Bonum Certa Men Certa

Links 01/04/2022: Important IPFire Bugfix and a Look at Debian Project Leader Candidates



  • GNU/Linux

    • Desktop/Laptop

      • XDADoes the Lenovo ThinkPad X1 Carbon support Linux?
        The Lenovo ThinkPad X1 Carbon Gen 10 is one of the most powerful ultrabooks to come out in 2022. The new 2022 refreshed model comes with Intel’s new 12th gen processors, a new high-quality webcam, and more. There’s a lot to like about this particular laptop and we think it definitely deserves a spot in our collection of the best business laptops. The ThinkPad X1 Carbon is a Windows machine, but what if you want to run Linux on it? Luckily, you can.

      • Medium5 Reasons to Use a Rolling-Release Linux Distribution

        There is something about having access to the latest version of one’s favorite programs that makes a rolling-release user smile.

        When I first started with Linux some 25 years ago, I used Debian on its stable branch, and one of the things that always bothered me was having to wait a year or two for new versions of outdated applications. As the years passed, I would read about new and improved application versions, always available on expert-level rolling-release distributions like Arch or Gentoo, but usually far into the future on Debian, Slackware or OpenSUSE (before Tumbleweed emerged). I bounced from one fixed-releases distribution to another until 2012, when I discovered Manjaro, based on rolling-release Arch Linux without having to install Arch from scratch, at which time I discovered what it’s like to run the freshest software on a regular basis. I have been using rolling-release systems ever since.

      • Ubuntu PitChromebook vs Laptop: Which One is Suitable For You? [Ed: Bizarre framing as 'Chrome'books are just locked-down laptops, but sometimes they can still be redeemed from Google's grip]

        Chromebook by Google Chrome is the most recent invention, and it has already started competing with Laptops. If you consider the surface and outlook, both of them share the biggest similarity. But inside, they have a lot of differences. Well, the battle of Chromebook vs Laptop can help you learn about the points where they are not the same. And that’s exactly what we are going to discuss today.

        Basically, we understand Windows PC or Macbook by the word, Laptop. But when it is about the security, interface, gaming, software availability, and storage, there are lots of dissimilarities. Windows pc can be of different brands and prices. Chromebooks also are of different brands and values as well.

        That’s the reason many of us get confused about which one to buy. Well, if you are also confused about the same fact, you are on the right track. Today we are planning to discuss the points where Chromebook and Windows laptops are different from one another. So, you can easily get your point to choose the best one from Laptop and Chromebook.

    • Server

      • Blog: Is Your Cluster Ready for v1.24?

        Way back in December of 2020, Kubernetes announced the deprecation of Dockershim. In Kubernetes, dockershim is a software shim that allows you to use the entire Docker engine as your container runtime within Kubernetes. In the upcoming v1.24 release, we are removing Dockershim - the delay between deprecation and removal in line with the project’s policy of supporting features for at least one year after deprecation. If you are a cluster operator, this guide includes the practical realities of what you need to know going into this release. Also, what do you need to do to ensure your cluster doesn’t fall over!

      • The Register UKDocker goes double unicorn with $105m Series C funding and $2.1b valuation [Ed: Making another laughable bubble from a company that cannot even make money]

        Docker hasn't just got back in the fight thanks to its latest round of funding: it's earned double-unicorn status, too.

        The long-suffering containerization company today announced a $105 million Series C funding round led by Bain Capital Ventures bringing its total funding to $163 million, and a company valuation of $2.1 billion. Bain's Enrique Salem, former CEO of Symantec, will join Docker's board as part of the deal.

        [...]

        As recent as mid-2021, the outfit was still having trouble finding its footing and a successful business model.

    • Audiocasts/Shows

    • Kernel Space

      • LWNA look at some 5.17 development statistics [LWN.net]

        At the conclusion of the 5.17 development cycle, 13038 non-merge changesets had found their way into the mainline repository. That is a lower level of activity than was seen for 5.16 (14,190 changesets) but well above 5.15 (12,337). In other words, this was a fairly typical kernel release. That is true in terms of where the work that made up the release came from as well.

      • LWNDriver regression testing with roadtest [LWN.net]

        The kernel community has a number of excuses for the relative paucity of regression-test coverage in the project, some of which hold more water than others. One of the more convincing reasons is that a great deal of kernel code is hardware-specific, and nobody can ever hope to put together a testing system with even a small fraction of all the hardware that the kernel supports. A new driver-testing framework called roadtest, posted by Vincent Whitchurch, may make that excuse harder to sustain, though, at least for certain kinds of hardware.

        One of the problems with hardware is its sheer variety. Consider a device as conceptually simple as a GPIO port which, at its core, drives a single electrical line to either a logical true or false value. GPIO drivers should be simple things, and many of them are, but vendors like to add their own flourishes with each new release. As a result, there are well over 150 GPIO drivers in the kernel source, many of which can drive more than one variant of a device. There is no way to build a system with all of those devices in it; most of them are part of a larger peripheral or system-on-chip, and many of them have not been commercially available for years.

      • LWNImproved response times with latency nice [LWN.net]

        CPU scheduling can be a challenging task; the scheduler must ensure that every process gets a fair share of the available CPU time while, at the same time, respecting CPU affinities, avoiding the migration of processes away from their cached memory contents, and keeping all CPUs in the system busy. Even then, users can become grumpy if specific processes do not get their CPU share quickly; from that comes years of debates over desktop responsiveness, for example. The latency-nice priority proposal recently resurrected by Vincent Guittot aims to provide a new tool to help latency-sensitive applications get their CPU time more quickly.

        Over the years, numerous approaches have been used to try to improve the response time of important processes. The traditional Unix "nice" value can be used to raise a process's priority, for example. That can work, but a process's niceness does not directly translate into latency; it controls how much of the available CPU time the process can consume, but not when the process can actually run. Using the realtime priorities will cause the scheduler to run a process quickly, especially if realtime preemption is enabled, but a process running at that priority can also take over the system.

