election
The Python Software Foundation (PSF) has announced that nominations are open for the PSF Board election through June 25:
Who runs for the board? People who care about the Python community, who want to see it flourish and grow, and also have a few hours a month to attend regular meetings, serve on committees, participate in conversations, and promote the Python community.
The PSF has a video about serving on the board for those who might be interested. PSF members can nominate themselves or another member. Candidates will be announced on June 27. Voting begins on July 2 and will end on July 16.
[$] Memory sealing for the GNU C Library
systemd 256 released
OpenSUSE Leap 15.6 released
Leap 15.6 is projected to receive maintenance and security updates until the end of 2025 to ensure sufficient overlap with the next release". Changes include the addition of the Cockpit server-management tool, a 6.4 kernel, GNOME 45, and many other upgrades. This release also removes a long list of unmaintained Python packages. See the release notes for details.
Security updates for Wednesday
Extensible scheduler class to be merged for 6.11
I honestly see no reason to delay this any more. This whole patchset was the major (private) discussion at last year's kernel maintainer summit, and I don't find any value in having the same discussion (whether off-list or as an actual event) at the upcoming maintainer summit one year later, so to make any kind of sane progress, my current plan is to merge this for 6.11.
[$] Securing BPF programs before and after verification
BPF is in a unique position in terms of security. It runs in a privileged context, within the kernel, and can have access to many sensitive details of the kernel's operation. At the same time, unlike kernel modules, BPF programs aren't signed. Additionally, the mechanisms behind BPF present challenges to implementing signing or other security features. Three nearly back-to-back sessions at the 2024 Linux Storage, Filesystem, Memory Management, and BPF Summit addressed some of the potential security problems.
Firefox 127.0 released
Update: this Mozilla Security Blog post describes the HTTPS-related changes in detail.
[$] Dropping the page cache for filesystems
Security updates for Tuesday
[$] P4TC hits a brick wall
perl v5.40.0 released
Perl 5.40.0 represents approximately 11 months of development since Perl 5.38.0 and contains approximately 160,000 lines of changes across 1,500 files from 75 authors". Significant changes include a new __CLASS__ keyword, a :reader attribute for field variables, a new "^^" logical-XOR operator (because two of those were not enough), moving "try/catch" out of the experimental category, and more; see this page for lots of details.
Security updates for Monday
Kernel prepatch 6.10-rc3
So things look good, the water is warm, please jump right in and keep testing,"
[$] Ladybird browser spreads its wings
Ladybird is an open-source project aimed at building an independent web browser, rather than yet another browser based on Chrome. It is written in C++ and licensed under a two-clause BSD license. The effort began as part of the SerenityOS project, but developer Andreas Kling announced on June 3 that he was "forking" Ladybird as a separate project and stepping away from SerenityOS to focus his attention on the browser completely. Ladybird is not ready to replace Firefox or Chrome for regular use, but it is showing great promise.