ARM Give a man a fire and he's warm for a day, but set fire to him and he's warm for the rest of his life (Terry Pratchett, Jingo)

Proactive compaction for the kernel

([Kernel] Apr 21, 2020 16:14 UTC (Tue) (nitingupta))

Many applications benefit significantly from the use of huge pages. However, huge-page allocations often incur a high latency or even fail under fragmented memory conditions. Proactive compaction may provide an effective solution to these problems by doing memory compaction in the background. With guest author Nitin Gupta's proposed proactive compaction implementation, typical huge-page allocation latencies are reduced by a factor of 70-80 while incurring minimal CPU overhead. Subscribers can read on for the full story from the upcoming weekly edition.

Four new stable kernels

([Kernel] Apr 17, 2020 20:09 UTC (Fri) (jake))

Greg Kroah-Hartman has released the [1]5.6.5 , [2]5.5.18 , [3]5.4.33 , and [4]4.19.116 stable kernels. They contain a seemingly larger-than-usual collection of fixes throughout the kernel tree; users of those series should upgrade.



[1] https://lwn.net/Articles/817765/

[2] https://lwn.net/Articles/817766/

[3] https://lwn.net/Articles/817767/

[4] https://lwn.net/Articles/817768/

How to livestream a conference in just under a week (FSF)

([Briefs] Apr 17, 2020 15:24 UTC (Fri) (jake))

On the FSF blog, Zoe Kooyman [1]describes how the [2]LibrePlanet 2020 conference was converted to a virtual conference in a week's time—using free software, naturally. " In 2016, we gained some [3]livestreaming experience when we interviewed Edward Snowden live from Moscow. To minimize the risk of failed recordings due to overly complex or error-prone software systems, we made it a priority to achieve a pipeline with low latency, good image quality, and low CPU usage. The application we used then was [4]Jitsi Meet , and the [5]tech info and scripts we used for streaming from 2016 are available for your information and inspiration. Naturally, for this year, with no time for researching other applications, we opted to build on our experience with Jitsi Meet. We hosted our own instance for remote speakers to connect to and enter a video call with the conference organizers. A screen capture of this call was then simultaneously recorded by the FSF tech team, and streamed out to the world via [6]Gstreamer and [7]Icecast . "



[1] https://www.fsf.org/blogs/community/how-to-livestream-a-conference-in-just-under-a-week

[2] https://libreplanet.org/2020/

[3] https://www.fsf.org/bulletin/2016/spring/mr-snowden-or-how-i-learned-to-stop-worrying-and-love-gstreamer

[4] https://directory.fsf.org/wiki/Jitsi-Meet

[5] https://libreplanet.org/wiki/LibrePlanet:Conference/2016/Streaming

[6] https://directory.fsf.org/wiki/Gstreamer

[7] https://icecast.org/

Security updates for Friday

([Security] Apr 17, 2020 13:44 UTC (Fri) (jake))

Security updates have been issued by Arch Linux (apache and chromium), Debian (webkit2gtk), Fedora (firefox, nss, and thunderbird), Mageia (chromium-browser-stable and git), openSUSE (gnuhealth), Oracle (thunderbird), Red Hat (kernel-alt, thunderbird, and tigervnc), Scientific Linux (thunderbird), Slackware (openvpn), and SUSE (freeradius-server and libqt4).

[$] Debian discusses Discourse

([Distributions] Apr 17, 2020 16:35 UTC (Fri) (corbet))

Much of the free software we run every day was developed over email, and the developers of that software, who may have been using email for decades, tend to be somewhat attached to it. The newer generation of developers that came later, though, has proved remarkably resistant to the charms of email-based communication. That has led to an ongoing push to replace email with other forms of communication; often the "other form" of choice is a web-based system called [1]Discourse . Moving to Discourse tends to be controversial; LWN [2]covered related discussions in the Fedora and Python projects in 2018. Now it is Debian's turn to confront this question.



[1] https://www.discourse.org/

[2] https://lwn.net/Articles/768483/

LWN.net Weekly Edition for April 23, 2020


Security updates for Thursday

([Security] Apr 16, 2020 14:34 UTC (Thu) (jake))

Security updates have been issued by Arch Linux (git), Fedora (cacti, cacti-spine, chromium, golang-github-buger-jsonparser, kernel, kernel-headers, and kernel-tools), openSUSE (ansible, git, and mp3gain), Oracle (container-tools:ol8, nodejs:10, and virt:ol), Red Hat (chromium-browser, ipmitool, and thunderbird), Slackware (bind), SUSE (quartz), and Ubuntu (php5, php7.0, php7.2, php7.3).