        The latency-nice concept is a different approach that tries to address those problems; it applies to the completely fair scheduler used for most processes, so no realtime priorities are needed. It adds a second nice value which, mirroring the existing nice value, is a number between -20 and 19. The lower the number, the higher the priority, so the highest-priority latency-nice value is -20. As with traditional nice values, any process can increase its latency-nice setting, but lowering it requires the CAP_SYS_NICE capability.

    • Instructionals/Technical

      • VideoHow to install Parrot 5.0 Home Edition. - Invidious

        In this video, I am going to show how to install Parrot 5.0 Home Edition.

      • Linux CapableHow to Install GwenView on Ubuntu 22.04 LTS

        Gwenview is a simple and easy-to-use program for viewing images on the KDE desktop. It can show you full-screen slideshows, crop an image or rotate it in many different ways without much effort from yourself!

      • Linux CapableHow to Install KPhotoAlbum on Ubuntu 22.04 LTS

        When you’re looking for an easy way to organize your photos, KPhotoAlbum is the program that will make it easier than ever before. With this simple yet powerful tool in hand, there’s no longer a need to worry about what photo goes where because everything can be done through its intuitive interface, like viewing images individually or browsing by category. Best of all, taking advantage of some excellent features like seeing which ones were taken today without having them mess up any other date stamps!

        In the following tutorial, you will learn to install the KPhotoAlbum on Ubuntu 22.04 LTS Jammy Jellyfish using three methods: apt package manager and flatpak package manager with some tips for maintaining or removing KPhotoAlbum in the future.

      • How to Install SimulIDE on Debian 11

        Although in the field of engineering the applications are very varied, the truth is that most of them are only available for Windows. However, today you will learn how to install SimulIDE on Debian 11 which is a very efficient electronics simulator that is used by more and more people every day. Let’s get started.

      • Linux CapableHow to Install gThumb on Ubuntu 22.04 LTS

        gThumb is the perfect tool for viewing and editing all your favorite images. It’s fully integrated with GNOME 3, so you can access it in seconds. The imaging software provides an easy way to view common formats such as BMPs GIF(including animations), JPEGs PNG TIFF, or RAW files — not just typical multimedia types like videos that are usually found on other platforms. You’ll also be able to use various metadata tags embedded inside photos including EXIF IPTC XMP which allows more customization than ever before when organizing collections across multiple devices

        In the following tutorial, you will learn to install the gThumb on Ubuntu 22.04 LTS Jammy Jellyfish using three methods: apt package manager and flatpak package manager with some tips for maintaining or removing gThumb in the future.

      • Virtualbox shared folder access denied (non-root user) from guest (Debian) to host (Debian)
      • SmoogeSpace: Compiling openldap for CentOS 8 Stream

        The EL8 release did not ship an openldap-server like it did in previous releases. Instead only the client tools and some libraries are included for existing applications. Instead the focus from the upstream provider has been on other LDAP solutions.

      • FOSSLifeSecurely Connect to your Raspberry Pi with SSH

        Many Raspberry Pi projects are "headless," which means they don't have an attached monitor, keyboard, or mouse. When it comes time to read the screen. Going without a monitor will keep the cost of your Rasp Pi low. You can always access the system with Secure Shell, better known as SSH.

        SSH is simply a secure, encrypted way of remotely logging in to a computer. OpenSSH, a free set of SSH tools developed by the OpenBSD project, is included in Linux distributions. If you're using a recent version of a Linux distribution meant for the Raspberry Pi, the SSH service is almost certainly already available. The easiest way to find out without attaching a monitor and keyboard is to attempt to SSH to it.

      • Russell CokerConverting to UEFI €« etbe - Russell Coker

        When I got my HP ML110 Gen9 working as a workstation I initially was under the impression that boot wasn’t supported on NVMe and booted it from USB. I found USB booting with legacy boot to be unreliable so decided to try EFI booting and noticed that the NVMe devices were boot candidates with UEFI. Making one of them bootable was more complex than expected because no-one seems to have documented such things. So here’s my documentation, it’s not great but this method has worked once for me.

        Before starting major partitioning work it’s best to run “parted -l and save the output to a file, that can allow you to recreate partitions if you corrupt them. One thing I’m doing on systems I manage is putting “@reboot /usr/sbin/parted -l > /root/parted.log” in the root crontab, then when the system is backed up the backup server gets any recent changes to partitioning (I don’t backup /var/log on all my systems).

      • Barry KaulerRemove duplicate screen-lock icons in ROX-mode

        Fixed. In ROX-mode the screen-lock icon will be on the desktop only. In JWM-mode it will be in the tray. Achieved by editing /root/.xinitrc Note, I have brought back the "show desktop" icon in the tray. It is useful.

      • Using nmcli to configure a static dual stack wired network interface – nullr0ute's blog

        I recently managed to break the network on my VM that hosts this blog. Basically I removed the NetworkManager-initscripts-ifcfg-rh package because I don’t use the old style ifcfg configuration anywhere else and I had forgotten how long I’d had this VM. So I went into the web console, manually bought up the network with ip commands and reinstalled the package but it made no difference. Oh well! Time to just move it to the new config so I just worked out the nmcli options for all the bits in the old ifcfg. This VM network is nothing special, it’s basically dual IPv4/IPv6 interface with associated DNS.

      • Helpful git tips – nullr0ute's blog

        So chatting with a colleague about some git tricks this week I discovered that not everyone was aware you could change the bash prompt to give certain git status, such as branch, and things like if you’re in merge/am/bisect modes etc. I’ve had the pieces in my .bashrc for so long I had literally got to the point it was assumed functionality that every one has enabled.

      • New syslog-ng parser: flip-parser()

        The latest pull request to syslog-ng adds a really useful feature: the flip-parser(): https://github.com/syslog-ng/syslog-ng/pull/3971 It allows you to flip the message text, reverse it, or both. As I also reported a couple of minor problems related to UTF-8 character handling, this PR most likely will not be merged today. However, you can compile it yourself, or if you use openSUSE Tumbleweed, use my packages from the openSUSE Build Service.

