Fri, Oct 28th, 2022

V2BlankBrowser get new feature!!

V2BlankBrowser is Linux Web Browser, created to playing games or use with web apps in mind. But it is still normal browser, with tabs, etc. To made UI flexible to fulfill both playing games, use web apps and web browsing, I use many techniques. Last is tab displaying/hiding by a gesture! See the link.

openSUSE Tumbleweed – Review of the week 2022/43

Dear Tumbleweed users and hackers,

Tumbleweed snapshots are being released stably and reliably. Whenever a snapshot comes out, you know it has gone through extensive testing using openQA. Of course, this is no guarantee that all snapshots are error-free. openQA works on virtual machines based on scripts, so it tests what it is instructed to try (not seldom do we see issues that were not intentionally tested for, but they are ‘happy accidents’). This week, a less fortunate update reached our users that caused some pain for some: The Linux Kernel 6.0.3 managed to break audio for a couple of users (See https://bugzilla.opensuse.org/show_bug.cgi?id=1204679). Kernel 6.0.5 is in the queue and should be published in the next 48 hours and fix those issues.

Of course, not all was broken, and the last 7 days have seen 7 snapshots being published (1021…1027) including these changes:

  • Linux kernel 6.0.3 (Snapshot 1023)
  • GStreamer 1.20.4
  • Switch to NodeJS 19 by default
  • XWayland 22.1.4
  • Mesa 22.2.2
  • Mozilla Firefox 106.0 & 106.0.1
  • Samba 4.17.1 & 4.17.2
  • Systemd 251.6 & 251.7
  • fwupd 1.8.6 (updated from 1.7.10)
  • dbus 1.14.4
  • LibreOffice 7.4.2.3

Stagings look a bit sad and empty at the moment, but that is mostly due to them passing so quickly. most stagings have a short lifetime these days and are ready to be accepted within 24 hours. Still, there are a few things currently being tested:

  • Linux kernel 6.0.5 (expected latest in snapshot 1029, possibly even in 1028)
  • KDE Plasma 5.26.2
  • Mozilla Thunderbird 102.4.1
  • Mozilla Firefox 106.0.2
  • gpgme 1.18
  • Python 3.10.8 & 3.9.15
  • Python Sphinx 5.3.0
  • Staging:L, the ‘show-me-errors-staging’, currently contains: swig 4.1.0 (breaks llvm and nodejs), git 2.38.1 (breaks python-GitPython), ICU 72.1 (breaks the world, as usual), suse-module-tools 16.0.24 (breaks VirtualBox and vmdk)

GStreamer, GNOME, systemd update in Tumbleweed

The new streak of openSUSE Tumbleweed snapshots continued this week as the continuous streak stands at 15.

The consistency brought rolling release users updates this week for fetchmail, GNOME, GStreamer, rsync, systemd and more.

The 20221026 snapshot updates a few packages. Text editor vim 9.0.0814 fixed the Kitty terminal and Clang format configuration files that were not recognized. The package also fixed a memory leak with an empty shell command and OpenVPN files are not recognized either. The Linux driver package pcsc-towitoko 2.0.8, which is for smartcard readers, corrected a time out value that was set too low for certain cards like that of the Spanish national identity card. The portable foreign-function interface package libffi 3.4.4 had important AArch64 fixes that included support for Linux builds with Link Time Optimization. The wrapper library libp11 0.4.12 fixed several memory leaks and some storing certificates on tokens.

An update of gstreamer 1.20.4 arrived in snapshot 20221025, and it fixed a crash when updating an unchanged ping source, updated translations and now always clears MIME type tables when updating a clients clipboard. Several gstreamer plugins were also updated to version 1.20.4. An update of xwayland 22.1.4 bumped wayland build requirements and fixed some overzealous caching. An update of gnome-maps 43.1 fixed various issues related to the GTK4 port and fixed a couple drag-and-drop issues. File compressing package zchunk 1.2.3 added availability of a license scan report and status. Several other packages were updated in the snapshot including yast2-trans, which updated Czech, Dutch, Slovak, Japanese and Catalan languages.

