Linux

Flatpak 1.16.2 was released today as the latest stable version of this popular Linux application sandboxing and distribution framework and the first maintenance update to the Flatpak 1.16 series.

Coming more than seven months after Flatpak 1.16.1, the Flatpak 1.16.2 update is here to enable the Video Acceleration API (VA-API) extension for Intel Xe GPUs, support the “reinstall” option on bundle installations, allow cancellation for cURL downloads, and support for using sudo for changing the user.

Flatpak 1.16.2 also fixes an issue where the home directory would accidentally be accessible when a bad version of the GNU C Library (Glibc) is in use, the app has access to a standard XDG directory, and that directory is not available on the system.

The Asahi Linux project is out with their latest status report to highlight upstream improvements made for the newly-minted Linux 6.18 kernel as well as some of their efforts going on downstream within Asahi Linux itself.

The Asahi Linux developers have managed to largely sort out the microphone support for Apple Macs using the M2 Pro or M2 Max SoCs. The M1 Pro/Max SoCs in Apple devices have enjoyed full microphone support but for the M2 Pro/Max devices the support didn't carry over straight-away.

Systemd 259 is out as the newest feature release for this widely-used Linux init system and service manager. Yes, there are more features in tow for this systemd release to top off 2025.

EDIT (2025-12-19T09:08Z): Whoops! I totally didn't see that this had already been posted to this community ^[2]^. I didn't mean to repost it. My bad!

A new set of patches posted today to the Linux kernel mailing list begin adapting the Linux software RAID code paths to begin making use of the folio data structure.

Folios have continued to see continued usage throughout the Linux kernel since their merging back in 2021 with Linux 5.16. Folios allow more efficiently managing a groups of contiguous memory pages for better performance while often simplifying the kernel code too.

The first CVE vulnerability has been assigned to a piece of the Linux kernel's Rust code.

Greg Kroah-Hartman announced that the first CVE has been assigned to a piece of Rust code within the mainline Linux kernel.

This first CVE for Rust code in the Linux kernel pertains to the Android Binder rewrite in Rust. There is a race condition that can occur due to some noted unsafe Rust code. That code can lead to memory corruption of the previous/next pointers and in turn cause a crash.

Hello everyone,

I've just published the second post in my Linux Inside Out series.

In the first post we demystified the Linux kernel a bit: where it lives, how to boot it in a VM, and we even wrote a tiny init program.

In this second post we go one layer deeper and look at how programs actually talk to the kernel. We'll do a few small experiments to see:

• how our init program (that we wrote in the first post) communicates with the kernel via system calls
• how something like echo "hello" ends up printing text on your screen
• how to trace system calls to understand what a program is doing

I’m mainly targeting developers and self-hosters who use Linux daily and are curious about the internals of a Linux-based operating system.

This is part 2 of a longer series, going layer by layer through a Linux system while trying to keep things practical and approachable.

Link (part 2): https://serversfor.dev/linux-inside-out/system-calls-how-programs-talk-to-the-linux-kernel/

Link (part 1): https://serversfor.dev/linux-inside-out/the-linux-kernel-is-just-a-program/

As always, any feedback is appreciated.

Author @zknd@lemmy.world

Colin Watson announced that Debusine repositories are now available in beta form, which can be used to maintain APT-compatible add-on package repositories for Debian Linux. This comes down to being similar in nature to Personal Package Archives (PPAs) that are popular with Ubuntu Linux.

Debusine repositories are now available in beta form as add-on repositories to the main Debian archive to help in facilitating experimental packages, testing purposes, or toying with other changes to Debian but at least not for now trying to land the changes into the main Debian archive.

Hi!

If you’re using redshift on Linux, I made a small tool that might be useful. It automatically sets the screen temperature based on the current time, you just draw a curve for how you want it to behave during the day. Then you can just add it to crontab to run every minute or hour.

Developer @jak0b@lemmy.ml

TL;DR: Do a battery reset after getting WiFi/Bluetooth firmware updates when troubleshooting. Might be MediaTek specific.

So I've been using Fedora for year or so now, starting with Silverblue, which is atomic, meaning you can roll back to a previous version or kernel if you're having issues on a system. This works well for temporary fixes, but if the issue goes on for too long, you could be stuck on an older kernel, which is probably a security issue, and means you'll be using outdated firmware/software. Silverblue was smooth sailing for about two months before Bluetooth gave out on me, but I just would rollback to a previous kernel, which worked relatively fine.

But at some point I hated trying to figure out how to do things that the atomic system didn't like, so I switched to regular Fedora KDE, which meant I couldn't do rollbacks anymore. I can't remember completely, but I think it didn't work straight out of the box, and I was too lazy to fiddle with kernels and stuff, so I kinda just lived with it for the past few months since I didn't NEED it. I would passively look up info, only to be stuck again.

But finally I saw a Reddit post from last month complaining about recent kernel issues on Fedora 43, and one of the answers said to do a CMOS/Power reset after MediaTek WiFi /Bluetooth firmware updates, and it worked like a charm! I just hit the reset button on my motherboard. ~~Now if my ELAN touchpad would work again, which is what I was actually searching for...~~

Maybe MediaTek is just shit unlike other drivers, but I wanted to make sure people on Lemmy (and internet search results) knew to try this before throwing in the towel like I did. No one had ever said some drivers need battery resets.

May your troubleshooting be short!

Newer Lenovo ThinkPads are adding the ability to detect and report varying degrees of hardware damage. The Lenovo ThinkPad ACPI driver for Linux is being adapted for being able to communicate said hardware damage to user-space Linux software.

