Michael:
[0:00] This week in Linux, we have a jam packed episode. We have the new version of the Mesa graphics drivers. There’s some changes happening with Serpent OS project. There’s a new release of the Rust programming language and that perfectly flows into some updates we have for Rust for Linux. All of this and more on this week in Linux, the weekly news show that keeps you up to date with what’s going on in the Linux and open source world. Now let’s jump right into Your Source for Linux GNews.

Michael:
[0:33] This episode of TWIL is sponsored by Sandfly Security more on them later before we get started with this episode i just wanted to give you a little bit of an announcement so well not a little bit it’s a big deal actually it’s a big deal to me maybe not to you but i think it’s going to be a big deal period and that is TWIL is about to hit episode 300 this is episode 299 so as you can imagine it’s next week so check out thisweekinlinux.com/live and you can see what it is going to be on your time zone. So for me, it’s going to be at noon, 12 p.m. on Friday. Whatever your time zone is, it will be different, maybe, unless you’re in the same time zone. I’m US Central, by the way. If you are in something else, just go to thisweekinlinux.com/live, and it will take you to the YouTube event for it, and that will theoretically have it automatically changed for your time zone. So I’m not exactly sure what we’re going to be doing on this to celebrate the milestone. We’re going to have a regular show, of course, but we’re also going to do something else. And for those who don’t know, there’s a bit of a difference between the recorded show and the live stream because we kind of have a chat in between different topics and all sorts of stuff. So there’s a lot of content there that just never gets into the channel. I should probably think about cutting some of that stuff into content on the channel. But anyway.

Michael:
[1:49] Come to the stream if you’d like to celebrate the 300th episode of TWIL, thisweekinlinux.com/live.

Michael:
[1:57] The Mesa 3D graphics library has a brand new version this week and this is a major release packed with new features and improvements across OpenGL, OpenCL, Vulkan, and video acceleration drivers. Now there’s some major GPU and driver improvements for this release, AMD RDNA 4 support was added for Radeon RX90X0, as well as Vulkan 1.4 support was added across multiple drivers, including RAD-V. RAD-V? RAD-V? Not sure. RAD-V. We’ll go with that. ACO or ACO compiler backend now is default for pre-RDNA AMD GPUs in Radeon SI. Initial amd user queue support enables direct gpu works submission for reducing kernel overhead which is very cool and also we have some other driver enhancements for example zinc receives various enhancements for open gl on Vulkan pan vk adds new Vulkan extensions for mallee the mallee Vulkan driver also turnip gets better support for qualcomm arduino Vulkan intel x e2 optimizations for Lunar Lake and Battlemage architectures landed in this release. And also Intel ANV Vulkan driver now supports AV1 video decoding.

Michael:
[3:14] NVK or NVIDIA Vulkan sees continued refinements and new features. And overall, this is just significant performance optimizations across AMD and Intel graphics drivers. It is a big deal. This is great news, but there’s even some better news for all the content creators out there related to the next release, Zync lead developer Mike Blumenkrantz of Valve’s Linux graphics team has been working to get better support for DaVinci Resolve, which is awesome, and that is expected to land in 25.1. It looks like there’s even more to look forward to with the Mesa drivers. From one Mike to another, thanks Mike. If you’d like to learn more about Mesa 25, you’ll find links in the show notes.

Michael:
[3:56] Ike Doherty announced that the Serpent OS project is going to be rebranding as AerynOS. For those unfamiliar with SerpentOS, the goals behind the project are pretty compelling. Lightning-fast performance built from the ground up with performance in mind, featuring optimized compilation settings and efficient system architecture. Also, they’re going for rock-solid stability. They’re using atomic updates and a stateless design to make sure that your system remains reliable and recoverable even after interrupted updates. And also, the next one is user-friendly experience. Very important and they’re saying that the modern desktop experience with having same defaults and thoughtful integration making Linux accessible without compromising on power all of those three things sound awesome but.

Michael:
[4:44] I kind of get it why they’re changing the name from SerpentOS to something else. But let’s check out the blog post where they explain it. They say the SerpentOS name was a quickly chosen name that stuck. Unfortunately, serpents are often associated with negative connotations. And we’ve had a lot of feedback over the years that the name was off-putting. Let’s be completely honest here. It’s not the most inviting name for a project. Who wants to trust a serpent? Generally speaking, they’re considered dangerous at best. I mean, I have to agree. When I first saw SerpentOS, I thought, that’s an interesting name. It didn’t bother me in the sense that, you know, some snakes are kind of cool and some snakes are actually not venomous. So I don’t, you know, either way, still cool. But also at the same time, yeah, I get it. I get why you want to change it. It’s fair to say we’ve spent a long time in prototype and alpha phases. In order to move forward, our identity needs to be better fitting, to be more befitting of the project we’re building and move into the real world. This isn’t a hobby project. It’s a full-blown Linux distribution with serious technical underpinnings, achievements and goals. Getting the tone right from day dot, day dot, never heard of that phrase. Day zero, day one is critical. He also says, do note that there is no change in the internal core team, so we’re aiming for full continuity and seamless transition.