Just two packages were updated in snapshot 20221024. An update of autoyast2 4.5.6 fixed profile location parsing and the add repo URL scheme. The module also added packages for the selected network backend in order to prevent it from being declared in the software section. The other packages to update was a reversion of selinux-policy from 20221019 to 20220714.

An update of gnome-software 43.1 arrived in snapshot 20221023. The minor release from the GNOME community fixed searches not completing when installing and uninstalling an app at the same time. The desktop package fixes distribution upgrades when package conflicts are present, and it fixes a crash when showing offline update errors during the startup. Browser Mozilla Firefox updated to version 106.0.1 and it addresses a crash experienced by users with AMD Zen 1 CPUs. An updated version of GNU Compiler Collection 12 added a patch related to RISC-V, and it updated embedded library newlib to version 4.2.0. The Linux kernel-source 6.0.3 updates had some changes related to the handling effects of the non-volatile memory after freeing a request. Domain name query package whois 5.5.14 added the hiding string for whois.auda.org.au. The super-thin layer package on the DBus interface fwupd 1.8.6 fixed a regression when getting the I²C bus number. The rendering extension library libXrender also fixed a regression in the version 0.9.11 update.

Mesa 22.2.2 was updated in snapshot 20221022. The 3D graphics library added a patch to fix LLVM optimization to avoid failures on ARMv7. The 251.6 systemd update avoids the expanding macros in comments that leads to an error on installations. The package also makes sure that the same seed is not replicated on systems when installing from a golden image. A major version update to cpupower 6.0.2 removed powercap capabilities to patch against the latest kernel-sources. The rsync package fixes client-side validation of the remote sender’s filtering behavior in version 3.2.7 and the --fuzzy option was optimized to cut down on the amount of computations when considering a big pool of files, which resulted in about a 2x speedup. Six Common Vulnerabilities and Exposures were fixed in the Firefox 106.0 update major version like CVE-2022-42929, which could cause a denial of service of the browser if a website called window.print() in a particular way. Harfbuzz 5.3.1 and several other packages were updated in the snapshot.

Just one package changed with the 20221021 snapshot; it was related to fetchmail and it removed a subpackage that required python-rpm-macros.

An update of fetchmail also arrived in snapshot 20221020. Fetchmail 6.4.34 updated Serbian translations and fixed a bug that would delete a message from the mail store despite a soft bounce option being enabled when an SMTP receiver refuses a delivery. An update of NetworkManager 1.40.2 fixed a couple race condition behaviors and it now declines the DHCPv6 lease if all addresses fail IPv6 duplicate address detection. Bug fixes arrived with Plasma 5.26.1 updates. The software center Discover improved Flatpak test reliability, but also disabled the test on the Continuous Integration. Plasma Audio Volume Control should not crash now when the server doesn’t respond, and Plasma Desktop makes the drag and drop of the pager widget more reliable. The update of gnome-control-center 43.1 fixes crashing when editing networks. Fixes for a crash when a device had detached while the controller is resetting the port were made with the virtualbox 6.1.40 update, and python-setuptools 65.5.0 improved information in its documentation about conflicting entries in a current working directory and editable install. The package also fixed backward compatibility of editable installs and custom build_ext commands inheriting directly from distutils. Several other packages were updated in this first snapshot of the week.

Thu, Oct 27th, 2022

Lake Naplás: giving time-lapse photography another try

Once upon a time I made some time-lapse videos, but I gave up quickly. Recently I have watched yet another Attenborough nature series: The Green Planet. It was full of beautiful time-lapse recordings, and suddenly I felt the urge again to give this genre another try :-)

I visited my favorite recreational area in the Pest side of Budapest: Lake Naplás. It’s an artificial lake close to the border of Budapest, which quickly turned into an important bird nesting place and a protected nature area. The clouds just arrived with an extreme speed. I put down my camera, set the interval timer to 5 seconds, and started taking photos.

