Arch Linux

In Grants for Operating Systems I discussed my journey through the grant application writing business since beginning of last year. To keep things light and somewhat focused, I left out a topic, that I would like to write about in more detail in the following sections. It's about selection bias in grants provided by Next Generation Internet (NGI), that can be applied for directly or through NLnet. Read more… (11 min remaining to read)

Over the past years I have written (unsuccessful) funding applications for free software projects, associated with the Arch Linux Operating System. This article is about my experiences with applying for numerous funds and my advice for people trying to get their work funded. TL;DR: Writing funding applications is extremely tedious and the selection process mostly intransparent and discouraging. Depending on what you apply for and who you apply with, you may never get funding due to other, additional factors. Read more… (8 min remaining to read)

We are introducing a change in JDK/JRE packages of our distro. This is triggered from the way a JRE is build in modern versions of Java (>9). We are introducing this change in Java 21. To sum it up instead of having JDK and JRE packages coexist in the same system we will be making them conflict. The JDK variant package includes the runtime environment to execute Java applications so if one needs compilation and runtime of Java they need only the JDK package in the future. If, on the other hand, they need just runtime of Java then JRE (or jre-headless) will work. This will (potentially) require a manual user action during upgrade:

• If you have both JDK and JRE installed you can manually install the JDK with pacman -Syu jdk-openjdk and this removes the JRE related packages.
• If you have both JRE and JRE-headless you will need to choose one of them and install it manually since they would conflict each other now.
• If you only have one of the JDK/JRE/JRE-headless pacman should resolve dependencies normally and no action is needed.

At the moment this is only valid for the upcoming JDK 21 release.

Here is how you can publish a Rust project with a single click of a button and automate everything.

Arch Linux in September 2023 # Staff # We would like to welcome Fabian Bornschein (fabiscafe) as part of the Arch Linux Package Maintainer team. Bug weekend # During the 1st to 3rd of September, we conducted a bug weekend with the aim of resolving old bugs and implementing proposed solutions. This effort not only reduced the backlog but also contributed to streamlining the upcoming bug tracker migration, resulting in the resolution of approximately 200 bugs.

After writing age-plugin-tpm a friend of mine at the hackerspace was super excited to finally have easy file encryption with TPM sealed keys, all without having to rely on gnupg. “This is great!” he said. “I wish I could have my SSH keys sealed in a TPM just as easily”. We should have left it at that. I shouldn’t have replied with a random assortment of facts like “I know google/go-tpm now”, or “but Go has a ssh-agent protocol implementation” followed-up with “Filippo has already implemented yubikey-agent, it can’t be that hard”.

With shadow >= 4.14.0, Arch Linux's default password hashing algorithm changed from SHA512 to yescrypt. Furthermore, the umask settings are now configured in /etc/login.defs instead of /etc/profile. This should not require any manual intervention. Reasons for Yescrypt The password-based key derivation function (KDF) and password hashing scheme yescrypt has been chosen due to its adoption (readily available in libxcrypt, which is used by pam) and its stronger resilience towards password cracking attempts over SHA512. Although the winner of the Password Hashing Competition has been argon2, this algorithm is not yet available in libxcrypt …

Arch Linux in August 2023 # Staff # We would like to welcome Tomaz Canabrava (tcanabrava) as part of the Arch Linux Package Maintainer team. AURWeb # In AURWeb v6.2.7, we primarily focused on bug fixes while revamping Prometheus metrics. We introduced new measures like request tracking and cache-hit/miss ratios for search queries, enhancing our ability to make development decisions and aiding the AUR moderation team in identifying trends.

Having a full Linux mobile or tablet device has always interested me, to have an alternative to Android and use Arch Linux everywhere. Realistically I won't be able to give up Android on my phone, but what about tablet's? Phosh was developed to be a graphical user interface for mobile …

In the past, I have used Weechat with Weechat and IRC relays. Since, I have switched to ChromeOS, I disabled the IRC relay, because I switched to the Weechat Android App on ChromeOS. Nevertheless, I was never 100% happy with the Weechat relay. The relay usually works via a shared password and access to this relay is equal to SSH access. Hence, I have decided to switch to SSH tunneling. With SSH tunneling, I am able to use SSH keys for authentication.

Let's take a look at what is new in the new version of "Ratatui" and how it became the successor of tui-rs.

