LWN.net is a reader-supported news site dedicated to producing the best coverage from within the Linux and free software development communities. See the LWN FAQ for more information, and please consider subscribing to gain full access and support our activities.
By many accounts, the kernel project uses outdated tooling, far behind the state of the art that Kids Today tend to favor. The kernel's workflow has worked well (enough) for years, but there are signs that it may not be sustainable indefinitely. As a result, there has been an ongoing conversation about improving the kernel's workflow, but little has changed so far. The posting of a simple tool called get-lore-mbox is a sign that the rate of change may be about to increase.
On his blog, Peter Hutterer writes about some changes that will allow users to start deploying their own rules to modify keyboard layouts without driving themselves crazy.
Except that it also stopped users from deploying their own rules files - something that probably didn't really matter anyway. This had some unintended side-effects though. First, to have a working custom XKB layout you basically had to get it merged upstream. Yes, you could edit the files locally but they'd just be overwritten next time you update the packages. Second, getting rid of hardcoded things is hard so we're stuck with the evdev ruleset for the forseeable future. This was the situation until, well, now.
The LWN.net Weekly Edition for February 6, 2020 is available.
Inside this week's LWN.net Weekly Edition
Security updates have been issued by CentOS (kernel-rt, qemu-kvm, spamassassin, and Xorg), Debian (ruby-rack-cors), Fedora (glibc), openSUSE (ImageMagick), Oracle (ipa, kernel, and qemu-kvm), SUSE (systemd), and Ubuntu (exiv2, mbedtls, and systemd).
Browser tracking across different sites is certainly a major privacy concern and one that is more acute when the boundaries between sites and browsers blur—or disappear altogether. That seems to be the underlying tension in a "discussion" of an only tangentially related proposal being made by Google to the W3C Technical Architecture Group (TAG). The proposal would change the handling of the User-Agent headers sent by browsers, but the discussion turned to the unrelated X-Client-Data header that Chrome sends to Google-owned sites. The connection is that in both cases some feel that the web-search giant is misusing its position to the detriment of its users and its competitors in the web ecosystem.
Python 2 was officially "retired" on the last day of 2019, so no bugs will be fixed or changes made in that version of the language, at least by the core developers—distributions and others will continue for some time to come. But there are lots of Python projects that still support Python 2.7 and may not be ready for an immediate clean break. Some changes that were made for the upcoming Python 3.9 release (which is currently scheduled for October) are causing headaches because support for long-deprecated 2.7-compatibility features is being dropped. That led to a discussion on the python-dev mailing list about postponing those changes to give a bit more time to projects that want to drop Python 2.7 support soon, but not immediately.
Support for the CoreOS Container Linux distribution is coming to an end on May 26; there will be no further updates after that date. Users are recommended to move to Fedora CoreOS or some other distribution.
The Git source-code management system is famously built on the SHA‑1 hashing algorithm, which has become an increasingly weak foundation over the years. SHA‑1 is now considered to be broken and, despite the fact that it does not yet seem to be so broken that it could be used to compromise Git repositories, users are increasingly worried about its security. The good news is that work on moving Git past SHA‑1 has been underway for some time, and is slowly coming to fruition; there is a version of the code that can be looked at now.
As network interfaces get faster, the amount of CPU time available to process each packet becomes correspondingly smaller. The good news is that many tasks, including packet filtering, can be offloaded to the hardware itself. The bad news is that the Linux kernel required quite a bit of work to be able to take advantage of that capability. The first article in this series provided an overview of how hardware-based packet filtering can work and the support for this feature that already existed in the kernel. This series now concludes with a detailed look at how offloaded packet filtering works in the netfilter subsystem and how administrators can make use of it.
Security updates have been issued by Debian (storebackup), openSUSE (e2fsprogs and wicked), Red Hat (containernetworking-plugins, ipa, kernel, kernel-rt, ksh, and qemu-kvm), Scientific Linux (ipa and qemu-kvm), SUSE (libqt5-qtbase, python-reportlab, and terraform), and Ubuntu (graphicsmagick, OpenSMTPD, spamassassin, and sudo).
As of this writing, 4,726 non-merge changesets have been pulled into the mainline repository for the 5.6 development cycle. That is a relatively slow start by contemporary kernel standards, but it still is enough to bring a number of new features, some of which have been pending for years, into the mainline. Read on for a summary of the changes pulled in the early part of the 5.6 merge window.
Security updates have been issued by Arch Linux (salt), CentOS (git), Debian (qtbase-opensource-src), Fedora (java-11-openjdk), Mageia (kernel and openjpeg2), openSUSE (mailman, python-reportlab, ucl, and upx), Oracle (git), Red Hat (container-tools:rhel8, go-toolset:rhel8, grub2, kernel, kernel-rt, php:7.2, and sudo), SUSE (crowbar-core, crowbar-openstack, openstack-neutron-fwaas, rubygem-crowbar-client and python36), and Ubuntu (python-django).
The LWN.net Weekly Edition for January 30, 2020 is available.
Inside this week's LWN.net Weekly Edition
Security updates have been issued by Arch Linux (opensmtpd), Debian (firefox-esr, libidn2, libjackson-json-java, prosody-modules, qemu, qtbase-opensource-src, spamassassin, and sudo), Fedora (e2fsprogs, java-1.8.0-openjdk, mingw-openjpeg2, openjpeg2, samba, sox, upx, webkit2gtk3, and xar), Red Hat (git), Scientific Linux (git), Slackware (sudo), SUSE (ceph and rmt-server), and Ubuntu (sudo).
Fedora currently uses Pagure to host many of its Git repositories and to handle things like documentation and bug tracking. But Pagure is maintained by the Red Hat Community Platform Engineering (CPE) team, which is currently straining under the load of managing the infrastructure and tools for Fedora and CentOS, while also maintaining the tools used by the Red Hat Enterprise Linux (RHEL) team. That has led to a discussion about identifying the requirements for a "Git forge" and possibly moving away from Pagure.
The GNU libc 2.31 release is out. Significant changes include some initial C2X standard support, some DNS stub resolver changes, a new pthread_clockjoin_np() POSIX threads extension, a number of changes to time-related functions, and more.
Transparent and verifiable electronic elections are technically feasible, but for a variety of reasons, the techniques used are not actually viable for running most elections—and definitely not for remote voting. That was one of the main takeaways from a keynote at this year's linux.conf.au given by University of Melbourne Associate Professor Vanessa Teague. She is a cryptographer who, along with her colleagues, has investigated several kinds of e-voting software; as is probably not all that much of a surprise, what they found is buggy implementations. She described some of that work in a talk that was a mix of math with software-company and government missteps; the latter may directly impact many of the Australian locals who were in attendance.
Copyright © 2020, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds