Lateo.net - Flux RSS en pagaille (pour en ajouter : @ moi)

🔒
❌ À propos de FreshRSS
Il y a de nouveaux articles disponibles, cliquez pour rafraîchir la page.
À partir d’avant-hierArch Linux: Recent news updates

mkinitcpio hook migration and early microcode

With the release of mkinitcpio v38, several hooks previously provided by Arch packages have been moved to the mkinitcpio upstream project. The hooks are: systemd, udev, encrypt, sd-encrypt, lvm2 and mdadm_udev.

To ensure no breakage of users' setup occurs, temporary conflicts have been introduced into the respective packages to prevent installing packages that are no longer compatible.

The following packages needs to be upgraded together:

  • mkinitcpio 38-3
  • systemd 255.4-2
  • lvm2 2.03.23-3
  • mdadm 4.3-2
  • cryptsetup 2.7.0-3

Please note that the mkinitcpio flag --microcode, and the microcode option in the preset files, has been deprecated in favour of a new microcode hook. This also allows you to drop the microcode initrd lines from your boot configuration as they are now packed together with the main initramfs image.

Making dbus-broker our default D-Bus daemon

We are making dbus-broker our default implementation of D-Bus, for improved performance, reliability and integration with systemd.

For the foreseeable future we will still support the use of dbus-daemon, the previous implementation. Pacman will ask you whether to install dbus-broker-units or dbus-daemon-units. We recommend picking the default.

For a more detailed rationale, please see our RFC 25.

Bugtracker migration to GitLab completed

We are happy to announce that the migration of the bugtracker to GitLab is done! 🥳

Thanks to everyone who has helped during the migration!

This means the issue tracker and merge requests on the GitLab package repos are now enabled.

The old bugtracker will subsequently be closed down. For archiving reasons there will be a static copy so that links (for example the randomly picked Task #56716) are still stable, migrated bugs have a closing comment pointing to the new URL on GitLab.

Packaging bugs are now opened on the repo hosting the corresponding packaging sources, the "Add a new Bug" button on the package page on archlinux.org will automatically direct you to the correct place to open the issue. The workflow afterwards is mostly the same, first our Bug Wranglers will have a look at the issues and triage them, and then they will be handed over to the respective Package Maintainers to fix. A list of all issues can be found here.

If you do not have an account for GitLab already (which authenticates against our SSO service), please write us a mail with your desired username to accountsupport@archlinux.org as advised in the banner.

Incoming changes in JDK / JRE 21 packages may require manual intervention

We are introducing a change in JDK/JRE packages of our distro. This is triggered from the way a JRE is build in modern versions of Java (>9). We are introducing this change in Java 21.

To sum it up instead of having JDK and JRE packages coexist in the same system we will be making them conflict. The JDK variant package includes the runtime environment to execute Java applications so if one needs compilation and runtime of Java they need only the JDK package in the future. If, on the other hand, they need just runtime of Java then JRE (or jre-headless) will work.

This will (potentially) require a manual user action during upgrade:

  • If you have both JDK and JRE installed you can manually install the JDK with pacman -Sy jdk-openjdk && pacman -Su and this removes the JRE related packages.
  • If you have both JRE and JRE-headless you will need to choose one of them and install it manually since they would conflict each other now.
  • If you only have one of the JDK/JRE/JRE-headless pacman should resolve dependencies normally and no action is needed.

At the moment this is only valid for the upcoming JDK 21 release.

Changes to default password hashing algorithm and umask settings

With shadow >= 4.14.0, Arch Linux's default password hashing algorithm changed from SHA512 to yescrypt.

Furthermore, the umask settings are now configured in /etc/login.defs instead of /etc/profile.

This should not require any manual intervention.

Reasons for Yescrypt

The password-based key derivation function (KDF) and password hashing scheme yescrypt has been chosen due to its adoption (readily available in libxcrypt, which is used by pam) and its stronger resilience towards password cracking attempts over SHA512.

Although the winner of the Password Hashing Competition has been argon2, this algorithm is not yet available in libxcrypt (attempt one, attempt two).

