One of the returning questions I received recently: why contribute to the syslog-ng upstream? I guess it is a question many open-source projects receive regularly. There are many generic answers. Here I would like to focus more on syslog-ng, focusing on various parts of it.

Of course, the generic answers also apply. Syslog-ng is an open-source project, free to use, modify, and extend. By contributing, you can give something back and improve syslog-ng for everyone. You do not have to be a developer in order to contribute: bug reports, configuration examples, PatternDB rules are all very useful contributions.

Read more at https://www.syslog-ng.com/community/b/blog/posts/why-contribute-to-syslog-ng-upstream

This week brought KDE users of openSUSE‘s rolling release Tumbleweed updates for Frameworks and Gear along with several other updated packages.

Snapshots have been rolling out with various enhancements and bug fixes this week.

The more recent snapshot, 20230712, updated GNU Compiler Collection 13.1.1 and the changes related to the architecture levels for the Adaptable Linux Platform. A patch was also removed. The Linux Kernel also updated in the snapshot as kernel-source 6.4.2 addressed a Common Vulnerability and Exposure. CVE-2023-3269 addressed the lock handling for accessing and updating virtual memory areas. The tool to copy files cpio backported some upstream fixes, refreshed some patches and removed four patches. A few GNOME packages updated in the snapshot. Miscellaneous bug fixes along with some cleanup, and updated translations arrived in the gnome-shell 44.3; it also fixed a cursor offset issue with the magnifier. The 44.3 mutter had improvements to ensure the preferred monitor mode is always included and to avoid rapid toggling of dynamic maximum render time. It also fixes an issue with a dynamic maximum render time. Additionally, there are miscellaneous bug fixes and updated translations. An update of yast2-storage-ng 4.6.12 ensures that storage support packages are added correctly for MicroOS, which uses a custom partitions proposal client instead of another specific client. Several other packages were updated in the snapshot.

Only one package was updated in snapshot 20230710. The update of the one-time password toolkit oath-toolkit to version 2.6.8 brings some changes. The libpskc component was updated to address compatibility issues with a recent libxmlsec release, which ensures smooth operation and proper integration with the latest libraries. The authentication process in pam_oath was improved to avoid failure when pam_modutil_getpwnam is unable to recognize the user in a specific case. The self-test functionality for pam_oath was also enhanced.

Snapshot 20230709 brought an update of KDE’s Frameworks 5.108.0. With that, Kirigami had some bugfixes, improves some functionality, and enhanced the user experience by ensuring proper behavior of notifications and prioritizing user input events for a more responsive interface. The update of KIO restored compatibility with the Plasma file dialog and the previewjob now checks for the validity of thumbRootDevice before accessing it. These updates improve functionality, fix bugs, and enhance the user experience in KIO. The file indexing and file search package Baloo fixed a parameter name and had a change to correctly parse empty quoted strings. Another change improved performance of indexing files that are not yet indexed by dividing UnindexedFileIndexer into multiple smaller transactions. The only other package to update in the release was Xen 4.17.1. This updates addresses several upstream bugs that are documented in a Bugzilla issue. The update fixed two CVEs with CVE-2022-42335 and CVE-2022-42336 being resolved. The latter CVE addresses the mishandling of guest SSBD selection on AMD hardware, where a guest can under or overflow the per-core thread counter, resulting in ineffective attempts to set SSBD and causing potential security vulnerabilities.

Snapshot 20230708 saw a major version update and a version bump for a browser. The new inih 57 major enhanced functionality for handling unsigned values and reading 64bit integers; this expands the capabilities of the library and improves compatibility with different types of configurations. The KDE hex editor for viewing and editing the raw data of files, okteta, updated to version 0.26.12, which improves translations and resolves issues related to the export and saving functionalities. Mozilla Firefox 115.0.1, which the major version arrived earlier in the week, had a version bump.

KDE users received Gear 23.04.3 in snapshot 20230707. The Kdenlive video editor update fixes some disappearing effects from the timeline sequence and other synchronization issues. An update of kitinerary improves the handling of URLs and ensured that URLs are fully encoded when passed to the Android Application Programming Interface and QFile. Image viewer gwenview addresses a bug to prevent a crash in the exiv2 library. The KMail package had a change to prevent the removal of certain margins and updates the HTML characters for the subject field of email messages. Several other Gear packages updated in the snapshot, but only one other non-KDE package updated. The libstorage-ng 4.5.122 places prioritization of swap activation, which suggests that the handling of swap partitions are given higher priority, potentially resulting in more efficient swap utilization.

The newest major version of a browser was released in snapshot 20230706. Mozilla Firefox 115 can now migrate payment methods saved in Chrome-based browsers to Firefox. Hardware video decoding is enabled for Intel GPUs on Linux. The tab manager dropdown includes close buttons for quicker tab closing. Users without support for H264 video decoding can fallback to Cisco’s OpenH264 plugin. The hardware detection tool from openSUSE, hwinfo, also had a major version landing in the snapshot; the 23.1 version export symbols were adjusted to match the test case in yast2-hardware-detection and a compile warning related to Point-to-Point Protocol over Ethernet (PPPoE). An update of Python 3.11.4 fixes a few security flaws. The patch from CVE-2007-4559 was also dropped. An update of the power-sources package upower updates to version 1.90.1. Its changes include the detection and automatic disappearance of headsets with kernel batteries when turned off, which hides duplicate Logitech Bluetooth and wireless devices. Other packages to update in the snapshot were gnome-maps 44.3, gupnp 1.6.4, libxcrypt 4.4.35 and more.

Dear Tumbleweed users and hackers,

The vacation season is upon us, and the number of requests to Tumbleweed is slightly lower than normal. Nevertheless, there is a constant flow of updates coming your way. Due to my slacking off last week, this review again spans two weeks. In total, 11 snapshots have been published in this time (0701, 0703…0710, 0712, and 0713)

These 11 snapshots brought you the following changes:

• GStreamer 1.22.4
• Network Manager 1.42.8
• linux-glibc-devel 6.4
• MariaDB 11.0.2
• Mozilla Firefox 115.0 & 115.0.1
• Python 3.11.4 & 3.12.0b3
• KDE Gear 23.04.3
• KDE Frameworks 5.108.0
• GNOME 44.3
• Linux kernel 6.4.2 (lockdown accidentally not enabled)
• wine 8.12
• Protobuf 23.4
• exiv2 0.28.0

Based on the staging projects, the following updates are likely to reach you soon:

• Linux kernel 6.4.3 – with lockdown enabled
• systemd 253.6
• Mozilla Firefox 115.0.2
• libvirt 9.5.0

We have been working on the request workflow redesign and continuously trying to improve it with the help of your feedback. This time we have focused on showing diff comments for non-beta users and a new request type Set Bug Owner. The request redesign is part of the beta program. We started the redesign of the request workflow in August 2022. Then, in September 2022, we focused on the support of multi-action submit requests. We...

Monitors are getting Crazy Cool I am not sure if it is crazy or cool or some sort of mix of crazy and cool or maybe it is completely innovative and 100% practical. I happen to think some of these monitors are neat and on top of that list today is this, the LG DualUp […]

A week of five openSUSE Tumbleweed snapshots brought crucial updates for key packages like GNOME, MariaDB, transactional-update and others.

The rolling release distribution showcased its commitment to providing users with the latest enhancements and bug fixes while ensuring users benefit from improved functionalities and better performance.

MariaDB is the most recent package to benefit from a new major version in the rolling release as snapshot 20230705 provided users with new features; the 11.0.2 version provides a new option that is enabled by default and improves the accuracy of the optimizer’s estimations for hash-join operations. The package also fixes some optimizer crashes and resolves the accidental disabling of some InnoDB monitors, which should now be enabled by default. Both Indonesian and Finnish translations were made in the yast2-trans update and yast2-network 4.6.5 fixes a typo when writing the wireless channel. An update to python-argcomplete 3.1.1 improves logic for user installation and enhances compatibility with Python 3.7.

Snapshot 20230704 updates just a few packages. Among the changes are openSUSE’s hardware detection tool hwinfo 22.3, which resolves linking problems with libsamba and ensures smoother functionality. An update of kdump 1.9.3 had changes to fix the calibrate feature as well as the treating of missing SSH, LFTP, or host keys as fatal errors. The 4.18.3 version of xfce4-settings has fixes related to display mode detection and securing the use of GSettings. Changes to the package also improve the handling of critical errors when opening the layout selection dialog. The update of kexec-tools: 2.0.26.0 introduces an upgrade where perl-Bootloader replaces kexec-tools with kexec-bootloader, making it obsolete.

Most of the packages updated in snapshot 20230703 were RubyGems; these updates gravitate toward a Common Vulnerability and Exposure. Patches were provided for CVE-2023-28362 that potentially leads to a Cross-site-scripting (XSS) payload on the redirection page. The Imath 3.1.9 package fixes a heap-buffer-overflow vulnerability, adds support for Densely Weighted Averaging compression and fixes a stack-buffer-overflow problem. Gamers will like the SDL2 2.28.1 update as it adds Linux controller mapping for the Logitech Chillstream controller. The update also introduces support for the Nintendo Online Famicom controllers as well as support for third-party Nintendo Switch controllers. The keyboard utility package kbd 2.6.1 had some minor fixes and improvements to include some for contemporary French Macs. The perl-Image-ExifTool 12.64 version adds a new Sony LensType, includes support for Garmin Low-resolution Video (GLV) files, improves French translations, along with introducing some Application Programming Interface changes.

