Arch Linux

https://lists.archlinux.org/archives/li … WE6GFWUJN/ Hi everyone! Levente and I have been busy preparing a test environment for the new git package workflow, which is going to replace the svn repository. To test the new git package setup install `devtools-git-poc` from the [community] repository and use the new `pkgctl` utility. Please check each time if there is a new upgrade before playing around. The goal of the testing is to figure out UX issues, bugs and larger issues that would need to be dealt with before a git migration can happen. It's therefor very important that people sit down and play around …

Recently I packaged my project git-cliff (changelog generator written in Rust) for NPM with the help of my friend @atlj. I thought this would be an interesting topic for a blog post since it has a certain technical depth about distributing binaries and frankly it still amazes me how the whole thing works so smoothly. So let's create a simple Rust project, package it for NPM and fully automate the release process via GitHub Actions.

I have recently switched to Chrome OS Flex as main operating system. The experience so far is really great. It does everything what it should do. I can browse the internet with it, game with it (in the past Google Stadia, now Xbox Cloud), answer my mails and even work on Arch Linux. Even printing worked pretty much out of the box. What does not work properly at the moment is scanning over wifi with my very old HP DeskJet 2540 printer with embedded scanner.

The php packages have been updated to the latest version 8.2. In addition to this, a new set of php-legacy packages have been introduced. These will follow the oldest but still actively supported PHP branch. This enables users to install the latest version but also introduces the option to use third party applications that might rely on an older version. Both branches will be kept up to date following our rolling release model. php and php-legacy can be installed at the same time as the latter uses a -legacy suffix for its binaries and configuration files. In addition to this, the php7 packages have been removed as they reached end of life. The imap extension will no longer be provided as it relies on the c-client library which has been abandoned for many years.

Arch Linux mourns the sudden loss of Jonathon Fernyhough, known in our community as jonathon, who passed away on Saturday night. Jonathon was an active participant and contributor to Arch Linux, several derived distributions, the AUR and through personal repositories. He was enthusiastic, helpful and eager to contribute towards improving the free and open source software community as a whole. On behalf of the wider Arch Linux community, our condolences go out to his family and friends.

There is going to be a dinner at FOSDEM 2023! Please email foxboron@archlinux.org if you want to attend Copypasta follows. Yo! The previous years at FOSDEM we have held a dinner with around 15-20 people. Some maintainers from Arch, and some users that wanted to join. It has been great events and with FOSDEM 2023 happening I thought it was a good idea to do it again :) The dinner will be held Saturday, 4th of February, around 20:00. The dinner is sponsored by the Arch and should cover a drink and a main course. We will cap the attendees to 20 people. Priority for members of the Arch team (developers, trusted users and support staff). Any free spots after this can be taken by anyone interested. The users requesting spots will get a heads up the week before FOSDEM to give all staff a chance to reply. Please ask me if you have any questions :) Send me an email *offlist* if you want to attend. I also plan to announce a pub closer to FOSDEM so anyone unable to join the dinner can still come and grab a drink with the rest of us. Cheers! https://lists.archlinux.org/archives/li … CM4XGLNSN/

Let's investigate how to generate random numbers without external dependencies in Rust.

Let's talk about how to develop an open sourcerer mindset.

Arch Linux in November 2022 # Git packaging sources # We made huge progress towards finally being able to migrate from SVN to Git for package sources. The core projects responsible for our package build, workflow and release, namely dbscripts and devtools reached production grade adjustments to achieve the transition [0][1]. Furthermore we have started to document and outline our Roadmap with the Git packaging as its first item [2].

Following a long discussion and a recent vote, the role of "Trusted User" has been renamed "Package Maintainer":

• https://gitlab.archlinux.org/archlinux/ … /7/commits
• https://lists.archlinux.org/archives/li … XV2KS5OSC/

The role remains the same. The forum titles have been updated accordingly.

I have spent a fair amount of time hacking on debug packages the past two years. This work resulted in Arch Linux announcing the public debuginfod server which allows users to download symbols and source code to debug software running on their system. With this service users don’t need to figure out what the debug packages are called, installing them and maybe removing it afterwards. It also saves a fair amount of data you need to download.