      • OpenSource.comMonitor your databases with this open source tool | Opensource.com

        I have been using databases for a lot longer than I care to admit, and a lot of that time has been spent looking at the entrails of servers, trying to determine exactly what they were doing. Thank goodness for the engineers behind the MySQL Performance Schema and Information Schema and their efforts to provide solid information. And then came the Sys schema with handy prepackaged peeks at the server. Before the advent of those schemas, there was no easy way to get granular information about a database instance.

        But peering at tabulated displays at the information of one point in time does not allow for trend-spotting or a quick glance to ascertain a server's status. Being able to spot a trend on a graph or have alerts sent when a threshold is reached is vital. My friends in the PostgreSQL and MongoDB worlds had the same problem. The good news is that there is an open source solution for all three databases that is easy to install and use.

      • OpenSource.comHow I customize my Linux window decorations | Opensource.com

        One thing I especially like about Linux is the amazing and vast array of choices in almost everything. Don't like one application for something? There are usually several more you can choose from. Don't like how the desktop works? Pick one of many other desktops. Don't like the window decorations on your desktop? There are many others you can download and try.

        What if you don't like one little thing about your choice of window decorations—and all other sets of decorations are not even close?

        One of the advantages of open source is that I can change anything I want. So I did.

        I use the Alienware-Bluish theme on my Xfce desktop. I like its futuristic look, the cyan and gray colors that match my dark primary color schemes—and sometimes my moods. It has a nice 3D relief in the corners, and the corners and edges are wide enough to grab easily, even with my Hi-DPI resolution. Figure 1 shows the original Alienware-Bluish decorations with the gradient-black-324.0 color scheme I prefer.

      • A Lesson in Shortcuts – Tookmund – A place for my random thoughts about software

        Long ago, as the design of the Unix file system was being worked out, the entries . and .. appeared, to make navigation easier. I’m not sure but I believe .. went in during the Version 2 rewrite, when the file system became hierarchical (it had a very different structure early on). When one typed ls, however, these files appeared, so either Ken or Dennis added a simple test to the program. It was in assembler then, but the code in question was equivalent to something like this:

      • VituxFix wrong Keyboard Layout in Ubuntu – VITUX

        Is the Ubuntu Keyboard layout not working? Most Ubuntu users want to use their native language as the primary input language when using their system. Using the Ubuntu preferences utility, you can add your native language as a keyboard input source. This language can be configured to be used as the default keyboard layout. This layout means that anything you type on your keyboard will be perceived by your Ubuntu system based on the keyboard layout you choose.

        This article describes how to customize the keyboard layout on the desktop to your preferred input language. It also describes how you can change it in the terminal (see the chapter on changing the keyboard layout on the Ubuntu server at the end of the article). We have run the commands and procedures mentioned in this article on Ubuntu 20.04 and Ubuntu 22.04.

      • Trend Oceansthefuck: Automatically Correct Previous Incorrect Command - TREND OCEANS

        thefuck is a Linux utility that comes as a python package can be installed via pip command to provide you automatic features to correct previous incorrect commands.

      • What Is an Inode?

        If you are reading or learning about high-performance computing (HPC), where storage is a very important consideration, having a basic introduction to an inode is fairly important. In this article, I want to give you a high-level definition of an inode along with some additional details.

        For clarity, I’ll start with the recent evolution of filesystems. Over time, more features have been added to filesystems, creating a “spectrum” of filesystems, from the simple to the really sophisticated. Moreover, filesystems now address specific usage models, so they are not so generalized and might not be POSIX compliant. In this article, I stay with the classic filesystems that use inodes, oftentimes referred to as block-oriented filesystems, which excludes object and pure key-value filesystems.

    • Games

      • GamingOnLinuxNightmare Reaper is a quality retro-themed FPS out now | GamingOnLinux

        Nightmare Reaper, a retro-inspired FPS that blends together elements of a looter-shooter and a sprinkle of RPG mechanics, recently left Early Access and it works great on Linux and Steam Deck. With Steam Play Proton, it's a perfect experience. Note: key provided for me by Evolve PR.

        A blending of many ideas from classic first-person shooters, a lot of the inspiration in the graphical style and level design is clear but it has plenty of modern tweaks too. While modern shooters continue to push the boundaries of graphics, they've lost a lot of what made them fun — which is why games like Nightmare Reaper are just so good. Absolutely pumping action with some great visual effects.

      • Boiling Steam2000 Games On The Steam Deck, with Death Stranding Director's Cut and Rising Hell - Boiling Steam

        A rather slow week, it took a while between the 1900 games milestone and the 2000 games mark. Overall it took Valve a bit more than 3 months to move from zero games validated to 2000.

      • GamingOnLinuxDead Cells 'Break the Bank' free upgrade out, more big updates teased | GamingOnLinux

        Motion Twin / Evil Empire have given us another great free update to the fantastic Dead Cells and teased plenty more is coming to the game. With this update you get The Bank, a brand-new optional biome that randomly appears in your run, replacing the immediately following biomes if you choose to enter it.

      • GamingOnLinuxPoint and click adventure Pants Quest gets a Linux release | GamingOnLinux

        A point and click adventure game all about finding missing clothing? Well, there's been weirder things. Pants Quest gets a native Linux release.

        "A classic style adventure game about life and finding your pants. The more our hero tries to find them, the more things seem to spin out of control. The tone is funny but also kind of introspective, following the kind of crappy morning that makes you rethink every decision you’ve ever made while wandering around in your underwear."

      • GamingOnLinuxPopular and unique musical game Rhythm Doctor gets Steam Deck support | GamingOnLinux

        Rhythm games come in all shapes and sizes, with Rhythm Doctor looking a lot more unique than some and not only does it have an Overwhelmingly Positive user score on Steam but it also got some big Steam Deck improvements.

