Users of openSUSE Leap 15.3 will not be receiving security and maintenance updates once the version goes EOL (end of life) on the last day of 2022.

Marcus Meissner gave users advanced notice on the announcements mailing list on Nov. 30, but the lifecycle of Leap is frequently communicated to users.

An EOL ends updates for the operating system minor version and those who continue to use EOL versions will be exposed to vulnerabilities because these discontinued versions no longer receive security and maintenance updates. This is why users need to upgrade to the newer minor release; openSUSE Leap 15.4!

Users can upgrade from 15.3 to 15.4 by downloading the iso image or following the instructions on how to upgrade, which is found on https://en.opensuse.org/SDB:System_upgrade.

For new installations, download openSUSE Leap 15.4 images at https://get.opensuse.org/leap/. The Leap 15.4 release is expected to be maintained and supported with security patches until it reaches its EOL in November 2023. Leap 15.5 is expected to be released at the beginning of June 2023, according to the roadmap.

Users interested in changing from the point release version can look at moving to Tumbleweed, which has frequent updates, or to a next generation operating system like MicroOS.

Make sure to backup your /home directory and any configuration files you want to save.

ALP - The Adaptable Linux Platform – is a new operating system from SUSE to run containerized and virtualized workloads. It is in early prototype phase, but the development is done completely openly so it’s easy to jump in to try it.

For this trying out, I used the latest encrypted build – as of the writing, 22.1 – from ALP images. I imported it in virt-manager as a Generic Linux 2022 image, using UEFI instead of BIOS, added a TPM device (which I’m interested in otherwise) and referring to an Ignition JSON file in the XML config in virt-manager.

The Ignition part is pretty much fully thanks to Paolo Stivanin who studied the secrets of it before me. But here it goes - and this is required for password login in Cockpit to work in addition to SSH key based login to the VM from host - first, create config.ign file:

{
  "ignition": { "version": "3.3.0" },
  "passwd": {
    "users": [
      {
        "name": "root",
        "passwordHash": "YOURHASH",
        "sshAuthorizedKeys": [
          "ssh-... YOURKEY"
        ]
      }
    ]
  },
  "systemd": {
    "units": [{
      "name": "sshd.service",
      "enabled": true
    }]
  },
  "storage": {
    "files": [
      {
        "overwrite": true,
        "path": "/etc/ssh/sshd_config.d/20-enable-passwords.conf",
        "contents": {
          "source": "data:,PasswordAuthentication%20yes%0APermitRootLogin%20yes%0A"
        },
        "mode": 420
      }
    ]
  }
}

…where password SHA512 hash can be obtained using openssl passwd -6 and the ssh key is your public ssh key.

That file is put to eg /tmp and referred in the virt-manager’s XML like follows:

  <sysinfo type="fwcfg">
    <entry name="opt/com.coreos/config" file="/tmp/config.ign"/>
  </sysinfo>

Now we can boot up the VM and ssh in - or you could log in directly too but it’s easier to copy-paste commands when using ssh.

Inside the VM, we can follow the ALP documentation to install and start Cockpit:

podman container runlabel install registry.opensuse.org/suse/alp/workloads/tumbleweed_containerfiles/suse/alp/workloads/cockpit-ws:latest
podman container runlabel --name cockpit-ws run registry.opensuse.org/suse/alp/workloads/tumbleweed_containerfiles/suse/alp/workloads/cockpit-ws:latest
systemctl enable --now cockpit.service

Check your host’s IP address with ip -a, and open IP:9090 in your host’s browser:

Login with root / your password and you shall get the front page:

…and many other pages where you can manage your ALP deployment via browser:

All in all, ALP is in early phases but I’m really happy there’s up-to-date documentation provided and people can start experimenting it whenever they want. The images from the linked directory should be fairly good, and test automation with openQA has been started upon as well.

You can try out the other example workloads that are available just as well.

Dear Tumbleweed users and hackers,

A very bad thing happened: we missed one snapshot this week! Only 6 out of 7 made it through QA. Snapshot 20221207 has been declined to be published (a python module update broke ansible, and a few more issues). Nevertheless, let’s focus on the positive: you received 6 snapshots to apply on your machine (1202..1206, 1208).

The most interesting changes in those releases were:

• Mozilla Firefox 107.0.1
• gtk 3.24.35+10 (upstream version 3.24.35, 10 commits ahead in the git branch)
• pango 1.50.12
• rubygem-rspec 3.12.0
• libX11 downgraded from 1.8.2 to 1.8.1 (boo#1205818, boo#1205778)
• NetworkManager 1.40.6
• poppler 22.12.0
• Podman 4.3.1

Staging projects are currently busy testing the following:

• Linux kernel 6.0.12
• KDE Gear 22.12.0
• protobuf 21.11
• systems 252.3
• Python pytest 7.2.0
• Ruby 3.2 (currently RC) is being tested to become the default ruby version (switch would happen when ruby 3.2 sees a final release)
• Switch to openSSL 3: tracked in Staging:N, main failures are nodejs18, nodejs19, OpenSSH, mariadb
• gcc13: the usual 2-phase approach: first (this round) we change the libraries like libgcc, libstdc++, …) to be provided by gcc13. Somewhere down the line, the entire distribution will be rebuilt by that compiler (not scheduled yet)

Taking Linux seriously since 1998, I gained experience in the GNU/Linux operating system that allowed me to build, contribute and make the openSUSE Leap 15.4 Micro platform available on the AWS cloud for everyone for free worldwide (all regions of the world).

Using software engineering work focused on GNU/Linux system optimization, I make available the minimalist version of openSUSE Leap 15.4 on AWS. In addition to being multipurpose, complete, stable and easy to use, it is intended for users, developers, administrators, and any professional who wants openSUSE resources on the server. It’s great for beginners, experienced users and ultra geeks, in short, it’s perfect for everyone!

The openSUSE Leap 15.4 Micro operating system provides less computational resource consumption. With less disk and memory and disk consumption, this operating system allows the use of modest virtual machines like t2.nano without compromising performance.

Suggestions in cabelo@opensuse.org
Information here: https://aws.amazon.com/marketplace/pp/prodview-763pijt3fq6ne

Following are the main advantages:

Disadvantage: Does not have YAST!

The first six days of December have brought openSUSE Tumbleweed users six snapshots and developers plenty of conversation.

More than 200 messages about changing parts of the rolling release’s microarchitecture have been posted this past week on the Factory mailing list, but during this time Tumbleweed keeps rolling forward updating packages like vim, mutt and more.

Just a handful of packages arrived in snapshot 20221206. An update to urlscan 0.9.10 was one of those packages, and it added * as an allowed URL special character. There was a reversion of libX11 to 1.8.1 because of a hang/crash experienced by both Gentoo and openSUSE. The Python tool for working with audio files provided track and disc number support for JSON and YAML plugins; this eyeD3 package, which seems like a great name for having a cool logo, updated to version 0.9.7, but it removed Python 3.6 support. The Pidgin chat plugin purple-mattermost updated to version 2.1 and will fetch the last 60 messages when a channel is joined for the first time. The self explanatory package perl-Bootloader 0.940 added some basic support for systemd-boot.

In snapshot 20221205, some stubbornness in finding a font appears to have been resolved with updating the PDF rendering package poppler to version 22.12.0. The email client mutt updated to version 2.2.9 and updated the gpgme autoconf files to the latest versions. It also fixed a non-printable keyname and added explicit void to 0-parameter function definitions. The virt-what package that is used to detect if a program is running in a virtual machine updated to version 1.25; the package now detects AWS arm virtual instances as KVM and added support for Alibaba Cloud Linux and VMware ESXi on arm. A few other packages were updated including newt 0.52.23 and qpdf 11.2.0.

NetworkManager 1.40.6 arrived in snapshot 20221204. It restored and set up an empty port configuration. The package also made some various documentation fixes and had a non-exported Application Binary Interface for the client library. An update of glib2 2.74.3 fixed a couple regressions and had a fix for GVariant type depths checks on text format variants. The low level core library also made a switch to a stricter Application Programming Interface because a GTask tag provided an error return path. Quite a few RubyGems rspec packages were updated. Besides the many that were bumped up to version number 3.12.0, the rubygem-rspec-mocks package had improvements for diff output when diffing keyword arguments against hashes. Macedonian translations using Weblate were made with the update of libstorage-ng 4.5.54 and a couple GNOME 43 packages were updated like gnome-software 43.2, which fixed search for apps providing some feature under rpm-ostree. Several other packages were updated in the snapshot.

An update of autoyast2 4.5.11 in snapshot 20221203 avoids a potential crash when an autoinst.ycp file is empty or missing. For those who don’t know, YCP stands for YaST Control Programming language, which was ported to Ruby through ycp-killer and other libraries and tools. An update of openblas_pthreads 0.3.21 had a few Intel SkyLakeX compilation fixes, and the package fixed a Power10 performance regression. A spec flag was introduced with the git + update to samba.

Snapshot 20221202 had Mozilla Firefox 107.0.1 fixed an issue where color management was not available for some users and the browser fixed another issue where the DevTools User Interface was not accessible when an alert dialog was displayed. A new class to allow for a unified definition of hardware architecture filters was added with the 4.5.20 yast2 update. An API fix was made in the gedit 43.2 update and some translations were made for the text editor as well. Vim was another text editor to receive an update in the snapshot, and it had some extensive fixes; vim 9.0.0978 fixed a crash when typing a letter in a terminal window, fixed a continuous integration failure in sound dummy, fixed leaking memory from autocmd windows and fixed an invalid memory access along with many other fixes. Several changes were made with the GTK3 3.24.35 update. The cross-platform widget toolkit fixes problems with motion compression, refactored handling of Instant-Messaging client updates, dropped an upstream patch and added support for titlebar gestures. Other packages to update in the snapshot were pango 1.50.12, hxtools 20221120, libostree 2022.7 and more.

Starting off the month pipewire was updated to version 0.3.61 in snapshot 20221201. It fixed a bug n audioadapter that could cause crashes when switching bluetooth profiles. The Linux and flac 1.4.2 , which is an audio format similar to MP3 that is compressed with flac without any loss in quality, made its console output more uniform across different platforms. The package for open source smart card tools and middleware, opensc, updated for version 0.23.0. The package had some general improvements and added support for symmetric encrypt and decrypt, wrap and unwrap operations, and an initialization vector. A couple other packages updated in the snapshot like freecell-solver 6.8.0 and kernel-firmware 20221130, which updated some firmware for for advance MediaTek) wifi chips.

Welcome to the second part of my syslog-ng tutorial series. In this part, we cover some of the basic concepts behind syslog-ng.

Last time we defined syslog-ng as an enhanced logging daemon with a strong focus on portability and high-performance central log collection.

Let us pull this sentence apart, as all words are here for a reason. The original syslog implementation was pretty simple: it collected log messages from applications and sorted them to various files. Syslog-ng enhanced this with message parsing, advanced filtering and many more log sources and destinations. Daemon means that it is an application normally running continuously in the background. Portability means that syslog-ng runs not just on Linux, but also on various BSD and UNIX systems as well. High performance means that syslog-ng is implemented in C and thus it is fast and resource efficient. Depending on the configuration, even a Raspberry Pi can collect tens of thousands of log messages a second.

You can watch the video on YouTube:

Or you can read the rest of my blog at: https://www.syslog-ng.com/community/b/blog/posts/syslog-ng-101-part-2-basic-concepts

Maybe you have read this announcement in openSUSE forums and asked yourself what this will mean for the way you use the forums. Even more when you may not understand, or only vaguely understand, what the words vBulletin and Discourse mean.

You will understand that the website forums.opensuse.org runs software that handles not only the interface with you, but also stores and manages the threads with the posts, and the user administration of the forum members. The software package used is named vBulletin. It is a commercial package and as such brings considerable costs.

Because all software that stays alive will move to new versions, this is also the case with vBulletin. That will mean that all of the adaptions that were made in the openSUSE instance had to be converted to the new version. At such a moment, it is time to look if a different solution might be better. We will not burden you with all the details, but the result is that vBulletin will be replaced by a different and open-source (which fits into the openSUSE philosophy) product: Discourse.

This will not be an easy move for many, including the forums’ staff. Many things will have to be addressed after we switched over, but we can mention a few things that will come up first in most members thoughts (we think).

Accounts: As the login facility is not bound to vBulletin but to the general SUSE login feature, there will be no change there, and all members will be able to login as earlier.

Old threads: Threads will be moved to the new environment and be available. Their layout maybe disfigured here and there, but we expect that solutions to problems will still be understandable. As said, it will look very different, please try to cope with that.

We expect a lot of questions and problems to arise. There is of course an “About the forums’ section where you can start threads. Be prepared that the staff has to deal with all of them in their spare time and will, like you, not feel at home in the beginning.

Planned Forum outage will be from Dec. 11 to 13 for the migration. That includes export and import of users and threads, testing and managing the headache.

Thank you for bearing with us in advance.