Goodbye, Sam
A eulogy for the greatest dog of all, and a friend I will never forget.
https://serebit.dev/posts/merry-christmas-sam/
#planetarch
A eulogy for the greatest dog of all, and a friend I will never forget.
https://serebit.dev/posts/merry-christmas-sam/
#planetarch
❤13💔5🤡2
2024 wrapped
Dear blog. This post is inspired by an old friend of mine who has been writing these for the past few years. I meant to do this for a while now, but ended up not preparing anything, so this post is me writing it from memory. There’s likely stuff I forgot, me being gentle with myself I’ll probably just permit myself to complete this list the next couple of days. I hate bragging, I try to not depend on external validation as much as possible, and being the anti-capitalist that I am, I try to be content with knowing I’m …
https://vulns.xyz/2024/12/2024-wrapped/
#planetarch
Dear blog. This post is inspired by an old friend of mine who has been writing these for the past few years. I meant to do this for a while now, but ended up not preparing anything, so this post is me writing it from memory. There’s likely stuff I forgot, me being gentle with myself I’ll probably just permit myself to complete this list the next couple of days. I hate bragging, I try to not depend on external validation as much as possible, and being the anti-capitalist that I am, I try to be content with knowing I’m …
https://vulns.xyz/2024/12/2024-wrapped/
#planetarch
🔥4👏4
Critical rsync security release 3.4.0
We'd like to raise awareness about the rsync security release version
An attacker only requires anonymous read access to a vulnerable rsync server, such as a public mirror, to execute arbitrary code on the machine the server is running on. Additionally, attackers can take control of an affected server and read/write arbitrary files of any connected client. Sensitive data can be extracted, such as OpenPGP and SSH keys, and malicious code can be executed by overwriting files such as
We highly advise anyone who runs an rsync daemon or client prior to version
All infrastructure servers and mirrors maintained by Arch Linux have already been updated.
https://archlinux.org/news/critical-rsync-security-release-340/
#news
We'd like to raise awareness about the rsync security release version
3.4.0-1 as described in our advisory ASA-202501-1.An attacker only requires anonymous read access to a vulnerable rsync server, such as a public mirror, to execute arbitrary code on the machine the server is running on. Additionally, attackers can take control of an affected server and read/write arbitrary files of any connected client. Sensitive data can be extracted, such as OpenPGP and SSH keys, and malicious code can be executed by overwriting files such as
~/.bashrc or ~/.popt.We highly advise anyone who runs an rsync daemon or client prior to version
3.4.0-1 to upgrade and reboot their systems immediately. As Arch Linux mirrors are mostly synchronized using rsync, we highly advise any mirror administrator to act immediately, even though the hosted package files themselves are cryptographically signed.All infrastructure servers and mirrors maintained by Arch Linux have already been updated.
https://archlinux.org/news/critical-rsync-security-release-340/
#news
🤯3😭2👀1
Glibc 2.41 corrupting Discord installation
We plan to move
This issue has been fixed in the Discord canary build. If you rely on audio connectivity, please use the canary build, login via browser or the flatpak version until the fix hits the stable Discord release.
There have been no reports that (written) chat connectivity is affected.
https://archlinux.org/news/glibc-241-corrupting-discord-installation/
#news
We plan to move
glibc and its friends to stable later today, Feb 3. After installing the update, the Discord client will show a red warning that the installation is corrupt.This issue has been fixed in the Discord canary build. If you rely on audio connectivity, please use the canary build, login via browser or the flatpak version until the fix hits the stable Discord release.
