Arch Planet
Planet Arch Linux is a window into the world, work and lives of Arch Linux developers, package maintainers and support staff.
Operating System Bias in Next Generation Internet and NLnet
In Grants for Operating Systems I discussed my journey through the grant application writing business since beginning of last year.
To keep things light and somewhat focused, I left out a topic, that I would like to write about in more detail in the following sections.
It's about selection bias in grants provided by Next Generation Internet (NGI), that can be applied for directly or through NLnet.
Read more… (11 min remaining to read)
Grants for Operating Systems
Over the past years I have written (unsuccessful) funding applications for free software projects, associated with the Arch Linux Operating System.
This article is about my experiences with applying for numerous funds and my advice for people trying to get their work funded.
TL;DR: Writing funding applications is extremely tedious and the selection process mostly intransparent and discouraging. Depending on what you apply for and who you apply with, you may never get funding due to other, additional factors.
Read more… (8 min remaining to read)
Incoming changes in JDK / JRE 21 packages may require manual intervention
We are introducing a change in JDK/JRE packages of our distro. This is
triggered from the way a JRE is build in modern versions of Java (>9). We are
introducing this change in Java 21.
To sum it up instead of having JDK and JRE packages coexist in the same system
we will be making them conflict. The JDK variant package includes the runtime
environment to execute Java applications so if one needs compilation and
runtime of Java they need only the JDK package in the future. If, on the other
hand, they need just runtime of Java then JRE (or jre-headless) will work.
This will (potentially) require a manual user action during upgrade:
- If you have both JDK and JRE installed you can manually install the JDK
with
pacman -Syu jdk-openjdk
and this removes the JRE related packages. - If you have both JRE and JRE-headless you will need to choose one of them and install it manually since they would conflict each other now.
- If you only have one of the JDK/JRE/JRE-headless pacman should resolve dependencies normally and no action is needed.
Fully Automated Releases for Rust Projects
Here is how you can publish a Rust project with a single click of a button and automate everything.
September
Arch Linux in September 2023 # Staff # We would like to welcome Fabian Bornschein (fabiscafe) as part of the Arch Linux Package Maintainer team.
Bug weekend # During the 1st to 3rd of September, we conducted a bug weekend with the aim of resolving old bugs and implementing proposed solutions. This effort not only reduced the backlog but also contributed to streamlining the upcoming bug tracker migration, resulting in the resolution of approximately 200 bugs.
Store ssh keys inside the TPM: ssh-tpm-agent
After writing age-plugin-tpm a friend of mine at the hackerspace was super excited to finally have easy file encryption with TPM sealed keys, all without having to rely on gnupg. “This is great!” he said.
“I wish I could have my SSH keys sealed in a TPM just as easily”.
We should have left it at that.
I shouldn’t have replied with a random assortment of facts like “I know google/go-tpm now”, or “but Go has a ssh-agent protocol implementation” followed-up with “Filippo has already implemented yubikey-agent, it can’t be that hard”.
Changes to default password hashing algorithm and umask settings
With shadow >=
4.14.0
, Arch Linux's default password hashing algorithm changed from SHA512 to yescrypt.
Furthermore, the umask
settings are now configured in /etc/login.defs
instead of /etc/profile
.
This should not require any manual intervention.
Reasons for Yescrypt
The password-based key derivation function (KDF) and password hashing scheme yescrypt has been chosen due to its adoption (readily available in libxcrypt, which is used by pam) and its stronger resilience towards password cracking attempts over SHA512.
Although the winner of the Password Hashing Competition has been argon2, this algorithm is not yet available in libxcrypt …
July
Arch Linux in August 2023 # Staff # We would like to welcome Tomaz Canabrava (tcanabrava) as part of the Arch Linux Package Maintainer team.
AURWeb # In AURWeb v6.2.7, we primarily focused on bug fixes while revamping Prometheus metrics. We introduced new measures like request tracking and cache-hit/miss ratios for search queries, enhancing our ability to make development decisions and aiding the AUR moderation team in identifying trends.
Phosh now available on Arch Linux
Having a full Linux mobile or tablet device has always interested me, to have
an alternative to Android and use Arch Linux everywhere. Realistically I won't
be able to give up Android on my phone, but what about tablet's?
Phosh was developed to be a graphical
user interface for mobile …
Weechat With SSH Tunneling
In the past, I have used Weechat with Weechat and IRC relays. Since, I have switched to ChromeOS, I disabled the IRC relay, because I switched to the Weechat Android App on ChromeOS. Nevertheless, I was never 100% happy with the Weechat relay. The relay usually works via a shared password and access to this relay is equal to SSH access.
Hence, I have decided to switch to SSH tunneling. With SSH tunneling, I am able to use SSH keys for authentication.
From tui-rs to Ratatui: 6 Months of Cooking Up Rust TUIs
Let's take a look at what is new in the new version of "Ratatui" and how it became the successor of
tui-rs
.
ansible-core >= 2.15.3-1 update may require manual intervention
As of
ansible-core 2.15.3
, upstream moved documentation and examples to a separate dedicated repository (see the related changelogs).
This means that, starting from version 2.15.3
the ansible-core
package will stop shipping documentation and a default configuration example under /etc/ansible/ansible.cfg
.
Regarding the documentation, it is available online: https://docs.ansible.com/
As for the configuration file, as explained in the wiki, a base config can be generated with the following command:
ansible-config init --disabled > ansible.cfg
After updating from ansible-core
<= 2.15.2-1
to >= 2.15.3-1
, everyone using a custom global Ansible configuration file stored under /etc/ansible/ansible.cfg
will have their configuration saved as a pacsave
file.
