Today, the syslog-ng team released three different syslog-ng versions, which provided a good opportunity to wear my “Release is coming” t-shirt. This coordinated release is due to an SQL injection security bug fix, even if most likely it affects less than a handful of people (I mean, is there anyone who still uses SQL to store logs in 2026…?)

What’s new?

• syslog-ng OSE 4.12.0 arrives with performance optimizations, making syslog-ng more scalable in several situations. Many user-reported bugs were fixed as well. RPM-based containers are now available, utilizing Alma Linux under the hood.
• syslog-ng PE 8.2.0 focused on bug fixes and now also allows users to use extremely complex configuration files.
• SSB 7.8.0 adds support for Proxmox and Nutanix virtualization.

What’s next?

For more details, check the respective release notes. The syslog-ng OSE release notes are available at https://github.com/syslog-ng/syslog-ng/releases/tag/syslog-ng-4.12.0 Release notes for the commercial products should be available soon at https://docs.oneidentity.com

Summertime is arriving to Europe. But we all know summer does not officially start until we have had the chance to meet and share our passion for open source at the annual openSUSE Conference. And since we do not want to show up to the party empty-handed, we just finished cooking Agama 22.

As anticipated on the previous blog post, in this new version we focused our efforts on polishing the user experience.

Redesigned header and toolbar​

And if there was something in need of polishing, that was the header of the web interface which, as detailed in the description of this pull request, presented several problems. Fortunately, that pull request also brought a better design that greatly improves usability.

The new design displays the product and its logo on every page, alongside a revamped set of breadcrumbs that ease navigation. The redundant and confusing "Review and install" button is gone and that space is now used to expose the installer tools in a more ubiquitous way.

Apart from becoming more visible, the mentioned installer tools also received usability improvements. The progress monitor that used to be displayed only when some tasks were in progress is now always present, making it more understandable.

The option to download the installation logs now offer more information about its purpose and about the status of the process to gather and download the data.

In the same direction, the former "Download config" menu entry became a new "Show configuration" tool, way more informative than just spitting a JSON file to the user.

All those small changes help to shed some light on several tools that have been there for some time already, but that were not properly explained by previous versions of the user interface.

Configurable appearance​

But if you look closely at the reorganized toolbar, in addition to the mentioned improved tools you will also find the brand new "Appearance" tool, allowing to set the contrast and the combination of colors.

That new functionality is built on the amazing accessibility work poured by the PatternFly team into their recent 6.5 release. Our dark and light schemas ride on their design tokens and take advantage of their high-contrast mode that meets the enhanced WCAG AAA contrast ratios.

The new Agama dark scheme wears SUSE's brand colors, by default, but now every product can rebrand both the light and dark schemas end to end by customizing a handful of tokens. Customization of the high contrast mode is deliberately more restricted to make sure a rebrand can't undo the accessibility work PatternFly put into keeping that mode WCAG AAA compliant.

Configuration of file systems​

Improvements in usability sometimes come hand in hand with new functionality, and the other way around. In the case of Agama 22, we wanted to add some extra controls to the web interface making it possible to define some advanced settings for file systems. We took that as an opportunity to revisit the corresponding sections to setup disks, partitions and logical volumes.

Apart from offering the extra file system settings shown in the previous image, the mentioned sections are now more consistent with the rest of the Agama web interface and easier to understand and to use.

Setting up VLANs through the web interface​

In the previous blog post we literally said that support for configuring VLAN connections in the web UI was "on its way". Now the wait is over.

As you can see, now it is possible to use the graphical user interface to setup all kind of network connections including Wi-Fi, Ethernet, bridge, bond and of course VLAN.

Improvements in the command-line interface​

But, as you know, the graphical web interface is not the only way to interact with the installation process. Agama 22 also brings enhancements for those users preferring the command line.

The most visible change is that the text-based monitor now allows to answer the installer questions interactively.

Since several commands like agama config load rely on the monitor to display the result of their operations, all those commands automatically benefit from this new feature.

We also took the opportunity to unify the behavior and the messages displayed by several components of Agama, like the mentioned monitor, the agama status command and the web interface.