Configuring yescrypt

The YESCRYPT_COST_FACTOR setting in /etc/login.defs is currently without effect, until pam implements reading its value. If a YESCRYPT_COST_FACTOR higher (or lower) than the default (5) is needed, it can be set using the rounds option of the pam_unix module (i.e. in /etc/pam.d/system-auth).

General list of changes

  • yescrypt is used as default password hashing algorithm, instead of SHA512
  • pam honors the chosen ENCRYPT_METHOD in /etc/login.defs and does not override the chosen method anymore
  • changes in the filesystem (>= 2023.09.18) and pambase (>= 20230918) packages ensure, that umask is set centrally in /etc/login.defs instead of /etc/profile

ansible-core >= 2.15.3-1 update may require manual intervention

As of ansible-core 2.15.3, upstream moved documentation and examples to a separate dedicated repository (see the related changelogs).
This means that, starting from version 2.15.3 the ansible-core package will stop shipping documentation and a default configuration example under /etc/ansible/ansible.cfg.

Regarding the documentation, it is available online: https://docs.ansible.com/
As for the configuration file, as explained in the wiki, a base config can be generated with the following command:

ansible-config init --disabled > ansible.cfg

After updating from ansible-core <= 2.15.2-1 to >= 2.15.3-1, everyone using a custom global Ansible configuration file stored under /etc/ansible/ansible.cfg will have their configuration saved as a pacsave file.
To restore it, run the following command:

mv /etc/ansible/ansible.cfg.pacsave /etc/ansible/ansible.cfg

budgie-desktop >= 10.7.2-6 update requires manual intervention

When upgrading from budgie-desktop 10.7.2-5 to 10.7.2-6, the package mutter43 must be replaced with magpie-wm, which currently depends on mutter. As mutter43 conflicts with mutter, manual intervention is required to complete the upgrade.

First remove mutter43, then immediately perform the upgrade. Do not relog or reboot between these steps.

pacman -Rdd mutter43

pacman -Syu

TeX Live package reorganization

Starting from version 2023.66594-9, TeX Live packages have been reorganized to mirror upstream collections. Even though the new texlive-basic replaces the old texlive-core, many of the texlive-core contents (including language specific files) are now split between different packages. To find out which Arch package contains a specific CTAN package, you can use the tlmgr utility, eg.

$ tlmgr info euler | grep collection
collection:  collection-latexrecommended

which means the euler CTAN package is contained in texlive-latexrecommended. You may also use pacman -F to query for specific files.

A new metapackage texlive-meta is available to install all subpackages (except for language specific ones), and the new texlive-doc package provides the full documentation for offline use.

OpenBLAS >= 0.3.23-2 update requires manual intervention

Par : Felix Yan

The openblas package prior to version 0.3.23-2 doesn't ship optimized LAPACK routine and CBLAS/LAPACKE interfaces for compatibility. This decision has been reverted now, and the ability to choose a different default system BLAS/LAPACK implementation while keeping openblas installed is now provided to allow future co-installation of BLIS, ATLAS, etc.

The default BLAS implementation will be used for most packages like NumPy or R. Please install "blas-openblas" and "blas64-openblas" to make OpenBLAS the default BLAS implementation, just like the old behavior.

Unfortunately you will get errors on updating if you currently have OpenBLAS installed as the default BLAS implementation:

error: failed to prepare transaction (could not satisfy dependencies) :: installing openblas (0.3.23-2) breaks dependency 'blas' required by cblas :: installing openblas (0.3.23-2) breaks dependency 'blas' required by lapack

Please append your preferred default BLAS implementation to the regular -Syu command line to get around it. For example:

pacman -Syu blas-openblas

or

pacman -Syu blas

Git migration completed

We are proud to announce that the migration to Git packaging succeeded! 🥳

Thanks to everyone who has helped during the migration!

Package sources are now available on GitLab. Note that the bugtracker is still flyspray and that merge requests are not accepted as of now. We intend to open the issue tracker and merge requests on the Gitlab package repos in the near future.

Mirrors are syncing again, but it may take a bit of time until your mirror of choice has caught up.

