Arch Planet

Planet Arch Linux is a window into the world, work and lives of Arch Linux developers, trusted users and support staff.

RSS Feed

FOSS Activities in November 2020


Second month of doing these posts. In short not much has been happening the past weeks, but that would be a slight lie. I have sponsored rgacognes Trusted User application. The application was posted to the mailing list, and it’s currently being voted and decided by a weeks time. There has also been some discussion for years about bringing debug packages into Arch. This has largely been stalled but I brought it back to life again.

PAM Bypass: when null(is not)ok


The Problem Someone enters an IRC support channel and proclaims their dovecot server has been hacked and a non existing user sends spam email from their server. The initial reaction might be something along the lines of Wat ಠ_ಠ With the following assumption that the user clearly did something wrong. Hosting email is difficult after all. I don’t quite recall how rest of the support went, but it was solved and the root cause was not found.

Arch Conf 2020 - Talks and content release


We are happy to announce that the talks held at Arch Conf 2020 have been edited and released :) The can be found on CCC Media, Youtube and in our archive. On our archive you can find a copy of all the edited talks, the submitted questions from the Q&A and the presentation slides. We have also included the DJ mixes from the break, the assets used for the OBS stream, and the break animation along with the background used for the presentations.

Accessible installation medium


We are very happy to announce that accessibility features have been added to our installation medium with archiso v49. From release 2020.11.01 onward these are available via the 2nd boot loader menu item. A specific installation guide can be found on the wiki. Many thanks go to Alexander Epaneshnikov who integrated the features from the TalkingArch project into archiso's releng profile, which is used for creating the installation medium. Note: The boot loader timeouts have been set to 15s to allow blind users to select the menu item as the boot loaders themselves do not offer accessibility features.

FOSS Activities in October 2020


I wanted to start writing these for myself as I have been reading quite a few monthly resports from Chris Lamb and other Debian contributors. They make for interesting content for readers curious about what distribution maintainers do during a month, and motivation for myself as not everything one does is visible work. I’ll try have some sort of structure with them, by starting off with the menial tasks, and add the meeting notes and misc contributions at the bottom.

pkgstats version 3: lookup package statistics from your terminal


pkgstats is a tool that gathers and analyses installed packages of Arch Linux users. It started as a small shell script back in 2008 and helps us among other things to determine which packages are no longer used but also which packages from the AUR are popular candidates. Previously I rewrote the server part and … Continue reading "pkgstats version 3: lookup package statistics from your terminal"

libtraceevent>=5.9-1 update requires manual intervention


The libtraceevent package prior to version 5.9-1 was missing a soname link. This has been fixed in 5.9-1, so the upgrade will need to overwrite the untracked files created by ldconfig. If you get any of these errors libtraceevent: /usr/lib/ exists in filesystem when updating, use pacman -Syu --overwrite /usr/lib/ to perform the upgrade.

nvidia 455.28 is incompatible with linux >= 5.9


nvidia is currently partially incompatible with linux >= 5.9 [1] [2]. While graphics should work fine, CUDA, OpenCL, and likely other features are broken. Users who've already upgraded and need those features are advised to switch to the linux-lts kernel for the time being until a fix for nvidia is available.

Distri – Comparing Apples and Oranges?


Last weekend we had what I consider to be the very successful Arch Conf 2020. This included a talk by Michael Stapelberg about distri, his Linux distribution to research fast package management. Michael showed an example of installing QEMU in Continue reading →

ghostpcl>=9.53.2-2 and ghostxps>=9.53.2-2 updates require manual intervention


The ghostpcl and ghostxps packages prior to version 9.53.2-2 were missing a soname link each. This has been fixed in 9.53.2-2, so the upgrade will need to overwrite the untracked files created by ldconfig. If you get any of these errors ghostpcl: /usr/lib/ exists in filesystem ghostxps: /usr/lib/ exists in filesystem when updating, use pacman -Syu --overwrite /usr/lib/,/usr/lib/ to perform the upgrade.

Stream details, video details and come help out!


Schedule The schedule for the conference has been published for the conference and can be found in the CFP system. Please check out all the great talks we have! Stream The stream is going to be available through the CCC Video Operation Center, which will be hosting our main stream, and a re-stream on Twitch. C3VOC: Twitch channel: For questions during the Q&A sessions, one can use the IRC channel #archlinux-conf-q&a on Freenode, or write them on the Twitch chat.

Arch Conf 2020 schedule


On the 10th and 11th of October there is going to be an online edition of Arch Conf. The conference is going to have presentations from the Arch team along with community submitted presentations and lightning talks. We are proud to announce the first revision of the schedule! The conference timezone is CEST/UTC+2: Updates and additional information can be found on the conference page: See you there! Cheers from the conference team.

Kill Arch Bugs: Help us on the 13th of September!


We would like to hold a bug wrangling day on the 13th of September to reduce the large amount of open tickets. If you cannot take part in the bug wrangling day, then feel free to help us any time before that event. How? Please review all bugs that were reported by you and check if they are still valid. Please request a task closure on the bug tracker if the task may be closed. Otherwise please provide further information so that we can continue to work on the bug. We cannot fix bugs without your feedback. Questions? Join us at #archlinux-bugs channel on during 13th of September. As we live in different timezones not all devs and bug wranglers will be available at the same time, but feel free to report your issues to any dev available. Also please check your mailboxes that may contain notifications about comments made on your tickets.

