With shadow >= 4.14.0, Arch Linux's default password hashing algorithm changed from SHA512 to yescrypt.
Furthermore, the umask settings are now configured in /etc/login.defs instead of /etc/profile.
This should not require any manual intervention.
Reasons for Yescrypt
The password-based key derivation function (KDF) and password hashing scheme yescrypt has been chosen due to its adoption (readily available in libxcrypt, which is used by pam) and its stronger resilience towards password cracking attempts over SHA512.
Although the winner of the Password Hashing Competition has been argon2, this algorithm is not yet available in libxcrypt (attempt one, attempt two).
Configuring yescrypt
The YESCRYPT_COST_FACTOR setting in /etc/login.defs is currently without effect, until pam implements reading its value. If a YESCRYPT_COST_FACTOR higher (or lower) than the default (5) is needed, it can be set using the rounds option of the pam_unix module (i.e. in /etc/pam.d/system-auth).
General list of changes
- yescrypt is used as default password hashing algorithm, instead of SHA512
- pam honors the chosen
ENCRYPT_METHOD in /etc/login.defs and does not override the chosen method anymore
- changes in the filesystem (>=
2023.09.18) and pambase (>= 20230918) packages ensure, that umask is set centrally in /etc/login.defs instead of /etc/profile
As of ansible-core 2.15.3, upstream moved documentation and examples to a separate dedicated repository (see the related changelogs).
This means that, starting from version 2.15.3 the ansible-core package will stop shipping documentation and a default configuration example under /etc/ansible/ansible.cfg.
Regarding the documentation, it is available online: https://docs.ansible.com/
As for the configuration file, as explained in the wiki, a base config can be generated with the following command:
ansible-config init --disabled > ansible.cfg
After updating from ansible-core <= 2.15.2-1 to >= 2.15.3-1, everyone using a custom global Ansible configuration file stored under /etc/ansible/ansible.cfg will have their …
When upgrading from budgie-desktop 10.7.2-5 to 10.7.2-6, the package mutter43 must be replaced with magpie-wm, which currently depends on mutter. As mutter43 conflicts with mutter, manual intervention is required to complete the upgrade.
First remove mutter43, then immediately perform the upgrade. Do not relog or
reboot between these steps.
pacman -Rdd mutter43
pacman -Syu
Starting from version 2023.66594-9, TeX Live packages have been reorganized to mirror upstream collections. Even though the new texlive-basic replaces the old texlive-core, many of the texlive-core contents (including language specific files) are now split between different packages. To find out which Arch package contains a specific CTAN package, you can use the tlmgr utility, eg.
$ tlmgr info euler | grep collection
collection: collection-latexrecommended
which means the euler CTAN package is contained in texlive-latexrecommended. You may also use pacman -F to query for specific files.
A new metapackage texlive-meta is available to install all subpackages (except for …
The openblas package prior to version 0.3.23-2 doesn't ship optimized
LAPACK routine and CBLAS/LAPACKE interfaces for compatibility. This
decision has been reverted now, and the ability to choose a different
default system BLAS/LAPACK implementation while keeping openblas
installed is now provided to allow future co-installation of BLIS,
ATLAS, etc.
The default BLAS implementation will be used for most packages like
NumPy or R. Please install "blas-openblas" and "blas64-openblas" to make
OpenBLAS the default BLAS implementation, just like the old behavior.
Unfortunately you will get errors on updating if you currently have
OpenBLAS installed as the default BLAS implementation:
error: failed …
