With the release of LXQt 2.1, we are pleased to announce the availability of Wayland compatibility for LXQt within Tumbleweed.

This support is to be considered experimental at this point, and for most users, is likely not ready for daily driving.

LXQt, unlike many other desktop environments, does not provide its own Window Manager. Under X11, the openSUSE-LXQt team defaults to using Openbox as its Window Manager. This decision carries over from upstream to the new Wayland support; the initial release of lxqt-wayland-sessions supports the following Wayland Compositors:

• Hyprland
• Kwin
• labwc
• niri
• river
• Sway
• Wayfire

At present, not all of LXQt’s built-in configuration tools work with all compositors, nor do all compositors support all features of LXQt components. Most notably:

• lxqt-globalkeys does not work with Wayland, and setting keybinds must be done through each individual compositor’s configuration files.
• lxqt-panel’s desktop switcher, and LXQt Power Manager’s settings for controlling displays are only compatible with KWin.
• With the exception of KWin and labwc, configuration is done by editing the text configuration files of individual compositors. KWin can be configured through GUI tools, provided the relevant parts of KDE System Settings are installed. labwc offers labwc-tweaks, which allows certain configurations through a GUI, but it is not comprehensive.

The openSUSE-LXQt team is not currently making any recommendations as to a “default” Wayland compositor for LXQt since this support is still in active development, but we do make the following suggestions to help you decide. If you don’t know which compositor you would like to try, take the following considerations:

• KWin provides the most complete Wayland session, workspace support, and with the right parts of Plasma installed, can be configured through the GUI rather than by editing text files.
• labwc is roughly based on the idea of “Openbox for Wayland” and will feel more “at home” for existing LXQt users.
• If you prefer Floating/Stacking desktops, Kwin, labwc, or Wayfire are your best current choices.
• If you like tiling desktops, Hyprland, niri, river, or Sway may be to your liking.
• If you like lots of desktop effects and “bling”, Kwin, Hyprland, or Wayfire are probably good places to start.

For more detailed information, please visit the openSUSE LXQt Wayland wiki.

Dear Tumbleweed users and hackers,

Welcome to 2025! While we were all celebrating, some people continuously felt the urge to work on packages for Tumbleweed. Tumbleweed kept rolling, as we ensured the staging and openQA results would be monitored even during this time. This review will try to cover the most relevant changes since snapshot 20241218 and include things up to 20250108, which is the latest snapshot published as of this writing. I will thus cover 11 snapshots.

The most relevant and exciting things that have been delivered were:

• Linux kernel 6.12.6 & 6.12.8; FBDEV has been disabled
• LLVM 19.1.6
• PHP 8.3.15
• Qemu 9.2.0
• Systemd 256.10
• XFCE 4.20.0
• Shadow 4.17.0 & 4.17.1
• Samba 4.21.2
• KDE Plasma 6.2.5
• Poppler 24.12.0
• Mesa 24.3.3
• Ruby 3.4: all rubygems have been rebuilt for version 3.4 and the ruby3.3-rubygem packages have been dropped.
• Xen 4.20.0

The staging areas are already well filled up and the following things are works in progress:

• Removal of Python 3.10 module packages (we now build for 3.11, 3.12, and 3.13, with Python 3.11 still being the distro default interpreter)
• KDE Gear 24.12.1
• Mozilla Firefox 134.0
• Linux kernel 6.12.9
• Systemd 257
• RPM 4.20: a few caveats to consider: %patch is now a regular macro, and #%patch might not do what you’d expect. Commented-out lines should always escape % or use %dnl to comment out lines in a spec file. The usage of noarch and ifarch in a spec file are mutually exclusive, as are noarch and the usage of %_libdir.

The openSUSE Slowroll community has welcomed the January version bump that was completed recently.

Slowroll’s snapshots mark the beginning of fresh updates with the initial updates now accessible on mirrors globally.

This month’s bump comes a day early to avoid interruptions caused by routine maintenance on critical infrastructure. Updates are rolling out and users get new Tumbleweed versions from the 20250101 snapshot.

