All posts by corbet

[$] Business accounting with GnuCash

Post Syndicated from corbet original https://lwn.net/Articles/731126/rss

The first stop in the search for a free accounting system that can replace
QuickBooks is a familiar waypoint: the GnuCash application. GnuCash has been
around for many years and is known primarily as a personal-finance tool,
but it has acquired some business features as well. The question is: are
those business features solid enough to allow the program to serve as a
replacement for QuickBooks?

The end of Gentoo’s hardened kernel

Post Syndicated from corbet original https://lwn.net/Articles/731477/rss

Gentoo has long provided a hardened kernel package, but that is
coming to an end
. “As you may know the core of
sys-kernel/hardened-sources has been the grsecurity patches. Recently the
grsecurity developers have decided to limit access to these patches. As a
result, the Gentoo Hardened team is unable to ensure a regular patching
schedule and therefore the security of the users of these kernel
sources. Thus, we will be masking hardened-sources on the 27th of August
and will proceed to remove them from the package repository by the end of
September.

Kernel prepatch 4.13-rc6

Post Syndicated from corbet original https://lwn.net/Articles/731475/rss

The 4.13-rc6 kernel prepatch is out.
So everything still looks on target for a normal release schedule,
which would imply rc7 next weekend, and then the final 4.13 the week
after that.

Unless something happens, of course. Tomorrow is the solar eclipse,
and maybe it brings doom and gloom even beyond the expected Oregon
trafficalypse. You never know.”

[$] Power-efficient workqueues

Post Syndicated from corbet original https://lwn.net/Articles/731052/rss

Power-efficient workqueues were first introduced in the
3.11 kernel release; since then, fifty or so
subsystems and drivers have been updated to use them. These workqueues
can be especially useful on handheld devices (like tablets and
smartphones), where power is at a premium.
ARM platforms with power-efficient workqueues enabled on Ubuntu and
Android have shown significant improvements in energy consumption (up to
15% for some use cases).

Solus 3 released

Post Syndicated from corbet original https://lwn.net/Articles/731121/rss

The Solus distribution project has announced
the availability of Solus 3. “This is the third iteration of
Solus since our move to become a rolling release operating system. Unlike
the previous iterations, however, this is a release and not a
snapshot. We’ve now moved away from the ‘regular snapshot’ model to
accommodate the best hybrid approach possible – feature rich releases with
explicit goals and technology enabling, along with the benefits of a
curated rolling release operating system.
” Headline features
include support for the Snap packaging format, a lot of desktop changes,
and numerous software updates. (LWN looked at
Solus
in 2016).

[$] Debian debates software for proprietary services

Post Syndicated from corbet original https://lwn.net/Articles/730940/rss

Distributions like Debian have a clear policy on the software they ship; as
a general rule, only free software can be considered for inclusion. How
that policy should be applied to software that interacts
with proprietary systems is not entirely clear, though. A recent
discussion on a package that
interfaces with a proprietary network service seems unlikely to lead to any
changes in policy, but it does highlight a fault line within the Debian
community.

Wirzenius: Retiring Obnam

Post Syndicated from corbet original https://lwn.net/Articles/730986/rss

Lars Wirzenius announces
that he is ending development of the Obnam backup system. “After
some careful thought, I fear that the maintainability problems of Obnam can
realistically only be solved by a complete rewrite from scratch, and I’m
not up to doing that. If you use Obnam, you should migrate to some other
backup solution. Don’t worry, you have until the end of the year. I will be
around and I intend to fix any serious bugs in Obnam; in particular,
security flaws. But you should start looking for a replacement sooner
rather than later.
” LWN looked at
Obnam
in 2012.

[$] Another attempt at speculative page-fault handling

Post Syndicated from corbet original https://lwn.net/Articles/730531/rss

While the best way to avoid performance problems associated with page
faults is usually to avoid faulting altogether, that is not always an
option. Thus, it is important that the kernel handle page faults with a
minimum of overhead. One particular pain point in current kernels comes
about in multi-threaded workloads that are all incurring faults in the
same address space. Speculative page-fault handling is an old idea for
improving the scalability of such workloads that may finally be approaching
a point where it can be considered for inclusion.

Bassi: Dev v Ops

Post Syndicated from corbet original https://lwn.net/Articles/730630/rss

Emmanuele Bassi writes about the
mismatch
between the traditional distribution packaging model and what
the world seems to actually want. “The more I think about it, the less I understand how that ever worked in the first place. It is not a mystery, though, why it’s a dying model.