There have been no reports that (written) chat connectivity is affected.
https://archlinux.org/news/glibc-241-corrupting-discord-installation/
#news
Infrastructure as Advent of Code
In the cold of December we have but one thing to keep us warm: our laptops, trying to solve Advent of Code puzzles with inefficient algorithms. This year, 2024, is the tenth edition, and the puzzles are filled with more Easter eggs than ever before. Unfortunately, I’m not interested in Easter eggs, or solving the puzzles. I am a DevOps engineer, and I’m going to apply Infrastructure as Code principles to Advent of Code.
https://bertptrs.nl/2025/02/04/infrastructure-as-advent-of-code.html
#planetarch
In the cold of December we have but one thing to keep us warm: our laptops, trying to solve Advent of Code puzzles with inefficient algorithms. This year, 2024, is the tenth edition, and the puzzles are filled with more Easter eggs than ever before. Unfortunately, I’m not interested in Easter eggs, or solving the puzzles. I am a DevOps engineer, and I’m going to apply Infrastructure as Code principles to Advent of Code.
https://bertptrs.nl/2025/02/04/infrastructure-as-advent-of-code.html
#planetarch
🤔1👨💻1
Cleaning up old repositories
Around two years ago, we've merged the
On systems where
The following deprecated repositories will be removed:
Please make sure to remove all use of the aforementioned repositories from your
https://archlinux.org/news/cleaning-up-old-repositories/
#news
Around two years ago, we've merged the
[community] repository into [extra] as part of the git migration. In order to not break user setups, we kept these repositories around in an unused and empty state. We're going to clean up these old repositories on 2025-03-01.On systems where
/etc/pacman.conf still references the old [community] repository, pacman -Sy will return an error on trying to sync repository metadata.The following deprecated repositories will be removed:
[community], [community-testing], [testing], [testing-debug], [staging], [staging-debug].Please make sure to remove all use of the aforementioned repositories from your
/etc/pacman.conf (for which a .pacnew was shipped with pacman>=6.0.2-7)!https://archlinux.org/news/cleaning-up-old-repositories/
#news
🫡5👍3
Rust edition 2024 annotated
Last Thursday Rust 1.85 was released, and with it, edition 2024 has dropped. The new edition is significantly larger than the two editions that preceded it, and contains many small but significant quality of life improvements to the language. In this post, I’d like to explain what an edition is, and summarize all the changes that were made to the language I love. If you need the details, I recommend reading the edition guide, but for a general overview, read on.
https://bertptrs.nl/2025/02/23/rust-edition-2024-annotated.html
#planetarch
Last Thursday Rust 1.85 was released, and with it, edition 2024 has dropped. The new edition is significantly larger than the two editions that preceded it, and contains many small but significant quality of life improvements to the language. In this post, I’d like to explain what an edition is, and summarize all the changes that were made to the language I love. If you need the details, I recommend reading the edition guide, but for a general overview, read on.
https://bertptrs.nl/2025/02/23/rust-edition-2024-annotated.html
#planetarch
🎉5
Valkey to replace Redis in the [extra] Repository
Valkey, a high-performance key/value datastore, will be replacing redis in the [extra\] repository. This change is due to Redis modifying its license from BSD-3-Clause to RSALv2 and SSPLv1 on March 20th, 2024.
Arch Linux Package Maintainers intend to support the availability of the redis package for roughly 14 days from the day of this post, to enable a smooth transition to valkey. After the 14 day transition period has ended, the redis package will be moved to the AUR. Also, from this point forward, the redis package will not receive any additional updates and should be considered deprecated until it is removed.
Users are recommended to begin transitioning their use of Redis to Valkey as soon as possible to avoid possible complications after the 14 day transition window closes.
https://archlinux.org/news/valkey-to-replace-redis-in-the-extra-repository/
#news
Valkey, a high-performance key/value datastore, will be replacing redis in the [extra\] repository. This change is due to Redis modifying its license from BSD-3-Clause to RSALv2 and SSPLv1 on March 20th, 2024.
Arch Linux Package Maintainers intend to support the availability of the redis package for roughly 14 days from the day of this post, to enable a smooth transition to valkey. After the 14 day transition period has ended, the redis package will be moved to the AUR. Also, from this point forward, the redis package will not receive any additional updates and should be considered deprecated until it is removed.