The updates integrate advancements from the openSUSE reproducibility initiative, which derive from Factory/Tumbleweed. Key improvements include enhanced tools for reproducible builds and fixes for dependency handling, parallelism and race conditions in packages such as Python, Qt and others.

Slowroll’s smart roll approach delivers a dependable foundation for users seeking a reliable system with essential security updates that avoid frequent changes seen in traditional rolling-release models. The balance makes it an excellent choice for those who want a balance of stability and access to modern software.

Updates for Slowroll arrive between an average of 5 to 10 days after being released in Tumbleweed. Users can read the latest monthly update for Tumbleweed to see what packages are arriving in Slowroll; recent updates include QEMU 9.2.0, which adds 3D acceleration for Vulkan apps and enhanced crypto support, and GPG 2.5.2, which features ECC+Kyber key generation and improved smart card handling.

While still marked as experimental (for lack of automated tests), Slowroll continues to evolve and offers users a dependable and innovative alternative in the openSUSE ecosystem.

For more details, visit the project’s roadmap.

Yes, I know. Bad title. After so many years only a handful of people will decipher it that I am looking for an affordable and standards compliant ARM machine for Linux & FreeBSD. It refers to a machine released 8 years ago, and a blog I wrote 4 years ago: The ARM developers workstation: Why the SoftIron OverDrive 1000 is still relevant

The good news is that since my previous blog there is a lot more ARM hardware available. The bad news is that the problems remained the same: ARM hardware is either standards compliant or affordable. It is a huge spectrum, where you can decide on your own compromise. Cheap, slow, non-compliant. Expensive, fast, standards compliant. And many variants in between.

• The Raspberry Pi did a fantastic job to make Linux on ARM affordable. However these boards are not standards compliant. They come with their own Linux-based OS, and you have to port your own, if you want to use something different. OpenSUSE, my favorite Linux distribution is still not ported to the latest Raspberry Pi.

• There are many more ARM SBCs (Single-board computer) available on the market. Cheap, but lack standards compliance, and often support is unavailable in the upstream Linux / FreeBSD kernel. Even running the supplied distribution image can be problematic, not to mention a random Linux distro freshly downloaded from the Internet.

• When Apple switched to ARM, Linux was ported to it relatively quickly. These machines are still not standards compliant, but at least they look stylish and provide a good performance. The Asahi Linux project does a fantastic job enabling Linux on Apple Silicon.

• Ampere does a nice job on standards compliance. As far as I am aware, you can install any Linux distributions or FreeBSD on it, without any extra effort. However, it comes at a price, literally :-) Just check these stylish workstations at System76: Thelio Astra

• It is going to be expensive too, but I am also looking forward to Nvidia’s upcoming desktop supercomputer: Project DIGITS. I am just learning AI, and this box seems to be the ideal for testing / developing AI applications.

• Finally an ARM Laptop built for Linux: the Tuxedo Snapdragon X Elite notebook. It is not yet available, but I expect it to be more on the affordable end. The question is standards compliance, I read too many contradicting info on this topic. We will hopefully see it soon! And a related news from CES, probably even more forward looking: https://www.engadget.com/computing/qualcomms-snapdragon-x-chip-will-power-more-affordable-copilot-pcs-104029263.html

So, what will be my next ARM-based machine? Right now I am checking if the Raspberry Pi 500 is available here in Hungary. But I follow ARM news, just in case :-)

If you have any feedback on my blog, you can comment on one of the following threads:

• Twitter
• Mastodon
• Bluesky
• LinkedIn

Tumbleweed continues to exemplify a solid rolling release and December 2024 wraps up a year of several snapshots and large array of updates! KDE Gear 24.12 improves app usability, SQLite introduces innovative query features and snapshots brought critical patches across various packages for enhanced security. These updates not only strengthen functionality but also set the stage for an exciting 2025.

As always, remember to roll back using snapper if any issues arise.

Happy updating and tumble on!

For more details on the change logs for the month, visit the openSUSE Factory mailing list.

