A loop device is a kernel abstraction that allows a file to be presented asif it were a physical block device. The typical use for a loop device is to mount afilesystem image stored in a file. Loop devices are global and shared betweenusers, which causes a number of problems for container workloads where theinstances are expected to be isolated from each other. Christian Braunerhas been working on this problem; he has posted a patchset solving it by adding a small virtual filesystem called loopfs.
The GCC project has announced therelease of GCC 10.1. "A year has lapsed away since the release of last majorGCC release, more than 33 years passed since the firstpublic GCC release and the GCC developers survivedrepository conversion from SVN to GIT earlier this year.Today, we are glad to announce another major GCC release, 10.1.This release makes great progress in the C++20 language support,both on the compiler and library sides, some C2X enhancements,various optimization enhancements and bug fixes, several newhardware enablement changes and enhancements to the compiler back-endsand many other changes. There is even a new experimentalstatic analysis pass." More information can be found in the release notes.
Security updates have been issued by Debian (firefox-esr, keystone, mailman, and tomcat9), Fedora (ceph, firefox, java-1.8.0-openjdk, libldb, nss, samba, seamonkey, and suricata), Oracle (kernel), Scientific Linux (firefox and squid), SUSE (libvirt, php7, slirp4netns, and webkit2gtk3), and Ubuntu (linux-firmware and openldap).
The Emacs editor predatesLinux, and was once far more popular, but it has fallen into relative obscurity over the years.In a mega-thread on the emacs-devel mailing list, participants discussedvarious ideas for making Emacs more "attractive", in both aestheticand in "appealing to more users" senses of that term. Any improvementsto Emacs in that regard have numerous hurdles to overcome, however. Thereare technical questions and, naturally, licensing considerations, butthere is also the philosophical question of what it is, exactly, that stopsthe venerable text editor from being more popular.
Firefox 76.0 has been released. This version features a number ofimprovements to password management, Picture-in-Picture allows a smallvideo window to follow you around as you work, and support for AudioWorklets has been added, allowing more complex audio processing. Thereleasenotes have more details.
Drew DeVault has just released a (mostly complete) book on the Wayland display-serverprotocol under the Creative Commons CC-SA license. "This bookwill help you establish a firm understanding of the concepts, design, andimplementation of Wayland, and equip you with the tools to build your ownWayland client and server applications. Over the course of your reading,we'll build a mental model of Wayland and establish the rationale that wentinto its design. Within these pages you should find many 'aha!' moments asthe intuitive design choices of Wayland become clear, which should help tokeep the pages turning." For those who would rather peruse (orcontribute to) the Markdown source, it's available here.
Security updates have been issued by Debian (ansible, ntp, and roundcube), Fedora (libldb and samba), Mageia (chromium-browser-stable, crawl, dolphin-emu, exiv2, fortune-mod, gnuchess, kernel, libsndfile, openexr, openldap, openvpn, qtbase5, ruby-json, squid, teeworlds, and webkit2), Red Hat (sqlite), and SUSE (icu, mailman, nginx, rmt-server, rpmlint, and rubygem-actionview-5_1).
The end of April saw the posting of acomplex patch set called "Popcorn Linux distributed thread execution". It is the first appearance on thekernel mailing lists of an academic project (naturally called PopcornLinux) that has been underway since 2013 or so. This project has,among other goals, the objective of turning a tightly networked set ofcomputers into something that looks like a single system — a sort of NUMAmachine with even larger than usual inter-node costs. The posted code,which is a portion of the larger project, is focused on process migrationand memory sharing across machines. It is an interesting proof of concept,but one should not expect to see it merged in anything close to its currentform.
This year PHP turned 25 and, as with all things, the hope is that with age comeswisdom and maturity. Often derided as a great way to write bad (andinsecure) code, PHP is hard to ignore completely when it is used in nearlyeight out of tenwebsites. With PHP 7.4.5 released inApril, it's worthwhile to take a look at modern PHP, how it has evolved to address the criticisms of thepast, and what lies ahead in its future.
