Planet Arch Linux is a window into the world, work and lives of Arch Linux developers, trusted users and support staff.
Yo! New month, new update! The start of this month was marked with FOSDEM! I held a talk about secure boot and the tooling stuff I have written, sbctl. It’s a tool to help you manage secure boot keys and signing files. With help from sbsigntools it also does live enrollment of keys. The talk went great (I think) and it was fun to see how FOSDEM pulled off the conference with matrix and jitsi.
As linux-lts moved to the 5.10 version, all official kernels of Arch Linux now support zstd compressed initramfs images, so mkinitcpio is switching to zstd compressed images by default with version 30, which is currently on [testing]. If, for any reason, you are using a kernel version prior to 5.9, make sure to change mkinitcpio.conf COMPRESSION to use one of the compressors supported, like gzip, otherwise you will not be able to boot images generated by mkinitcpio.
Google has announced that they are going to block everything but Chrome from accessing certain Google features (like Chrome sync) starting on March 15. This decision by Google is going to affect Arch's
chromiumpackage a bit earlier, on March 2, when Chromium 89 gets released. We know for sure that data syncing will stop working (passwords, bookmarks, etc.). Other features such as geolocation or enhanced spell check might continue to function for a bit longer. Extensions integrating with Google Drive might misbehave and LibreOffice will lose access to documents stored there. Other distros such as openSUSE and Fedora have already removed the soon-to-be-limited API keys from their Chromium 88 packages. Fedora's advisory provides a great deal of perspective on this and I also found this Hackaday post to be quite informative.
And January is over! Time has frankly been moving fast the past days. Packaging wise, things has been fine. Added tailscale and some other minor packages, but had a real purge of old packages from resigned maintainers. Also dropped ntop to the AUR which hasn’t been actively developed for years at this point. I’m curious when people are going to bug me about that one :) On the security side of things there has been quite a lot happening just the past week.
The php package has been updated to version 8.0. Please refer to the upstream migration guide. As some applications are not compatible with PHP 8 yet we provide a php7 package which can be installed alongside version 8. Packages that depend on PHP reflect this update and will require php7 if needed. You might need to update your configuration accordingly. PHP 7 binaries and configuration have the "7" suffix:
- /usr/bin/php -> /usr/bin/php7
- /etc/php -> /etc/php7
- /usr/bin/php-fpm -> /usr/bin/php-fpm7
- /usr/lib/systemd/system/php-fpm.service -> /usr/lib/systemd/system/php-fpm7.service
- /run/php-fpm -> /run/php-fpm7
Hello and welcome to my little Kubernetes on Hetzner tutorial for the first half of 2021. This tutorial will help you bootstrapping a Kubernetes Cluster on Hetzner with KubeOne. I am writing this small tutorial, because I had some trouble to bootstrap a cluster on Hetzner with KubeOne. But first of all let us dive into the question why we even need KubeOne and how does KubeOne helps. KubeOne is a small wrapper around kubeadm.
We are happy to announce our newest public service: A manual pages indexing site at man.archlinux.org that publishes the man pages of all our packages and allows you to search and browse them. Check out, for example, the man page of tar. You can also find this service linked to in the sidebar as well as on every package detail page. Thanks to Wiki Admin lahwaacz for developing archmanweb for this purpose. While there are other man page indexing sites out there, it is our hope that publishing man pages matching the versions of our released packages further improves Arch accessibility and documentation.
A lot has happened since the last reproducible builds summit in Marrakesh 2019, this blog post is a summary of the progress made in 2020 of everything related to getting reproducible builds in Arch Linux. archlinux-repro Also known as
reprothis tool allows one to rebuild a package and check …
End of the year and third blog post! Hope everyone has had a nice new years eve :) The first news of the month is that Remi Gacogne was accepted as Trusted User. Congratulations to him and super exciting. Other then that I have had a meeting with the devops team discussing how we should implement the debuginfod system on our infrastructure. I have written up the ansible role for debuginfod and it was more or less decided that we want to host it on a small VPS for the service itself, and sync debug packages to the host to serve them.
Due to issues with our anti spam measures, we had to migrate those mailing lists, that were sent from @archlinux.org before to the @lists.archlinux.org domain. Submission to the mailing list is not affected and still works with @archlinux.org. Mails get redirected automagically. The only change that may need to be considered on your side are filters and rules matching the From or List-id header which changed accordingly.
Arch Linux got kubernetes packaged into the [community] repository the past week with the hard work of David Runge. I contribute to testing the packages so I thought it would be interesting to write up quickly the testing that was done. Originally I did the testing with docker but with the dockershim deprecation I rewrote the blog to utilize containerd instead. David has reworked the kubernetes archwiki article as well. It currently doesn’t cover all use cases and contributions welcome.