New Features and Enhancements

• KDE Gear 24.12: This update delivers many enhancements across KDE’s diverse application suite. Dolphin now boasts better keyboard navigation, file sorting and a new mobile-optimized interface for Plasma Mobile. Document viewer Okular enhances its annotation, form-handling and digital signing capabilities, while Kdenlive introduces features like timeline item resizing and proxy generation improvements. Other apps like certificate manage Kleopatra and KDE Connect also see notable upgrades that includes improved cryptography tools and improved Bluetooth connectivity.
• KDE Ships Frameworks 6.9.0: Key highlights include better accessibility, improved file handling and updated icon sets across various modules. Frameworks like Baloo and Kirigami received significant updates for test reliability and usability, while Breeze Icons introduced new symbolic versions for better UI consistency. The transition to Qt6 progresses with many components now optimized for compatibility, and new Python bindings extend functionality in multiple libraries. Other improvements address cryptographic handling, better integration with Flatpak, and fixes for platform-specific builds like Haiku.
• sqlite 3.47.1 & 3.47.2: The 3.47.1 version fixes makefile DESTDIR handling, addresses issues with certain IN queries and resolves bugs from prior releases. The upgrade introduces arbitrary expressions for RAISE, enhanced query optimizations, improved group_concat behavior and new CLI features like median() and .www. Several query planner improvements boost performance, while SQLite now avoids “long double” usage for better compatibility. Additional enhancements include custom locale-aware FTS5 tokenizers, contentless FTS5 tables, and an experimental sqlite3_rsync tool. Compatibility for TCL9 is added, and JavaScript OPFS VFS issues are fixed. The 3.47.2 version resolves a text-to-floating-point conversion issue affecting specific numeric text values on x64 and i386 systems, introduced in version 3.47.0. Minor bug fixes are included, and the session extension is now enabled to support NodeJS 22.
• Kernel-firmware 20241128: This introduces extensive updates that include the i915 Xe2LPD DMC v2.24, new Cirrus CS35L56 firmware for Dell laptops, and multiple amdgpu updates. It also adds new aliases for kernel 6.13-rc1 and enhances support for various AMD GPUs, iwlwifi and other devices.
• gpg 2.5.2: This update introduces ECC+Kyber key generation, trustdb validation post-key import and improved handling of expired trusted keys. Enhancements include fixes for encryption issues, robust error handling for smart cards and performance boosts for certificate listings. Other updates refine ADSK key usage, address database race conditions and optimize directory creation during extraction.
• curl 8.11.1: This release addresses a critical security issue involving netrc and redirect credential leaks. Improvements include fixes for cookie handling, enhanced trace timestamps and better error messaging for expired certificates. Updates also resolve issues with netrc parsing, libssh IPv6 handling and HTTP content decoding.