Making the time-lapse

This time I was storing photos in JPEG format (instead of RAW), and I did no post-processing. I turned the photos into a movie using OpenShot on Linux. Before I could import the photo sequence into OpenShot, I had to rename the files to have the numbering started at 001. Here is the result:

Next time I should try to do some post-processing and be more careful with setting the distance on the lens. However, as a first attempt after three years, I’m already quite happy with this video :-)

Running sudo without updating cached credentials

One of the recurring questions at conferences was whether there is a way to check cached sudo credentials without updating them. Version 1.9.12 of sudo introduces the -N option which makes this possible, and also allows running any commands without updating the cached credentials.

You can learn more about the new -N option in my latest sudo blog at https://www.sudo.ws/posts/2022/10/running-sudo-without-updating-cached-credentials/

Sudo logo

Call for Testing Next Generation Installer

Members of the openSUSE Project’s release team are asking community to help the YaST team with early testing of the installer images.

The installer is progressing its way to openSUSE Factory and will arrive in an Adaptable Linux Platform prototype at a later date.

The installer, which is reffered to as the D-Installer by the YaST team, has installer images for testing and is seeking input/feedback through a feedback guide.

There are several sets of instructions in the guide that is meant to elicit feedback on the next generation installer.

The team is also looking to rename the D-Installer to another name and an openSUSE Tweet asks people to suggest a new name. The D-Installer visually checks the installation settings at a glance and is one of the key areas that the release team would like the community to focus on during the next weeks.

An installer workshop is scheduled during a community meeting on Nov. 8. People can use this feedback guide to test items for the next installer and provide feedback in the document or during the workshop.

The github page for the installer has a few listed issues and people can also contribute and provide feedback there.

The current ALP prototype only has x86-64.

Mon, Oct 24th, 2022

Request Page Redesign - Build results and superseded conversations

We don’t stop improving the requests workflow and we are actively working on the feedback. This time we worked on including conversations from superseded requests and presenting build results. The request redesign is part of the beta program. We started the redesign of the request workflow in August 2022. Then, in September 2022, we focused on the support of multi-action submit requests to continue now with improvements regarding the Build Results tab and superseded conversations....

Fri, Oct 21st, 2022

openSUSE Tumbleweed – Review of the week 2022/42

Dear Tumbleweed users and hackers,

To me, this week felt somewhat unspectacular. Staging projects are moving along, snapshots are coming out and no drama happened. That’s a good week, right? For Tumbleweed, this seems to be any regular week with 7 published snapshots (1014…1020).

The most interesting changes delivered this week include the following:

  • Linux kernel 6.0.1 & 6.0.2
  • KDE Gear 22.08.2
  • Libzypp 17.31.3: Implement GeoIP feature for zypp
  • libxml 2.10.3
  • Node.JS 18.11.0
  • KDE Plasma 5.26.1
  • Virtualbox 6.1.40
  • Meson 0.63.3

The staging projects are almost all empty – almost. Still, a few things are being build-tested and QA:

  • Systemd 251.6
  • Mesa 22.2.2
  • fwupd 1.8.6
  • Mozilla Thunderbird 102.4.0
  • Mozilla Firefox 106.0
  • Samba 4.17.1
  • Swig 4.1.0 (beta 1)
  • gpgme 1.18.0: breaks LibreOffice
  • python Sphinx 5.3.0: breaks python doc builds
  • suse-module-tools 16.0.24: breaks dpdk and Virtualbox

Thu, Oct 20th, 2022

Audacity, Gear, GPG update in Tumbleweed

Snapshots of openSUSE Tumbleweed rolled out consistently this week.

The rolling release put out a snapshot everyday since Oct. 12 and this week brought a few major version updates as well as an update of KDE’s Gear.