We have been slowly working towards the next pacman release. The major change for this release is the implementation of parallel downloads. Check out this video: It is time for this feature to receive some wider testing. Grab the package Continue reading →
Second month of doing these posts. In short not much has been happening the past weeks, but that would be a slight lie. I have sponsored rgacognes Trusted User application. The application was posted to the mailing list, and it’s currently being voted and decided by a weeks time. There has also been some discussion for years about bringing debug packages into Arch. This has largely been stalled but I brought it back to life again.
The Problem Someone enters an IRC support channel and proclaims their dovecot server has been hacked and a non existing user sends spam email from their server. The initial reaction might be something along the lines of Wat ಠ_ಠ With the following assumption that the user clearly did something wrong. Hosting email is difficult after all. I don’t quite recall how rest of the support went, but it was solved and the root cause was not found.
We are happy to announce that the talks held at Arch Conf 2020 have been edited and released :) The can be found on CCC Media, Youtube and in our archive. On our archive you can find a copy of all the edited talks, the submitted questions from the Q&A and the presentation slides. We have also included the DJ mixes from the break, the assets used for the OBS stream, and the break animation along with the background used for the presentations.
We are very happy to announce that accessibility features have been added to our installation medium with archiso v49. From release 2020.11.01 onward these are available via the 2nd boot loader menu item. A specific installation guide can be found on the wiki. Many thanks go to Alexander Epaneshnikov who integrated the features from the TalkingArch project into archiso's releng profile, which is used for creating the installation medium. Note: The boot loader timeouts have been set to 15s to allow blind users to select the menu item as the boot loaders themselves do not offer accessibility features.
I wanted to start writing these for myself as I have been reading quite a few monthly resports from Chris Lamb and other Debian contributors. They make for interesting content for readers curious about what distribution maintainers do during a month, and motivation for myself as not everything one does is visible work. I’ll try have some sort of structure with them, by starting off with the menial tasks, and add the meeting notes and misc contributions at the bottom.
pkgstats is a tool that gathers and analyses installed packages of Arch Linux users. It started as a small shell script back in 2008 and helps us among other things to determine which packages are no longer used but also which packages from the AUR are popular candidates. Previously I rewrote the server part and … Continue reading "pkgstats version 3: lookup package statistics from your terminal"
The libtraceevent package prior to version 5.9-1 was missing a soname link. This has been fixed in 5.9-1, so the upgrade will need to overwrite the untracked files created by ldconfig. If you get any of these errors
libtraceevent: /usr/lib/libtraceevent.so.1 exists in filesystemwhen updating, use
pacman -Syu --overwrite /usr/lib/libtraceevent.so.1to perform the upgrade.
nvidia is currently partially incompatible with linux >= 5.9  . While graphics should work fine, CUDA, OpenCL, and likely other features are broken. Users who've already upgraded and need those features are advised to switch to the linux-lts kernel for the time being until a fix for nvidia is available.
Last weekend we had what I consider to be the very successful Arch Conf 2020. This included a talk by Michael Stapelberg about distri, his Linux distribution to research fast package management. Michael showed an example of installing QEMU in Continue reading →
The ghostpcl and ghostxps packages prior to version 9.53.2-2 were missing a soname link each. This has been fixed in 9.53.2-2, so the upgrade will need to overwrite the untracked files created by ldconfig. If you get any of these errors
ghostpcl: /usr/lib/libgpcl6.so.9 exists in filesystem ghostxps: /usr/lib/libgxps.so.9 exists in filesystemwhen updating, use
pacman -Syu --overwrite /usr/lib/libgpcl6.so.9,/usr/lib/libgxps.so.9to perform the upgrade.
Schedule The schedule for the conference has been published for the conference and can be found in the CFP system. Please check out all the great talks we have! https://pretalx.com/arch-conf-online-2020/talk/ Stream The stream is going to be available through the CCC Video Operation Center, which will be hosting our main stream, and a re-stream on Twitch. C3VOC: https://streaming.media.ccc.de/archconf2020/ Twitch channel: https://www.twitch.tv/archlinuxconf For questions during the Q&A sessions, one can use the IRC channel #archlinux-conf-q&a on Freenode, or write them on the Twitch chat.
On the 10th and 11th of October there is going to be an online edition of Arch Conf. The conference is going to have presentations from the Arch team along with community submitted presentations and lightning talks. We are proud to announce the first revision of the schedule! https://pretalx.com/arch-conf-online-2020/talk/ The conference timezone is CEST/UTC+2: https://everytimezone.com/s/40cc4784 Updates and additional information can be found on the conference page: https://conf.archlinux.org See you there! Cheers from the conference team.