Key Package Updates

• Kernel Source 6.12.6: The kernel introduces numerous improvements and fixes. Key updates include enhanced USB support, addresses issues in device suspension and improves audio compatibility for specific devices. Other notable fixes involve enhancements to scheduling, block storage, network protocols and RISC-V architecture. It also includes critical patches for BPF, IOMMU, and several drivers.
• Flatpak 1.15.12: This fixes crashes during app installations by reverting to process IDs in cgroup names, introduces USB metadata parameters (--usb, --no-usb), enhances accessibility with --a11y-own-name, improves debugging with flatpak run -vv, adds KDE search completion support and includes build fixes, updated dependencies, and memory leak resolutions.
• systemd 256.9 and 256.10: This 256.9 update clarifies $WATCHDOG_USEC usage for the shutdown binary and addresses SAS wide ports in udev-builtin-path_id. It reverts a commit causing regressions, disables EFI on non-compliant architectures, and removes /run/systemd when switching root. The 256.10 update includes fixes for VLAN ranges, improved WireGuard key error reporting and adjustments to systemctl for better user feedback.
• LLVM 19.1.5 and 19.1.6: This minor update provides bug fixes and the llvm-do-not-install-static-libraries.patch was rebased to align with the update.
• qemu 9.2.0: This update introduces 3D acceleration for Vulkan apps via virtio-gpu, enhanced crypto with SHA-384 support and QATzip migration compression. arm gains FEAT_EBF16 emulation, two-stage SMMU and CPU Security Extensions for xilinx-zynq-a9. RISC-V sees IOMMU support, extensions for control flow integrity and improved vector performance. x86 highlights include a new Nitro Enclave machine type and AVX10 KVM enhancements.
• GStreamer 1.24.10: This update addresses more than 40 security vulnerabilities in components like MP4, Matroska and Ogg demuxers and includes fixes for avviddec assertions, appsink/appsrc, decodebin3, closed captioning and pipeline graph generation.
• vim 9.1.0908: This update includes new file type recognitions, enhancements to documentation, better syntax support for various languages and numerous bug fixes across features like completion, file operations, and plugins. It also refreshes translations and improves runtime components like netrw and termdebug.
• libzypp 17.35.15: This update updates to treat = as a safe character in URL query values, adds support for recognizing rpmdb.sqlite as a database file, fixes a typo and adjusts the FastCGI header.
• gedit 48.1: This update removes plugins like External Tools, Snippets and Python Console. The package rewrites the Text Size plugin in C, and eliminates the background-pattern grid feature. Fixes include Wayland unmaximize bug and compilation warnings, alongside code refactoring and updated translations. The gedit-plugins-python-env.patch was dropped as obsolete.
• AppStream 1.0.4: This release brings new features, including AS_BUNDLE_KIND_SYSUPDATE for system updates and dark theme support for Plasma and Pantheon. Improvements were made to memory size detection for Illumos, Solaris, and GNU/Hurd along with enhanced branding color exposure in Qt. Bug fixes address race conditions in GResource loading, timezone handling and legacy compatibility tags.

Bug Fixes and Security Updates

Several key security vulnerabilities were addressed this month:

• avahi:
  • CVE-2024-52616: Predictable Avahi-daemon DNS transaction IDs enable potential spoofing attacks.
• mozjs128 128.5.1:
  • CVE-2024-11691: Out-of-bounds write in Apple GPU drivers via WebGL.
  • CVE-2024-11692: Select list elements could display over another site.
  • CVE-2024-11694: CSP bypass and XSS exposure via Web Compatibility Shims.
  • CVE-2024-11695: URL bar spoofing through manipulated Punycode and whitespace characters.
  • CVE-2024-11696: Unhandled exception during add-on signature verification.
  • CVE-2024-11697: Improper keypress handling in executable file confirmation dialog.
• curl 8.11.1:
  • CVE-2024-11053: Versions 6.5–8.11.0 leaked .netrc passwords during HTTP redirects.
• libheif:
  • CVE-2023-0996: Addressed out-of-bounds read and write issues during HEIF file decoding with forged overlay image offsets.
  • CVE-2024-41311 : Fixes mitigating vulnerabilities that could lead to memory corruption during malformed HEIF file handling.
  • CVE-2023-29659: Enhances overall security and addresses security flaws in HEIF file processing to prevent out-of-bounds access.
• socat 1.8.0.2:
  • CVE-2024-54661: Predictable temp file paths in socat may allow arbitrary file overwrites.
• emacs:
  • CVE-2024-53920: On untrusted Emacs, Lisp code can trigger unsafe macro expansion, allowing arbitrary code execution.

Conclusion

December 2024 capped off the year with significant updates. Notable enhancements include QEMU’s improved virtualization features, systemd’s refined user feedback and hardware compatibility, and the kernel’s advancements in boosting device support and performance. Updates to Flatpak and AppStream further enhance the ecosystem, providing better app management and integration. As Tumbleweed users roll into 2025, they can count on a comfortable, secure open-source software experience. Happy tumbling!

Slowroll Arrivals

Please note that these updates also apply to Slowroll and arrive between an average of 5 to 10 days after being released in Tumbleweed snapshot. This monthly approach has been consistent for many months, ensuring stability and timely enhancements for users.

Contributing to openSUSE Tumbleweed

Stay updated with the latest snapshots by subscribing to the openSUSE Factory mailing list. For those Tumbleweed users who want to contribute or want to engage with detailed technological discussions, subscribe to the openSUSE Factory mailing list . The openSUSE team encourages users to continue participating through bug reports, feature suggestions and discussions.