GNU Guix 1.1.0 released

([Distributions] Apr 15, 2020 18:33 UTC (Wed) (ris))

Version 1.1.0 of the GNU Guix transactional package manager and system distribution has been [1]released . " It’s been 11 months since the previous release, during which 201 people contributed code and packages. This is a long time for a release, which is in part due to the fact that bug fixes and new features are continuously delivered to our users via guix pull. However, a number of improvements, in particular in the installer, will greatly improve the experience of first-time users. "



[1] https://guix.gnu.org/blog/2020/gnu-guix-1.1.0-released/

Security updates for Wednesday

([Security] Apr 15, 2020 14:49 UTC (Wed) (ris))

Security updates have been issued by Debian (git, graphicsmagick, php-horde-data, and php-horde-trean), Mageia (apache, gnutls, golang, krb5-appl, libssh, libvncserver, mediawiki, thunderbird, tor, and wireshark), openSUSE (chromium, nagios, and thunderbird), Oracle (kernel and krb5-appl), Red Hat (elfutils, kernel, nss-softokn, ntp, procps-ng, and python), Scientific Linux (firefox), Slackware (git), SUSE (git and ruby2.5), and Ubuntu (git).

Changes To Zimbra's Open Source Policy

([Development] Apr 14, 2020 16:47 UTC (Tue) (ris))

The [1]Zimbra email and collaboration suite will change its open source policy. This [2]post from the Zeta Alliance notes the changes for Zimbra 9. " John E. explained that Zimbra 9 introduces a change to Synacor's open source policy for Zimbra. Starting with Zimbra 9, a binary version of Zimbra 9 will no longer be released to the community and will instead only be made available to Zimbra Network Edition customers. There are currently no plans to release the source code for Zimbra 9 to the community. Zimbra 8.8.15 will remain open source for the community and continue to be supported for the remainder of its lifecycle through December, 31, 2024 ( [3]https://www.zimbra.com/support/support- ... lifecycle/ ). Version 8.8.15 will also continue to receive patches during this time frame. John E. described this new model for Zimbra 9 as "open core" where the open source products on which Zimbra is built will continue to be freely available, but the Zimbra 9 product itself will not be open source. " (Thanks to Emmanuel Seyman)



[1] https://zimbra.org/

[2] https://forums.zimbra.org/viewtopic.php?f=9&t=68073

[3] https://www.zimbra.com/support/support-offerings/product-lifecycle/

[$] The integrity policy enforcement security module

([Kernel] Apr 16, 2020 21:15 UTC (Thu) (corbet))

There are many ways to try to keep a system secure. One of those, often employed in embedded or other dedicated-purpose systems, is to try to ensure that only code that has been approved (by whoever holds that power over the system in question) can be executed. The secure boot mechanism, which is intended to keep a computer from booting anything but a trusted kernel, is one piece of this puzzle, but its protection only extends through the process of booting the kernel itself. Various mechanisms exist for protecting a system after it boots; a new option for this stage is the [1]Integrity Policy Enforcement (IPE) security module , posted by Deven Bowers.



[1] https://lwn.net/ml/linux-kernel/20200415162550.2324-1-deven.desai@linux.microsoft.com/

Security updates for Tuesday

([Security] Apr 14, 2020 15:10 UTC (Tue) (ris))

Security updates have been issued by Arch Linux (thunderbird), Debian (thunderbird), Fedora (drupal7-ckeditor, nrpe, and php-robrichards-xmlseclibs1), Red Hat (firefox and kernel), SUSE (quartz), and Ubuntu (thunderbird).

An uproar over the Fedora Git forge decision

([Distributions] Apr 15, 2020 22:34 UTC (Wed) (jake))

We last [1]looked in on the question of a Git forge for Fedora at the end of January—which seems like nearly a lifetime ago, but is, in truth, only around two-and-a-half months back. At that time, requirements were being gathered for an open decision-making process that would seemingly play out with lots of community participation. That is not at all what transpired, however, and much of the Fedora community feels that its needs have not been taken into consideration. There are a number of lessons that can be learned from all of this.