Users are recommended to begin transitioning their use of Redis to Valkey as soon as possible to avoid possible complications after the 14 day transition window closes.
https://archlinux.org/news/valkey-to-replace-redis-in-the-extra-repository/
#news
❤2👍1😴1
Easter hack: terraform-provider-openwrt
April is usualy tax season for most people in Norway, and as I got some “money back on the skætt” I wound up purchasing an OpenWrt One to replace my 13-14 year old Asus router. I’ve been meaning to learn a bit more about networking in general and getting an OpenWrt router seemed like a fun project. Last year I bought a Beryl AX from GL-Inet as I was travelling for a few weeks.
https://linderud.dev/blog/easter-hack-terraform-provider-openwrt/
#planetarch
April is usualy tax season for most people in Norway, and as I got some “money back on the skætt” I wound up purchasing an OpenWrt One to replace my 13-14 year old Asus router. I’ve been meaning to learn a bit more about networking in general and getting an OpenWrt router seemed like a fun project. Last year I bought a Beryl AX from GL-Inet as I was travelling for a few weeks.
https://linderud.dev/blog/easter-hack-terraform-provider-openwrt/
#planetarch
👍3
Am I a musician yet? - Superbooth 2025 Experience
I went to Berlin for a music event and here is what happened.
https://blog.orhun.dev/am-i-a-musician-yet/
#planetarch
I went to Berlin for a music event and here is what happened.
https://blog.orhun.dev/am-i-a-musician-yet/
#planetarch
Transition to the new WoW64 wine and wine-staging
We are transitioning the wine and wine-staging package to a pure wow64 build. This change removes the dependency on the multilib repository for wine and wine-staging.
The main reason for this is to align with upstream Wine development, which simplifies packaging and the dependency chain.
Potential Issues:
OpenGL Performance: A known limitation of the new WoW64 mode is reduced performance for 32-bit applications that use OpenGL directly
Breaking Changes: Existing 32-bit prefixes needs to be recreated
If you are facing issues with 32 bit prefixes, please recreate these and reinstall the application.
https://archlinux.org/news/transition-to-the-new-wow64-wine-and-wine-staging/
#news
We are transitioning the wine and wine-staging package to a pure wow64 build. This change removes the dependency on the multilib repository for wine and wine-staging.
The main reason for this is to align with upstream Wine development, which simplifies packaging and the dependency chain.
Potential Issues:
OpenGL Performance: A known limitation of the new WoW64 mode is reduced performance for 32-bit applications that use OpenGL directly
Breaking Changes: Existing 32-bit prefixes needs to be recreated
If you are facing issues with 32 bit prefixes, please recreate these and reinstall the application.
https://archlinux.org/news/transition-to-the-new-wow64-wine-and-wine-staging/
#news
👍9
Plasma 6.4.0 will need manual intervention if you are on X11
On Plasma 6.4 the wayland session will be the only one installed when the users does not manually specify kwin-x11.
With the recent split of kwin into kwin-wayland and kwin-x11, users running the old X11 session needs to manually install plasma-x11-session, or they will not be able to login. Currently pacman is not able to figure out your personal setup, and it wouldn't be ok to install plasma-x11-session and kwin-x11 for every one using Plasma.
### tldr: Install plasma-x11-session if you are still using x11
https://archlinux.org/news/plasma-640-will-need-manual-intervention-if-you-are-on-x11/
#news
On Plasma 6.4 the wayland session will be the only one installed when the users does not manually specify kwin-x11.
With the recent split of kwin into kwin-wayland and kwin-x11, users running the old X11 session needs to manually install plasma-x11-session, or they will not be able to login. Currently pacman is not able to figure out your personal setup, and it wouldn't be ok to install plasma-x11-session and kwin-x11 for every one using Plasma.
