Updates of both KDE’s Plasma and Frameworks landed in openSUSE Tumbleweed as part of three snapshots released this week.

The rolling Tumbleweed distribution began the week with Linux Kernel 5.10.12 and has ended it with version 5.10.16, which was the latest stable Kernel when the 20210215 snapshot was released.

The newest Frameworks 5.79.0 version arrived in snapshot 20210217. As part of the release, Kholidays package updated holidays for Mauritius and Taiwan. The Kirigami user interface framework had fixes to the controls and enhanced some vertical alignments. Removal of the usage of non-UTF-8 string literals were made with Framework’s kcodecs package update. GNOME had some updates with gnome-builder updating to version 3.38.2, which provided support for an --add-policy for Flatpak, and gnome-software updating to version 3.38.1, which updated translations and ignores harmless warnings when using unusual fwupd versions. Three areas of focus were emphasized for the update of dhcp 4.4.2 with changes for dynamic DNS additions, dhclient improvements and support for dynamic shared libraries; the package is now licensed under the Mozilla Public License, MPL 2.0. Multiple PyPI packages were updated including python-greenlet 1.0.0, which requires setuptools to build from source, and python-numpy 1.20.1, which fixed a random.shuffle regression. A major update of perl-Mojolicious 9.01 added an experimental color attribute and an experimental color log environment variable. Other packages to update in the snapshot were Long-Term Support package subversion 1.14.1, filesystem mounter fuse3 3.10.2, pipewire 0.3.21 and git 2.30.1.

Plasma 5.21 is all about upgrading the looks and usability of Plasma. Snapshot 20210215 brought this Plasma update, which refreshed the color scheme and sports a brand new unified headerbar style with a clean and cool new look. The new Plasma System Monitor app for monitoring system resources is now an integral part of Plasma; the application shows all the running applications along with detailed statistics and graphs. Plasma 5.21 makes massive progress toward first-class support for Wayland. The virtual keyboard in Wayland has been improved and supports GTK applications using the text-input-v3 protocol. The update of Mozilla Firefox 85.0.1 fixed a few bugs like a crash in the browser in case of an unexpected Cache Application Programming Interface state. The trim that was not working in ImageMagick was fixed in version 7.0.10.62 and the GPS info for TIFF images now works with the imaging applications. Terminal emulator xterm 366 corrected the upper-limit for a selection buffer, which fixed a Common Vulnerabilities and Exposure. PDF library poppler 21.02.0 fixed a memory leak if saving a file fails. Some other packages in the snapshot were LibreSSL 3.2.4, text rendering package pango 1.48.2 and Linux Kernel 5.10.16.

The Linux Kernel updated from 5.10.12 to 5.10.14 in the 20210212 snapshot, which brought in some KVM fixes. New packages were inherited from GNU Compiler Collection 10 into the GCC 11.0.0+git183291 update. CardDAV address books now support OAuth2 and Google Contacts in the email client update of Mozilla Thunderbird 78.7.1. The glibc 2.33 version optimized dynamic linker loads and the implementations of shared objects from subdirectories under the glibc-hwcaps directory on the library search path; that’s if the system’s capabilities meet the requirements for this subdirectory. The 7.1.0.3 LibreOffice updated bundled dependencies and php7 7.4.15 fixed a Curl bug and core fix that provided a bogus parser error on more than 4GB of source code. The regular expression library re2 had an update from a November release to version 20210202, which addressed -Wnull-dereference warnings from GCC 10.x.

Today we reached a new milestone: all openSUSE services around the world now support IPv6 natively. The last set of machines in Provo are equipped with IPv6 addresses since today. IPv6 was missing for those machines since the renumbering, which was needed because of the carve out of SUSE from Micro Focus. A big thank you goes out to one of our providers, who now reserved and routed a whole /50-IPv6 network for us.