Putting all that together with all the changes in the web UI already mentioned on this blog post, we are certain that Agama 22 is the most usable and accessible release to this date.

Configure access to the installed system​

But usability may go beyond the user interface itself and may include aspects like making common tasks as simple and direct as possible. In that regard we detected that many users of unattended installation were struggling to setup all the needed aspects to make sure the system was accessible for administrative purposes right after the installation process was over.

Agama now includes a new access section in its JSON configuration that allows to setup all the related aspects on the installed system. Just follow the documented syntax to indicate whether you want to access the new system via SSH or Cockpit and Agama will take care of enabling the service, opening the port in the firewall and any extra adjustment that may be needed.

See you at oSC'26​

As mentioned at the beginning, some of the Agama developers plan to be around for the openSUSE Conference. But we will only be able to be there during Thursday afternoon and Friday early morning, so do not hesitate to bump into us at any chance.

Nevertheless, you know you can reach to us at any time via the YaST Development mailing list, our #yast channel at Libera.chat or the Agama project at GitHub.

See you soon!

Today we bring you two small improvements that will help you stay in the loop. Let’s begin! Notification Fixes If you are one of those users that receive a lot of notifications, when you are sifting through them, you probably set filters to narrow down the list to something manageable, and then you start clicking on each one. Now you will no longer lose your filters when coming back to the notifications list. Role Changes...

For almost two decades, the PackageKit package management abstraction layer has shipped with pkcon as its command-line client. pkcon does its job, but it was always kind of a “testing” front-end for the PackageKit daemon rather than a tool designed for everyday use. The focus has instead been on the GUI tools, automatic system updates, GUI application managers and other front-ends. Its command names mirror the D-Bus API almost one-to-one (get-details, get-updates, get-depends), output is very plain, and there is no machine-readable mode for scripting. Most importantly though, there has been no development on it at all for almost a decade, so pkcon was stuck in its rudimentary state from that era.

Since a lot of changes will be coming to PackageKit, and testing the daemon and working with it from the command-line was not very pleasant anymore in 2025/2026, I decided to modernize the tool as part of my work as fellow for the Sovereign Tech Agency last year. pkgcli is the new command-line client for PackageKit. It is built from the ground up to be pleasant to use interactively and easy to drive from scripts.

Why a new tool?

Of course, instead of introducing a new tool, I could have just expanded pkcon instead. The problem with that approach is that the pkcon utility has been around for so long and its command-line API had ossified so much, that rather than changing it and potentially breaking a lot of scripts relying on its quirks, I decided to introduce a new tool instead. pkcon can still be optionally compiled for people who need it in their scripts and workflows.

The goals for pkgcli, and the features it now has are:

• Human-friendly command names. Verbs that read the way you’d describe the task, instead of mirroring the D-Bus API 1:1: show, search, list-updates, what-provides, instead of get-details and friends.
• Readable, colored output by default (still respecting NO_COLOR and degrading gracefully).
• A real scripting mode. A global --json flag emits JSONL instead of fully human-readable output when possible, to make it easier to use the tool for scripting purposes.
• Sensible defaults. A few defaults have been changed, such as the metadata cache-age, or automatic cleanup of unused dependencies being enabled by default. This is more in line with current defaults by other tools and frontends. We also print package information in a slightly different, more readable way.
• Better handling of internationalized text. Text should now align properly in the terminal window, and we should no longer have completely chaotic text output on non-English locales (especially Chinese/Japanese).

Why not pkgctl?

Originally, this tool was called pkgctl, to match other common cross-distro tool names. However, that name was already taken by an Arch-specific distro development tool. When this issue was raised, we decided to just rename our tool to pkgcli with the next release, to avoid the name clash on Arch Linux.

Examples!

Here are some examples on how to use the new tool (some of which include the abridged output pkgcli prints).