Version1.0 of the Inkscape drawing editor has been released. "One ofthe first things users will notice is a reorganized tool box, with a morelogical order. There are many new and improved Live Path Effect (LPE)features. The new searchable LPE selection dialog now features a verypolished interface, descriptions and even the possibility of markingfavorite LPEs. Performance improvements are most noticeable when editingnode-heavy objects, using the Objects dialog, and whengrouping/ungrouping."
The5.6.9 and5.4.37stable updates have been released with another set of important fixes.Note that the4.19.120,4.14.178,4.9.221, and4.4.221updates went into the review process at the same time as 5.6.9 and 5.4.37; they willprobably show up in the near future.
Normally, files exist in a filesystem to keep data contained within themseparated; seeing data exchanged directly between files is often a sign of filesystemcorruption. There are, however, use cases where it is desirable to be ableto perform a controlled swap of data between a pair of files. Darrick Wonghas recently posted apatch set implementing this feature for the XFS filesystem, but alsomaking it available in a general way.
The 2020 Python Language Summit was held virtually this year, over two days, via videoconference, with discussions via voice and chat. The summit is a yearly gathering for developers of CPython, other Python implementations, and related projects. As with last year, A. Jesse Jiryu Davis covered the summit; his writeups are being posted to the Python Software Foundation (PSF) blog. So far, all of the first day's session writeups are up, as well as two (of six) from the second day. Topics include "All strings become f-strings", "The path forward for typing", "A formal specification for the (C)Python virtual machine", and more.
Security updates have been issued by CentOS (git, java-1.7.0-openjdk, java-1.8.0-openjdk, java-11-openjdk, python-twisted-web, and thunderbird), Debian (dom4j, miniupnpc, otrs2, pound, ruby2.1, vlc, w3m, and yodl), Fedora (git, java-latest-openjdk, mingw-libxml2, php-horde-horde, pxz, sqliteodbc, and xen), Gentoo (cacti, django, fontforge, and libu2f-host), openSUSE (cacti, cacti-spine, chromium, python-typed-ast, and salt), Red Hat (gnutls and kernel), SUSE (kernel), and Ubuntu (edk2).
Developers who are concerned about system integrity often put a fair amountof effort into ensuring that data stored on disk cannot be tampered withwithout being detected.Technologies like dm-verityand fs-verity are attempts to solve thisproblem, as is the recently covered integritypolicy enforcement security module. More Recently, Johannes Thumshirnhas posted a patchseries adding filesystem-level authentication to Btrfs; it promises toprovide integrity with a surprisingly small amount of code.
Security updates have been issued by Arch Linux (chromium, git, and webkit2gtk), Debian (nodejs and tiff), Fedora (libxml2, php-horde-horde, pxz, and sqliteodbc), Oracle (python-twisted-web), Red Hat (chromium-browser, git, and rh-git218-git), Scientific Linux (python-twisted-web), SUSE (ceph, kernel, munge, openldap2, salt, squid, and xen), and Ubuntu (mailman, python3.8, samba, and webkit2gtk).
The second annual CopyleftConference was held on February 3 in Brussels; videos from the event have now been posted. "In his talk, Tony [Sebro] wonderswhether the community around copyleft, like those around eschatology and Afro-centric hip-hop, haslost it's center and how we might entice new stakeholders to reinvestin our shared values. His keynote is a great place to start with thisyear's videos."
A call for faster Fedora updates in response to security vulnerabilitieswas recently posted to the Fedora devel mailing list; it urgently advocatedchanges to the process so thatupdates, in general, and to the kernel and packages based on webbrowsers, in particular, are handled more expeditiously. While Fedoradevelopers are sympathetic to that, there is only so much the distribution can do as there are logistical and other hurdlesbetween Fedora and its users. It turns out that, to a great extent, Fedoracan already move quickly when it needs to.
Python's SimpleNamespace classprovides an easy way for a programmer to create an object to store valuesas attributes without creating their own (almost empty) class. While it isuseful (and used) in its present form, Raymond Hettinger thinks it couldbe better. He would like to see the hooks used by mappings(e.g. dictionaries) added to the class, so that attributes can be added andremoved using either x.a or x['a']. It would bringbenefits for JSON handling and more in the language.
