Last week, I wrote about my initial FreeBSD experiences on my new toy, an AI workstation from HP. FreeBSD runs lightning fast on it, but the desktop was somewhat problematic. Well, I made lots of improvements this week!

A bit of debugging

While there are still some rough edges, there have been tons of improvements since last week. I do not have plans to use FreeBSD on the desktop in the long term, but still, I just could not believe that the FreeBSD GUI is this problematic on this device. I did some experimentation though and it helped a lot… :-)

The initial problem I realized while browsing the output of dmesg was that desktop-installer enabled the wrong kernel modules repository for me. The line leading there was this:

KLD amdgpu.ko: depends on kernel - not available or version mismatch

The next problem occurred when I fixed this problem: there was a kernel panic on boot, when amdgpu.ko was loaded.

I did a fresh FreeBSD install and instead of using the latest packages, I decided to go with the quarterly packages. This way, the desktop installer configured the right kmod repo – however, loading amdgpu.ko still caused a kernel panic. Another experiment I made was using the ATI driver instead of AMD. The installer says that AMD is for modern cards, and ATI is for older ones. Well, as it turned out, even if the chip is barely half a year old, it counts as “old”… :-)

I am still not convinced that proper hardware-based acceleration works: both X.org logs and the GNOME “About” page showed software rendering. However, I had no problem with graphics performance: TuxRacer worked perfectly well… :-) And the GNOME desktop also worked nicely and as stable, including video playback. The only pain point when using GNOME was that screen locking still did not work.

KDE to the rescue

Even if it’s just software rendering, the graphics problem seems to be resolved. However, the screen locking problem still bothered me, as I’m an IT security guy with a healthy dose of paranoia (which means that I lock my screen even when I’m home alone… :-)).

So even if I haven’t tried KDE for the past 5+ years, I gave it a try now. After so many years on XFCE and GNOME, the interface looks a bit weird. However, everything I tried on it seems to work just fine, including screen locking.

This blog is part of a longer series about my adventures with my new machine and AI. You can reach me to discuss this blog on one of the contacts listed in the upper right corner. You can read the rest of the blogs under the toy tag.

Two years have passed since I last shared my Friday app icon sketches, but the sketching itself hasn't stopped.

For me, it's the best way to figure out the right metaphors before we move to final pixels. These sketches are just one part of the GNOME Design Team's wider effort to keep our icons consistent and meaningful—it is an endeavor that’s been going on for years.

If you design a GNOME app following the GNOME Design Guidelines, feel free to request an icon to be made for you. If you are serious and apply for inclusion in GNOME Circle, you are way more likely to get a designer's attention.

Previously

Members of the openSUSE community are tackling the complex undertaking of transitioning from YaST by developing a streamlined system management interface.

After some adjustments and community feedback in the openSUSE bar, members took an existing tool to roll out a launcher for openSUSE users that provides a web-based system administration interface, more accessible to users switching from the traditional YaST setup utility.

The cockpit-client launcher, addresses a barrier that has frustrated some users attempting to adopt Cockpit as a replacement for YaST. According to feedback on the openSUSE forums, the process has been neither simple nor straightforward, until now.

The launcher icon, which includes legacy YaST colors for the adjusted logo, is specific to openSUSE and was created in response to user concerns. After some testing and minor refinements, the package was pushed and is available on Tumbleweed and Leap as an Official package.

“Since Cockpit-client has both Flatpak and RPM launchers available, we need to give them different icons so users can actually tell them apart,” said Lubos Kocman. “The different colored icon instantly shows users which launcher they’re opening to eliminate any confusion.”

The Installation Process

The launcher reduces a multi-step process that is now a straight-forward workflow. Previously, users faced complications accessing Cockpit through localhost:9090, which the community identified as a pain point.

sudo zypper install cockpit-client-launcher

Users are also recommended to install patterns-cockpit to ensure all Cockpit modules are available:

sudo zypper install -t pattern cockpit

Finally, users launch the application from their desktop environment’s application menu and follow initial setup dialogs. The launcher automatically activates necessary systemd services and firewall settings.

To align with security requirements, user will be asked whether to enable cockpit.socket and for preferred firewalld configuration in case cockpit wasn’t previously enabled and running.