    • Distributions

      • IPFire Official BlogIncomplete Backups since Core Update 164

        This bug is being caused by an error in a routine which expands any globbing characters in the backup include list. Globbing is a way to use wildcards in file names like: /var/ipfire/*/settings where the asterisk character stands for any directory that the shell can find. And precisely that does not work which causes that certain files are not included in the backup.

        This is not security-relevant, but if you restore those backups, you will end up with an incomplete configuration which might cause other problems and lots of things being reset to the factory default.

        Most IPFire users won't be impacted by this at all, since it is normally not required to backup and reinstall your system. However, because this bug has the potential to break an installation, we wanted to highlight this problem with this post.

      • CrunchBang++ Linux - The Ultimate Lightweight and Stable Linux Distribution

        We review the Debian based, Openbox powered lightweight Linux Distribution CrunchBang++ Linux and guide you if you plan to use it.

      • New Releases

        • The Register UKChinese distro Deepin hits 20.5, complete with browser called Browser

          Deepin version 20.5 is the latest "Community" version of one of the best-known Chinese Linux distros, and shows an interesting blend of technological influences.

          The Debian-based distro is from the UnionTech Software Technology Co (Chinese language only) in the People's Republic of China, however, it supports multiple languages and can be installed and used entirely in English.

          [...]

          The new version follows close behind the release of Deepin 20.4 in January. It offers no choice of desktop, because its home-grown Deepin Desktop Environment (DDE) is a big part of its appeal – as we mentioned when we looked at it and its related Ubuntu DDE remix.

          We gave 20.5 a quick spin in VirtualBox – which it complained about. Like Ubuntu Kylin, Deepin uses a lot of animations and audio effects, including a fancy animated loading screen and colourful wallpapers.

          Consequently, the installer checks if you're running in a VM and warns you that performance will be sub-optimal. Even after installing the Guest Additions, the "Window Effect" button in Personalization Settings remained stubbornly disabled.

      • BSD

        • Small OpenBSD and FreeBSD Experiment

          As I feel the need for a more minimalist and more coherent system, I downloaded OpenBSD and FreeBSD to install on a spare laptop (a Starlabs Star-lite MKII). I was baffled by the very pleasant OpenBSD installer. Clean, efficient.

          Best of all?

          I could choose, at install time, my keyboard layout (French Bépo) with capslock already replaced by Ctrl. Waw! Nice.

          Too bad, the installer didn’t managed to load the wifi driver (and this computer doesn’t have an RJ-45 port). Maybe I should report the issue somewhere.

      • SUSE/OpenSUSE

        • SUSE's Corporate BlogNew SUSE Certified Deployment Specialist Program

          SUSE Technical Training team introduced the new SUSE Certified Deployment Specialist (SCDS) program in February 2022. It provides certification for those specialists who are involved in product deployment and complements the existing SUSE Certified Administrator (SCA) and SUSE Certified Engineer (SCE) certification that are focused on the administration and usage of SUSE products.

        • openSUSE Tumbleweed – Review of the week 2022/13

          During this week, we only managed to get 4 snapshots (0324, 0328, 0329, and 0330) out of the door. Seems QA is slowing us down too much, so I decided to give up on it. To make Tumbleweed more plannable for upgraders, the new process will foresee a fixed time when a snapshot will go out – daily at 5 pm UTC. We will just ship out whatever we have built by that time. This is a minimal tradeoff between stability and plannability – after all, we all trust our developers and maintainers and we know that they test things before sending them your way. So no more need to slow down using QA!

      • IBM/Red Hat/Fedora

        • VideoTechnically Speaking (E12): GitOps with Argo CD - Invidious

          How do necessity, innovation, and Git as the single source of truth connect to our taxes? Maybe they don't, but if you want to get started with GitOps, this video is for you. In this episode, Ed Lee of Intuit talks with Red Hat CTO Chris Wright about adopting GitOps and the Argo CD project.

        • The Next PlatformRed Hat Stacks Up Software To Contain AI On Nvidia Platforms

          If you are a tech industry giant that wants to put a greater spotlight on what your technologies can do for enterprises that want to run AI workloads, you can do worse than make those statements at Nvidia’s bi-annual GPU Technology Conference. And that’s what Red Hat is doing this week, highlighting tighter integrations between its OpenShift Kubernetes platform and Nvidia’s AI Enterprise 2.0, software suite introduced last year as a way of making AI capabilities available to a wider range of enterprises, and introducing the latest release of OpenShift. Opening up AI and machine learning technologies to more companies and not just available to research labs, educational institutions and the largest organizations has been an ongoing effort of many in IT for the past few years.

        • Red Hat Handing Over Commercial Business to Partners

          Red Hat is accelerating plans to be partner-led across its commercial business. It's also swapping traditional go-to-market for an ecosystem-led approach.

        • Securing verybad web application with only systemd

          In my last blog post I talked about verybad web application. It has multiple major security holes, which allows anyone to do remote code execution or read/write files on a server. Look at the source code to see what all you can do.

          I am running one instance in public http://verybad.kushaldas.in:8000/, and then I asked twitter to see if anyone can get access. Only difference is that this service has some of the latest security mitigation from systemd on a Fedora 35 box.

        • OpenSource.com5 things open source developers should know about cloud services providers [Ed: Red Hat does "openwashing" + "clownwashing" all-in-one]

          "The cloud" refers to both the collective computing power of an interconnected array of servers and the software layer enabling those computers to work together to create dynamically defined infrastructure. Because many consider the cloud the new frontier of computing, it's dominated the software industry for the past several years. Still, your individual level of involvement with it probably depends on your career and how much you acknowledge that you're using the cloud in your computing.

          If you're a programmer, you might be looking to move your development onto the cloud, either for work or for fun, but it doesn't take long to realize that choosing a cloud provider can be an overwhelming prospect, especially for an open source enthusiast. I've written about the importance of an open cloud in the past. Luckily, there are very direct ways you, as a developer, regardless of your experience, can help ensure that the cloud fosters and strengthens open source.