### tldr: Install plasma-x11-session if you are still using x11
https://archlinux.org/news/plasma-640-will-need-manual-intervention-if-you-are-on-x11/
#news
👍6👌2😁1
linux-firmware >= 20250613.12fe085f-5 upgrade requires manual intervention
With
Unfortunately, this coincided with upstream reorganizing the symlink layout of the NVIDIA firmware, resulting in a situation that Pacman cannot handle. When attempting to upgrade from
To progress with the system upgrade, first remove
https://archlinux.org/news/linux-firmware-2025061312fe085f-5-upgrade-requires-manual-intervention/
#news
With
20250613.12fe085f-5, we split our firmware into several vendor-focused packages. linux-firmware is now an empty package depending on our default set of firmware.Unfortunately, this coincided with upstream reorganizing the symlink layout of the NVIDIA firmware, resulting in a situation that Pacman cannot handle. When attempting to upgrade from
20250508.788aadc8-2 or earlier, you will see the following errors:linux-firmware-nvidia: /usr/lib/firmware/nvidia/ad103 exists in filesystem
linux-firmware-nvidia: /usr/lib/firmware/nvidia/ad104 exists in filesystem
linux-firmware-nvidia: /usr/lib/firmware/nvidia/ad106 exists in filesystem
linux-firmware-nvidia: /usr/lib/firmware/nvidia/ad107 exists in filesystem
To progress with the system upgrade, first remove
linux-firmware, then reinstall it as part of the upgrade:# pacman -Rdd linux-firmware
# pacman -Syu linux-firmware
https://archlinux.org/news/linux-firmware-2025061312fe085f-5-upgrade-requires-manual-intervention/
#news
✍8👍5😁3🤬1
Specifications
In October 2024 a team of dedicated developers has started work on the ALPM project. Since then it has been focusing on writing new documentation on many aspects of Arch Linux Package Management that were not thoroughly documented in the past. This article provides an overview of the specifications written by this project and attempts to contextualize them for the reader. The existing stack 📚 With its `bash` based `makepkg` tool for package creation, the libalpm C library for interfacing with system state and the central `pacman` package management tool, the pacman project has defined the …
https://devblog.archlinux.page/2025/specifications/
#planetarch
In October 2024 a team of dedicated developers has started work on the ALPM project. Since then it has been focusing on writing new documentation on many aspects of Arch Linux Package Management that were not thoroughly documented in the past. This article provides an overview of the specifications written by this project and attempts to contextualize them for the reader. The existing stack 📚 With its `bash` based `makepkg` tool for package creation, the libalpm C library for interfacing with system state and the central `pacman` package management tool, the pacman project has defined the …
https://devblog.archlinux.page/2025/specifications/
#planetarch
👍4🔥2
Introducing pkgctl license
In Arch Linux, as part of RFC40, we have recently decided to license all Arch Linux package sources as 0BSD. Our package sources didn't have any license previously. RFC40 only specified that we do want to license our package sources but it didn't specify how to ensure this. As such, in RFC52 we decided we want to use REUSE to achieve that. NOTE: It might be a bit confusing that our PKGBUILD files also have a
https://devblog.archlinux.page/2025/pkgctl-license/
#planetarch
In Arch Linux, as part of RFC40, we have recently decided to license all Arch Linux package sources as 0BSD. Our package sources didn't have any license previously. RFC40 only specified that we do want to license our package sources but it didn't specify how to ensure this. As such, in RFC52 we decided we want to use REUSE to achieve that. NOTE: It might be a bit confusing that our PKGBUILD files also have a
license field. However, this field specifies the upstream license, i.e. the license of the software that we package. It does not specify …https://devblog.archlinux.page/2025/pkgctl-license/
#planetarch
zabbix >= 7.4.1-2 may require manual intervention
Starting with
zabbix-server
zabbix-proxy
zabbix-agent _(also used by the `zabbix-agent2` package)_
zabbix-web-service
This shared
The switch to the new user account is handled automatically for the corresponding main configuration files and
However, manual intervention may be required if you created custom files or configurations referencing to and / or being owned by the above deprecated users accounts, for example:
`PSK` files used for encrypted communication
Custom noscripts for metrics collections or report generations
`sudoers` rules for metrics requiring elevated privileges to be collected
...