Search for anything containing the string “editor” in name or description, then look at the details of one result:

$ pkgcli search editor
Querying                  [████████████████████████████████████████] 100%
▣ ace-of-penguins 1.5~rc2-7.amd64 [debian-testing-main]
▣ acorn-fdisk 3.0.6-14.amd64 [debian-testing-main]
▣ ardour 1:9.2.0+ds-1.amd64 [debian-testing-main]
✔ audacity 3.7.7+dfsg-1.amd64 [manual:debian-testing-main]
✔ audacity-data 3.7.7+dfsg-1.all [auto:debian-testing-main]
▣ augeas-tools 1.14.1-1.1.amd64 [debian-testing-main]
▣ emacs 1:30.2+1-3.all [debian-testing-main]
▣ gedit 48.1-9+b1.amd64 [debian-testing-main]
▣ gedit-common 48.1-9.all [debian-testing-main]
▣ gedit-dev 48.1-9+b1.amd64 [debian-testing-main]
[...]

$ pkgcli show nano
Package: nano
Version: 9.0-1
Summary: small, friendly text editor inspired by Pico
Description: GNU nano is an easy-to-use text editor originally designed as
 a replacement for Pico, the ncurses-based editor from the non-free mailer
 package Pine.
[...]
URL: https://www.nano-editor.org/
Group: publishing
Installed Size: 2.9 MB
Download Size: 646.0 KB

Search only within package names rather than descriptions:

$ pkgcli search name python3

Check for updates. refresh updates the metadata, then list-updates reports what’s available:

$ pkgcli refresh && pkgcli list-updates
Loading cache            [████████████████████████████████████████] 100%
▲ cme 1.048-1.all [debian-testing-main]
▲ gir1.2-gdm-1.0 50.1-2.amd64 [debian-testing-main]
▲ imagemagick 8:7.1.2.24+dfsg1-1.amd64 [debian-testing-main]
▲ imagemagick-7-common 8:7.1.2.24+dfsg1-1.all [debian-testing-main]
▲ imagemagick-7.q16 8:7.1.2.24+dfsg1-1.amd64 [debian-testing-main]
▲ libdlrestrictions1 0.22.0.amd64 [debian-testing-main]
▲ libfftw3-bin 3.3.11-1.amd64 [debian-testing-main]
▲ libfftw3-dev 3.3.11-1.amd64 [debian-testing-main]

Explore relationships between packages:

$ pkgcli list-depends inkscape  # list what inkscape depends on
$ pkgcli list-requiring libappstream5  # list what requires libappstream5

Find the package that provides a capability, here the AV1 GStreamer decoder:

$ pkgcli what-provides "gstreamer1(decoder-video/x-av1)"
✔ gstreamer1.0-plugins-bad 1.28.3-1.amd64 [auto:debian-testing-main]

You can also have JSON output for most commands! Attach --json to any query and pipe the result straight into jq. Each line is a self-contained JSON object:

$ pkgcli --json list-updates | jq -r '.name'
cme
gir1.2-gdm-1.0
imagemagick
imagemagick-7-common
imagemagick-7.q16
libdlrestrictions1
libfftw3-bin
libfftw3-dev
libfftw3-double3

Try it

pkgcli is built by default alongside the rest of PackageKit since PackageKit 1.3.4. If your distribution ships a recent enough PackageKit, it should already be on your PATH. You can read its man page man pkgcli for more information. Feedback, bug reports, and patches are very welcome.

To kick off the show, Mike (FullScale4me) discusses his experiences with older computer systems and "Big Iron." The panel shares insights on LibreWolf, which is suitable for privacy-focused users who prioritize security but may not be ideal for casual users. The conversation gets a bit passionate about privacy, maybe even a little spicy!

This Saturday, an exciting tech-focused event will feature discussions on open source, gaming, and Linux. Key topics include the compromise of Arch Linux AUR packages and deprecated Linux commands. Participants are encouraged to join discussions on various Linux distributions and share suggestions for future sessions via Telegram or Discord.