[1] https://lwn.net/Articles/810776/

A set of stable kernels

([Kernel] Apr 13, 2020 15:18 UTC (Mon) (ris))

Stable kernels [1]5.6.4 , [2]5.5.17 , [3]5.4.32 , [4]4.19.115 , [5]4.14.176 , [6]4.9.219 , and [7]4.4.219 have been released. They all contain important fixes and users should upgrade.



[1] https://lwn.net/Articles/817401/

[2] https://lwn.net/Articles/817402/

[3] https://lwn.net/Articles/817403/

[4] https://lwn.net/Articles/817404/

[5] https://lwn.net/Articles/817405/

[6] https://lwn.net/Articles/817406/

[7] https://lwn.net/Articles/817407/

Security updates for Monday

([Security] Apr 13, 2020 15:06 UTC (Mon) (ris))

Security updates have been issued by Fedora (haproxy), Gentoo (chromium and libssh), openSUSE (ansible, chromium, gmp, gnutls, libnettle, libssh, mgetty, nagios, permissions, and python-PyYAML), and Oracle (firefox, kernel, qemu-kvm, and telnet).

Kernel prepatch 5.7-rc1

([Kernel] Apr 12, 2020 20:19 UTC (Sun) (corbet))

Linus has [1]released the 5.7-rc1 kernel prepatch and closed the merge window for this development cycle. " Maybe an hour or two early, because it's Easter Sunday, and I may be socially distancing but we're still doing the usual Finnish Easter dinner with lamb, mämma and pasha... I may not be religious, but tradition is tradition. Thanks to the social distancing, this year we'll have to forgo trying to force-feed our poor American friends mämma, which never really works out anyway. In fact, I think I can hear the sighs of relief from miles away. "



[1] https://lwn.net/Articles/817342/

European funding available for interesting development projects

([Briefs] Apr 10, 2020 19:35 UTC (Fri) (corbet))

The [1]NGI POINTER program, funded by the European Commission, is looking for interesting development project to support. Its objective is " to support promising bottom-up projects that are able to build, on top of state-of-the-art research, scalable protocols and tools to assist in the practical transition or migration to new or updated technologies, whilst keeping European Values at the core. " The application period is open; there must be no end of interesting projects in the free-software space that would fit within this program's parameters. (Thanks to Thorsten Leemhuis).



[1] https://ngi-pointer.fundingbox.com/

Blender community mourns Octavio Mendez

([Briefs] Apr 10, 2020 15:34 UTC (Fri) (jake))

The [1]Blender 3D modeling and rendering project mourns the [2]passing of Octavio Mendez . " It is with great sadness that I must report we lost a great community member today. Octavio Mendez, a long-time cornerstone of the Mexican Blender and open source community, has passed away after fighting the Corona virus. " Gunnar Wolf also has a [3]tribute : " Long-time free software supporter, very well known for his craft –and for his teaching– with Blender. "



[1] https://www.blender.org/

[2] https://www.blendernation.com/2020/04/08/octavio-mendez-passed-away/

[3] https://gwolf.org/life/personal/2020/04/07/for-real.html

Security updates for Friday

([Security] Apr 10, 2020 14:16 UTC (Fri) (jake))

Security updates have been issued by Arch Linux (chromium, firefox, haproxy, libssh, and wireshark-cli), Fedora (firefox, glibc, nss, and rubygem-puma), openSUSE (ceph, exim, firefox, and gnuhealth), Oracle (firefox, kernel, and qemu-kvm), and SUSE (djvulibre and firefox).

[$] Video conferencing with BigBlueButton

([Development] Apr 10, 2020 17:32 UTC (Fri) (corbet))

While social distancing often comes naturally to free-software developers, there are still times when we wish to talk to each other. In the absence of community conferences, the next-best alternative is often video conferencing. While video conferences tend to be held using centralized, proprietary systems, there are free alternatives as well. LWN recently [1]looked at Jitsi but this effort did not stop there; next on the list is [2]BigBlueButton , a system that is oriented toward the needs of online educators but is applicable beyond that use case.



[1] https://lwn.net/Articles/815751/

[2] https://bigbluebutton.org/
More

I have found little that is good about human beings. In my experience
most of them are trash.
-- Sigmund Freud