As of ansible-core 2.15.3, upstream moved documentation and examples to a separate dedicated repository (see the related changelogs). This means that, starting from version 2.15.3 the ansible-core package will stop shipping documentation and a default configuration example under /etc/ansible/ansible.cfg. Regarding the documentation, it is available online: https://docs.ansible.com/ As for the configuration file, as explained in the wiki, a base config can be generated with the following command: ansible-config init --disabled > ansible.cfg After updating from ansible-core <= 2.15.2-1 to >= 2.15.3-1, everyone using a custom global Ansible configuration file stored under /etc/ansible/ansible.cfg will have their configuration saved as a pacsave file. To restore it, run the following command: mv /etc/ansible/ansible.cfg.pacsave /etc/ansible/ansible.cfg

When upgrading from budgie-desktop 10.7.2-5 to 10.7.2-6, the package mutter43 must be replaced with magpie-wm, which currently depends on mutter. As mutter43 conflicts with mutter, manual intervention is required to complete the upgrade. First remove mutter43, then immediately perform the upgrade. Do not relog or reboot between these steps. pacman -Rdd mutter43 pacman -Syu

Hello friend, long ago I have ditched Arch Linux for my main operating systems and switched to ChromeOS with Arch Linux in Crostini. For a long time this setup worked fine, until I encountered a few issues with Arch Linux and Yubikeys. In this article, I would like to show you how I setup my Yubikey on Arch Linux running in Crostini within ChromeOS. First, we have to ensure that /etc/polkit-1/rules.

I am a big fan of LUKS encrypted USB sticks. They are easy to make and easy to handle on most Linux systems. ChromeOS is one of these systems, where I had trouble with LUKS encrypted USB sticks or block devices in general. Although ChromeOS is capable to mount a various number of filesystems, it has no idea what to do with a LUKS encrypted USB stick. The first idea most people have is launching a Crostini container and decrypting the USB stick via cryptsetup.

Arch Linux in July 2023 # Staff # We would like to welcome Mario Oenning (moson) as new Arch Linux Support Staff Member. devtools # arch-nspawn is now utilizing a distinct scope name instead of the previous --keep-unit approach. This allows for the creation of a dedicated scope, placing the container within a slice hierarchy which allows a more precise resource control. This enhancement will be part of the next release.

This article sums up why and how I run Arch Linux on my new Framework Laptop 13, which I received on the 3rd of this month.

The past year I have been trying to learn more about the Trusted Platform Module (TPM). This is a small device found on most modern laptops that has several cool security features like key creation, sealing and attestation, however I have been struggling to find a small project where I can learn more about it. To my surprised I learned a couple of months ago that nobody has written a TPM plugin for age!

"Ratatui" is a Rust library for building rich terminal user interfaces. In this post, I'm sharing what's new in the latest version and also a fun way to easily create terminal user interfaces in a jiffy.

Let's experiment with the std.http module of Zig >=0.11 and create an HTTP server/client from scratch (along with some benchmarks)!

Arch Linux in June 2023 # packaging # We have now enabled all packagers to have default access to the multilib and unstable desktop (GNOME/KDE) repositories. This decision removes artificial gates and simplifies the process for packagers to contribute to different aspects of the distro’s packaging. By granting wider access by default, we encourage easier participation and collaboration within our distro packaging team. devtools # We released version v1.0.3 of devtools which focused on bug fixes.

I started working on Flyaway with the intention of becoming familiar with Wayland, its protocols and extensions, and the wlroots library. Instead, I ended up genuinely liking all three.

Starting from version 2023.66594-9, TeX Live packages have been reorganized to mirror upstream collections. Even though the new texlive-basic replaces the old texlive-core, many of the texlive-core contents (including language specific files) are now split between different packages. To find out which Arch package contains a specific CTAN package, you can use the tlmgr utility, eg. $ tlmgr info euler | grep collection collection: collection-latexrecommended which means the euler CTAN package is contained in texlive-latexrecommended. You may also use pacman -F to query for specific files. A new metapackage texlive-meta is available to install all subpackages (except for language specific ones), and the new texlive-doc package provides the full documentation for offline use.

The openblas package prior to version 0.3.23-2 doesn't ship optimized LAPACK routine and CBLAS/LAPACKE interfaces for compatibility. This decision has been reverted now, and the ability to choose a different default system BLAS/LAPACK implementation while keeping openblas installed is now provided to allow future co-installation of BLIS, ATLAS, etc. The default BLAS implementation will be used for most packages like NumPy or R. Please install "blas-openblas" and "blas64-openblas" to make OpenBLAS the default BLAS implementation, just like the old behavior. Unfortunately you will get errors on updating if you currently have OpenBLAS installed as the default BLAS implementation: error: failed to prepare transaction (could not satisfy dependencies) :: installing openblas (0.3.23-2) breaks dependency 'blas' required by cblas :: installing openblas (0.3.23-2) breaks dependency 'blas' required by lapack Please append your preferred default BLAS implementation to the regular -Syu command line to get around it. For example: pacman -Syu blas-openblas or pacman -Syu blas

Arch Linux in May 2023 # Staff # We would like to welcome Anton Hvornum (torxed) and Christian Heusel (gromit) among the Arch Linux Package Maintainers. On top we would like to welcome Leonidas Spyropoulos (artafinde) to their new additional duties as Arch Linux Developer Git packaging # We are thrilled to announce the successful migration of our packaging ecosystem to Git, with package sources now accessible on GitLab. As part of this transition, we have developed a powerful new tool called pkgctl, available through devtools, offering a user-centric design and streamlined user experience for interacting with all aspects of Arch Linux packaging for users and packagers alike.