It was tested on both Tumbleweed and Leap 16 installations and testing confirms the package successfully integrates across different openSUSE flavors, versions and installation scenarios.

A demonstration video created by Low Tech Linux showcases the installation and setup process on both Tumbleweed and Leap 16.

The Cockpit web interface provides graphical access to system administration functions that are traditionally handled through command-line tools or YaST, which include package management, user administration, service control, and more.

I often hear, even at security conferences that “no central log collection here” or “we have something due to compliance”. Central logging is more than just compliance. It makes logs easier to use, available and secure, thus making your life easier in operations, security, development, but also in marketing, sales, and so on.

What are logs and what is central log collection?

Most operating systems and applications keep track of what they are doing. They write log messages. A syslog message might look similar:

Mar 16 13:13:49 cent sshd[543817]: Accepted publickey for toor from 192.168.97.14 port 58246 ssh2: RSA SHA256:GeGHdsl1IZrnTniKUxxxX4NpP8Q

Applications might store their logs separately and have their own log format, like this Apache access log:

192.168.0.164 - - [16/Mar/2026:13:17:01 +0100] "HEAD /other/syslog-ng-insider-2026-03-4110-release-opensearch-elasticsearch/ HTTP/1.1" 200 3764 "-" "SkytabBot/1.0 (URL Resolution)"

Central log collection simply means that log messages are collected to a central location instead or in addition to saving them locally.

In this blog we take a look at what ease of use, availability, and security of central log collection mean for you.

Ease of use

If you have a single computer in your organization, finding a log message about an event on that computer takes some time. Once you have 2 computers, you have to check 2 computers to find that event. It might take twice as much time, but it is still easier than implementing central log collection. Not to mention, which one is the central computer. :-)

Once you have a network of 10 computers, logging in to each of them to find a log message about an event becomes a huge overhead. It is still doable, but implementing central log collection is a lot easier already in the short term, than looking at the logs on the machines where they were created.

On a network of 100 computers, it is practically impossible to find relevant logs by security or operations, unless logs are collected centrally.

Availability

Collecting logs centrally means that log messages are available even when the sending machine is down. If you want to know what happened, you do not have to get the machine up and running again, but you can check the logs at the central location. If you see signs of a hardware failure, you can go with a spare part immediately, reducing the time and effort needed to repair the machines.

Security

When a computer is compromised, log messages are often altered or deleted completely. However, this tactic only works with logs stored locally. Collecting logs at a central location allows you to use the unmodified logs and to figure out how the compromise happened.

What is next?

It is time to introduce central logging to your organization if you have not yet done it yet. Of course I am a bit biased, but syslog-ng is the perfect tool to do so. You can get started by reading / watching the syslog-ng tutorial on https://peter.czanik.hu/posts/syslog-ng-tutorial-toc/.

Originally published at https://www.syslog-ng.com/community/b/blog/posts/central-log-collection—more-than-just-compliance

GNOME 50 just got released! To celebrate, I thought it’d be fun to look into the background (ding) of the newest additions to the collection.

While the general aesthetic remains consistent, you might be surprised to see the default shifting from the long-standing triangular theme to hexagons.

Well, maybe not that surprised if you’ve been following the gnome-backgrounds repo closely during the development cycle. We saw a rounded hexagon design surface back in 2024, but it was pulled after being deemed a bit too "flat" despite various lighting and color iterations. We’ve actually seen other hex designs pop up in 2020 and 2022, but they never quite got the ultimate spot as the default. Until now.

Beyond the geometry shift of the default, the Symbolics wallpaper has also received its latest makeover. Truth be told, it hasn’t historically been a fan favorite. I rarely see it in the wild in "show off your desktop" threads. Let's see if this new incarnation does any better.

Similarly, the glass chip wallpaper has undergone a bit of a makeover as well. I'll also mention a… let's say less original design that caters to the dark theme folks out there. While every wallpaper in GNOME features a light and dark variant, Tubes comes with a dark and darker variant. I hope to see more of those "where did you get that wallpaper?" on reddit in 2026.

In the past few weeks, I installed five different operating systems on my latest toy: an AI workstation from HP. I love playing with OSes, but my main goal with the new machine is to learn various aspects of AI. I took my first steps in this adventure on Windows.

