MrBrklyn (Slashdot reader #4,775) writes: Artix Linux, the young systemd free OS based on arch, is reaching a critical point in it's development and calling for new packagers.
Here's more from the ongoing thread on the project's forum: You don't have to be an expert in the occult arts for that; an elementary grasp of Linux in general and how PKGBUILD works should be enough for basic contributions. Help and training will be provided, free of charge!

An anonymous reader shares a report: After several big feature pull requests of new "i915" Intel DRM driver features landing in DRM-Next for Linux 4.19, the Intel open-source developers have sent in what they believe to be their last batch of feature changes for queuing this next kernel cycle. Feature activity has dwindled compared to the earlier pull requests, but this latest gathering of patches does include Intel GVT vGPU huge-page support for guests, continued Panel Self Refresh (PSR) fixes/clean-ups, GMBUS improvements for HDCP v2.2 compliance, GEM memory management improvements, and other display code improvements.

The team behind Gentoo Linux has revealed the reasons for the recent hack of its GitHub organization account. The short version: shoddy security. From a report: It seems that the hackers were able to gain access to the GitHub organization account by using the password of one of the organization administrators. By the team's own admission, poor security meant that the password was easy to guess. As the Register points out, "only luck limited the damage," but the Gentoo Linux team is keen to let it be known that it has learned a lot from the incident. In an entry on the Gentoo Linux wiki, there is a fairly detailed breakdown of what happened, how it happened, and what is being done to prevent it from happening again. The wiki entry summarizes the hack attack as follows: "An unknown entity gained control of an admin account for the Gentoo GitHub Organization and removed all access to the organization (and its repositories) from Gentoo developers. They then proceeded to make various changes to content. Gentoo Developers & Infrastructure escalated to GitHub support and the Gentoo Organization was frozen by GitHub staff. Gentoo has regained control of the Gentoo GitHub Organization and has reverted the bad commits and defaced content."

Archangel Michael writes: Reuters is reporting that Britain's Micro Focus has agreed to sell its SUSE open-source enterprise software business to Swedish buyout group EQT Partners for $2.535 billion, lifting its shares 6 percent. Micro Focus, a serial acquirer that has been struggling to get to grips with a $8.8 billion Hewlett Packard Enterprise deal, said on Monday it would use some of the proceeds to reduce debt and could return some of the rest to shareholders. SUSE is used by banks, universities and government agencies around the world and is a pioneer in enterprise-grade Linux software serving companies such as Air India, Daimler and Total.

Linux Mint, the maker of popular Linux distro, announced on Friday the general availability of a new version of their operating system. Called Linux Mint 19 "Tara", the new version offers a range of new features, improvements, and a promise that it would stick around for a while. Writing for BetaNews, Brian Fagioli: The most significant aspect of Linux Mint 19 is the new Ubuntu 18.04 LTS base. Tara will receive updates until 2023 -- very impressive. The kernel is at 4.15, and all three desktop environments are being updated too. Mate is now at version 1.2, Cinnamon gets bumped up to 3.8, and Xfce is updated to 4.12.

In Linux Mint 19, the star of the show is Timeshift, said, Clement Lefebvre, Linux Mint Project Leader. Although it was introduced in Linux Mint 18.3 and backported to all Linux Mint releases, it is now at the center of Linux Mint's update strategy and communication, he added. Thanks to Timeshift you can go back in time and restore your computer to the last functional system snapshot. If anything breaks, you can go back to the previous snapshot and it's as if the problem never happened.

Exploit broker Zerodium is offering rewards of up to $500,000 for zero-days in UNIX-based operating systems like OpenBSD, FreeBSD, NetBSD, but also for Linux distros such as Ubuntu, CentOS, Debian, and Tails. From a report: The offer, first advertised via Twitter earlier this week, is available as part of the company's latest zero-day acquisition drive. Zerodium is known for buying zero-days and selling them to government agencies and law enforcement. The company runs a regular zero-day acquisition program through its website, but it often holds special drives with more substantial rewards when it needs zero-days of a specific category. The US-based company held a previous drive with increased rewards for Linux zero-days in February, with rewards going as high as $45,000. In another zero-day acquisition drive announced on Twitter this week, the company said it was looking again for Linux zero-days, but also for exploits targeting BSD systems. This time around, rewards can go up to $500,000, for the right exploit.

