Planet Arch Linux is a window into the world, work and lives of Arch Linux developers, trusted users and support staff.
nvidia is currently partially incompatible with linux >= 5.9  . While graphics should work fine, CUDA, OpenCL, and likely other features are broken. Users who've already upgraded and need those features are advised to switch to the linux-lts kernel for the time being until a fix for nvidia is available.
Last weekend we had what I consider to be the very successful Arch Conf 2020. This included a talk by Michael Stapelberg about distri, his Linux distribution to research fast package management. Michael showed an example of installing QEMU in Continue reading →
The ghostpcl and ghostxps packages prior to version 9.53.2-2 were missing a soname link each. This has been fixed in 9.53.2-2, so the upgrade will need to overwrite the untracked files created by ldconfig. If you get any of these errors
ghostpcl: /usr/lib/libgpcl6.so.9 exists in filesystem ghostxps: /usr/lib/libgxps.so.9 exists in filesystemwhen updating, use
pacman -Syu --overwrite /usr/lib/libgpcl6.so.9,/usr/lib/libgxps.so.9to perform the upgrade.
Schedule The schedule for the conference has been published for the conference and can be found in the CFP system. Please check out all the great talks we have! https://pretalx.com/arch-conf-online-2020/talk/ Stream The stream is going to be available through the CCC Video Operation Center, which will be hosting our main stream, and a re-stream on Twitch. C3VOC: https://streaming.media.ccc.de/archconf2020/ Twitch channel: https://www.twitch.tv/archlinuxconf For questions during the Q&A sessions, one can use the IRC channel #archlinux-conf-q&a on Freenode, or write them on the Twitch chat.
On the 10th and 11th of October there is going to be an online edition of Arch Conf. The conference is going to have presentations from the Arch team along with community submitted presentations and lightning talks. We are proud to announce the first revision of the schedule! https://pretalx.com/arch-conf-online-2020/talk/ The conference timezone is CEST/UTC+2: https://everytimezone.com/s/40cc4784 Updates and additional information can be found on the conference page: https://conf.archlinux.org See you there! Cheers from the conference team.
We would like to hold a bug wrangling day on the 13th of September to reduce the large amount of open tickets. If you cannot take part in the bug wrangling day, then feel free to help us any time before that event. How? Please review all bugs that were reported by you and check if they are still valid. Please request a task closure on the bug tracker if the task may be closed. Otherwise please provide further information so that we can continue to work on the bug. We cannot fix bugs without your feedback. Questions? Join us at #archlinux-bugs channel on irc.freenode.net during 13th of September. As we live in different timezones not all devs and bug wranglers will be available at the same time, but feel free to report your issues to any dev available. Also please check your mailboxes that may contain notifications about comments made on your tickets.
Intro I spent the last three to four months working on the open source project in-toto as part of my Google Summer of Code stipend at the Cloud Native Computing Foundation (CNCF). Followers of my blog might have read already about in-toto. If you do not know the project, I suggest you have a look on my introduction to in-toto. The introduction article has been written as part of my Google Summer of Code stipend and gives a good overview about the project and what its objectives are.
During the weekend of 10th and 11th of October there is going to be an online Arch Linux conference. The details are currently being worked on, but the Call for Participation has been published and people can submit their talk ideas until the 18th of September. All talks are expected to be recorded as it will ease the planning for the live portion of the stream, however there are going to be live Q&A session with the presenters if they are available.
Recently I have installed Arch Linux on a shiny new Lenovo Thinkpad T14 AMD. This blog article shall mainly be a reminder for me for the future, but feel free to use anything useful in it. I did not install Arch Linux for a long time (nearly over 8 years, lol). Therefore I never saw a need to automate an Arch Linux installation. I am aware, that there are solutions for automated Arch Linux installation.
tl;dr Just give me the link to the PR: https://github.com/in-toto/in-toto-golang/pull/56 Intro This blog post tracks my accomplishments during my Google Summer of Code 2020 Stipend at CNCF. I have spend around three months on working on https://in-toto.io. For tracking I am using the goal-setting framework OKR (objectives and key results). My main objective has been to implement in-toto-run functionality in the in-toto Go implementation. However, I have also fixed a few other issues on this journey and wrote a blog post about in-toto.
Due to the fact that the AUR has been migrated to a new server, the SSH HostKeys used to connect to the host have changed. These are the new keys fingerprints:
Ed25519: SHA256:RFzBCUItH9LZS0cKB5UE6ceAYhBD5C8GeOBip8Z11+4 ECDSA: SHA256:uTa/0PndEgPZTf76e1DFqXKJEXKsn7m9ivhLQtzGOCI RSA: SHA256:5s5cIyReIfNNVGRFdDbe3hdYiI5OelHGpw2rOUud3Q8The fingerprints above can also be found on the AUR home page when not logged in.
It is nearly a year since my last blog article about Wayland on Linux. Thus I thought it is time for an update on how my desktop with sway developed. What happened? I changed my file sharing scripts I moved from rofi to bemenu I changed my scripts, that were based on rofi For my file sharing scripts I introduced a new helper script with the generic name share.
For many months I had a weird issue with displaying PDFs in chrome on my website. I always thought this is a browser issue and would be fixed soon, but actually it was an issue with my Content Security Policy (CSP). If you ever stumbled upon my CV you might have looked on this: Finally I could fix this, after finding this Chrome issue here: https://bugs.chromium.org/p/chromium/issues/detail?id=271452 The problem got triggered via my strong CSP.