Dear Tumbleweed users and hackers,

This week, Tumbleweed had to take a short break over the weekend. Technically, everything was fine, but with the summer weather approaching in the northern hemisphere, some people tend to do less screen time, especially on weekends. The outcome is still very impressive: five snapshots were published this week (0604, 0605, 0608, 0609, and 0610)

The most relevant changes shipped this week include:

• Mesa 26.1.2
• fontconfig 2.18.0 & 2.18.1: the first version caused some issues and picked the wrong fonts
• harfbuzz 14.2.1
• Linux kernel 7.0.11
• php 8.5.7
• KDE Gear 26.04.2
• tcl/tk 8.6.18
• Mozilla Firefox 151.0.3 & 151.0.4
• sqlite 3.53.2
• systemd 260.2
• file 5.48

Staging still contains the few longer-standing topics from last week and a few more, newer changes, namely:

• MariaDB 12.3.2
• Linux kernel 7.0.12
• KDE Frameworks 6.27
• llvm packaging change: moving away from update-alternatives
• Poppler 26.06.0: breaks the usual suspects like Scribus, Inkscape, LibreOffice
• Qemu 11.0.0: 32-bit host support is being dropped
• KDE Plasma 6.7.0, currently 6.6.91 staged for QA
• Rework of Python3 packaging (as a meta package instead of a provides of the default interpreter)
• gcc 16 as the system default compiler

This is a roundup of articles from the openSUSE community listed on planet.opensuse.org.

The community blog aggregates a list of the featured highlights below from June 5 - 11.

Blogs this week cover a photographer pairing rival AMD and Nvidia GPUs on one openSUSE Leap 16.1 workstation to run Adobe software in a virtual machine, a guide for open-source maintainers on avoiding burnout amid a flood of AI-generated security reports, the release of digiKam 9.1 and second bugfix updates for both KDE Gear 26.04 and Kdenlive. Blogs also highlight a dystopian short story about a web where nothing is free, a talk by KDE e.V. in Barcelona, a Digital Sovereignty event in València, the weekly Tumbleweed snapshot reviews, Plasma 6.7 bugfixing and more.

Here is a summary and links for each post:

Rival GPUs Share One Linux Desktop

The openSUSE News team profiles photographer Klaus Tröger, who recently migrated to the openSUSE Leap 16.1 beta. It talks about the use of Adobe and Photoshop in a Windows 11 virtual machine on a workstation. Performance is nearly native and the passthrough components can be cleanly isolated by IOMMU group.

Digital Sovereignty in the AI Era, New Event Organized by GNU/Linux València

The KDE Blog promotes a new event from the nonprofit association GNU/Linux València titled “Digital Sovereignty in the AI Era,” which takes place June 16 at the Universitat de València. Attendance is free, can be joined online and the session will offer concrete alternatives for regaining technological autonomy.

digiKam 9.1 Released, Making it Easier to Use

The KDE Blog covers the release of digiKam 9.1.0, which arrives after three months of active development focused on database migration, preview improvements, advanced search and general ease of use. The post also recaps the major features of digiKam 9.0 for readers who missed the previous release.

Welcome to the Icon Designer Webring!

Jakub revives a piece of 1990s internet culture. Inspired by Terry Godier’s essay “The Boring Internet,” the post argues that an older, slower, federated web built on open protocols still thrives beneath the commercial layer.

Thirty-Fourth Audio of Podcast Linux – “Maratón Linuxero Live” (Podcast Linux #34)

The KDE Blog continues its index of the now-paused Podcast Linux with episode 34. Host Juan Febles chats with four GNU/Linux veterans Gabriel Viso, Patricio García, Alejandro López and Roberto Ruisánchez about the early days of Linux. The conversation revisits the 1990s and early 2000s.

Kdenlive 26.04.2 Released

The KDE Blog announces the second maintenance release of the Kdenlive 26.04 series. The update fixes issues in rendering, timeline editing and project file management across AppImage and Flatpak packages, including a notable Windows fix that allows exporting videos to a network drive.

Everything Has a Price

Victorhck publishes a Spanish translation of Paul Brown’s dystopian short story “No Such Thing as a Free Lunch,” which is a cautionary tale about a future where every click, app launch and settings change carries a fee and free offerings are outlawed. The fiction follows Joe Bloggs through a world of mandatory hardware upgrades, surveillance AI that taxes productivity and brutal enforcement of software regulations. The story is free to read, which in the tale would be a felony.