When I say that ‘nobody develops applications like the Linux distributions
encourages and prefers’ I’m not kidding around: Windows, macOS, iOS,
Electron, and Android application developers are heavily based on the
concept of a core set of OS services; a parallel installable blocks of
system dependencies shipped and retired by the OS vendor; and a bundling
system that allows application developers to provide their own
dependencies, and control them.”

Source-code management system security updates

Post Syndicated from corbet original https://lwn.net/Articles/730564/rss

It turns out that even rather different source-code management systems can
have similar vulnerabilities. This can be seen in the Git v2.14.1,
Mercurial 4.3, and
Subversion 1.9.7 releases (plus updates of
older releases). In each case, it’s possible to provide a malicious
repository URL
that ends up executing code; these URLs can be buried out
of sight in existing repositories. Updating would be a good idea,
regardless of which system you use.

[$] Scaling the kernel’s MAINTAINERS file

Post Syndicated from corbet original https://lwn.net/Articles/730509/rss

The kernel’s development community is large, to the point that it is often
far from obvious who a given patch should be sent to. As the community has
grown, it has developed mechanisms for tracking that information centered
on a text file called MAINTAINERS. But now it would appear that
this scalability mechanism has scalability problems of its own.

Security updates for Thursday

Post Syndicated from corbet original https://lwn.net/Articles/730474/rss

Security updates have been issued by Debian (firefox-esr), Fedora (cacti, community-mysql, and pspp), Mageia (varnish), openSUSE (mariadb, nasm, pspp, and rubygem-rubyzip), Oracle (evince, freeradius, golang, java-1.7.0-openjdk, log4j, NetworkManager and libnl3, pki-core, qemu-kvm, and X.org), Red Hat (flash-plugin), and Slackware (curl and mozilla).

[$] An alternative device-tree source language

Post Syndicated from corbet original https://lwn.net/Articles/730217/rss

Device trees have become, in a relatively short time, the preferred way to
inform the kernel of the available hardware on systems where that hardware
is not discoverable — most ARM systems, among others. In short, a
device tree is a textual description of a system’s hardware that is
compiled to a simple binary format and passed to the kernel by the
bootloader. The source format for device trees has been established for a
long time — longer than Linux has been using it. Perhaps it’s time for a
change, but a proposal for a new
device-tree source format has generated a fair amount of controversy in the
small corner of the community that concerns itself with such things.

[$] The coming WebKitGTK+ 2.4 apocalypse

Post Syndicated from corbet original https://lwn.net/Articles/730185/rss

It is well understood that old and unmaintained software tends to be a
breeding ground for security problems. These problems are never welcome, but they
are particularly worrying when the software in question is a net-facing
tool like a web browser. Standalone browsers are (hopefully) reasonably
well maintained, but those are not the only web browsers out there; they
can also be embedded into applications. The effort to do away with one
unmaintained embedded browser is finally approaching its conclusion, but
the change appears to have caught some projects unaware.

Vetter: Why Github can’t host the Linux Kernel Community

Post Syndicated from corbet original https://lwn.net/Articles/730184/rss

Daniel Vetter describes
how the kernel community scales
and why he feels that the GitHub model tends not to
work for the largest projects. “Unfortunately github doesn’t support
this workflow, at least not natively in the github UI. It can of course be
done with just plain git tooling, but then you’re back to patches on
mailing lists and pull requests over email, applied manually. In my opinion
that’s the single one reason why the kernel community cannot benefit from
moving to github. There’s also the minor issue of a few top maintainers
being extremely outspoken against github in general, but that’s a not
really a technical issue. And it’s not just the linux kernel, it’s all huge
projects on github in general which struggle with scaling, because github
doesn’t really give them the option to scale to multiple repositories,
while sticking to with a monotree.

[$] Escape from QuickBooks (with data in hand)

Post Syndicated from corbet original https://lwn.net/Articles/729087/rss

When a small business contemplates getting away from a proprietary
accounting tool like QuickBooks in favor of free software like GnuCash, the
first order of business is usually finding a way to liberate that
business’s accounting data for input into a new system. Strangely enough,
Intuit, the creator of QuickBooks, never quite got around to making that
easy to do. But it turns out
that, with a bit of effort, this move can be made. Getting there involves
wandering through an undocumented wilderness; this article is at attempt to
make things easier for the next people to come along.