It turns out newer ThinkPads will begin communicating detected hardware damage that can then be parsed by the OS. A new patch to Lenovo's ThinkPad ACPI open-source driver explains:

"Thinkpads are adding the ability to detect and report hardware damage status. Add new sysfs interface to identify whether hardware damage is detected or not."

1. You love giving your data away
2. You enjoy being tracked by your operating system
3. You’re happy when your computer tells you “no”
4. You prefer someone else deciding what you can run
5. You feel uncomfortable if you get to have options
6. You’d rather battle corporate tech support
7. You’d rather rent your software than own it
8. You think ads belong on your desktop
9. You love being lied to about what’s “industry standard”
10. You like rebooting for every little update
11. You’re uncomfortable when software is transparent
12. You think community-made tools can’t be “professional”
13. You want intrusive AI everywhere, whether it helps or not
14. You think the command line is only for hackers
15. You never really wanted your computer to be yours anyway

KDE developer Ivan Čukić has launched KDE Ni! OS, a playful proof-of-concept that explores how immutable Linux could fit into the KDE ecosystem. The project was inspired by talks at this year’s Akademy conference, where immutable KDE distributions were a key topic.

At Akademy, two projects drew particular attention: KDE Linux, positioned as an officially branded immutable distribution, and KDE Neon Core, an effort that rethinks KDE Neon with an immutable foundation while remaining largely independent of its predecessor. With that said, KDE Ni! OS emerged as a third entry in this space, partly as a joke and partly as a practical exploration of the same design goals.

But unlike KDE Linux or KDE Neon Core, KDE Ni! OS is not meant to be a separate distribution. Čukić says he does not plan to build a new distro from the ground up. Instead, KDE Ni! OS is a reproducible system setup based on NixOS, which is known for its strong approach to immutability.

OQB @marighost@piefed.social

Last year Red Hat acquired Neural Magic as part of their AI acquisitions and to bolster the open-source AI ecosystem. Today they announced another AI acquisition.

Red Hat announced today they have acquired Chatterbox Labs, a private company that began in 2011 and is focused on AI model testing and generative AI guardrails. Chatterbox Labs' AIMI platform provides quantitative AI risk metrics and other features.

Stemming from a security researcher and his team proposing a new Linux Security Module (LSM) three years ago and it not being accepted to the mainline kernel, he raised issue over the lack of review/action to Linus Torvalds and the mailing lists. In particular, seeking more guidance for how new LSMs should be introduced and raised the possibility of taking the issue to the Linux Foundation Technical Advisory Board (TAB).

This mailing list post today laid out that a proposed TSEM LSM for a framework for generic security modeling was proposed but saw little review activity in the past three years or specific guidance on getting that LSM accepted to the Linux kernel. Thus seeking documented guidance on new Linux Security Module submissions for how they should be optimally introduced otherwise the developers are "prepared to pursue this through the [Technical Advisory Board] if necessary."

Mabox Linux, a lightweight, rolling-release Linux distribution based on Manjaro and designed around the Openbox window manager, has released version 25.12.

One of the most visible changes is the improved panel and its dynamic menus. The volume icon by the system tray now works more consistently: left-click mutes or unmutes, the mouse wheel changes the volume, and right-click opens pavucontrol.

To recall, the right-click action was previously tied to the Music & Sound menu, which remains available via the W-m shortcut or by clicking the top-right corner of the desktop.

The GNU Compiler Collection (GCC) developers now have a need to set a policy whether AI / Large Language Model (LLM) generated patches will be accepted for this open-source compiler stack.

The GCC compiler doesn't currently have a policy in place whether to permit AI/LLM-generated patches. But within a bug report today there is a patch posted by a user in trying to fix a GCC 16 compiler regression.

Longtime Red Hat engineer Hans de Goede who worked on many Intel/AMD laptop enhancements over the years left Red Hat and ended up joining Qualcomm. Now it turns out one of his projects at Qualcomm is enhancing the Fedora Linux support for running nicely out-of-the-box on Snapdragon-powered Windows on ARM laptops.

Hans de Goede filed a change proposal for providing automatic DTB selection on AArch64 EFI systems. The change proposal still needs to be voted on by FESCo but given it's rather straight-forward, it will presumably fly without objections.

The development team behind Scribus, an open-source and cross-platform desktop publishing app, released version 1.6.5 today as yet another minor update to the Scribus 1.6 stable series.

Coming almost eight months after Scribus 1.6.4, the Scribus 1.6.5 release is here to improve the color eyedropper, update the PDF export functionality by fixing issues related to font rendering and exporting via Python, improve light/dark mode capabilities, and update the scripter functions.

On top of that, Scribus 1.6.5 updates dependencies, including later releases of poppler and podofo, updates various translation files, and removes the ability to allow remote SVG image data loading due to a security vulnerability that has yet to be disclosed. Check out the release notes for more details.

Back in November Flatpak 1.17 released with support for sideloading from OCI images and other improvements in working toward the Flatpak 1.18 stable release. Out today is Flatpak 1.17.1 and was then followed quickly by Flatpak 1.17.2 to fix a mistake in the release artifacts.

Flatpak 1.17.1 introduces support for building OCI bundles with Zstd compressed layers. Leveraging Zstd rather than the default Gzip is said to speed-up compression by "several times" and result in about a 20% smaller size. But Gzip is still being kept the default compression format rather than Zstandard in order to ensure maximum compatibility. This OCI layer Zstd compression support stems from a two year old pull request for adding --oci-layer-compress=zstd support.