With this, we can also run all our DNS servers with IPv6 (and they do not only have an IPv6 address, but all our external DNS entries for the opensuse.org domain should now contain IPv4 and IPv6 addresses as well. Don’t worry, you did not miss much. The Dual-Stack (IPv4 and IPv6) is the case for all services in Germany since a long, long time already - and we even had it for the machines in the US for a long time, before SUSE switched the provider. But this finally brings us to the same level on all locations!

It’s finally time for a small update on the Karatek Network, so I summorized the most important things that changed in the past month.

Nemesis is now OpenGM - Well, kind of

In order to make our Telegram bot more accesible for other users and easier to self host, I decieded to build RPM packages for an easy and convinient installation process. Problem was, the name “Nemesis” was already taken inside openSUSE Open Build Service, so I was required to change the name. After thinking about it a lot, I decieded that “OpenGM” would be a nice name that represents what we are: “Open” in multiple ways - First of all, our code is open. We do not rely on any proprietary non-free code for the bot, and that’s how it’s gonna stay. Plus, we are an open commuinty. Everyone who wants to can use the Bot, and we try our best to help new users getting their things done. “GM” stands for “Group Manager” - So I think OpenGM is a perfect representation of the project. However, the instance hosted by me (@karatekbot) is keeping its name (for now).

OpenGM is now avaliable for openSUSE

As mentioned before, you can now install OpenGM as a regular package on openSUSE - just follow these instructions. Specfiles and building status is avaliable at Open Build Service.

Our hosted instance changed servers!

In an effort to make Nemesis faster, we moved our hosted instance from a Raspberry Pi 3 to a Raspberry Pi 4 8GB. This should increase performance by a lot. As these servers cost money, I would really appriciate if you donated a small amount - so if you’re interessted, please contact me. Thanks a lot!

Dear Tumbleweed users,

At the moment, Tumbleweed snapshot 20210212 is being synced out to the
mirrors; the public announcement of the snapshot being available will
(estimated) be at around 12pm CET (Feb 16)

I want to inform you upfront of a few specialties:

  * The snapshot is going to be large, in the number of packages to
‘update’ (mostly rebuild counters) and thus also megabytes.
  * The snapshot is the first to be based on glibc 2.33
https://sourceware.org/pipermail/libc-alpha/2021-February/122207.html

While testing this snapshot, a few things were broken (which delayed
publishing a bit). There are, however, still two issues known which you
should be aware of:

  * NIS integrated system administrators might want to check out
https://bugzilla.opensuse.org/show_bug.cgi?id=1182247 – the nss_compat
module does not load additional modules, which means you might have to
adjust the nsswitch.conf to make ‘nis’ an explicit setting.
  * Especially on 32bit systems we had seen a bunch of sandboxing
features not behaving as expected. This currently (still) affects
libqt5-qtwebengine. An additional fix is currently being published in
parallel into the update channel
(http://download.opensuse.org/update/tumbleweed/). In case you see
rendering issues (kmail for example) make sure to have this update
included.

The other fixes (OpenSSH, chromium) which we had seen in prior testings
are already included in snapshot 20210212 and should not be of concern.

As usual, if you see new bugs appearing, please verify if somebody else
already filed them in bugzilla.opensuse.org and, if not already
present, file the bugs yourself.

Explaining how to differentiate bind mounts on btrfs subvolumes

I wrote an article for Front Page Linux about the wonders of the best webcam application for use on Desktop Linux. Rather than publish it here where a dozen or so people will skip through the front door, I decided to put in someplace that receives a fantastic stream of traffic. This is a great … Continue reading Webcamoid | The Best Webcam App For The Linux Desktop →

Dear Tumbleweed users and hackers,

Apologies for missing the review of the week 2021/05 to be sent out in time. But as you already know from the past, that does not mean the information is being lost. I’ll just give you a review of the last two weeks instead. For Tumbleweed, this means we have seen 8 snapshots being published in those two weeks (0130, 0131, 0202, 0203, 0205, 0208, 0209, and 0210).