To restore it, run the following command:
mv /etc/ansible/ansible.cfg.pacsave /etc/ansible/ansible.cfg
budgie-desktop >= 10.7.2-6 update requires manual intervention
When upgrading from budgie-desktop 10.7.2-5 to 10.7.2-6, the package mutter43 must be replaced with magpie-wm, which currently depends on mutter. As mutter43 conflicts with mutter, manual intervention is required to complete the upgrade.
First remove mutter43, then immediately perform the upgrade. Do not relog or
reboot between these steps.
pacman -Rdd mutter43
pacman -Syu
Yubikey in Crostini
Hello friend,
long ago I have ditched Arch Linux for my main operating systems and switched to ChromeOS with Arch Linux in Crostini. For a long time this setup worked fine, until I encountered a few issues with Arch Linux and Yubikeys.
In this article, I would like to show you how I setup my Yubikey on Arch Linux running in Crostini within ChromeOS.
First, we have to ensure that /etc/polkit-1/rules.
Mount Block Devices in ChromeOS
I am a big fan of LUKS encrypted USB sticks. They are easy to make and easy to handle on most Linux systems. ChromeOS is one of these systems, where I had trouble with LUKS encrypted USB sticks or block devices in general. Although ChromeOS is capable to mount a various number of filesystems, it has no idea what to do with a LUKS encrypted USB stick. The first idea most people have is launching a Crostini container and decrypting the USB stick via cryptsetup.
July
Arch Linux in July 2023 # Staff # We would like to welcome Mario Oenning (moson) as new Arch Linux Support Staff Member.
devtools # arch-nspawn is now utilizing a distinct scope name instead of the previous --keep-unit approach. This allows for the creation of a dedicated scope, placing the container within a slice hierarchy which allows a more precise resource control. This enhancement will be part of the next release.
Running Arch Linux on the Framework Laptop 13
This article sums up why and how I run Arch Linux on my new Framework Laptop 13, which I received on the 3rd of this month.
Store age identities inside the TPM: age-plugin-tpm
The past year I have been trying to learn more about the Trusted Platform Module (TPM). This is a small device found on most modern laptops that has several cool security features like key creation, sealing and attestation, however I have been struggling to find a small project where I can learn more about it.
To my surprised I learned a couple of months ago that nobody has written a TPM plugin for age!
Generating terminal user interfaces with Ratatui + ChatGPT
"Ratatui" is a Rust library for building rich terminal user interfaces. In this post, I'm sharing what's new in the latest version and also a fun way to easily create terminal user interfaces in a jiffy.
Zig Bits 0x4: Building an HTTP client/server from scratch
Let's experiment with the
std.http
module of Zig >=0.11
and create an HTTP server/client from scratch (along with some benchmarks)!
June
Arch Linux in June 2023 # packaging # We have now enabled all packagers to have default access to the multilib and unstable desktop (GNOME/KDE) repositories. This decision removes artificial gates and simplifies the process for packagers to contribute to different aspects of the distro’s packaging. By granting wider access by default, we encourage easier participation and collaboration within our distro packaging team.
devtools # We released version v1.0.3 of devtools which focused on bug fixes.
Wayland is pretty good, actually
I started working on Flyaway with the intention of becoming familiar with Wayland, its protocols and extensions, and the wlroots library. Instead, I ended up genuinely liking all three.
TeX Live package reorganization
Starting from version 2023.66594-9, TeX Live packages have been reorganized to mirror upstream collections. Even though the new
texlive-basic
replaces the old texlive-core
, many of the texlive-core contents (including language specific files) are now split between different packages. To find out which Arch package contains a specific CTAN package, you can use the tlmgr
utility, eg.
$ tlmgr info euler | grep collection
collection: collection-latexrecommended
which means the euler CTAN package is contained in texlive-latexrecommended
. You may also use pacman -F
to query for specific files.
A new metapackage texlive-meta is available to install all subpackages (except for language specific ones), and the new texlive-doc package provides the full documentation for offline use.
OpenBLAS >= 0.3.23-2 update requires manual intervention
The openblas package prior to version 0.3.23-2 doesn't ship optimized
LAPACK routine and CBLAS/LAPACKE interfaces for compatibility. This
decision has been reverted now, and the ability to choose a different
default system BLAS/LAPACK implementation while keeping openblas
installed is now provided to allow future co-installation of BLIS,
ATLAS, etc.
The default BLAS implementation will be used for most packages like
NumPy or R. Please install "blas-openblas" and "blas64-openblas" to make
OpenBLAS the default BLAS implementation, just like the old behavior.
Unfortunately you will get errors on updating if you currently have
OpenBLAS installed as the default BLAS implementation:
error: failed to prepare transaction (could not satisfy dependencies)
:: installing openblas (0.3.23-2) breaks dependency 'blas' required by cblas
:: installing openblas (0.3.23-2) breaks dependency 'blas' required by
lapack
Please append your preferred default BLAS implementation to the regular
-Syu command line to get around it. For example:
pacman -Syu blas-openblas
or
pacman -Syu blas
May
Arch Linux in May 2023 # Staff # We would like to welcome Anton Hvornum (torxed) and Christian Heusel (gromit) among the Arch Linux Package Maintainers.
On top we would like to welcome Leonidas Spyropoulos (artafinde) to their new additional duties as Arch Linux Developer
Git packaging # We are thrilled to announce the successful migration of our packaging ecosystem to Git, with package sources now accessible on GitLab. As part of this transition, we have developed a powerful new tool called pkgctl, available through devtools, offering a user-centric design and streamlined user experience for interacting with all aspects of Arch Linux packaging for users and packagers alike.