        • Red Hat Official5G edge and security deployment evolution, trends and insights

          The Heavy Reading 2022 5G Network Strategies Operator Survey provides insight into how 5G networks may evolve as operators and the wider mobile ecosystem continue to invest in 5G technology. We’ll begin by discussing some of the findings for 5G and edge computing, and conclude with a perspective centered around 5G security.

          Red Hat sponsored portions of the survey, specifically sections pertaining to service provider 5G edge computing strategies and their approach to 5G security.

        • FedoraFedora Community Blog: CPE Weekly Update – Week of March 28th – April 1st

          This is a weekly report from the CPE (Community Platform Engineering) Team. If you have any questions or feedback, please respond to this report or contact us on #redhat-cpe channel on libera.chat (https://libera.chat/).

      • Debian Family

        • LWNThree candidates vying for Debian project leader [LWN.net]

          Three candidates have thrown their hat into the ring as candidates for the 2022 Debian project leader (DPL) election. One is Jonathan Carter, who is now in his second term as DPL, while the other two are Felix Lechner and Hideki Yamane. As is the norm, the candidates self-nominated during the nomination period and are now in the campaigning phase until April 1. The vote commences April 2 and runs for two weeks; the results will be announced shortly thereafter and the new DPL term will start on April 21. The candidates have put out platforms and are fielding questions from the voters, Debian developers, thus it seems like a good time to look in on the election.

          While the DPL is the titular head of the project, their powers are pretty limited by the Debian Constitution; most of the power in Debian lies collectively and individually with the developers. The DPL is, to a certain extent, an administrative role more than it is an executive one. The intent is also for the DPL to be kind of a thought leader for the project, leading discussions, possibly proposing general resolutions (GRs), and consulting with the developers on how to use project money or other assets; in addition, the DPL is a catch-all for urgent decisions or those for which there is no relevant decision-making entity in the organization.

        • Russ Allbery: Updated eyrie Debian archive keyring

          For anyone who uses my personal Debian repository (there are fewer and fewer reasons to do that, but there are still some Debian packages there that aren't available anywhere else), I've (finally) refreshed the archive signing key.

        • Paul Wise: FLOSS Activities March 2022

          This month I didn't have any particular focus. I just worked on issues in my info bubble.

        • The AnarcatAntoine Beaupré: Salvaged my first Debian package

          People not familiar with Debian will not understand anything in that first paragraph, so let me expand. Know-it-all Debian developers (you know who you are) can skip to the next section.

          Traditionally, the Debian project (my Linux-based operating system of choice) has prided itself on the self-managed, anarchistic organisation of its packaging. Each package maintainer is the lord of his little kingdom. Some maintainers like to accumulate lots of kingdoms to rule over.

          (Yes, it really doesn't sound like anarchism when you put it like that. Yes, it's complicated: there's a constitution and voting involved. And yes, we're old.)

          Therefore, it's really hard to make package maintainers do something they don't want. Typically, when things go south, someone makes a complaint to the Debian Technical Committee (CTTE) which is established by the Debian constitution to resolve such conflicts. The committee is appointed by the Debian Project leader, himself elected each year (and there's an election coming up if you haven't heard).

      • Canonical/Ubuntu Family

        • My First Trimester Tech Updates: Earbuds, Laptop and Robot

          In a previous post I shared “5 Good Laptops Under 700€ to Buy in 2022” as I was looking for a cheap laptop to run Ubuntu (that I need for academic purposes). One of the comments I received stated that for a few bucks more I could buy a MacBook Air with the powerful M1. Well, I am not interested in buying a new MacBook Air to run Linux distributions. But it gave me the idea of buying an old used MacBook for this purpose. I found a good deal on eBay, and in a few days I have my new cheap laptop.

          I have previous experience installing Ubuntu (as dual boot) on my MacBook Pro 2011 without major problems (wireless card not working, but solved with USB wireless, and everything else working as expected), so I decided it could be a good deal. Old MacBooks are still better than most cheap laptops of today, with better quality construction, better trackpad, better keyboard (including backlit), and better overall look and feeling.

          Ubuntu OS is very light, and can run really fast in old machines without much requirements from the system. My cheap laptop has an SSD disk and 8Gb of Ram, which is good enough to run Ubuntu with easy, and have an updated OS.

        • UbuntuDesign patterns and the software operator — part 1 | Ubuntu

          In the early days of software development, computers were sold with compilers and interpreters. Users wrote mostly their own small programs instead of buying software. During that time, most didn’t even consider downloading software as only a few were connected to mailboxes or the UUCP network.

          Most of the software was provided by the computer vendors and many users just required simple programs implementing calculations or little tools. As we know, this has changed quite a lot over the past decades. Technology became more complex and vendors started providing interfaces for the applications (APIs) of the users. As computers got more capable, the APIs grew over the years. Libraries, frameworks and APIs went from being mainly made and distributed by vendors to being provided by 3rd parties.

        • UbuntuThe software operator design pattern — part 2 | Ubuntu

          Over the years, the software development and programming community developed a common understanding of design patterns. A design pattern is a general solution designed to solve a repeatedly occurring problem when writing — or better, designing — software. This implies that if a design is new and has not been proven to work in production software, it cannot be a pattern. A pattern is an abstract concept covering multiple implemented solutions following that abstract concept. If there are no solutions already in place, such a pattern does not exist.

          For the software operator pattern as published by the kubernetes community, the part about existing implementations is covered, as the website clearly lists a number of frameworks and projects implementing this pattern. And – as pointed out in the first part of this blog post series – Canonical provides an implementation of this pattern as well. Interestingly enough, this implementation has been created before the publication of the operator pattern in 2017. In fact, initial steps for the Canonical implementation of the software operator pattern date back much earlier than 2013. At that time, the implementation was not named software operator framework, but Juju and Charms. Back then, operators were named Charms, while the middleware running the operators was Juju, running Charmed Operators and managing the available local, public and multi-cloud environments.