The Trinity Desktop Environment (TDE) R14.0.8release is out. Trinity started out as a fork of KDE 3. "Ten years ago today, the Trinity Desktop Environment (TDE) saw the release of its first version (3.5.11). Lot of things have happened since that day but TDE has continued to grow and flourish throughout the years. Today the project is healthier than ever, with dedicated self-hosted servers, regular releases, modern collaboration tools and a vibrant community of users and enthusiasts."
Christian Schaller writesabout the desktop improvements found in Fedora 32 — and beyond."We spent a lot of time and energy over the last 6 years to get towhere we are now, putting in place a lot of the basic building blocksneeded to make Linux a great desktop operating system. And it feels greatthat just as we kick of the new line of Lenovo laptops running Fedora weare also entering a new phase of development where we can move beyondgetting our basic infrastructure in place, but we can really start takingadvantage of it to rapidly improve the experience we are providing evenmore. A good example is the Firefox work mentioned above, where we finallycould move on from ‘make it work with Wayland and PipeWire, to ‘lets takeadvantage of these new pieces to make Firefox on Linux better’."
Security updates have been issued by CentOS (firefox, java-1.7.0-openjdk, java-1.8.0-openjdk, kernel, qemu-kvm, and thunderbird), Debian (qemu and ruby-json), Fedora (chromium, haproxy, and libssh), openSUSE (cacti, cacti-spine and teeworlds), Oracle (kernel), SUSE (apache2, git, kernel, ovmf, and xen), and Ubuntu (cups, file-roller, and re2c).
The Fedora32 distribution release is out, in workstation, server, and CoreOSvariants. "Following our 'First' foundation, we’ve updated keyprogramming language and system library packages, including GCC 10, Ruby2.7, and Python 3.8. Of course, with Python 2 past end-of-life, we’veremoved most Python 2 packages from Fedora. A legacy python27 package isprovided for developers and users who still need it. In Fedora Workstation,we’ve enabled the EarlyOOM service by default to improve the userexperience in low-memory situations."
For as long as operating systems have had kernels, there has been a need toextract information from data structures stored within those kernels. Overthe years, a wide range of approaches have been taken to make thatinformation available. In current times, it has become natural to reachfor BPF as the tool of choice for a variety of problems, and gettinginformation from kernel data structures is no exception. There are twopatches in circulation that take rather different approaches to using BPFto dump information from kernel data structures to user space.
The 5.7-rc3 kernel prepatch is out fortesting. "Again, that all looks very normal and very much 'nothingreally odd stands out'.In a world gone mad, the kernel looks almost boringly regular.Which is just how I like it."
Version 20.04 of the Kdenlive libre video editor has been released."The highlights include major speed improvements due to the Preview Scaling feature, New rating, tagging sorting and filtering of clips in the Project Bin for a great logging experience, Pitch shifting is now possible when using the speed effect, Multicam editing improvements and OpenTimelineIO support. Besides all the shiny new features, this version comes with fixes for 40 critical stability issues as well as a major revamp of the user experience. Kdenlive is now more reliable than ever before."
Keeping LWN going is a full-time job — indeed, it is multiple full-timejobs. We are currently hiring another writer to help us get thiswork done and to help expand our content range. If you have a deepunderstanding of the Linux and free-software communities and can writehigh-quality English, this is your chance to write for one of the mostengaged and challenging reader communities around; we would like to hearfrom you.
OpenSUSE Leap is acommunity distribution built on top of source packages from SUSE LinuxEnterprise (SLE). Recently, Gerald Pfeifer, chair of the openSUSE board, posted an announcement describing a proposalfrom SUSE to unify some packages between SLE andopenSUSE Leap. Here we analyze the proposal and the community'sreaction to it.
Fedora Magazine announcesthat Lenovo will start offering three laptop models with Fedora Workstationpreinstalled. "The Lenovo team has been working with folks at RedHat who work on Fedora desktop technologies to make sure that the upcomingFedora 32 Workstation is ready to go on their laptops. The best part aboutthis is that we’re not bending our rules for them. Lenovo is following ourexisting trademark guidelines and respects our open sourceprinciples. That’s right—these laptops ship with software exclusively fromthe official Fedora repos! When they ship, you’ll see Fedora 32Workstation. (Models which can benefit from the NVIDIA binary driver caninstall it in the normal way after the fact, by opting in to proprietarysoftware sources.)"