Fixing All the Things – This Week in Plasma

The KDE Blog translates the latest “This Week in Plasma” report, which focuses on polishing Plasma 6.7 ahead of its release at the end of the month. Notable fixes include Spectacle’s clipboard behavior during OCR text extraction, low-battery notifications for connected devices appearing over fullscreen apps, and a crash fix when refreshing the list of nearby wireless networks.

Linux Saloon 205 | Open Mic Night

CubicleNate recaps episode 205 of the Linux Saloon podcast. Responding to viewer feedback, the panel shared what they like and dislike about their distributions of choice, covering Tumbleweed’s built-in Snapper rollback and overly aggressive default firewall, a panelist’s switch from GNOME to the Fedora 44 Plasma spin, and praise for MX Linux, CachyOS, Linux Mint and Bazzite, before agreeing to test the LibreWolf browser in an upcoming application appetizer segment.

BuildStream and KDE – New Barcelona Free Software Talk

The KDE Blog announces a new Barcelona Free Software talk taking place on Thursday, June 11 at Akasha Hub in Barcelona. Aleix Pol, president of KDE e.V., will present BuildStream, a powerful software integration tool used to build operating systems and all sorts of packages. Attendees will leave knowing how to build their own operating system and hopefully be ready to contribute to many more projects.

Tumbleweed – Review of the Week 2026/23

Victorhck and Dominique Leuenberger report that Tumbleweed kept rolling through a midweek European holiday with six snapshots published. Key updates included Mesa 26.1.1, Qt 6.11.1, GNOME 50.2, Pipewire 1.6.6, Samba 4.23.8 and 4.24.3, plus a Java packaging migration from update-alternatives to libalternatives. The staging dashboard predicts Linux kernel 7.0.11, KDE Plasma 6.7.0, a rework of Python3 packaging and GCC 16 as the system default compiler arriving soon.

Take it Easy. A Guide to Avoid Burnout During the Vulnpocalypse

Danigm offers open source maintainers a survival guide for the so-called Vulnpocalypse, which refers to the cybersecurity reckoning related to AI-generated security reporting. The post argues that 100 percent secure software doesn’t exist, that the deluge of dubious “high severity” reports is eroding CVE credibility, and that maintainers should learn to recognize and disarm manipulation tactics like queue flooding and gaslighting rather than burn themselves out chasing every cried wolf.

Second Update of KDE Gear 26.04

The KDE Blog highlights KDE Gear 26.04.2. The release resolves a good number of errors across applications, libraries and widgets, including a crash in Akregator on arm64, a startup crash in Skanlite via ksanecore, and a fix for Koko’s move-to-trash action overriding the editor’s delete actions.

View more blogs or learn to publish your own on planet.opensuse.org.

For years, photographer Klaus Tröger built his professional workflow on a quiet contradiction; a Linux workstation running the Adobe software that most people assume belongs on a Mac or a Windows PC.

“I’m not willing to give up Linux, and I’m not willing to give up Adobe,” Klaus said. “So I stopped choosing.”

He has now carried that arrangement onto newer ground. Klaus recently migrated his longtime Debian machine to the beta release of openSUSE Leap 16.1 and has kept editing the whole time, running Adobe Lightroom, Camera Raw and Photoshop inside a Windows 11 virtual machine that never touches the local network directly.

The setup speaks to a small but persistent group of professionals who prefer Linux as their daily environment but cannot abandon Adobe Creative Cloud, whether for client work or long-established editing habits. Open-source alternatives exist, Klaus acknowledges, but they do not always fit an established business.

The hardware behind the system is deliberately dated, and Klaus says that is the point. Rather than chase current components at current prices, he chose Intel’s older LGA-1151 platform, pairing a Core i9-9900K, which is an eight-core, 16-thread chip from Intel’s Coffee Lake generation, with an Asus Z390 WS Pro mainboard. Each was a flagship in its day, he said, delivering strong benchmark performance from the processor and stability from the board. Because the WS Pro has grown rare and expensive, he notes the same approach works with a more common Asus ROG-STRIX Z390-F board and a six-core Core i7-8700K.

The board matters less for speed than for separation. To hand physical hardware to the virtual machine, Klaus relies on the Linux “vfio-pci” driver, which requires that the devices being passed through sit in their own IOMMU group, which is the system the hardware uses to isolate components from one another.