Longtime Slashdot reader Chutzpah shares a report from Gentoo Linux, a Linux distribution built using the Portage package management system: June 28 at approximately 20:20 UTC unknown individuals have gained control of the Github Gentoo organization, and modified the content of repositories as well as pages there. We are still working to determine the exact extent and to regain control of the organization and its repositories. All Gentoo code hosted on GitHub should for the moment be considered compromised.

This does NOT affect any code hosted on the Gentoo infrastructure. Since the master Gentoo ebuild repository is hosted on our own infrastructure and since Github is only a mirror for it, you are fine as long as you are using rsync or webrsync from gentoo.org. Update 6/29/18: Gentoo has regained control of the Gentoo GitHub Organization and is working on a procedure for resolution. You can view the update status here.

Beeftopia writes: From ZDNet: "The latest TOP500 Supercomputer list is out. What's not surprising is that Linux runs on every last one of the world's fastest supercomputers. Linux has dominated supercomputing for years. But, Linux only took over supercomputing lock, stock, and barrel in November 2017. That was the first time all of the TOP500 machines were running Linux. Before that IBM AIX, a Unix variant, was hanging on for dear life low on the list."

An interesting architectural note: "GPUs, not CPUs, now power most of supercomputers' speed."

Chinese tech giant Tencent has joined the Linux Foundation as a platinum member. From a report: Tencent is one of a few companies to offer the highest level of support to the Linux Foundation. Other tech companies in this stable include IBM, Microsoft, and Intel, as well as fellow Chinese titan Huawei. As part of the deal, Tencent will take a chair on the Foundation's board of directors. It has also promised to offer "further support and resources" to the Foundation's efforts. So far, this has taken the form of Tencent donating several pieces of its software. Already, it's bequeathed TSeer, its service discovery tool, as well as TARS, which is the company's microservices platform. Valued at nearly $500 billion, Tencent is a behemoth of a company. It holds a massive sway over the Chinese tech market, and is spreading its cash (and influence) overseas with strategic investments in companies like Epic Games and Riot Games.

An anonymous reader quotes ZDNet: When leading Linux company Red Hat announces that -- from here on out -- all new Red Hat-initiated open-source projects that use the GNU General Public License (GPLv2) or GNU Lesser General Public License (LGPL) v2.1 licenses will be expected to supplement the license with GPL version 3 (GPLv3)'s cure commitment language, it's a big deal. Both older open-source licenses are widely used.

When the GPLv3 was released, it came with an express termination approach that offered developers the chance to cure license compliance errors. This termination policy in GPLv3 provided a way for companies to repair licensing errors and mistakes... Other companies -- CA Technologies, Cisco, HPE, Microsoft, SAP, and SUSE -- have taken similar GPL positions... In its new position statement, Red Hat explained that the GPLv2 and LGPL, as written, has led to the belief that automatic license termination and copyright infringement claims can result from a single act of inadvertent non-compliance.
"We hope that others will also join in this endeavor," says Red Hat's senior commercial counsel, Richard Fontana, "to reassure the open source community that good faith efforts to fix noncompliance will be embraced."

ZDNet points out that the move to new licenses "doesn't apply, of course, to Linux itself. Linus Torvalds has made it abundantly clear that Linux has been, will now, and always shall be under the GPLv2."

An anonymous reader writes: Linux 4.18 development is going strong with recent 4.18-rc1 release. This kernel cycle has dropped 107,210 lines of code so far but Linux 4.18 is adding many new features. The kernel is coming in lighter as a result of the LustreFS code being removed and other code cleanups. On the feature front, Phoronix reports, "ew AMDGPU support improvements, mainlining of the V3D DRM driver, initial open-source work on NVIDIA Volta GV100 hardware, merging of the Valve Steam Controller kernel driver, merging of the BPFILTER framework, ARM Spectre mitigation work, Speck file-system encryption support, removal of the Lustre file-system, the exciting restartable sequences system call was merged, the new DM writecache target, and much more."

Bruce Perens co-founded the Open Source Initiative with Eric Raymond -- and he's also Slashdot reader #3872. Now he's just won a legal victory in court. "Open Source Security, maker of the grsecurity Linux kernel patches, has been directed to pay Bruce Perens and his legal team almost $260,000 following a failed defamation claim," reports The Register. Slashdot reader Right to Opine writes: The order requires Spengler and his company to pay $259,900.50, with the bill due immediately rather than allowing a wait for the appeal of the case. The Electronic Frontier Foundation's attorneys will represent Perens during OSS/Spengler's appeal of the case.