Greg Kroah-Hartman has released six new stable kernels: 5.6.7, 5.4.35,4.19.118, 4.14.177, 4.9.220, and 4.4.220. They all contain a rather large setof fixes throughout the tree; users of those series should upgrade.
Security updates have been issued by Arch Linux (lib32-openssl), Debian (git), Gentoo (chromium, firefox, git, and openssl), Oracle (kernel and python-twisted-web), Red Hat (python-twisted-web), Scientific Linux (python-twisted-web), and SUSE (file-roller, kernel, and resource-agents).
The 20.04 long-term support (LTS) release of Ubuntu, code named "FocalFossa", is out. There are desktop and server editions, as well as all ofthe different Ubuntu flavors: Ubuntu Budgie, Kubuntu, Lubuntu, Ubuntu Kylin, Ubuntu MATE,Ubuntu Studio, and Xubuntu. "The Ubuntu kernel has been updated tothe 5.4 based Linux kernel, with additional support for Wireguard VPN, AUFS5, and improved supportfor IBM, Intel, Raspberry Pi and AMD hardware. [...] 20.04 LTS also bringssupport for installing an Ubuntu desktop system on top of ZFS. The latest version brings performance enhancements andoptional encryption support. Zsys, Ubuntu’s ZFS system tool, providesautomated system and user state saving. Tight integration with GRUBallows a user to revert to any system state on boot and go back in timeto pave the way to a bulletproof Ubuntu Desktop." More informationcan be found in the release notes.
The realtime scheduler classes are intended to allow a developer to statewhich tasks have the highest priorities with the assurance that, at anygiven time, the highest-priority task will have unimpeded access to theCPU. The kernel itself carries out a number of tasks that have tight timeconstraints, so it is natural to want to assign realtime priorities tokernel threads carrying out those tasks. But, as Peter Zijlstra arguesin a new patch set, it makes little sense for the kernel to be assigningsuch priorities; to put an end to that practice, he is proposing to takeaway most of the kernel's ability to prioritize its own threads.
Alyssa Rosenzweig has posted adetailed look at progress on the Panfrost driver (a reverse-engineereddriver for Arm Mali GPUs) on the Collabora blog. "Putting it alltogether, we have the beginnings of a Bifrost compiler, sufficient for thescreenshots above. Next will be adding support for more complexinstructions and scheduling to support more complex shaders."
A recent thread on the python-ideas mailing list explores adding a featureto Python, which is the normal fare for that forum.The problem being addressed is real, but may not be the highest-priority problem for the language on many people'slists. Function calls that have multiple keyword arguments passed from avariable of the same name (e.g. keyword=keyword) requiredevelopers to repeat themselves and can be somewhat confusing, especiallyto newcomers.The discussion of ways to fix it highlighted some lesser-known corners of thelanguage, however, regardless of whether the idea will actually result in achange to Python.
The Yocto Project has announcedits 3.1 LTS release of its distribution-building system. Changes include a5.4 kernel, the removal of all Python 2 code, improvements in thebuild equivalence mechanism (described in thisarticle), and more.
Security updates have been issued by Oracle (java-1.7.0-openjdk and java-1.8.0-openjdk), Red Hat (git, java-1.8.0-openjdk, java-11-openjdk, and kernel), Scientific Linux (kernel), Slackware (git), SUSE (openssl-1_1 and puppet), and Ubuntu (binutils and thunderbird).
Matthew Garrett has posted an overview of the kernellockdown capability merged in 5.4. "If you verify your boot chain but allow root to modify that kernel, the benefits of the verified boot chain are significantly reduced. Even if root can't modify the on-disk kernel, root can just hot-patch the kernel and then make this persistent by dropping a binary that repeats the process on system boot.Lockdown is intended as a mechanism to avoid that, by providing an optional policy that closes off interfaces that allow root to modify the kernel."
LWN.net