Of course, you might ask: why on Windows? Well, it’s easy: because it’s easy… :-) There is nothing to install or configure there, as Windows has multiple built-in apps that support AI and can utilize the NPU (hardware-accelerated AI) support of the AMD Ryzen 395 chip. The Windows Task Manager application already has a graph for NPU utilization and I found good use of it already: the Task Manager was open on the NPU tab while I conducted my experiments, allowing me to verify that it was indeed in use, as I ran a couple of generative AI tasks.

I find it somewhat surprising, but Paint now also comes with integrated AI support. Of course, you must pay for image generation but generating simple graphics (or “stickers”, as they are called in Paint) is free. If the prompt field is empty, its prompt text suggests “a cat wearing sunglasses”, so that’s what I generated. It has no practical use for me, but looks fun regardless… :-) You can see an example in the first figure.

It’s only slightly crazier that the simplest Windows app, Notepad, now also has AI features. I asked Notepad to write me a three-paragraph-long blog about writing a blog with AI in a boring, formal style. It completed the task successfully: the result is pretty boring and full of bullshit. Here it is:

The integration of artificial intelligence into the realm of content creation, particularly in the sphere of blog writing, presents a multitude of advantages that merit serious consideration. Firstly, AI-driven tools offer an unprecedented level of efficiency, allowing content creators to produce substantial volumes of text without the need for exhaustive manual input. This technological boon is particularly beneficial for those with time constraints or heavy workloads, as it liberates them from the mundane task of typing and editing.

Moreover, the precision and consistency of AI in language generation cannot be understated. By leveraging advanced algorithms, AI systems can maintain a uniform tone and style throughout a piece, which is a common challenge for human writers. This consistency ensures that the content is cohesive and that the voice of the piece remains unaltered, thereby enhancing the overall reading experience.

Lastly, the ability of AI to learn from vast datasets and adapt to various writing styles is a significant asset. It empowers writers to explore new topics and styles with confidence, knowing that the AI can provide a solid foundation upon which to build. This adaptability not only streamlines the writing process but also encourages creativity and innovation in content creation.

I also wanted to try a controversial Windows feature: Recall. Well, it does not work. When I started it, I got a nice error message stating that it needs Secure Boot. Linux requires it to be turned off, so I cannot test it now. But I must admit that I do not mind that… :-)

If everything goes well, I’ll make my first steps next week to enable hardware-accelerated AI under Linux.

This blog is part of a longer series about my adventures with my new machine and AI. You can reach me to discuss this blog on one of the contacts listed in the upper right corner. You can read the rest of the blogs under the toy tag.

The openSUSE Project has a new version of a language model designed to automate legal compliance checks for open-source software on the project’s HuggingFace .

The Cavil-Qwen3.5-4B model represents the latest iteration of Cavil, which leverages curated datasets designed to enhance automated legal text classification. The update underscores the growing role of community-driven open-source Artificial Intelligence.

The model is a specialized adaptation of Alibaba’s Qwen3.5-4B foundation model and is configured specifically to identify legally significant text such as license declarations, copyright notices, and similar legal markers within code repositories and documentation. By combining the base model with a Low-Rank Adaptation (LoRA) layer, efforts are efficiently fine-tuned and require minimal computational overhead. The smaller footprint allows Cavil-Qwen3.5-4B to run on modest hardware.

A key feature of this release is the availability of GGUF-format quantizations, contributed by a community member and hosted on HuggingFace. GGUF (GPT-Generated Unified Format) is a model file format optimized for running large language models locally using tools like llama.cpp. Quantization reduces a model’s precision; typically from 16-bit floating point down to 4-bit or even 2-bit integers, which dramatically lowers memory requirements for use on laptops, single GPUs or even CPUs.

The Cavil-Qwen3.5-4B release also highlights ongoing collaboration between openSUSE and the broader open-source AI community. Unlike proprietary models, Cavil’s training data and fine-tuning methods are transparent and allow users to audit, replicate or extend the work.

Local open-source AI continues to mature with projects like Cavil, which demonstrates how focused fine-tuning and community optimization can deliver value without relying on massive scale or closed ecosystems. The model, training datasets, and validation tools are available on Hugging Face under licensing that reflects their distinct components. Users interested in contributing or suggesting improvements are invited to engage with the openSUSE community on HuggingFace.