lwn.net

There is an increasingly active development effort, known as Darling, that is aiming to provide a translation layer for macOS software on Linux; it is inspired in part by Wine. While Darling isn't nearly as mature as Wine, contributors are continuing to build out capabilities that could make the project more useful to a wider group of users in the future.

Subscribers can read on for a look at Darling from this week's edition.

Security updates have been issued by Fedora (cutter-re and radare2), Oracle (389-ds-base, httpd, kernel, libssh2, and qemu-kvm), Red Hat (389-ds-base, chromium-browser, curl, docker, httpd, keepalived, kernel, kernel-alt, kernel-rt, libssh2, perl, podman, procps-ng, qemu-kvm, qemu-kvm-ma, ruby, samba, and vim), Scientific Linux (389-ds-base, curl, libssh2, and qemu-kvm), SUSE (bzip2 and openexr), and Ubuntu (python-urllib3 and tmpreaper).

The NumPy team has announced the release of NumPy 1.17.0. NumPy is a fundamental package for scientific computing with Python. "The 1.17.0 release contains a number of new features that should substantially improve its performance and usefulness. The Python versions supported are 3.5-3.7, note that Python 2.7 has been dropped."

For those didn't quite get around to putting in a proposal for linux.conf.au 2020 (Gold Coast, January 13 to 17), there's another chance: the proposal deadline has been extended to August 11. "We have heard that some of you would like a bit more time to submit your proposals for linux.conf.au 2020. So, we have decided to extend the due date by two weeks to help everyone have a chance to submit."

Security updates have been issued by Debian (patch, sdl-image1.2, and unzip), Fedora (deepin-clone, dtkcore, dtkwidget, and sqlite), Mageia (virtualbox), openSUSE (firefox), and SUSE (cronie and firefox).

The 5.3-rc2 kernel prepatch is available for testing. "There are fixes all over, I don't think there's much of a pattern here. The three areas that do stand out are Documentation (more rst conversions), arch updates (mainly because of the netx arm platform removal) and misc driver fixes (gpu, iommu, net, nvdimm, sound ..)".

The 5.2.4, 5.1.21, and 4.19.62 stable kernel updates have been released; each contains another set of important fixes. Note that 5.1.21 is the end of the line for the 5.1.x series.

ZDNet reports on GitHub's blocking of users from Crimea and Iran. "As GitHub notes on its page about US trade controls, US sanctions apply to its online hosting service, GitHub.com, but its paid-for on-premise software -- aimed at enterprise users -- may be an option for users in those circumstances. It also claims to be in discussions with US regulators about how to rectify the situation."

Over the last few kernel releases, the kernel has gained the concept of a "pidfd" — a file descriptor that represents a process. What started as a way of sending signals to processes without race conditions has evolved into a more complete process-management interface. Now one of the last pieces is being put into place: the ability to wait for processes using pidfds. But, naturally, that API has had to go through some revisions first.

Three new stable kernels have been released: 5.2.3, 5.1.20, and 4.19.61. These are rather larger updates than most and, as usual, contain fixes throughout the kernel tree; users should upgrade.

Security updates have been issued by Debian (libssh2 and patch), Fedora (kernel and kernel-headers), Mageia (vlc), Red Hat (rh-redis32-redis), SUSE (libgcrypt, libsolv, libzypp, zypper, and rmt-server), and Ubuntu (exim4, firefox, libebml, linux, linux-aws, linux-kvm, linux-raspi2, and vlc).

Laurent Pinchart began his Open Source Summit Japan 2019 talk with a statement that, once upon a time, camera devices were simple pipelines that produced a sequence of video frames. Applications could control cameras using the Video4Linux (V4L) API by way of a single device node; there were "lots of knobs", but the overall task was straightforward. That situation has changed over the years, and application developers need more help; that is where the libcamera project comes in.

Security updates have been issued by CentOS (java-1.7.0-openjdk, java-1.8.0-openjdk, and java-11-openjdk), Debian (exim4), Fedora (java-latest-openjdk), openSUSE (libsass, tomcat, and ucode-intel), Oracle (java-1.7.0-openjdk and thunderbird), SUSE (OpenEXR, spamassassin, and thunderbird), and Ubuntu (ansible and patch).

The LWN.net Weekly Edition for July 25, 2019 is available.

Python is often mentioned in the same breath with the phrase "batteries included", which refers to the breadth of its standard library. But there is an effort underway to trim back the standard library by removing some unloved modules. In addition, there has been persistent talk of a major restructuring of the library, into a fairly minimal core as described in Amber Brown's talk at this year's Python Language Summit, or in other ways as discussed on the python-dev mailing list in January (though it has come up many times before that as well). A mid-July python-ideas mailing list thread picked up on some of that; it ended up showing, once again, that there is no real consensus on what the standard library is—or should be.

Fedora Magazine covers the first preview release of Fedora CoreOS, a new Fedora edition built specifically for running containerized workloads. "It's the successor to both Fedora Atomic Host and CoreOS Container Linux. Fedora CoreOS combines the provisioning tools, automatic update model, and philosophy of Container Linux with the packaging technology, OCI support, and SELinux security of Atomic Host."

Security updates have been issued by Debian (kernel, linux-4.9, and neovim), Fedora (slurm), openSUSE (ImageMagick, libgcrypt, libsass, live555, mumble, neovim, and teeworlds), Oracle (java-1.7.0-openjdk, java-1.8.0-openjdk, and java-11-openjdk), Red Hat (java-1.7.0-openjdk), Scientific Linux (java-1.7.0-openjdk), SUSE (glibc and openexr), and Ubuntu (mysql-5.7 and patch).

Frequent updates are a key part of keeping systems secure, but that goal will not be met if the update mechanism itself is compromised by an attacker. At a talk during the 2019 Open Source Summit Japan, Justin Cappos described Uptane, an update delivery mechanism for automotive applications that, he said, can prevent such problems, even when the attacker has the resources of a nation state. It would seem that some automobile manufacturers agree.

Zoned block devices are quite different than the block devices most people are used to. The concept came from shingled magnetic recording (SMR) devices, which allow much higher density storage, but that extra capacity comes with a price: less flexibility. Zoned devices have regions (zones) that can only be written sequentially; there is no random access for writes to those zones. Linux already supports these devices, and filesystems are adding support as well, but some applications may want a simpler, more straightforward interface; that's what a new filesystem, zonefs, is targeting.

Security updates have been issued by Debian (libsdl2-image and libxslt), Oracle (java-1.8.0-openjdk and java-11-openjdk), Scientific Linux (java-1.8.0-openjdk and java-11-openjdk), SUSE (bzip2, microcode_ctl, and ucode-intel), and Ubuntu (clamav, evince, linux-hwe, linux-gcp, linux-snapdragon, and squid3).