The latest snapshot 20221019 came out a few hours ago and updated the Common Internet File System and user-space tool cifs-utils 7.0. The update fixed some warnings that included a compiler warning as well as the package fixing some memory allocation. The Netscape Portable Runtime package mozilla-nspr updated to version 4.35, and it had fixes for building with clang compiler. The package also uses a number of online processors on certain platforms. Mozilla’s mozilla-nss updated to version 3.83. The Network Security Services package removed older unix support, added two DigitalSign root certificates and changed configuration settings behavior to skip configs with unsupported mandatory extensions instead of these failing; this was focused on Encrypted Client Hello extensions. A few other packages updated in the snapshot.

GNOME’s encryption interface Seahorse updated to major version 43 in snapshot 20221018. This package joined the several other GNOME 43 Guadalajara packages that are already in the rolling release. The package fixed warnings related to authorized keys, and it disabled key sharing over DNS Service Discovery by default. An update of gpg2 2.3.8 fixed a problem with Yubikey 5.4 firmware and fixed a regression in READKEY --format=ssh. An update of libsoup 3.2.1 fixed a minor memory leak and libxml2 2.10.3 fixed an integer overflow, which addressed CVE-2022-40303; this had no effect on OpenStack Cloud’s 8 and 9. And cfg80211, which is configuration Application Programming Interfaces for 802.11 devices in Linux, had some changes with the 6.0.2 kernel-source update. It fixed a Block Starting Symbol refcounting bug and avoids a non-transmitted BSS list corruption. A change was made with the nodejs18 18.11.0 update; it added an experimental watch mode. Running in watch mode using node, watch restarts the process when an imported file is changed. Several other packages updated including libzypp 17.31.4, libgcrypt 4.4.28, yast2-network 4.5.9 and more.

Two packages updated in snapshot 20221017. Podcasters using Tumbleweed will see the latest audio editing package update for audacity. The 3.2.1 countdown version fixes some bugs and has minor improvements. One of those fixed the crashing of the startup on some systems and a freeze when very quickly starting and stopping playback. The C Library for manipulating module metadata files, libmodulemd, updated to version 2.14.0 and it has new functions for stripping XMD from an index.

KDE users had their second consecutive update of Gear 22.08.2 in snapshot 20221016. Gear 22.08.2 updated several packages. File archiver Ark stopped killing extraction/compression jobs when dolphin quits. The itinerary package updated the current reservation identification of the event page when changing tickets and explicitly positioned the event ticket header fields. Multiple updates were made with Gear’s new kalendar version, like fixing the double-click to edit in the tasks view and implementing the use of standard keys for viewing navigation actions. Gear’s video editor Kdenlive made several changes including the timecode display, so it listens to the profile change and automatically adjusts frames per second. The package also fixed the pasting effect with keyframes that were partially broken. The lightweight C library for storing RDF data in memory, sord 0.16.14, fixed an issue that accidentally exposed internal zix symbols. The first stable release arrived with the gcr 4.0.0 major version update; not much info was provided in the changelog. Other updates in the snapshot were made to perl-HTML-Parser 3.79, perl-HTTP-Message 6.41, perl-JSON 4.10 and more.

Most of the KDE Gear 22.08.2 packages arrived in snapshot 20221015 and just a few other packages updated in the snapshot. The 4.5.46 version of libstorage-ng merged a change that allows it to work with other linux flavors. There were also updates to libzypp 17.31.3, yast2 4.5.17 and more.

Both 20221014 and 20221013 snapshots had multiple package updates. The update of ethtool 6.0, which is a utility for controlling network drivers and hardware, fixed advertisement modes autoselection. The 3D graphics package Mesa 22.2.1 implemented the Vulkan 1.3 API and fixed regressions with the open-source Sony PlayStation 3 emulator RPCS3 where nothing was being rendered. An update of yast2-bootloader 4.5.7 prevents the leak of grub2 password to the logs. The 7.1.0.50 update of ImageMagick added a private API to go through a linked list without using semaphores, and it has the latest automake configuration.