NBD 用于提供块设备给远程设备使用是一种非常简便、低成本的方法。然而，让 NBD 开始工作的方法在网上能找到很多，但是 NBD 客户端的配置持久化却很难搜到比较完整的资料。在参考了一些过时博客、manpage 等比较分散的资料之后，我总算是凭借蛛丝马迹找到了应当是正确的配置方法。 1、自动加载 nbd 内核模块 echo nbd > /etc/modules-load.d/nbd.conf （虽然——我觉得这件事应该在 nbd 包里完成，因为上游不愿意默认提供的理由只是为了考虑 nbd 未被编译为内核模块的情况。） 2、/etc/nbdtab 没错，光是发现这个东西就花了我不少时间。 nbd 服务器、连接选项等本来在 nbd-client 命令中配置的内容，应当被写到这个文件里。 一个简单的例子： nbd0 192.168.0.10 export0 persist 显而易见，分别对应设备名、服务器地址、服务器上配置的 export 名、其他选项。完整的介绍可以参考对应的 manpage。 3、/etc/fstab 和 nbd@<设备名>.service 到这里就是最后一步了，也是非常容易出错的一步。 此处的设备名应当和 nbdtab 内配置的设备名相符，nbdtab 的配置由这个对应的服务应用。和其他网络设备一样，挂载点、挂载相关的配置应当设置在 /etc/fstab。 这里需要使用 x-systemd.requires 来声明对 systemd 服务的依赖关系。由于服务会被这个依赖关系自动唤起，不需要手动 enable 服务。 /dev/nbd0 /var/lib/archbuild btrfs defaults,x-systemd.requires=nbd@nbd0.service,_netdev,nofail 0 … Continue reading [Arch] systemd 时代的 NBD 客户端持久化配置方法 The post [Arch] systemd 时代的 NBD 客户端持久化配置方法 first appeared on Felix's Blog.

最近 Arch Linux 终于把 OpenSSL 更新到了 3.x 系列版本。一直以来，在处理涉及打包工具链本身的 soname bump 等更新问题时，我们一直缺乏一个透明、优雅的流程。 以往采用过的方法包括但不限于：临时往编译环境里手动塞旧版本兼容包、手动在过渡版本的新版 PKGBUILD 里再编译一份旧版包然后把 lib 装进去等。由于处理这件事的开发者一般独自完成了整个过程，留下来的资料除了 IRC 里的寥寥几语往往十分有限，对于其他开发者、或是下游发行版试图重现这个过程来说，都是一个比较痛苦的过程。 这一次趁着 OpenSSL 3 的机会，本喵深度参与了整个 bootstrap rebuild 过程，并且在 RISC-V port 里复现了一遍。现在记录一下大致的过程和遇到的问题，以备不时之需。 1、首先把旧版库打包，使其可以与新版库同时安装。 openssl-1.1：https://github.com/archlinux/svntogit-packages/commit/d50ecccc79b637830b71795bd919e6467e118ef0 由于需要避免文件冲突，相应的编译选项（–libdir）和 package() 过程中做了一些兼容性处理。如果这个包还需要在 rebuild 之后留下来，比如这次的 openssl-1.1 的情况，头文件和 pkgconfig 的 .pc 文件也需要做处理。如果只是作为兼容包，可以仅保留带 soname 和具体版本的库文件本身。（当然，这种情况下也可以考虑在新版包里直接编译一份旧版库安装进去，毕竟只是临时使用。） 2、让新版库临时依赖旧版库的包 https://github.com/archlinux/svntogit-packages/commit/eef05b437f55c4d9403668ebdc27973c6a6c2134#diff-37538beb61ff63edebbf735dfcf39e5d732f49183d6beb097169d971875ca422R56 这里用到的技巧是，在 package() 方法内追加 depends，以避免编译环境中提前引入这个依赖，产生文件冲突（此时的仓库中，原包名对应的包仍然是旧版本，和 openssl-1.1 兼容包存在文件冲突）。 3、用此时的环境 rebuild 整个工具链需要用到的基础包 这一步具体要处理哪些包需要仔细分析。以这次 … Continue reading [Arch] OpenSSL 3 更新杂记 The post [Arch] OpenSSL 3 更新杂记 first appeared on Felix's Blog.

我在选镜像站的时候，总会遇到一个矛盾：镜像站访问快、镜像站和上游同步延迟低（同步到了最新的包）两者不可兼得。 比较容易想到的解决思路是：只从同步延迟低的镜像下 db，然后从速度快的镜像开始依次试，跳过 404 的镜像，直到找到一个已经存在该文件的镜像。 在过往的十来年里，我一直是通过写一个脚本来分别给 pacman -Sy 和 pacman -Su 设置不同的镜像来勉强解决的。但是这个用法在 pacman 最新系列中被破坏了——pacman 加入了一个镜像站如果 404 次数过多，在同一次更新中就再也不尝试了的新行为。 想到以往的用法会在命令中夹杂许多 404 报错，需要专门的脚本来换镜像体验也并不是很好，我写了个非常简单的本地服务来实现这个需求： #!/usr/bin/ruby # # A simple local redirector for pacman, to get you the latest packages and # utilize available mirrors. # # Usage: # - Set multiple mirrors in /etc/pacman.d/mirrorlist-accel with ordering: # https://fastest-mirror-but-updates-once-a-day/archlinux/ # … Continue reading 用 pacman-accel 给 pacman 加速 The post 用 pacman-accel 给 pacman 加速 first appeared on Felix's Blog.