Your contributions and feedback make openSUSE Tumbleweed better with every update. Whether reporting bugs, suggesting features, or participating in community discussions, your involvement is highly valued.

Last December, I added support for EPEL 10 in my unofficial syslog-ng Git snapshot repository. This week, I call for testing the official syslog-ng EPEL 10 package.

Once I saw in my unofficial syslog-ng repo that syslog-ng compiles fine on EPEL 10, I also started to work on the official package. I hit a roadblock immediately: ivykis (a mandatory dependency of syslog-ng) was missing from EPEL 10. So, right before the Christmas holidays, I submitted two missing dependencies I maintain (ivykis and riemann-c-client) to EPEL 10. As of today, all mandatory and most optional syslog-ng dependencies are available either in the base OS or in EPEL 10.

Last week, I submitted syslog-ng 4.8.1 to EPEL 10. Three dependencies are missing, thus the related features are disabled. These missing dependencies are SQL support, MQTT support and SMTP support. I suspect that SQL support will stay missing, while MQTT and SMTP might arrive later on. At least these packages arrived with some delay to EPEL 9.

Read more at https://www.syslog-ng.com/community/b/blog/posts/syslog-ng-is-coming-to-epel-10

Members of the openSUSE Election Committee have provided an update regarding this year’s Board election. This election will fill three board seats. All eligible openSUSE members are encouraged to participate in shaping the future of the project.

The nomination process, originally scheduled for completion in December, has been extended due to an insufficient number of candidates. The updated timeline aims to provide more opportunities for members to engage in the process.

Revised Election Timeline

• Jan. 3, 2025: Extension for nominations and applications for Board candidacy; membership drive begins
• Jan. 18, 2025: Final candidate list announced; campaign begins; membership drive continues (new members can vote but not run)
• Jan. 19, 2025: Voting opens
• Feb. 2, 2025: Voting closes
• Feb. 3, 2025: Election results announced

The three open seats are held by Douglas DeMaio, Neal Gompa, and Patrick Fitzgerald. Board members serve as guides for the community, handle key project functions, facilitate initiatives, organize meetings, and manage openSUSE domains and trademarks. They also uphold community standards, including overseeing complaints and ensuring compliance with the openSUSE Code of Conduct.

How to Participate

Any openSUSE member can stand for election by sending an email to project@lists.opensuse.org and election-officials@lists.opensuse.org. Members can also nominate others by contacting the Election Committee, who will confirm the nominee’s interest.

Eligibility Requirements

Per the Election Rules, only current members are eligible to run for board positions. New members joining during the membership drive can participate in voting but cannot stand as candidates.

The election is overseen by committee members Ish Sookun, Edwin Zakaria, and Ariez Vachha. Their responsibilities include finalizing the candidate list and ensuring a smooth election process.

Let’s work together to make this election a success and continue driving openSUSE forward into 2025!

Bit of the why

So often I come across the need to avoid my system to block forever, or until a process finishes, I can’t recall how did I came across systemd inhibit, but here’s my approach and a bit of motivation

Motivation

I noticed that the Gnome Settings, come with Rygel

After some fiddling (not much really), it starts directly once I login and I will be using it instead of a fully fledged plex or the like, I just want to stream some videos from time to time from my home pc over my ipad :D using VLC.

The Hack

systemd-inhibit --who=foursixnine --why="maybe there be dragons" --mode block \
    bash -c 'while $(systemctl --user is-active -q rygel.service); do sleep 1h; done'

One can also use waitpid and more.

Thank you for comming to my ted talk.

I think Freeciv has hex tiles earlier than Civilization. Freeciv exists even, when newest Civilization is 3. Perhaps I am not 100% correct in all sentence here, but I only wrote, what I remember about hex tiles. I start play Freeciv even Civilization does not have hex tiles.

There is proof Freeciv supports hex currently and I think it supports it earlier than Civilization. Do not look at Freeciv in web version. Freeciv have many configuration options and on web, it default to rectangle tiles.

Also, Freeciv offers founders and navigable rivers many years after not yet released Civilization 7. There was difference in founders. Founders are special settlers, which create city with two population.

That is all for today.