Perens was sued for comments on his blog and here on Slashdot that suggested that OSS's Grsecurity product could be in violation of the GPL license on the Linux kernel. The court had previously ruled that Perens' statements were not defamatory, because they were statements by a non-attorney regarding an undecided issue in law. It is possible that Spengler is personally liable for any damages his small company can't pay, since he joined the case as an individual in order to preserve a claim of false light (which could not be brought by his company), removing his own corporate protection.

jrepin writes: KDE unveils the final release of Plasma 5.13, the free and open-source desktop environment. Members of the Plasma team have focused on optimizing startup and minimizing memory usage. Plasma Browser Integration is a suite of new features which make Firefox, Chrome and Chromium-based browsers work with your desktop. For example, downloads are now displayed in the Plasma notification popup, and the Media Controls Plasmoid can mute and skip videos and music playing from within the browser. Browser tabs can be opened directly using KRunner via the Alt-Space keyboard shortcut. System Settings design has been improved further. Window manager gained much-improved effects for blur and desktop switching. Wayland work continued, with the return of window rules, and initial support for screencasts and desktop sharing. You can view the changelog here.

To celebrate its 14th birthday, Phoronix.com used a 15-inch MacBook Pro to run system benchmarking tests on the following operating systems:

- Windows 10 Pro

- The latest macOS 10.13 High Sierra

- Windows 10 Windows Subsystem for Linux (WSL) using Ubuntu 18.04

- Ubuntu 18.04 LTS with the Linux 4.15 kernel, GCC 7.3.0, and an EXT4 file-system.

- Clear Linux 22780 with the Linux 4.16 kernel, GCC 8.1.1, and EXT4.

- Fedora Workstation 28 with updates is the Linux 4.16 kernel, GCC 8.1.1, and EXT4.

- OpenSUSE Tumbleweed with the Linux 4.16 kernel, GCC 7.3.1, and default file-system configuration of Btrfs root file-system with XFS home partition.

The results? When it came to outright wins and losses, Clear Linux 22780 was the front-runner 59% of the time followed by macOS 10.13.4 finishing first 21% of the time and then Fedora Workstation 28 with winning 10% of the time.

For losses, to little surprise considering the I/O overhead, Windows 10 was in last place 38% of the time followed by Ubuntu 18.04 being surprisingly the slowest Linux distribution 30% of the time on this 2016 MacBook Pro.
The article also reminds readers that "For those looking for a Linux laptop, there are plenty of better options..."

"Dear Init Freedom Lovers..." begins the announcement at Devuan.org: We are happy to announce that Devuan GNU+Linux 2.0 ASCII Stable is finally available. Devuan is a GNU+Linux distribution committed to providing a universal, stable, dependable, free software operating system that uses and promotes alternatives to systemd and its components.

Devuan 2.0 ASCII runs on several architectures. Installer CD and DVD ISOs, as well as desktop-live and minimal-live ISOs, are available for i386 and amd64. Ready-to-use images can be downloaded for a number of ARM platforms and SOCs, including Raspberry Pi, BeagleBone, OrangePi, BananaPi, OLinuXino, Cubieboard, Nokia and Motorola mobile phones, and several Chromebooks, as well as for Virtualbox/QEMU/Vagrant. The Devuan 2.0 ASCII installer ISOs offer a variety of Desktop Environments including Xfce, KDE, MATE, Cinnamon, LXQt, with others available post-install. The expert install mode now offers a choice of either SysVinit or OpenRC as init system...

We would like to thank the entire Devuan community for the continued support, feedback, and collaboration....
The release notes include information on Devuan's new network of package repository mirrors, and they're also touting their "direct and easy upgrade paths" from Devuan Jessie, Debian Jessie and Debian Stretch.

The Linux Foundation has endorsed Microsoft's acquisition of GitHub. In a blog post, Jim Zemlin, the executive director at the Linux Foundation, said: "This is pretty good news for the world of Open Source and we should celebrate Microsoft's smart move." The Verge reports: 10 years ago, Zemlin was calling for Microsoft to stop secretly attacking Linux by selling patents that targeted the operating system, and he also poked fun at Microsoft multiple times over the years. "I will own responsibility for some of that as I spent a good part of my career at the Linux Foundation poking fun at Microsoft (which, at times, prior management made way too easy)," explains Zemlin. "But times have changed and it's time to recognize that we have all grown up -- the industry, the open source community, even me." Nat Friedman, the future CEO of GitHub (once the deal closes), took to Reddit to answer questions on the company's plans. "We are not buying GitHub to turn it into Microsoft; we are buying GitHub because we believe in the importance of developers, and in GitHub's unique role in the developer community," explains Friedman. "Our goal is to help GitHub be better at being GitHub, and if anything, to help Microsoft be a little more like GitHub."