The largest snapshot of the week kicked off the month with snapshot 20230701. This snapshot updates ImageMagick to version 7.1.1.12 that includes a patch fixing a heap-buffer-overflow vulnerability with CVE-2023-3428. GNOME users had some updates with gnome-software updating to version 44.3. This update includes fixes for a crash when refining a Flatpak app and recovering the state after a failed app update. It also comes with updated translations. The 44.3 version of gnome-control-center updated translations. GNOME personal management application evolution 3.48.4 fixes an issue related to ` EMailSignatureScriptDialog and EMeetingListStore` components was well as addresses issues such as difficulties in choosing a script file under Flatpak. An update of GStreamer to 1.22.4 fixes security issues in several components and addresses some mapping issues’ the package fixes memory leaks and provides stability improvements. An update of NetworkManager 1.42.8 fixes network filtering rules and IPv6 sharing as well as adds support for Point-to-Point Protocol 2.5.0. Other package to update in the snapshot were webkit2gtk3 2.40.3, libzypp 17.31.15, gvfs 1.50.5 and more.

Snapshot 20230629 kicked off the week and featured updates of various packages. Noteworthy changes included SDL2’s first package update of the week with version 2.28.0; this introduces new functions for window surfaces and rendering APIs. Display manager sddm 0.20.0 bringing initial support for Qt6 that will break themes that rely on Qt5. The package key to MicroOS and other projects with atomic updates, transactional-update, moved to version 4.3.0; this update improves custom utilities and scripts to call mkdumprd and the package adds support for libmount 2.39, while honoring the library’s LIBMOUNT_DEBUG variable for additional output. A few other library packages were updated in the snapshot.

Prior to the Dec 2020 situation at Red Hat and completely unawares, SUSE was working to release SLES 15 SP3, which is 100% binary compatible with openSUSE Leap 15.3. While Red Hat has been working to lock down sources and disparage those who build RHEL clones, SUSE has actively encouraged and sponsored openSUSE as a clone of SLES.

Let’s clarify the difference between openSUSE’s stable and testing ground distros. openSUSE Leap is a stable, enterprise-compatible distro, while openSUSE Tumbleweed serves as the testing ground for SLES and openSUSE Leap. I bring this up because I have repeatedly seen misinformation in community conversations about the state of enterprise Linux. Leap is not a testing ground.

The number of openSUSE users has been on the rise. Lets look into some of the reasons why your next install should be a SUSE distro.

SUSE was founded in 1992 (yes, that’s one year after Linus initially created Linux) in Nuremberg, Germany. Since then, SUSE has grown to have an international presence. SUSE is a publicly traded company and the largest independent open-source software company in the industry.

Similar to Red Hat, SUSE provides a Linux distribution tailored specifically for enterprise environments, catering to the needs of businesses of all sizes. SUSE provides long-term support, ensuring stability, security, and reliability for critical workloads in production environments.

Also, like Red Hat, SUSE follows a subscription-based model, where customers pay for access to their respective distributions along with technical support, maintenance, and updates. This model ensures that organizations receive timely security patches, bug fixes, and feature enhancements, allowing them to maintain a stable and secure infrastructure. Unlike Red Hat, the sources are freely available, and openSUSE Leap updates happen in sync with SLES updates.

In addition to providing enterprise support for SUSE Linux, SUSE also provides enterprise support and updates for RHEL via SUSE Liberty Linux.

SUSE Linux benefits from an active and vibrant opensource community. The community contributes to the development and improvement of the distribution, providing a wealth of resources, documentation, and user-driven support forums.

In summary, openSUSE Leap has emerged as a compelling alternative to CentOS, particularly in light of the changes at Red Hat. Considering these factors, openSUSE Leap, with its robust enterprise support, adherence to open-source principles, and active community, presents a compelling option for businesses seeking a reliable and secure Linux distribution for their infrastructure.

I'm spending some time every week working in the rpmlint project. The tool is very stable and the functionality is well defined, implemented and tested, so there's no crazy development or a lot of new functionalities, but as in all the software, there are always bugs to solve and things to improve.