Michael:
[6:07] Have you had enough of these snakes on this plane? We have to. Nice. Nice reference. Terrible movie, but nice reference.

Michael:
[6:17] So this is actually really interesting because I think that the whole idea of what they’re going for with having like super fast performance, rock solid stability, and being user friendly. The serpent os name does not necessarily relate to those things well the user friendly part is kind of that the the serpent the other ones maybe but the user and actually no because snakes are notoriously slow because they slither so not even that so yeah it doesn’t make sense on two different versions of the goals so i think this is a good thing for them to change it so what are they changing it to so they say ha it’s not evolve os despite the clickbait title our new name is Erin OS. So A-E-R-Y-N OS for those listening to the audio version. It’s pronounced like Erin. It’s a name that we feel is more befitting of the project pulling from multiple etymologies. It’s a name that better describes the project now versus the project that started as Serpent OS. Real quick, for those who don’t get the reference of Evolve OS, the title of it is that Evolve This OS and Ikey Doherty’s original distribution that he built was called Evolve OS. So that’s the reference. And then later he built Solus and then now Serpent OS and then AerynOS. So that’s the reference. Backstory for that. So the blog post says AER is rather obvious Latin in origin.

Michael:
[7:44] Sure. The phonetic Aaron is a nod to the Irish roots of the project. And of course, a home.

Michael:
[7:52] For those who don’t know, Ike is Irish. There are a number of reasons for number of reasons for the name, which will form part of the initial documentation on the new website. Our intent is to have a name that is more inviting and more descriptive of the project’s goals and aspirations. We’re not anti-establishment or anti-corporation, if anything, we’re a statement that without the fiscal handcuffs, we can produce a technically sound and user-friendly operating system.

Michael:
[8:17] So yeah, that makes sense. You want to have something more user-friendly, especially if you’re trying to go for a user-friendly experience, the name needs to be more user-friendly and more marketable. So I do think while the pronunciation of the name is going to be hard for some people, it’s not super obvious. You can kind of guess Aaron, but it’s not super obvious. But I do think that it’s uh it’s better for sure uh and even if people get it wrong like the only problem is that the way it’s spelled might be odd for some people when they’re talking about it and you know but that’s something you can kind of overcome anyway so it’s very important to note that they have this is not like a name that they’re considering this is a name that they have chosen so they’ve already secured erinos.com and erinos.dev plus the associated social media accounts and all that which is very good. You do not announce stuff with a brand change unless you have all of those taken care of. They probably picked this also so they could have a dot com and all that. So and also the social media accounts and everything. So very good that you did that. They also say we’re now in the process of rebranding the project for sheer irony. We’ll make the final transition day March 17th, 2025. Yes, St. Patrick’s Day.

Michael:
[9:29] Again, he’s Irish. The matrix space has already been updated in any areas where we where a new name isn’t feasible we’ll see almost immediate renames they finish up this blog post saying stick with us we’ve got plenty of exciting news to come over the next days and weeks and as we embrace new transparency and shed our old skin so many reference for the serpent thing well done uh and also it’s going to be like the last few times you’re going to be doing the serpent references uh but i like it and also uh it’s also worth noting that we had there was a some reports earlier that they’re having some funding issues So if you like the idea of what they’re going to be doing with AerynOS, you might want to consider donating. I have links in the show notes for all that stuff. Then they say, plus we’ll be starting to onboard web properties, translations, artwork, and more. Cherry on the cake. Is that a term?

Michael:
[10:22] Is it cherry on the top? Cherry on the top? I think it’s just cherry on the top. Cherry on the top. Cherry on the cake. I don’t know what that phrase is. It’s not, that has me, it does, it’s, when I’m reading it, it seems wrong, but maybe it is that. I don’t know. Anything you sprinkle on the top? That’s a random tangent for no reason. Admitting that we’re actually building a full distribution will allow us to put relevant priorities in place to expose Serpent OS, I mean AerynOS, functionality to the world, the wider world. To be clear for those listening to the audio version, I did not mess up the Serpent OS, AerynOS. It’s actually in the blog post written that way. So there you go. It says, get ready for a reboot of the grassroots independent Linux scene. We are here to stay. So I think Serpent OS now AerynOS is a very interesting project. And there’s a lot of cool ideas with the atomic, the atomic approach and the fact that they’re trying to make a modern desktop experience with good defaults and a lot of integrations and stuff like that. So I think there’s a lot of potential with it. And I do think this is a good idea to switch the name. It’s a pretty good name too. So let me know what you think in the comments below.

Michael:
[11:30] And if you’d like to learn more, links in the show notes. Pi-hole has announced the latest release with Pi-hole version 6. For those unfamiliar, Pi-hole is a project to implement network-wide ad blocking. It’s kind of like a black hole for ads, Pi-hole.