YaST Team posted at 06:00

YaST Development Report - Chapter 10 of 2022

Almost one month after our latest update, here it comes a bunch of news from the YaST Team trenches. And, as usual, we fire in many directions including:

  • Several news about D-Installer
  • An update about the new Security Policies in the YaST installer
  • An effort to streamline a bit the YaST container
  • Some polishing of Podman checkpoints

So let’s go into the details.

Fueling the D-Installer Project

Some months ago we presented our proof of concept for a future Linux installer codenamed D-Installer. Since then, we have scattered news about it on our blog posts. Now we decided it’s the right time to invest a bit more in the project in order to move it forward.

As a first step, we improved the README file that serves as landing page for the project. Now it includes more information about the motivation and general structure of the project, as well as some screenshots of the web interface.

We also designed the D-Bus and web interfaces for defining the storage setup. That is, the set of partitions, LVM logical volumes and related data structures that should be created to install the system on. We published a document describing how it could work and we are already implementing that behavior. So if you have questions or suggestions, please speak up the sooner the better.

We are also making good progress in the configuration of the network, but since the feature is not complete yet we will save those news for upcoming blog posts. ;-)

On a more technical level, we introduced type checking in the JavaScript part of D-Installer by relying on TypeScript support for JSDoc annotations. If you don’t care about software internals, the previous sentence is just gibberish you can happily ignore. But if you are a JavaScript developer working on a project that is growing a bit too much, you may be interested in checking our approach in order to take advantage of the most important feature of TypeScript without actually changing the implementation language of the project.

Security Policies in the YaST Installer

Although we envision D-Installer as the future of (open)SUSE installation, we never forget YaST is still the present and will remain so for some years. Therefore we keep enhancing it and adapting it to new use cases. Lately we invested some time polishing the feature about security policies we originally presented some posts ago, based on the feedback we keep receiving about it.

As you can see in the screenshot below, now the initial scan performed in the first boot after installation is configurable and can even be skipped in order to be run manually afterwards. Additionally we changed the way the failing rules are presented and the way to acknowledge the situation in order to continue with the installation anyway. Moreover we extended the help texts to better explain the rationale and implications of each option.

The installer checking the DISA STIG

You can check up-to-date information about the feature and several current screenshots (bear in mind they are collapsed by default) at this pull request.

A More Container-friendly iSCSI Client

The containerized version of YaST includes several modules that are known to work correctly when executed from a container. But “correctly” does not always imply “optimally”. For example, the module for configuring iSCSI clients required some iSCSI tools to be installed both in the system to be managed (as expected) and in the container itself. That impacted the size of the YaST container, even for those who were not interested in executing yast2-iscsi-client. Moreover, while investigating that circumstance, we found the dependencies of the package were not aligned with YaST best practices. All that is fixed now and we have a more maintainable and standardized YaST iSCSI Client and a smaller YaST container.

Helping to Fix Problems with Cockpit and Podman Checkpoints

Talking about system management tools, you already know our team is lately looking beyond YaST and trying to help with the maintenance and integration of Cockpit. As a consequence of that continuous effort, we realized the functionality for creating checkpoints for Podman containers was not working as expected neither in openSUSE Tumbleweed nor in the ALP prototypes due to some problem in the package criu. Fortunately we are surrounded by people smarter than us, so we contacted Takashi Iwai and helped him to diagnose the problem. As a result, criu and Podman checkpoints are now working again in both Tumbleweed and the ALP prototypes. But don’t ask us for technical details, it’s all Takashi’s merit.

More to Come

We keep working in all the areas related to system installation and configuration, so we hope to be back soon with more news about D-Installer, Cockpit and, of course, YaST. Meanwhile do as chameleons do and have a lot of fun!