That requirement produces the workstation’s most surprising feature; two graphics cards from rival makers. An AMD Radeon RX 6600 drives the Linux desktop, while an Nvidia RTX 3060 is dedicated entirely to Windows. Contrary to a common assumption, Klaus said, modern Linux handles mixed AMD and Nvidia setups without conflict.

A dedicated graphics card is not optional for the Windows side. Adobe’s software needs a real GPU for post-processing. Software emulation will not do, and the card must clear a modest bar; it needs 1.5 to 2 GB of video memory, DirectX 12 compatibility and a driver no more than seven years old. Passing a qualifying card through to the Windows guest, in its own IOMMU group, lets Adobe applications run with near-native hardware acceleration while Linux remains in charge.

Most consumer mainboards make that separation difficult, Klaus said, because of how they share PCIe lanes and assign IOMMU groups. He offers two ways around it: use the Intel chip’s integrated graphics for the Linux host, the simplest and cheapest option for users with light rendering needs; or run two cards, placing the primary GPU in the CPU-managed first PCIe slot and the pass-through card in a slot managed by the Z390 chipset, which lands them in separate groups.

The rest of the machine follows the same divide-and-isolate logic. A separate USB controller goes to the virtual machine so Windows can have its own keyboard and mouse. Windows lives on its own fast NVMe solid-state drive. Klaus pins 10 processor threads to the host and six to the guest, splits 64 GB of memory evenly between them using huge pages, and swaps the default power daemon for the “tuned” tool set to a virtual-host profile.

He made one deliberate exception. Rather than assign the second NVMe drive straight to Windows, he keeps the guest in a disk-image file on an XFS partition.

“It’s so easy to just copy away the Windows file to get a backup,” he said.

The choice of host operating system was its own deliberation. Klaus had run Debian 13 for its stability. He found openSUSE’s rolling Tumbleweed release too bleeding-edge and Leap 15.6 too dated, which left the Leap 16.1 prerelease as a chance worth taking. The installation, using the Agama installer with an LVM disk layout and a Btrfs root filesystem for snapshots and rollback, produced what he called “zero surprises.”

Performance, he said, is nearly native. Virtualization always carries some overhead, “but it’s fully worth it.” Security is part of the appeal. Windows never sits directly on the local network; it operates behind the Linux host, shielded by the host firewall and additional controls. The arrangement, Klaus said, balances compatibility against exposure. Windows stays available for the few applications that demand it, while Linux runs everything else.

Asked what he would change if he built the machine today, Klaus did not hesitate. “None,” he said. His advice for photographers and power users eyeing a similar build comes down to one decision made early; choose the base hardware carefully, and confirm before buying that the components you intend to pass through can be cleanly separated by IOMMU group. Consumer boards, he warns, often cannot.

Terry Godier wrote a beautiful essay "The Boring Internet". The internet isn't dying, he argues, just the commercial veneer glued on top of it is. Underneath all the engagement metrics and algorithmic feeds, there's still an older, slower, more federated web. One built on protocols nobody owns. RSS feeds still work (thank you, Aaron), people can set up websites and blogs.

Lets start a webring in 2026

Don't worry, I haven't pushed too many pixels and gone a little cuckoo. But it's a fun exercise to remind what the web once was. We'll silently skip over the fact that I actually started using gopher first, but even web surfing didn't begin on a search engine back in the day. It was web rings, later followed by index sites.

Start

Not long ago I posted about designing app icons for 3rd party GNOME app developers. The post generated quite some buzz and some old and new faces started showing up to help with the backlog. So obviously I'd like to take you on a webring tour of all the designers responsible for making the GNOME app ecosystem a little less awkward to browse on Flathub.

Let me introduce you to Brage. He's been around for a couple of years now, helping to tame the flames of the reddit community, helping with the GNOME Circle project to improve the quality of GNOME apps in the wild, creating illustrations for initial states in apps, authoring some noteworthy apps himself. So thank you, Brage, welcome to the 90s!

Next Up: Brage Fuglseth