The main changes included:

• Mozilla Firefox 85.0
• Rust 1.49.0
• Python 3.8.7
• Bind 9.16.11: changed protection of/against “named” from chroot jail to systemd protection. This obsolete the subpackage named-chrootenv.
• Linux kernel 5.10.12
• Pulseaudio 14.2
• Pipewire 0.3.20: pipewire is growing to become a replacement for PulseAudio
• util-linux 2.36.1
• Mesa 20.3.4
• GCC 11 is now used to provide the base libraries, like libgcc_s1. GCC 10 is still used to compile the distribution
• KDE Applications 20.12.2
• Systemd 246.10

The next snapshot to be published (20210211 or newer, depending on QA results) will be based on glibc 2.33. As is usual with a glibc upgrade, I triggered a full rebuild of the repository. So the next snapshot coming out after today will be big (in bytes)

These changes are currently piled up for future tumbleweed snapshots:

• glibc 2.33 (snapshot 0211+)
• Postfix: change the default database format to lmdb, migrating away from BerkeleyDB
• Linux kernel 5.10.14 and later
• Libreoffice 7.1
• KDE Plasma 5.21: currently 5.20.90 being tested
• openssl 1.1.1i, based on centralized crypto-policies package
• Use GCC 11 as default compiler (Staging:Gcc7; we should finally rename that staging :P)

A minor version update of systemd and KDE’s Applications 20.12.2 were releases in openSUSE Tumbleweed this week.

Several other package were updated over the course of four snapshots like Wireshark, Mesa, ClamAV, Inkscape and GNU Compiler Collection.

Snapshot 20210210 updated just three packages in the last 24 hours. Web caching proxy squid had a 4.14 update that fixed a couple regressions and corrected some Web Cache Communication Protocol Security info. The two other package updates were for PyPI with python-scipy updating to 1.6.0 and python-zope.interface updating to 5.2.0, which added support for Python 3.9.

The open source antivirus package ClamAV updated to version 0.103.1 in snapshot 20210209. The new version 0.103.1 added a new scan option to alert on broken media (graphics) file formats. The feature mitigates the risk of malformed media files intended to exploit vulnerabilities in other software. The version also fixed an issue where the freshclam database validation didn’t work correctly when run in daemon mode on Linux. The patterns-xfce package cleaned up some weak dependencies in its 20210209 update. A simple SSH multi-factor authentication was implemented with the update of the remote desktop client remmina in version 1.4.11; while not finished, a capability to load Python plugins was added. Other packages updated in the snapshot were libp11 0.4.11, video editor pitivi 2021.01, and xfce4-taskmanager 1.4.1.

KDE Applications 20.12.2 arrived in snapshot 20210208. KDE’s file manager Dolphin changed the copy location shortcut so it does not conflict with the Konsole panel. The diagram program umbrello fixed a crash on exit with the widget selected in the diagram, and PDF Okular fixed an unexpected file type being the default upon opening in non-Plasma desktops. The 246.10 version of systemd sends journald logs to kmsg again. A new npm diff command was added with nodejs15 15.8.0 and there was an introduction of an X509Certificate Application Programming Interface. Some patches were added for an update to ncurses and small executable busybox added several new features in its 1.33.0 version, which also fixed unicode characters in the prompt. Other packages updated in the snapshot were libgcrypt 1.9.1, dracut, line-oriented text editor ed 1.17 and search engine library xapian-core 1.4.18.

Some shortcut adjustments were made to inkscape in snapshot 20210205; the new 1.0.2 version allows the deactivation of zooming with the middle mouse button click (pressing scroll wheel). New packages inherits from GCC 10 were made to create GCC 11; more interesting features are expected to come in future versions of GCC 11. Some ppc64 patches were removed in the 20.3.4 update of Mesa and Mesa-drivers. Several more PyPI packages were updated in the snapshot that began the week. Some debugging updates were made available to text editor vim with version 8.2.2411 and Wireshark 3.4.3 took care of two Common Vulnerabilities and Exposure. One of the Wireshark CVEs allowed it to consume excessive CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet-trace file.