Arch Linux in October 2022 # mkinitcpio # mkinitcpio v32 has been released [0] which adds support for zst compressed firmware for future kernel versions as well as various fixes and adjustments. pacman # pacman 6.0.2 has been released [1] which fixes multiple issues with debug packages. On top pacman-key has been adjusted to do a single gpg trustdb check instead of one after each key revocation. Furthermore various fixes have been added related to clang lto, reproducible packages containing sparse files and other fixes.

Hello there. I have not written a new article for quite a time now, but the waiting is finally over. Here comes the article everyone of you ever waited for. Let us install Arch Linux on ChromeOS together. Yihaaaa… (Not quite what you expected? Feel free to drop this article :‘D). If you are reading this, this means you are still here. Nice. So, let us start with a short explanation on why I am doing this:

I’ve released a new tool to manage lockfiles for Arch Linux packages that can’t use a lockfile from the official upstream release. It integrates closely with other Arch Linux tooling like updpkgsums that’s already used to pin the content of build inputs in PKGBUILD. To use this, the downstream lockfile becomes an additional source input in the source= array of our PKGBUILD (this is already the case for some packages). source=("git+https://github.com/vimeo/psalm.git#commit=${_commit}" "composer.lock") You would then add a new function named updlockfiles that can generate new lockfiles and copies them into $outdir, and a prepare function to copy the lockfile in the right place: prepare() { cd ${pkgname} cp ../composer.lock . } updlockfiles() { cd ${pkgname} rm -f composer.lock composer update cp composer.lock "${outdir}/" } To update the package to the latest (compatible) patch level simply run: updlockfiles This can also be used in case upstreams lockfile has vulnerable dependencies that you want to patch downstream. For more detailed instructions see the readme. Thanks This work is currently crowd-funded on github sponsors. I’d like to thank @SantiagoTorres, @repi and @rgacogne for their support in particular. ♥️

Arch Linux in September 2022 # RFC # We entered the final discussion period for the RFC [0] to merge the pacman repository [community] into [extra] as well as the packaging VCS location community into packages. The [core] repository remains limited to Developers. One the RFC is accepted, we will implement the proposal during the migration to Git packaging. devtools # Changes were prepared to account for the repo merger RFC and its resulting workflow.

Python 2 went end of life January 2020. Since then we have been actively cutting down the number of projects depending on python2 in our repositories, and we have finally been able to drop it from our distribution. If you still have python2 installed on your system consider removing it and any python2 package. If you still require the python2 package you can keep it around, but please be aware that there will be no security updates. If you need a patched package please consult the AUR, or use an unofficial user repository.

As part of dropping Python 2 which is EOL, we have migrated our mailing lists from mailman2 to mailman3. Rewriting of the "From" header and subject (to prepend the list name) have been disabled to keep the DKIM signature intact. This means "reply to mailing list" must be used when replying to the list and you may need to update your filters and rules matching the "From" header. All existing subscriptions are migrated and you do not need to re-subscribe. For managing your subscriptions a new mailman3 account must be registered.

Arch Linux in August 2022 # devtools # The code and repository has been restructured [0] as it got out of hand over time. Now it follows a clear distinction and structure with improvements in the build system. The incubating tool diffpkg received a lot of new features [1] that will be released shortly. The new tool helps to print differences of the current package build against the last release including file listing, pkginfo, buildinfo, diffoscope.

Recent changes in grub added a new command option and changed the way the command is invoked. Depending on your system hardware and setup this could cause an unbootable system due to incompatibilities between the installed bootloader and configuration. After a grub package update it is advised to run both, installation and regeneration of configuration: grub-install ... grub-mkconfig -o /boot/grub/grub.cfg For more specific information on grub-install, please refer to the wiki: GRUB - ArchWiki

In this new blog series, I would like to introduce you to the daily adventures of an Arch Linux package maintainer. This time, we will have a look at reproducible package builds. Reproducible package builds are very important for us, as package maintainers, because reproducible package builds create an independently-verifiable path from source to the final package. This means, every Arch Linux user can verify that noone tampered with the Arch Linux package build process.

Arch Linux in July 2022 # archlinux-keyring # The archlinux-keyring package gained a systemd service and timer unit which updates existing PGP keys used by pacman on user systems by default on a weekly basis from Arch Linux’s web key directory (WKD)[0]. This service is meant to remove the necessity for most cases of “first upgrade your archlinux-keyring and then do a system upgrade” until pacman itself will be able to deal with this scenario natively.

wxWidgets 3.2 provides a Qt frontend in addition to the GTK3 one, so packages have been renamed from wxgtk- to wxwidgets-. The GTK2 frontend is no longer provided. If you have wxgtk2 installed, the upgrade will fail with error: failed to prepare transaction (could not satisfy dependencies) :: removing wxgtk-common breaks dependency 'wxgtk-common' required by wxgtk2 In such case, uninstall wxgtk2 first and then proceed with the upgrade.