Secure boot tooling is terrible, can we do better? Currently the most widely used tooling for secure boot is the Ubuntu sbsigntools and efitools. If you are currently using secure boot both of these packages are probably installed on your system. Both of them support the basics of generating signature lists and signing the EFI variables with certificates, but they still have differences which is a source of confusion. efitools has 3 different ways of generating signature lists, cert-to-efi-hash-list, cert-to-sig-list and hash-to-efi-sig-list.
One of the reasons Flathub is relatively fast regardless of where it’s used is CDN service provided by Fastly. This is not a good thing for users from China though, where Fastly, and thus Flathub, is blocked. Similar services are operating in China, but being an open source project, it’s easy to guess our budget is close to zero. A fellow Arch developer, Felix Yan suggested some VPS providers that are considered “China-friendly”. In the end, I configured two new servers in Seoul using Oracle Cloud free tier. As Flathub enforces the remote URL for historical reasons, switching to …
Today I would like to talk about supply chains. I am participating as package maintainer for several years for now and supply chains are one of the key factors that were on my mind the most. As package maintainer I try to ensure, that all users can be certain, that they are actually using what the project owners had in their minds. This only works with a secure supply chain. This secure supply chain seems to be a big problem for many devs.
The way Flathub infrastructure works is not complicated for current trends, but there are enough moving parts to make debugging transient issues tricky. When a user starts a download, Flatpak connects to CDN provided by Fastly. CDN connects to one of two front servers, VPSes acting as caching load balancers/proxies in front of
hub, the main server exposing ostree repositories and publishing new builds with flat-manager. These happen on Buildbot, another VPS. All HTTP servers are nginx. No magic involved; boring is an advantage for infrastructure. One long-standing issue was random
503 Service Unavailableerrors, causing Flatpak to …
This article will be rather short. I just wanted to highlight something, that not much people know. This could be helpful for network diagnostics or capture-the-flag games. If you ever find yourself in the situation to identify a device’s OS only by it’s IP address, you can try just pinging the device. The TTL (Time-To-Live) will give you an hint about the OS. You can use the following table for the beginning:
Prolog My server went down today. So I’ve decided to write a little postmortem for me, so that I will hopefully learn from my server outage. This is also a nice moment to learn how Google writes postmortems: https://landing.google.com/sre/sre-book/chapters/postmortem/#id-YAJuMt7iQW Overview Date: 2020-04-29 Status: Complete, action items in progress Impact: The following of my components went down for a period of 5 hours and 6 minutes: https://shibumi.dev WKD server https//nspawn.org (images are partly persist unavailable) IRC bouncer git server Root Causes: Backup restore mechanisms didn’t work as expected.
With the release of 3.20, LXD was included into the community repository of Arch Linux in January, and has currently been sitting there happily for the past months. LXD is a container manager from Canonical that manages containers as if they where independent machines in a cluster. I have somehow taken to calling them “containers-as-machines”. This is in contrast to podman and docker which would be “containers-as-applications”. Think of lxd as ganeti, but for containers.
In this, hopefully short, article I want to summarize what I’ve did for changing the expiration date of my GPG key on my Yubikey. This tutorial is for all people who has generated their GPG key on their laptop and then transferred it to the Yubikey. If you’ve generated the GPG key pair on the Yubikey, you will not need this. We need to differentiate between two cases: Changing the expiration date of a subkey or changing the expiration date of your GPG master key.
The zn_poly package prior to version 0.9.2-2 was missing a soname link. This has been fixed in 0.9.2-2, so the upgrade will need to overwrite the untracked files created by ldconfig. If you get an error
zn_poly: /usr/lib/libzn_poly-0.9.so exists in filesystemwhen updating, use
pacman -Syu --overwrite usr/lib/libzn_poly-0.9.soto perform the upgrade.
The nss and lib32-nss packages prior to version 3.51.1-1 were missing a soname link each. This has been fixed in 3.51.1-1, so the upgrade will need to overwrite the untracked files created by ldconfig. If you get any of these errors
nss: /usr/lib/p11-kit-trust.so exists in filesystem lib32-nss: /usr/lib32/p11-kit-trust.so exists in filesystemwhen updating, use
pacman -Syu --overwrite /usr/lib\*/p11-kit-trust.soto perform the upgrade.
Hey, this is going to be a short blog article. A few days ago I had a friend at my place who asked for the Wifi password. So I presented my 32 char WPA2 key and we all got very frustrated, because we had to type it in manually. After typing the key in, I thought there must be a better solution for tackling this problem, like generating a QR code.
The hplip package prior to version 3.20.3-2 was missing the compiled python modules. This has been fixed in 3.20.3-2, so the upgrade will need to overwrite the untracked pyc files that were created. If you get errors such as these
hplip: /usr/share/hplip/base/__pycache__/__init__.cpython-38.pyc exists in filesystem hplip: /usr/share/hplip/base/__pycache__/avahi.cpython-38.pyc exists in filesystem hplip: /usr/share/hplip/base/__pycache__/codes.cpython-38.pyc exists in filesystem ...many more...when updating, use
pacman -Suy --overwrite /usr/share/hplip/\*to perform the upgrade.