          But coming back to describing a pattern instead of only describing an interesting design, there is more to say: the motivation to talk about patterns is to let the readers, software developers or software architects understand the experience of adopting this design, its benefits and also disadvantages.

    • Devices/Embedded

      • Linux GizmosJetson powered edge AI system has eight PoE ports

        The Boxer-8254AI is equipped with a hexa-core Xavier NX with 8GB LPDDR4 and 16GB eMMC running the usual Ubuntu stack with Nvidia JetPack 4.5 (and above) SDK for AI development. The system adds a microSD slot and a 2.5-inch SATA bay, and mSATA is available on the full-size mini-PCIe slot along with PCIe and USB. There is also a SIM card socket, 4x SMA antenna mounts, and an M.2 E-key slot for WiFi/BT.

      • CNX SoftwareHardkernel launches ODROID-M1 Rockchip RK3568B2 SBC
      • CNX SoftwareKontron Pi-Tron CM4 mini PC leverages Raspberry Pi Compute Module 4 for industrial applications
      • Mobile Systems/Mobile Applications

        • DedoimedoMy Nokia X10 upgraded to Android 12 - And we check

           There you have it. My depressing little review. Android 12 does have some visual merits, but they come bundled with inefficiencies, more taps, and if you care about privacy, you need to spend time undoing the default nonsense that the new version brings. The overall interface feels a bit too big, and I loathe the screenshot functionality. I also don't like the swipe wobble - the app grid shakes ever so slightly when you swipe hard, as though the app icons are pasted on an elastic sheet rather than a rigid canvas. This will probably make someone excited, but rule no.1 in UI design is that you don't make things change unless necessary, and this isn't necessary.

          Yes, it works, yes the color scheme is nicer, yes things are stable, and yes, after you're done purging the nonsense from your phone, you have a decent privacy-oriented baseline. But the whole exercise feels cheap, dirty, and I'm just too jaded for this so-called modern world of mobile phone technology. Or any would-be new technology for that matter, it seems. Because it's not about usability, it's all about the tiniest of margins on profits, and it feels like a cattle market, and I'm not a sheep, nor do I like being fleeced.

          Finally, I don't really get any choice. My phone upgraded itself, I don't get any say in this. But if I look at the various Android phones in my possession, with versions set at 4 through 12, it seems Android 10 is probably the nicest around (every version since the beginning was an improvement till then), but with the newer ones, it's all a bit meh. Now, Android has matured nicely, but there's only so much you can do with a piece of plastic and glass designed to be used with a finger. Anyway, enough ranting. This is an operating system review, if you want to call it that. In the end, I had to do some tweaking, I lost some basic efficiency, got some cooler colors, and the world moves on. Bye bye now.

    • Free, Libre, and Open Source Software

      • Apache BlogYour call is important to us: The Apache Software Foundation’s Infrastructure team unveils new support line
      • Apache BlogSuccess at Apache: My experience with the Apache Way —a perfect society? : The Apache Software Foundation Blog

        I have been working in software engineering for more than 15 years. I've always contributed to Open Source software as a user or a developer. But I've been contributing to Apache Software Foundation (ASF) projects such as Apache Flink, Apache Beam or Apache Spark for nearly 6 years. It is long enough for me to say that I find the Apache Way is almost the best way to collaborate on software engineering.

        I will not describe the Apache way here as there is a lot of good information about that already. I would rather link to the official Apache documentation. I humbly suggest that you read what it is if you don't know it already.

        My point here is to talk about the Apache Way in practice as I’ve experienced it. Of course, every Apache community is different, but what I wanted to emphasize is that applying the Apache Way by the book could lead to what I'd call a "perfect society" even if this word seems a bit naive and over optimistic, or even utopian.

      • Events

        • Linux Foundation's Site/BlogApply for a Linux Foundation Training Scholarship by April 30 [Ed: LF lost all the events revenue due to COVID-19; it's trying to rebuild as a diploma mill, still]

          It’s that time of year – Linux Foundation Training (LiFT) Scholarships are here! Since 2011, The Linux Foundation has awarded over 1,100 scholarships for millions of dollars in training and certification to deserving individuals around the world who would otherwise be unable to afford it. This is part of our mission to grow the open source community by lowering the barrier to entry and making quality training options accessible to those who want them.

        • PostgreSQLPostgreSQL: PostgreSQL Developer Day 2022 / dates, call for papers & sponsors, etc.

          Prague PostgreSQL Developer Day 2022 (P2D2 2022) will be held on June 1-2 in Prague, Czech Republic. The conference focuses on topics for PostgreSQL users and developers. For more information about the event, please see the website at https://www.p2d2.cz/

          We are now accepting proposals for talks and trainings in both Czech and English. In previous years, the conference was organized as a single-track even with a mix of talks in Czech and English. This year we're planning to organize a conference with a separate track in English, if permitted by the number of talk proposals etc.

      • Web Browsers

        • Mozilla

          • Google says: Thank You Mrs Baker – you successfully destroyed the Firefox browser! – Alternatives to Chrome and Firefox?

            The software quality will probably get worse and worse & maybe Firefox will disappear completely. Why? two reasons. Mozilla (the company/foundation behind Firefox) had a contract with Google, Mozilla will participate in advertising revenues if Google becomes the homepage of Firefox. probably Google has also copied a lot from Mozilla and “copied” it into its own Chrome browser.

            [...]

            Thunderbird is also from Mozilla but is developed by a group of volunteers.

            [...]

            the answer should: MRS BAKER, PLEASE RESIGN & LET SOMEONE ELSE DO THE JOB, SO YOU CAN FINALLY GO SOMEWHERE ELSE AND EARN 5x MORE MONEY WITHOUT DESTROYING THE INTERNET & MOZILLA FOUNDATION! THANK YOU!

      • Productivity Software/LibreOffice/Calligra

      • FSF

        • Unicorn MediaStallman to Deliver ’State of Free Software’ Online April 13

           Although Richard Stallman seemed to be absent from this year’s LibrePlanet event, the Free Software Foundation has announced he will be livestreaming his “The State of the Free Software Movement” talk on April 13th at 2 p.m. Eastern Time.

          Just because Richard Stallman seems to have been left out of this year’s LibrePlanet, the Free Software Foundation’s annual “free software” lovefest, doesn’t mean he’s dropping out of public view. It also doesn’t mean that the FSF isn’t willing to let him speak under its banner.

      • Programming/Development

        • LWNBoucher: rustc_codegen_gcc can now bootstrap rustc

          On his blog, Antoni Boucher updates the status of rustc_codegen_gcc, which "is a GCC codegen for rustc, meaning that it can be loaded by the existing rustc frontend, but benefits from GCC by having more architectures supported and having access to GCC’s optimizations". A significant milestone has been reached: "the GCC codegen has made enough progress to be able to compile rustc itself".

        • Drew DeVaultAnnouncing git snail-mail

          At least, this is what I’d like to say, but I ended up cancelling the project before it was ready for April Fool’s. After my friend kline (a staffer at Libera Chat) came up with this idea, I actually did write a lot of the code! Git is mostly written in Perl, but I could not really rouse the enthusiasm for implementing this idea in Perl. I did the prototype in $secretlang instead, and got it mostly working, but decided not to try to do some sneaky half-private joke release while trying to maintain the secrecy of the language.

        • Fedora MagazaineFedora Magazine: Using Sourcegraph to Search 34,000+ Fedora Repositories

          In October 2021, a Fedora Linux user asked a question about licensing. Fedora Project Leader Matthew Miller left a response: “Since we don’t have a complete, exploded, searchable repository of all of the packages in Fedora, I don’t have a quick way to check.”

          Followed by: “…or possibly pay Sourcegraph to do it for us. They seem like nice people.” He is correct, we (Sourcegraph) are nice people, but we don’t want your money. Instead, we wanted to team up with the Fedora community.

          The Fedora Community can now search their universe of open source code—currently over 34,000 repositories and counting.

        • OpenSource.comMake a cup of coffee with Git | Opensource.com

          Git can do everything—except make your coffee. But what if it could?

          Like most people, I already have a dedicated coffee brewing device listening to HTCPCP requests. All that is left is to hook Git up to it.

        • QtShell Extensions in Qt Wayland 6.3

          The Qt 6.3.0 release is just around the corner, and I wanted to share some updates we have made for the Qt Wayland integration and its companion module Qt Wayland Compositor. I will also use this as an opportunity to introduce some basic concepts to those who are not already familiar with Wayland, and give some background/justification for how things currently work.

        • Status update: Adding CI Pipelines on GitLab - post #5

          This is my fifth status update for Season of KDE 2022.

          This time, I have updates on the automation side of things. I got a preliminary version of the required GitLab pipelines working.

        • Spotlight on Meson's full-featured developer environment

          When developing an application or a library, it is very common to want to run it without installing it, or to install it into a custom prefix rather than on the system (i.e. /usr or /usr/local).

        • Perl/Raku

        • Python

          • LWNA method for replacing Python tuple entries [LWN.net]

            A recent discussion on the python-ideas mailing list gives some insight into how to—or how not to—propose a feature to be added to the language. At first blush, adding a method to Python's immutable tuple type for replacing one of its elements is not a particularly strange idea, nor one that would cause much in the way of backward-compatibility concerns. Even though there was some evidence offered that such a method might be useful, it seems pretty unlikely that the idea will go anywhere, at least in part because of the repetitive, bordering on aggressive, manner in which its benefits were argued.

        • Java

          • TecAdmin5 Methods to Print an Array in Java

            An array is a data structure to store multiple elements of similar data types. Similar to other programming languages Java also supports Arrays. Which are stored in a contiguous location on memory. In this tutorial, you’ll learn different techniques to print the elements of a given array in Java.

  • Leftovers

    • Crypto for the Rest of Us, Part III: Smart Contracts – Copyleft Currents

      Welcome to another installation of me teaching myself about crypto by writing about it! In past posts, I have discussed topics like Bitcoin mining and proof-of-stake. I’m not an expert on crypto, but I like learning about technology, and these posts are an attempt to share what I have learned at a level that is not too basic, but not too advanced, for readers who are curious, like me. Actually, this topic has a lot to do with contract law, so I am more comfortable writing about it than those prior posts.

      The thing I hear repeatedly about smart contracts is that they are neither smart nor contracts. Let’s figure out why people say that, and whether it is correct.

    • Integrity/Availability

      • Proprietary

        • Pseudo-Open Source

        • Security

          • MakeTech EasierWyze Camera Has Security Flaw Company Took 3 Years to Fix

            It’s expected that any product that has the word “security” in the title would be … secure. Yet, that’s how Wyze landed in hot water after it was determined that it knew about a security camera flaw and didn’t make a move to change it for three years.

          • The New StackChainguard: It’s All About That Base Image

            In our container-driven tech world, it’s vital that our container’s base image, the foundation we use in creating our working container images, must be as clear of bugs as possible. Chainguard, the zero-trust security company, dove into the subject of container image security in its new whitepaper “All About That Base Image.” Alas, they’ve found that some “popular base images can have hundreds of known security vulnerabilities.” This is no way to build a container!

            It’s only common sense for developers to choose base container images wisely. If not, they’re in for security headaches down the line. Borrowing on the idea of technical debt, Chainguard describes these base image vulnerabilities as “security debt.”

            Unfortunately, from their research all too many popular base images, which have been downloaded billions of times, come with tens or hundreds of known security vulnerabilities. That’s a lot of security debt in your image to overcome before you’ve even started building your applications!