For users

Update your system and merge the pacman pacnew /etc/pacman.conf.pacnew file. This is required as we have moved the [community] repository into [extra].

$ pacman -Syu "pacman>=6.0.2-7"

For users of the now deprecated asp tool, you will need to switch to pkgctl:

$ pacman -Syu "devtools>=1:1.0.0-1"
$ pkgctl repo clone linux

For some more detailed instructions on how to obtain PKGBUILDs see the corresponding wiki article.

For packagers

Before starting, first uninstall devtools-git-poc and remove any repos from your filesystem that you cloned during the git proof-of-concept testing.

Make sure you have both, an updated devtools and pacman on your system:

$ pacman -Syu "devtools>=1:1.0.0-1" "pacman>=6.0.2-7"

Additionally clean up old chroots in /var/lib/archbuild/

$ rm -rf /var/lib/archbuild/
# or optionally, use the --clean option for pkgctl build *ONCE*
$ pkgctl build --clean

For instruction on how to use pkgctl, please take a look at the "How to be a packager" wiki article and also consult the man page of each subcommand for further information:

$ man pkgctl-build
$ man pkgctl-repo-clone

Git migration announcement

This Friday morning (2023-05-19) the Git packaging migration will start until Sunday (2023-05-21). The Arch Linux packaging team will not be able to update packages in any of the repositories during this period.

Notification when the migration starts, and when it is completed, will be published on the [arch-dev-public] mailing list.

How does this impact Arch Linux users?

The [testing] repository will be split into [core-testing] and [extra-testing], the [staging] repository will be split into [core-staging] and [extra-staging]. The [community] repository will be merged into [extra] and will therefore be empty after the migration.

All affected repositories will be provided as empty repositories for a transition period after the migration. For regular users, this means that everything works as before.

Note: After the migration is done, users that have the testing repositories enabled need to include the new repositories ([core-testing] and [extra-testing] instead of [testing]) in their pacman.conf before updating their system.

Other changes:

  • SVN access is discontinued and will dissappear.
  • The svn2git mirror will no longer be updated.
  • asp, which relies on the svn2git mirror, will stop working. It is replaced by pkgctl repo clone.

How does this impact Arch Linux tier 1 mirrors?

During the migration rsync and HTTP access will be shut down. We will send an email notification to arch-mirrors once everything has been finished.

How does this impact Arch Linux packagers?

Packagers will not be able to patch and update their packages. The internal Tier 0 mirror is also going to be disabled for the duration of this migration.

Switch to the base-devel meta package requires manual intervention

On February 2nd, the base-devel package group has been replaced by a meta package of the same name.
If you installed the base-devel package group prior to this date, explicitly re-install it to get the new base-devel package installed on the system:

pacman -Syu base-devel

PHP 8.2 update and introduction of legacy branch

The php packages have been updated to the latest version 8.2. In addition to this, a new set of php-legacy packages have been introduced. These will follow the oldest but still actively supported PHP branch. This enables users to install the latest version but also introduces the option to use third party applications that might rely on an older version. Both branches will be kept up to date following our rolling release model. php and php-legacy can be installed at the same time as the latter uses a -legacy suffix for its binaries and configuration files.

In addition to this, the php7 packages have been removed as they reached end of life. The imap extension will no longer be provided as it relies on the c-client library which has been abandoned for many years.

In memory of Jonathon Fernyhough

Arch Linux mourns the sudden loss of Jonathon Fernyhough, known in our community as jonathon, who passed away on Saturday night.

Jonathon was an active participant and contributor to Arch Linux, several derived distributions, the AUR and through personal repositories. He was enthusiastic, helpful and eager to contribute towards improving the free and open source software community as a whole.

On behalf of the wider Arch Linux community, our condolences go out to his family and friends.

Removing python2 from the repositories

Python 2 went end of life January 2020. Since then we have been actively cutting down the number of projects depending on python2 in our repositories, and we have finally been able to drop it from our distribution. If you still have python2 installed on your system consider removing it and any python2 package.

If you still require the python2 package you can keep it around, but please be aware that there will be no security updates. If you need a patched package please consult the AUR, or use an unofficial user repository.

Arch Linux mailing list changes

As part of dropping Python 2 which is EOL, we have migrated our mailing lists from mailman2 to mailman3.

Rewriting of the "From" header and subject (to prepend the list name) have been disabled to keep the DKIM signature intact. This means "reply to mailing list" must be used when replying to the list and you may need to update your filters and rules matching the "From" header.

All existing subscriptions are migrated and you do not need to re-subscribe. For managing your subscriptions a new mailman3 account must be registered.

Grub bootloader upgrade and configuration incompatibilities

Recent changes in grub added a new command option to fwsetup and changed the way the command is invoked in the generated boot configuration. Depending on your system hardware and setup this could cause an unbootable system due to incompatibilities between the installed bootloader and configuration. After a grub package update it is advised to run both, installation and regeneration of configuration:

grub-install ...
grub-mkconfig -o /boot/grub/grub.cfg

For more specific information on grub-install, please refer to the wiki: GRUB - ArchWiki

wxWidgets 3.2 update may need manual intervention

wxWidgets 3.2 provides a Qt frontend in addition to the GTK3 one, so packages have been renamed from wxgtk- to wxwidgets-. The GTK2 frontend is no longer provided. If you have wxgtk2 installed, the upgrade will fail with

error: failed to prepare transaction (could not satisfy dependencies) :: removing wxgtk-common breaks dependency 'wxgtk-common' required by wxgtk2

In such case, uninstall wxgtk2 first and then proceed with the upgrade.

Undone replacement of pipewire-media-session with wireplumber

Two days ago the wireplumber package was made to replace pipewire-media-session as the latter session manager for PipeWire is considered dead upstream and will see no more releases. Unfortunately, this step was premature.

Our pipewire audio packages (pipewire-alsa, pipewire-jack and pipewire-pulse) ship configuration that prompt media-session to activate PipeWire's audio features. When these packages are not installed and the configuration is missing, PipeWire can be used for screen recording without interfering with ALSA or PulseAudio.

WirePlumber disregards this mechanism and always configures PipeWire to grab audio devices, meaning users of PulseAudio or bare ALSA experience broken audio.

The replacement has been reverted while we attempt to look for a better solution switching to WirePlumber. If you are currently not using PipeWire for audio and wireplumber got installed on your system, please reinstall pipewire-media-session and reboot to restore audio functionality.

pacman -Syu pipewire-media-session

QEMU >= 7.0.0 changes split package setup

With the update to qemu 7.0.0 the package has been turned into a more fine grained split package utilizing meta packages.

  • The qemu package is now virtually provided by the meta packages qemu-base, qemu-desktop and qemu-full.
  • The functionality of qemu prior to 7.0.0 is replaced by qemu-desktop
  • The functionality of qemu-headless is replaced by qemu-base
  • The functionality of qemu-arch-extra and qemu-headless-arch-extra is replaced by qemu-emulators-full
  • The meta package qemu-full provides all QEMU related packages (excluding qemu-guest-agent)

Keycloak 17.0.1-2 update requires manual reconfiguration

The keycloak package prior to version 17.0.1-2 was running with WildFly server. Since upstream officially moved to Quarkus distribution, Arch Linux follows this approach. This means some manual intervention is required for the upgrade.

The configuration needs to be adjusted from the old .xml format to the new /etc/keycloak/keycloak.conf.

Prior to the upgrade, stop the keycloak service, upgrade the package and migrate the configuration before starting:

systemctl stop keycloak.service
pacman -Syu keycloak
# migrate configuration /etc/keycloak/keycloak.conf
systemctl start keycloak.service

See Keycloak migration docs and Keycloak Quarkus server docs

Arch Linux Leader Election Results

This month we held our leader election, and our current leader Levente Polyák ran unopposed. As per our election rules he is re-elected for a new term.

Congratulations to Levente Polyak on a new term!

Debug packages and debuginfod

We are very happy to announce that debug packages are now available in Arch Linux.

Debug symbols and source listing are provided through our debuginfod instance which can be utilized by debuggers such as gdb and delve.

https://debuginfod.archlinux.org/

A couple of sponsored mirrors are providing the debug repositories while we figure out and communicate the new mirror requirements.

Not all packages provide debug packages as enabling it for all packages is an ongoing effort.

For more information, please visit the Debuginfod wiki article, and also our newly renovated Debugging/Getting traces article.

linux-firmware 20220119.0c6a7b3-2 requires kernel >=5.3 and package splitting

The linux-firmware package 20220119.0c6a7b3-2 implements kernel firmware compression. Linux kernel from 5.3 on support loading from xz compressed firmware.
CONFIG_FW_LOADER_COMPRESS kernel option must be enabled. All official Arch Linux kernel support this for a long time. [1]

The linux-firmware package has been split into smaller packages to further reduce required disk space. Some big firmware files of rarely used hardware have been split into separate packages.
This affects firmware for Mellanox Spectrum switches, Marvell devices, Qualcomm SoCs, Cavium LiquidIO server adapters, QLogic devices, Broadcom NetXtreme II 10Gb ethernet adapters.
Make sure to install additional firmware packages if needed. [2]

[1] FS#72899
[2] FS#72559 + svn commit

libxml2>=2.9.12-6 update may require manual intervention

The libxml2 package prior to version 2.9.12-6 was missing the compiled python modules. This has been fixed in 2.9.12-6, so the upgrade may need to overwrite any untracked pyc files created. If you get errors like these

libxml2: /usr/lib/python3.10/site-packages/__pycache__/drv_libxml2.cpython-310.opt-1.pyc exists in filesystem
libxml2: /usr/lib/python3.10/site-packages/__pycache__/drv_libxml2.cpython-310.pyc exists in filesystem
libxml2: /usr/lib/python3.10/site-packages/__pycache__/libxml2.cpython-310.opt-1.pyc exists in filesystem
libxml2: /usr/lib/python3.10/site-packages/__pycache__/libxml2.cpython-310.pyc exists in filesystem

when updating, use

pacman -Syu --overwrite /usr/lib/python3.10/site-packages/__pycache__/\*

to perform the upgrade.

Sorting out old password hashes

Starting with libxcrypt 4.4.21, weak password hashes (such as MD5 and SHA1) are no longer accepted for new passwords. Users that still have their passwords stored with a weak hash will be asked to update their password on their next login.

If the login just fails (for example from display manager) switch to a virtual terminal (Ctrl-Alt-F2) and log in there once.

Move of official IRC channels to libera.chat

As some of you may have read over the past days, there has been an ownership dispute over the freenode.net network. The IRC network has been used by Arch Linux and many other projects over the past decades as a platform for discussion and support. The dispute led to the exodus of most former freenode staff from the network and the founding of a new network: libera.chat

Starting today, Arch Linux and its sister projects Arch Linux ARM and Arch Linux 32 will begin migrating the official IRC channels from freenode.net to libera.chat. Please bear with us as this can take some time to be fully settled in.

We thank the freenode community for the many years of great service and collaboration.

Installation medium with installer

The installation medium now provides a guided installer.

This addition to the default method of installation (based on the installation guide) is similar to the other methods.

If you use this installer, do not forget to mention it when asking for support and also to provide the archinstall log, when asked.

Moving to Zstandard images by default on mkinitcpio

As linux-lts moved to the 5.10 version, all official kernels of Arch Linux now support zstd compressed initramfs images, so mkinitcpio is switching to zstd compressed images by default with version 30, which is currently on [testing].

If, for any reason, you are using a kernel version prior to 5.9, make sure to change mkinitcpio.conf COMPRESSION to use one of the compressors supported, like gzip, otherwise you will not be able to boot images generated by mkinitcpio.

Chromium losing Sync support in early March

Google has announced that they are going to block everything but Chrome from accessing certain Google features (like Chrome sync) starting on March 15. This decision by Google is going to affect Arch's chromium package a bit earlier, on March 2, when Chromium 89 gets released.

We know for sure that data syncing will stop working (passwords, bookmarks, etc.). Other features such as geolocation or enhanced spell check might continue to function for a bit longer. Extensions integrating with Google Drive might misbehave and LibreOffice will lose access to documents stored there.

Other distros such as openSUSE and Fedora have already removed the soon-to-be-limited API keys from their Chromium 88 packages. Fedora's advisory provides a great deal of perspective on this and I also found this Hackaday post to be quite informative.

PHP 8.0 and PHP 7 legacy packages are available

The php package has been updated to version 8.0. Please refer to the upstream migration guide. As some applications are not compatible with PHP 8 yet we provide a php7 package which can be installed alongside version 8. Packages that depend on PHP reflect this update and will require php7 if needed. You might need to update your configuration accordingly. PHP 7 binaries and configuration have the "7" suffix:

  • /usr/bin/php -> /usr/bin/php7
  • /etc/php -> /etc/php7
  • /usr/bin/php-fpm -> /usr/bin/php-fpm7
  • /usr/lib/systemd/system/php-fpm.service -> /usr/lib/systemd/system/php-fpm7.service
  • /run/php-fpm -> /run/php-fpm7

We also provide third party modules compiled for PHP 7:

Note that support for php7 will be limited and likely be dropped in about a year depending on how soon the majority of applications will be compatible with version 8.

Manual pages indexing service

We are happy to announce our newest public service: A manual pages indexing site at man.archlinux.org that publishes the man pages of all our packages and allows you to search and browse them. Check out, for example, the man page of tar.

You can also find this service linked to in the sidebar as well as on every package detail page. Thanks to Wiki Admin lahwaacz for developing archmanweb for this purpose.

While there are other man page indexing sites out there, it is our hope that publishing man pages matching the versions of our released packages further improves Arch accessibility and documentation.

Arch Linux mailing list id changes

Due to issues with our anti spam measures, we had to migrate those mailing lists, that were sent from @archlinux.org before to the @lists.archlinux.org domain.

Submission to the mailing list is not affected and still works with @archlinux.org. Mails get redirected automagically.

The only change that may need to be considered on your side are filters and rules matching the From or List-id header which changed accordingly.

Accessible installation medium

We are very happy to announce that accessibility features have been added to our installation medium with archiso v49. From release 2020.11.01 onward these are available via the 2nd boot loader menu item. A specific installation guide can be found on the wiki.

Many thanks go to Alexander Epaneshnikov who integrated the features from the TalkingArch project into archiso's releng profile, which is used for creating the installation medium.

Note: The boot loader timeouts have been set to 15s to allow blind users to select the menu item as the boot loaders themselves do not offer accessibility features.

libtraceevent>=5.9-1 update requires manual intervention

The libtraceevent package prior to version 5.9-1 was missing a soname link. This has been fixed in 5.9-1, so the upgrade will need to overwrite the untracked files created by ldconfig. If you get any of these errors

libtraceevent: /usr/lib/libtraceevent.so.1 exists in filesystem

when updating, use

pacman -Syu --overwrite /usr/lib/libtraceevent.so.1

to perform the upgrade.

nvidia 455.28 is incompatible with linux >= 5.9

nvidia is currently partially incompatible with linux >= 5.9 [1] [2]. While graphics should work fine, CUDA, OpenCL, and likely other features are broken. Users who've already upgraded and need those features are advised to switch to the linux-lts kernel for the time being until a fix for nvidia is available.

ghostpcl>=9.53.2-2 and ghostxps>=9.53.2-2 updates require manual intervention

The ghostpcl and ghostxps packages prior to version 9.53.2-2 were missing a soname link each. This has been fixed in 9.53.2-2, so the upgrade will need to overwrite the untracked files created by ldconfig. If you get any of these errors

ghostpcl: /usr/lib/libgpcl6.so.9 exists in filesystem
ghostxps: /usr/lib/libgxps.so.9 exists in filesystem

when updating, use

pacman -Syu --overwrite /usr/lib/libgpcl6.so.9,/usr/lib/libgxps.so.9

to perform the upgrade.

Arch Conf 2020 schedule

On the 10th and 11th of October there is going to be an online edition of Arch Conf. The conference is going to have presentations from the Arch team along with community submitted presentations and lightning talks.

We are proud to announce the first revision of the schedule!

https://pretalx.com/arch-conf-online-2020/talk/

The conference timezone is CEST/UTC+2: https://everytimezone.com/s/40cc4784

Updates and additional information can be found on the conference page: https://conf.archlinux.org

See you there!

Cheers from the conference team.

Kill Arch Bugs: Help us on the 13th of September!

We would like to hold a bug wrangling day on the 13th of September to reduce the large amount of open tickets. If you cannot take part in the bug wrangling day, then feel free to help us any time before that event.

How?

Please review all bugs that were reported by you and check if they are still valid. Please request a task closure on the bug tracker if the task may be closed. Otherwise please provide further information so that we can continue to work on the bug. We cannot fix bugs without your feedback.

Questions?

Join us at #archlinux-bugs channel on irc.freenode.net during 13th of September. As we live in different timezones not all devs and bug wranglers will be available at the same time, but feel free to report your issues to any dev available.

Also please check your mailboxes that may contain notifications about comments made on your tickets.

AUR Migration: New SSH HostKeys

Due to the fact that the AUR has been migrated to a new server, the SSH HostKeys used to connect to the host have changed. These are the new keys fingerprints:

Ed25519: SHA256:RFzBCUItH9LZS0cKB5UE6ceAYhBD5C8GeOBip8Z11+4
ECDSA: SHA256:uTa/0PndEgPZTf76e1DFqXKJEXKsn7m9ivhLQtzGOCI
RSA: SHA256:5s5cIyReIfNNVGRFdDbe3hdYiI5OelHGpw2rOUud3Q8

The fingerprints above can also be found on the AUR home page when not logged in.

zn_poly 0.9.2-2 update requires manual intervention

The zn_poly package prior to version 0.9.2-2 was missing a soname link. This has been fixed in 0.9.2-2, so the upgrade will need to overwrite the untracked files created by ldconfig. If you get an error

zn_poly: /usr/lib/libzn_poly-0.9.so  exists in filesystem

when updating, use

pacman -Syu --overwrite usr/lib/libzn_poly-0.9.so

to perform the upgrade.

nss>=3.51.1-1 and lib32-nss>=3.51.1-1 updates require manual intervention

The nss and lib32-nss packages prior to version 3.51.1-1 were missing a soname link each. This has been fixed in 3.51.1-1, so the upgrade will need to overwrite the untracked files created by ldconfig. If you get any of these errors

nss: /usr/lib/p11-kit-trust.so exists in filesystem
lib32-nss: /usr/lib32/p11-kit-trust.so exists in filesystem

when updating, use

pacman -Syu --overwrite /usr/lib\*/p11-kit-trust.so

to perform the upgrade.

hplip 3.20.3-2 update requires manual intervention

The hplip package prior to version 3.20.3-2 was missing the compiled python modules. This has been fixed in 3.20.3-2, so the upgrade will need to overwrite the untracked pyc files that were created. If you get errors such as these

hplip: /usr/share/hplip/base/__pycache__/__init__.cpython-38.pyc exists in filesystem
hplip: /usr/share/hplip/base/__pycache__/avahi.cpython-38.pyc exists in filesystem
hplip: /usr/share/hplip/base/__pycache__/codes.cpython-38.pyc exists in filesystem
...many more...

when updating, use

pacman -Suy --overwrite /usr/share/hplip/\*

to perform the upgrade.

firewalld>=0.8.1-2 update requires manual intervention

The firewalld package prior to version 0.8.1-2 was missing the compiled python modules. This has been fixed in 0.8.1-2, so the upgrade will need to overwrite the untracked pyc files created. If you get errors like these

firewalld: /usr/lib/python3.8/site-packages/firewall/__pycache__/__init__.cpython-38.pyc exists in filesystem
firewalld: /usr/lib/python3.8/site-packages/firewall/__pycache__/client.cpython-38.pyc exists in filesystem
firewalld: /usr/lib/python3.8/site-packages/firewall/__pycache__/dbus_utils.cpython-38.pyc exists in filesystem
...many more...

when updating, use

pacman -Suy --overwrite /usr/lib/python3.8/site-packages/firewall/\*

to perform the upgrade.

The Future of the Arch Linux Project Leader

Hello everyone,

Some of you may know me from the days when I was much more involved in Arch, but most of you probably just know me as a name on the website. I’ve been with Arch for some time, taking the leadership of this beast over from Judd back in 2007. But, as these things often go, my involvement has slid down to minimal levels over time. It’s high time that changes.

Arch Linux needs involved leadership to make hard decisions and direct the project where it needs to go. And I am not in a position to do this.

In a team effort, the Arch Linux staff devised a new process for determining future leaders. From now on, leaders will be elected by the staff for a term length of two years. Details of this new process can be found here

In the first official vote with Levente Polyak (anthraxx), Gaetan Bisson (vesath), Giancarlo Razzolini (grazzolini), and Sven-Hendrik Haase (svenstaro) as candidates, and through 58 verified votes, a winner was chosen:

Levente Polyak (anthraxx) will be taking over the reins of this ship. Congratulations!

Thanks for everything over all these years,
Aaron Griffin (phrakture)

Planet Arch Linux migration

The software behind planet.archlinux.org was implemented in Python 2 and is no longer maintained upstream. This functionality has now been implemented in archlinux.org's archweb backend which is actively maintained but offers a slightly different experience.

The most notable changes are the offered feeds and the feed location. Archweb only offers an Atom feed which is located at here.

sshd needs restarting after upgrading to openssh-8.2p1

After upgrading to openssh-8.2p1, the existing SSH daemon will be unable to accept new connections. (See FS#65517.) When upgrading remote hosts, please make sure to restart the SSH daemon using systemctl restart sshd right after running pacman -Syu. If you are upgrading to openssh-8.2p1-3 or higher, this restart will happen automatically.

rsync compatibility

Our rsync package was shipped with bundled zlib to provide compatibility with the old-style --compress option up to version 3.1.0. Version 3.1.1 was released on 2014-06-22 and is shipped by all major distributions now.

So we decided to finally drop the bundled library and ship a package with system zlib. This also fixes security issues, actual ones and in future. Go and blame those running old versions if you encounter errors with rsync 3.1.3-3.

Now using Zstandard instead of xz for package compression

As announced on the mailing list, on Friday, Dec 27 2019, our package compression scheme has changed from xz (.pkg.tar.xz) to zstd (.pkg.tar.zst).

zstd and xz trade blows in their compression ratio. Recompressing all packages to zstd with our options yields a total ~0.8% increase in package size on all of our packages combined, but the decompression time for all packages saw a ~1300% speedup.

We already have more than 545 zstd-compressed packages in our repositories, and as packages get updated more will keep rolling in. We have not found any user-facing issues as of yet, so things appear to be working.

As a packager, you will automatically start building .pkg.tar.zst packages if you are using the latest version of devtools (>= 20191227).
As an end-user no manual intervention is required, assuming that you have read and followed the news post from late last year.

If you nevertheless haven't updated libarchive since 2018, all hope is not lost! Binary builds of pacman-static are available from Eli Schwartz' personal repository (or direct link to binary), signed with their Trusted User keys, with which you can perform the update.

Xorg cleanup requires manual intervention

In the process of Xorg cleanup the update requires manual intervention when you hit this message:

:: installing xorgproto (2019.2-2) breaks dependency 'inputproto' required by lib32-libxi
:: installing xorgproto (2019.2-2) breaks dependency 'dmxproto' required by libdmx
:: installing xorgproto (2019.2-2) breaks dependency 'xf86dgaproto' required by libxxf86dga
:: installing xorgproto (2019.2-2) breaks dependency 'xf86miscproto' required by libxxf86misc

when updating, use: pacman -Rdd libdmx libxxf86dga libxxf86misc && pacman -Syu to perform the upgrade.

❌