The recent changes applied now in the main branch include:

• Update the usage of rpm to not use old API.
• Fixes for rpmdiff -v, check for NULL char, special macros in comments and spell checking of description in different languages.
• Move all the metadata from setup.py to pyproject.toml.
• Releasing rpmlint as pre-commit hook
• Improvements to the PythonCheck in the dependency checking.

Summer of Code 2023 updates

The first month of the Summer of Code has passed and Afrid is doing a great job there. We've now a draft Pull Request with some initial changes that allow us to mock rpm packages in tests so it's easier to create new tests without the need of creating a binary package.

The first step done was to extend the existing FakePkg class to allow us to define package files and some package metadata.

Now he's working in replacing all of the test_python.py tests that uses binaries rpm to something that doesn't needed.

The idea is to replace as much tests as possible to reduce the number of rpm binaries and after that, provide helper functions, decorators and classes to make it easy to write tests, writing less code.

Roadmap

In any software project there's always room for improvements, fixes and enhancements. If the project is there for enough time, it's even more critical to modernize the code to reduce the technical debt.

My plan for 2023 is to improve the tests around rpmlint as much as possible. First with the GSoC project, making it easier to write more tests, improving the testing tools that we've. And after the summer, improving the test coverage.

There's also a tool that shares some of the ideas with rpmlint, spec-cleaner, it's also written in Python, so the next step, after the tests improvements will be to take a deep look into the code of these two tools and try to integrate in some way. Maybe it's possible to refactor the common code into an external module, maybe we can bring some ideas from spec-cleaner to rpmlint. Not sure yet, but that'll be my next step.

Don't forget that this is free software, so you can participate too! If you find any issue in rpmlint or have an idea to improve it, don't hesitate and create a new issue.

Staying up-to-date with the latest trends, tools and industry knowledge is crucial for open-source developers and IT professionals like system administrators.

Online resources provide valuable information, but there is no substitute for the immersive and collaborative experience of attending conferences.

As the openSUSE Conference ended about a month ago and the openSUSE.Asia Summit is accepting talk proposals until August 20, we will explore the benefits and reasons why people should not only attend conferences but actively contribute by submitting talks.

The sharing of expertise and insights is perhaps the most fundamental of reasons to attend conferences as it provides an opportunity to share knowledge, expertise, and unique insights with a diverse audience. By submitting talks, people showcase their experiences, best practices, and innovative approaches to commonly shared challenges; they actively contribute to the growth and development of IT and open-source communities. These contributions can inspire others, spark new ideas and foster collaboration among attendees. Sharing expertise not only contributes to the collective knowledge but it helps to establish thought leaders and field experts.

Submitting talks and presenting it at conferences presents opportunities for personal and professional growth. It challenges people to refine their communication skills, overcome stage fright, and think critically about a topic. The experience of preparing and delivering a talk enhances people’s ability to articulate complex concepts clearly and concisely.

Attending sessions where speakers articulate a topic offers a unique opportunity to gain fresh perspectives, learn about emerging technologies, and stay ahead of the curve. The openSUSE and openSUSE.Asia Summit curate sessions with experts in open-source software and Linux, which provides valuable insights for attendees.

Many conferences like openSUSE and openSUSE.Asia Summit organize hands-on workshops where attendees gain practical experience and sharpen their skills. These interactive sessions allow IT professionals and developers to dive deep into specific technologies, frameworks, or tools. Attendees enhance their proficiency and return to their IT department with practical knowledge that can be immediately applied to their work.

Networking at conferences provides an invaluable chance to connect, exchange ideas, and establish meaningful relationships with industry peers and fellow community members. This helps to build a robust professional network that can lead to future collaborations, job opportunities, and mentorship possibilities.

Conferences like ours and others throughout the world foster a sense of community among attendees who share a common passion for technology and open-source. Engaging with fellow professionals and developers can lead to fruitful collaborations, collaborative projects, and contributions to open-source initiatives. The openSUSE and openSUSE.Asia Summit offer a vibrant community atmosphere and provide a platform for connecting with open-source enthusiasts from around the world.

For those managers and IT leaders that have not yet explored sending an employee to a conference, know that attending conferences provides immense value, but actively participating as a speaker takes the experience to new heights.

Get started today by submitting a talk, especially to the openSUSE.Asis Summit; it will take place at Chongqing University of Posts and Telecommunications in Chongqing, China, from Oct. 21 to 23.

When it comes to choosing a reliable and powerful Linux distribution for your workloads, CentOS and openSUSE are both popular options. However, recent changes in the CentOS project have left many users seeking alternatives. In this blog post, we will explore ten compelling reasons why migrating from CentOS to openSUSE might be a smart move. […]

The post 10 Reasons to Migrate from CentOS to openSUSE appeared first on SUSE Communities.