Mark Wycislik-Wilson, writing for BetaNews: In his weekly message to the Linux community on Sunday, Linus Torvalds announced the release of Linux 4.17. The release comes a couple of months after the first release candidate, and in his message Torvalds also talks about version 5.0 of the Linux kernel. Having previously said that Linux kernel v5.0 "should be meaningless," he said that this next major numerical milestone will come around "in the not too distance future." For now, though, it's version 4.17 -- or Merciless Moray, if you prefer -- that's of interest. Linux kernel 4.17 is not a major release, and Torvalds announced it without much fanfare. "So this last week was pretty calm, even if the pattern of most of the stuff coming in on a Friday made it feel less so as the weekend approached. And while I would have liked even less changes, I really didn't get the feeling that another week would help the release in any way, so here we are, with 4.17 released."

Billly Gates writes: Windows 10 build 1803 has come out this month, but with some problems. AnandTech has a deep-dive with the review examing many new features including the much better support for Linux. WSL (Windows Subsystem for Linux) now has native Curt and Tar from the command prompt as well as a utility to convert Unix to Windows pathnames called WSLpath.exe which is documented here. In addition it was mentioned on Slashdot in the past about OpenSSH being ported natively to Win32 in certain early builds. It now seems the reason was for Linux interoperability with this Spring Update 2. Unix sockets mean you can run Kali Linux on Windows 10 for penetration testing or run an Apache server in the background with full Linux networking support. Deemons now run in the background even with the command prompt closed. [...]

Brian Fagioli, writing for BetaNews: This week, The GNOME Foundation made a shocking revelation: a mystery donor has pledged $1 million dollars. We don't know who is promising the money -- it could be a rich man or woman, but more likely -- and this is pure speculation -- it is probably a company that benefits from GNOME, such as Red Hat or Canonical.

"An anonymous donor has pledged to donate up to $1,000,000 over the next two years, some of which will be matching funds. The GNOME Foundation is grateful for this donation and plans on using these funds to increase staff to streamline operations and to grow its support of the GNOME Project and the surrounding ecosystem. While the GNOME Foundation has maintained its position as a proponent of the GNOME Project, growth has been limited. With these funds, the GNOME Foundation will be able to expand and lead in the free software space," says The GNOME Foundation.

Several readers have shared a blog post: One of the ongoing system administration controversies in Linux is that there is an ongoing effort to obsolete the old, cross-Unix standard network administration and diagnosis commands of ifconfig, netstat and the like and replace them with fresh new Linux specific things like ss and the ip suite. Old sysadmins are generally grumpy about this; they consider it yet another sign of Linux's 'not invented here' attitude that sees Linux breaking from well-established Unix norms to go its own way. Although I'm an old sysadmin myself, I don't have this reaction. Instead, I think that it might be both sensible and honest for Linux to go off in this direction. There are two reasons for this, one ostensible and one subtle.

The ostensible surface issue is that the current code for netstat, ifconfig, and so on operates in an inefficient way. Per various people, netstat et al operate by reading various files in /proc, and doing this is not the most efficient thing in the world (either on the kernel side or on netstat's side). You won't notice this on a small system, but apparently there are real impacts on large ones. Modern commands like ss and ip use Linux's netlink sockets, which are much more efficient. In theory netstat, ifconfig, and company could be rewritten to use netlink too; in practice this doesn't seem to have happened and there may be political issues involving different groups of developers with different opinions on which way to go.

(Netstat and ifconfig are part of net-tools, while ss and ip are part of iproute2.)

However, the deeper issue is the interface that netstat, ifconfig, and company present to users. In practice, these commands are caught between two masters. On the one hand, the information the tools present and the questions they let us ask are deeply intertwined with how the kernel itself does networking, and in general the tools are very much supposed to report the kernel's reality. On the other hand, the users expect netstat, ifconfig and so on to have their traditional interface (in terms of output, command line arguments, and so on); any number of scripts and tools fish things out of ifconfig output, for example. As the Linux kernel has changed how it does networking, this has presented things like ifconfig with a deep conflict; their traditional output is no longer necessarily an accurate representation of reality.