Google Summer of Code 2020


Intro I spent the last three to four months working on the open source project in-toto as part of my Google Summer of Code stipend at the Cloud Native Computing Foundation (CNCF). Followers of my blog might have read already about in-toto. If you do not know the project, I suggest you have a look on my introduction to in-toto. The introduction article has been written as part of my Google Summer of Code stipend and gives a good overview about the project and what its objectives are.

Arch Conf Online 2020


During the weekend of 10th and 11th of October there is going to be an online Arch Linux conference. The details are currently being worked on, but the Call for Participation has been published and people can submit their talk ideas until the 18th of September. All talks are expected to be recorded as it will ease the planning for the live portion of the stream, however there are going to be live Q&A session with the presenters if they are available.

How I install Arch Linux


Recently I have installed Arch Linux on a shiny new Lenovo Thinkpad T14 AMD. This blog article shall mainly be a reminder for me for the future, but feel free to use anything useful in it. I did not install Arch Linux for a long time (nearly over 8 years, lol). Therefore I never saw a need to automate an Arch Linux installation. I am aware, that there are solutions for automated Arch Linux installation.

Google Summer of Code 2020


tl;dr Just give me the link to the PR: Intro This blog post tracks my accomplishments during my Google Summer of Code 2020 Stipend at CNCF. I have spend around three months on working on For tracking I am using the goal-setting framework OKR (objectives and key results). My main objective has been to implement in-toto-run functionality in the in-toto Go implementation. However, I have also fixed a few other issues on this journey and wrote a blog post about in-toto.

AUR Migration: New SSH HostKeys


Due to the fact that the AUR has been migrated to a new server, the SSH HostKeys used to connect to the host have changed. These are the new keys fingerprints: Ed25519: SHA256:RFzBCUItH9LZS0cKB5UE6ceAYhBD5C8GeOBip8Z11+4 ECDSA: SHA256:uTa/0PndEgPZTf76e1DFqXKJEXKsn7m9ivhLQtzGOCI RSA: SHA256:5s5cIyReIfNNVGRFdDbe3hdYiI5OelHGpw2rOUud3Q8 The fingerprints above can also be found on the AUR home page when not logged in.

Wayland in 2020


It is nearly a year since my last blog article about Wayland on Linux. Thus I thought it is time for an update on how my desktop with sway developed. What happened? I changed my file sharing scripts I moved from rofi to bemenu I changed my scripts, that were based on rofi For my file sharing scripts I introduced a new helper script with the generic name share.

Fix PDF Display on Chrome


For many months I had a weird issue with displaying PDFs in chrome on my website. I always thought this is a browser issue and would be fixed soon, but actually it was an issue with my Content Security Policy (CSP). If you ever stumbled upon my CV you might have looked on this: Finally I could fix this, after finding this Chrome issue here: The problem got triggered via my strong CSP.

Improving the Secure Boot user experience


Secure boot tooling is terrible, can we do better? Currently the most widely used tooling for secure boot is the Ubuntu sbsigntools and efitools. If you are currently using secure boot both of these packages are probably installed on your system. Both of them support the basics of generating signature lists and signing the EFI variables with certificates, but they still have differences which is a source of confusion. efitools has 3 different ways of generating signature lists, cert-to-efi-hash-list, cert-to-sig-list and hash-to-efi-sig-list.

Test driving Flathub mirror for users in China


One of the reasons Flathub is relatively fast regardless of where it’s used is CDN service provided by Fastly. This is not a good thing for users from China though, where Fastly, and thus Flathub, is blocked. Similar services are operating in China, but being an open source project, it’s easy to guess our budget is close to zero. A fellow Arch developer, Felix Yan suggested some VPS providers that are considered “China-friendly”. In the end, I configured two new servers in Seoul using Oracle Cloud free tier. As Flathub enforces the remote URL for historical reasons, switching to …

Introduction to in-toto


Today I would like to talk about supply chains. I am participating as package maintainer for several years for now and supply chains are one of the key factors that were on my mind the most. As package maintainer I try to ensure, that all users can be certain, that they are actually using what the project owners had in their minds. This only works with a secure supply chain. This secure supply chain seems to be a big problem for many devs.

Not seeing the wood for the trees


The way Flathub infrastructure works is not complicated for current trends, but there are enough moving parts to make debugging transient issues tricky. When a user starts a download, Flatpak connects to CDN provided by Fastly. CDN connects to one of two front servers, VPSes acting as caching load balancers/proxies in front of hub, the main server exposing ostree repositories and publishing new builds with flat-manager. These happen on Buildbot, another VPS. All HTTP servers are nginx. No magic involved; boring is an advantage for infrastructure. One long-standing issue was random 503 Service Unavailable errors, causing Flatpak to …

Identify the OS via ping


This article will be rather short. I just wanted to highlight something, that not much people know. This could be helpful for network diagnostics or capture-the-flag games. If you ever find yourself in the situation to identify a device’s OS only by it’s IP address, you can try just pinging the device. The TTL (Time-To-Live) will give you an hint about the OS. You can use the following table for the beginning: