By ris Last week Lennart Poettering introduced
casync, a tool for distributing system images. This week he introduces
mkosi, a tool for making OS images. “mkosi is definitely a tool with a focus on developer’s needs for building OS images, for testing and debugging, but also for generating production images with cryptographic protection. A typical use-case would be to add a mkosi.default file to an existing project (for example, one written in C or Python), and thus making it easy to generate an OS image for it. mkosi will put together the image with development headers and tools, compile your code in it, run your test suite, then throw away the image again, and build a new one, this time without development headers and tools, and install your build artifacts in it. This final image is then “production-ready”, and only contains your built program and the minimal set of packages you configured otherwise. Such an image could then be deployed with casync (or any other tool of course) to be delivered to your set of servers, or IoT devices or whatever you are building.”
By corbet In one sense, the Stack Clash vulnerability
that was announced on June 19 has not had a huge impact: thus far, at
least, there have been few (if any) stories of active exploits in the
wild. At other levels, though, this would appear to be in important
vulnerability, in that it has raised a number of questions about how the
community handles security issues and what can be expected in the future.
The indications, unfortunately, are not all positive.
By ris Security updates have been issued by Debian (kernel and openvpn), Mageia (docker, libetpan, weechat, and yodl), Oracle (mercurial), Scientific Linux (freeradius), SUSE (kernel), and Ubuntu (systemd).
The CentOS distribution has long been
a boon to those who want an enterprise-level operating system without an
enterprise-level support contract—and the costs that go with it. In
keeping with its server orientation, CentOS has been largely focused on
x86 systems, but that has been changing over the last few
years. Jim Perrin has been with the project since 2004 and his talk at Open
Source Summit Japan (OSSJ) described the process of making CentOS
available for the ARM server market; he also discussed the status of that
project and some plans for the future.
By ris GitHub has announced
a new program that aims to make it easier for people to contribute to open
source projects. “Open Source Friday isn’t limited to
individuals. Your team, department, or company can take part,
too. Contributing to the software you already use isn’t altruistic—it’s an
investment in the tools your company relies on. And you can always start
small: spend two hours every Friday working on an open source project
relevant to your business. Whether you’re an aspiring contributor or active
maintainer of open source software, we help you track and share your Friday
contributions. We also provide a framework for regular contribution, along
with resources to help you convince your employers to join in.”
By ris Security updates have been issued by Arch Linux (expat and poppler), Debian (unrar-nonfree and vlc), Fedora (chromium and mercurial), Gentoo (freeradius, kauth, and libreoffice), Mageia (glibc, irssi, kernel, kernel-linus, kernel-tmb, and rpcbind/libtirpc), openSUSE (libgcrypt, netpbm, and sudo), Oracle (sudo), Scientific Linux (mercurial), Slackware (kernel), SUSE (jakarta-taglibs-standard, kernel, and kernel-source), and Ubuntu (apache2).
By corbet Persistent memory promises high-speed, byte-addressable access to storage,
with consequent benefits for all kinds of applications. But realizing those
benefits has turned out to present a number of challenges for the Linux
kernel community. Persistent memory is neither ordinary memory nor
so traditional approaches to memory and storage are not always well suited
to this new world. A proposal for a new daxctl() system call,
along with the ensuing discussion, shows how hard it can be to get the most
out of persistent memory.