We’re delighted to announce a new project in the openSUSE Project family called openSUSE Step. openSUSE Step is a community effort to rebuild SUSE Linux Enterprise (SLE) from the released SLE sources packages. This is done openly in the openSUSE instance of the Open Build Service (OBS) with the intention to stay fully binary compatible and to be as closely source-compatible as possible with SLE.

Why openSUSE Step?

openSUSE Leap 15.3 inherits its base from SLE 15 SP3. On aarch64, powerpc64, and x86_64, openSUSE directly uses binary packages from the enterprise side. In addition, openSUSE also supports architectures that SLE does not provide, such as armv7hl and 32-bit x86, which is relatively popular with openSUSE users, according to results from a recent community survey. For those, we now build fully compatible binary packages from the published SLE sources in OBS.

openSUSE Step is not intended to be an end user distribution. It does not replace, or provide an alternative to openSUSE Leap. Step is an intermediate building block (“step”) to enable derived community distributions like openSUSE Leap or other community derivatives.

What is currently in openSUSE Step?

There are currently four versions defined and existing in parallel: openSUSE Step 15, 15-SP1, 15-SP2, and 15-SP3. It is hosted under the openSUSE project namespace in OBS and uses the published sources from SLE plus minimal modifications needed for being able to build them from sources while incorporating the published maintenance updates.

openSUSE Step currently covers i586, x86_64, and armv7hl. More architectures, such as RISC-V, can be added based on contributor interest and resource capacities.

How is this related to openSUSE Leap?

With the “Closing the Leap Gap” project moving forward, openSUSE Leap will become a layered cake of binary packages from three different origins:

• The pool of binary packages directly copied from SLE,
• A small set of currently around 50 packages that provide an openSUSE branding overlay to these SLE packages,
• An openSUSE backports overlay, which provides a wealth of applications and libraries that everyone likes to use in openSUSE Leap, and that are not available from SLE

Above: openSUSE Leap with openSUSE Step architecture comparison

openSUSE Step provides an alternative for Leap architectures that have no SLE equivalent like 32-bit architectures. The other two groups of originated packages will be the same like for the other architectures.

In addition to that, openSUSE Step provides everyone access to build log files, and the ability to have “a build validated” project repository of SLE for community customization, which serves as a collaboration space for related projects that would like to derive from SLE package sources.

Leap transitioned to a new way of building Leap releases in the fall of 2020 through a prototype project called Jump. The Jump prototype was used as a proof of concept, but no longer exists; it did prove to work at building a distribution and bringing the code streams of both openSUSE Leap and SLE closer together. The proof of concept was implemented for building the release of Leap 15.3.

How is this related to openSUSE Tumbleweed ?

It is not related. openSUSE Tumbleweed is a rolling release distribution entirely managed and built by the openSUSE community with a strong focus on continuously integrating new tested upstream releases while preserving a high-quality rolling update without major regressions. Tumbleweed is an origin for the next major SLE release. There is no direct general relationship between Tumbleweed and maintained SLE releases.

Does openSUSE Step allow community contributions?

Yes, community contributions are welcome if they improve buildability from sources and do not modify binary compatibility in any way. The mission of the Step distribution is to be fully compatible and for all practical purposes an equivalent drop in for SLE.

For quality validation purposes, Step x86_64 architecture will also be built and tested in openQA, but it will not be delivered into openSUSE Leap.

How can I contact the openSUSE Step team?

The openSUSE Step team is hanging out on Freenode in the #opensuse-step channel. Issues can be reported in GitHub under https://github.com/openSUSE/step/issues.

When updating to the latest etherpad-lite version 1.8.7 (including quite some bug fixes), we also revisuted the currently installed plugins and updated them to their latest version as well, as usual.

To get some impressions about the usage of our Etherpad instance, we also enabled the ether-o-meter plugin now, which is now producing some nice live graphs and statistics here: https://etherpad.opensuse.org/metrics

We also enabled some additional styles now and hope this makes the usage of Etherpad even more fun and productive for you. If you want to have some more modules enabled (or just want to say "hello"), feel free to contact us! Either via an Email to admin@opensuse.org or by reaching out for us at irc.opensuse.org channel #opensuse-admin.