Those should therefore be updated to refer to and / or be owned by the new
Once migrated, you may remove the obsolete user accounts from your system.
https://archlinux.org/news/zabbix-741-2-may-requires-manual-intervention/
#news
Starting with
7.4.1-2, the following Zabbix system user accounts (previously shipped by their related packages) will no longer be used. Instead, all Zabbix components will now rely on a shared zabbix user account (as originally intended by upstream and done by other distributions):zabbix-server
zabbix-proxy
zabbix-agent _(also used by the `zabbix-agent2` package)_
zabbix-web-service
This shared
zabbix user account is provided by the newly introduced zabbix-common split package, which is now a dependency for all relevant zabbix-* packages.The switch to the new user account is handled automatically for the corresponding main configuration files and
systemd service units.However, manual intervention may be required if you created custom files or configurations referencing to and / or being owned by the above deprecated users accounts, for example:
`PSK` files used for encrypted communication
Custom noscripts for metrics collections or report generations
`sudoers` rules for metrics requiring elevated privileges to be collected
...
Those should therefore be updated to refer to and / or be owned by the new
zabbix user account, otherwise some services or user parameters may fail to work properly, or not at all.Once migrated, you may remove the obsolete user accounts from your system.
https://archlinux.org/news/zabbix-741-2-may-requires-manual-intervention/
#news
Expanding battery charge control support in Linux
Since GNOME 48, users can now preserve their battery health directly from GNOME Settings. Currently, this feature only works on laptops that support both start and end charge thresholds, such as ThinkPads. Ideally, we’d like to support every laptop with any form of charge threshold control but that isn't …
https://vdwaa.nl/charge-types-api-upower.html
#planetarch
Since GNOME 48, users can now preserve their battery health directly from GNOME Settings. Currently, this feature only works on laptops that support both start and end charge thresholds, such as ThinkPads. Ideally, we’d like to support every laptop with any form of charge threshold control but that isn't …
https://vdwaa.nl/charge-types-api-upower.html
#planetarch
[arch-announce] Recent services outages
https://archlinux.org/news/recent-services-outages/
https://bbs.archlinux.org/viewtopic.php?id=307762
#planetarch
https://archlinux.org/news/recent-services-outages/
https://bbs.archlinux.org/viewtopic.php?id=307762
#planetarch
Release: rebuilderd v0.25.0
rebuilderd v0.25.0 was recently released, this version has improved in-toto support for cryptographic attestations that this blog post briefly outlines. 😺 As a quick recap, rebuilderd is an automatic build scheduler that emerged in 2019/2020 from the Reproducible Builds project doing the following:
1. Track binary packages available in a Linux distribution
2. Attempt to compile the official binary packages from their (alleged) source code
3. Check if the package we compiled is bit-for-bit identical
1. If so, mark it
2. In every other case, mark it
…
https://vulns.xyz/2025/09/rebuilderd-v0.25.0/
#planetarch
rebuilderd v0.25.0 was recently released, this version has improved in-toto support for cryptographic attestations that this blog post briefly outlines. 😺 As a quick recap, rebuilderd is an automatic build scheduler that emerged in 2019/2020 from the Reproducible Builds project doing the following:
1. Track binary packages available in a Linux distribution
2. Attempt to compile the official binary packages from their (alleged) source code
3. Check if the package we compiled is bit-for-bit identical
1. If so, mark it
GOOD, issue an attestation2. In every other case, mark it
BAD, generate a diffoscope…
https://vulns.xyz/2025/09/rebuilderd-v0.25.0/
#planetarch
Why I left Budgie
I said when I made the announcement that there wasn’t any drama, and there still isn’t.
https://serebit.dev/posts/why-i-left-budgie/
#planetarch
I said when I made the announcement that there wasn’t any drama, and there still isn’t.
https://serebit.dev/posts/why-i-left-budgie/
#planetarch
❤1