          • LWNSecurity updates for Friday [LWN.net]

            Security updates have been issued by Debian (wireshark), Fedora (389-ds-base), Mageia (golang, wavpack, and zlib), openSUSE (yaml-cpp), SUSE (expat and yaml-cpp), and Ubuntu (linux, linux-aws, linux-kvm, linux-lts-xenial, linux-aws-5.4, linux-azure, linux-gcp, linux-gcp-5.13, linux-gcp-5.4, linux-gke, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-aws-hwe, linux-gcp-4.15, linux-oracle, linux-intel-5.13, and tomcat9).

          • Bleeping ComputerQNAP warns severe OpenSSL bug affects most of its NAS devices

            Taiwan-based network-attached storage (NAS) maker QNAP warned on Tuesday that most of its NAS devices are impacted by a high severity OpenSSL bug disclosed two weeks ago.

          • The Register UKPatch now: Zero day vuln found in Java Spring framework ● The Register

            Another Java Remote Code Execution vulnerability has reared its head, this time in the popular Spring Framework and, goodness, it's a nasty one.

            Dubbed "Springshell" or "Spring4Shell", the vulnerability requires an endpoint with DataBinder enabled. "For example," explained security shop Praetorian, "when Spring is deployed to Apache Tomcat, the WebAppClassLoader is accessible, which allows an attacker to call getters and setters to ultimately write a malicious JSP file to disk."

          • USCERTSpring Releases Security Updates Addressing "Spring4Shell" and Spring Cloud Function Vulnerabilities | CISA

            The CERT Coordination Center (CERT/CC) has released information on a vulnerability (CVE-2022-22965), known as “Spring4Shell,” affecting Spring Framework, a Java framework that creates applications, including web applications. A remote attacker could exploit this vulnerability to take control of an affected system.

    • Internet Policy/Net Neutrality

      • Tech thoughts for the week

        This one's interesting. At first I was hesitant to use some web-based IRC client, but the layout and perma-connectivity is really nice. I might just shell out the $50 for a yearly subscription.

      • The Register UKViasat spills on the Russian attack, warns of continued risks

        It turns out the only thing Russian forces needed to knock thousands of Ukrainian satellite broadband customers offline was a misconfigured VPN.

        Viasat, whose Ukrainian satellite broadband service was knocked offline the day Russia invaded Ukraine, said its analysis of the attack revealed a poorly configured VPN appliance was used by the attacker to access the trusted management section of the KA-SAT satellite network.

        The attacker gained access to the segment of the network used to manage and operate it, and then pushed legitimate, yet malicious, commands to residential modems in Ukraine and several other European countries.



Recent Techrights' Posts

2025 Will be Fought and Fraught With LLM Slop or Fake 'Articles' (Former Media/News Sites Turning to Marketing Spam)
The elephant in the room?
Brittany Day Can Rest and Let Microsoft/Chatbots Write Fake 'Articles' About "Linux" This Christmas
Who said people don't work on Christmas? Chatbots or plagiarism-as-a-service work 24/7, every day of the year except during Microsoft downtimes
 
Links 26/12/2024: Japan-China Mitigations and Mozambique Prison Escape (1,500 Prisoners)
Links for the day
Links 26/12/2024: Ukraine's Energy Supplies Bombed on Christmas Day, Energy Lines Cut/Disrupted in the Baltic Sea Again
Links for the day
Gemini Links 26/12/2024: Rot Economy, Self-hosted Tinylogs
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, December 25, 2024
IRC logs for Wednesday, December 25, 2024
[Meme] Time to Also Investigate Bill Gaetz
Investigation overdue
Microsoft Openwashing Stunts Initiative (OSI) is A Vulture in "Open" Clothing
it's quite telling that the OSI isn't protecting the Open Source Definition
IBM Has Almost Obliterated or Killed the Entire Fedora Community (Not IBM Staff)
Remaining Fedora insiders are well aware of this, but bringing this up (an "accusation" against IBM) might be a CoC violation
Links 25/12/2024: Fentanylware (TikTok) Scams and "Zelle Scams Lead to $870M Loss"
Links for the day
Links 25/12/2024: Windows TCO Brought to SSH, Terence Eden 'Retires'
Links for the day
Gemini Links 25/12/2024: Reality Bites and Gopher Thanks
Links for the day
Links 25/12/2024: Latest Report Front Microsoft Splinter Group, War Updates
Links for the day
Links 25/12/2024: Hong Kong Attacks Activists During Holidays, Xerox to Buy Lexmark
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, December 24, 2024
IRC logs for Tuesday, December 24, 2024
Gemini Links 25/12/2024: Open Source Social and No Search
Links for the day
Brittany Day Connects Windows Ransomware to "Linux" Using Microsoft LLMs (FUD Galore, Zero Effort, No Accountability)
FUD and misinformation made by Microsoft LLMs again?
Links 24/12/2024: Labour Strikes and TikTok Scrambling to Prop Up Radical Politicians That Would Protect TikTok
Links for the day
Where the Population is Controlled by Skinnerboxes Inside People's Pockets (or Purses)
A very small fraction of mobile users practise or exercise freedom/control over the skinnerbox
[Meme] Coin-Operated Publishers (Gaming the Message, Buying the Narrative)
Advertise (sponsor) to 'play'
Advertisers and Their Covert Impact on Publications' Output (or Writers' Topics of Choice, as Assigned or Approved by Editors)
It cannot be trivially denied that sponsorship in the form of "advertising" impacts where publishers go (or don't go, won't go)
Terrible Year for Microsoft Windows in Cyprus
down from 86% to 72% since January
[Meme] How to Kill Unions (Staff on Shoestring Budget Cannot Afford Lawyers)
What next for the EPO? "Gig economy"?
The EPO's Staff Union (SUEPO) Takes Legal Action to Rectify the Decrease in Wages (Lessening of Purchasing Power)
here is what the union published
Gemini Links 24/12/2024: Deedum Gemini Client Gets Colour Support, Advent of Code 2024
Links for the day
Microsoft Windows Slides to New Lows in Colombia
Now Windows is at an all-time low
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, December 23, 2024
IRC logs for Monday, December 23, 2024