Michael:
[11:44] Pi-hole is a DNS sinkhole that protects your devices from unwanted content. So instead of browser plugins or other software on each computer, you install Pi-hole in one place and it works across your entire network. Pretty cool. So what’s in the latest release of Pi-hole V6? So the first thing is that they have integrated a new REST API and embedded web server directly into the Pi-hole FTL binary. This eliminates the need for lighttpd and also PHP, reducing the installation footprint and boosting performance. The new API also offers server-side pagination for the query log, ensuring a faster and more responsive interface. Next up, Pi-hole V6 introduces support for subscribed allow lists. Also, they call it anti-gravity. There’s the black hole. That these lists work in much the same way as the block list would but instead of blocking the domains they would be allowing the domains they’ve also streamlined configuration management by consolidating multiple settings files into a single heavily commented toml file making it easier to manage and understand your settings the web interface has been completely overhauled with settings split into basic and expert modes which i think that’s a really good idea to do I think most things should do those kinds of like basic and advanced or you.

Michael:
[13:02] Normal in advance now this allows users to customize their experience based on their comfort level and needs this latest release of pihole also includes native https support with options to provide your own certificates or use auto-generated ones the docker image is now based on alpine linux significantly reducing the image size and opening up possibilities for future system support and there’s so much more and you can check out the full release notes if you want to with the links in the show notes.

Michael:
[13:30] As Linux users, we know what’s up. Security is non-negotiable, but with threats getting smarter, your security tools need to keep pace without dragging your system down.

Michael:
[13:40] Traditional agents, I mean, they just slow you down and they leave blind spots. It’s time for a smarter approach. And that is why This Week in Linux is proud to be sponsored by Sandfly Security, the revolutionary agentless platform designed for Linux. Sandfly doesn’t just detect and respond. It revolutionizes security with SSH key tracking, password auditing, and drift detection, covering threats from every angle. Whether your systems are in the cloud, on-premises, or in embedded devices, Sandfly ensures they’re all secure without the headaches of agent-based solutions. Listen to what Ken Kleiner, the senior security engineer at the University of Massachusetts, has to say. Sandfly is the first product I’ve seen that accurately and quickly detects thousands of signs of compromise on the Linux platform. Its unique method automates tasks, which would be manually impossible.

Michael:
[14:29] Automation is key with detection, and Sandfly completely fits this and other requirements. If your organization is using Linux, this should be part of your cybersecurity toolset. Experience security that’s not just effective, but gives you peace of mind. No agents, no downtime, just cutting-edge protection. Dive into the future of Linux security at thisweekinlinux.com/sandfly. That’s thisweekinlinux.com/sandfly. And see how Sandfly can transform your security strategy. That’s thisweekinlinux.com/sandfly.

Michael:
[15:00] The Rust team has announced a new version of Rust. 1.85.0 has been released. This stabilizes the 2024 edition as well. The Rust team describes Rust as a programming language empowering everyone to build reliable and efficient software. It’s also known as being one of the memory-safe languages. So it’s pretty popular. If you haven’t heard of it, you probably have if you’re watching this show. But if not, it’s pretty popular. Also, additions are mechanisms for opt-in changes that may otherwise pose a backwards compatibility risk, and this is the largest addition they have ever released, being the 2024 edition. The Rust 2024 edition has a number of language changes, new standard library editions, Cargo now provides a Rust version-aware resolver, Rust FMT formatting updates also, and many, many more things. If you’d like to learn more about this release of Rust, you’ll find links in the show notes. But I think this is a perfect way to transition to the next topic about Rust for Linux.

Michael:
[16:02] Rust for Linux has been a pretty hot topic recently, with a lot of drama surrounding it. So much so that the founder of Asahi Linux stepped down as the lead of the Apple Silicon work within the kernel, and then even as the lead of Asahi Linux itself. There have been reports of people within the kernel being hostile with those who want to implement things using the Rust language instead of the heavily customized C language that the Linux kernel is historically used. There have been claims of sabotage from the Rust side and claims of overreacting from some in the kernel side. And it’s just…

Michael:
[16:31] It’s a bit of a mess. This week, though, there was a very interesting post made by Greg Kroah-Hartman, or Greg KH, to the Linux kernel mailing list, making a very compelling argument for Rust and the kernel. For those unfamiliar with Greg, Greg KH is the maintainer of the stable branch of the Linux kernel, so he’s, you know, one of the big top dogs of Linux. Greg says, as someone who’s seen almost every kernel bug fix and security issue for the past 15 plus years, well, hopefully all of them end up in the stable trees, We do miss some of the times when maintainers, developers forget to mark them as bug fixes.

Michael:
[17:03] And someone who sees every kernel CVE issued, I think I can speak on this topic. This is Greg, not me. The majority of bugs, quantity, not quality or severity, we have are due to the stupid little corner cases in C that are totally gone in Rust. Things like simple overwrites of memory, not that Rust can catch all of these by far, error path cleanups, forgetting to check error values, and use after free mistakes. That’s why I’m wanting to see Rust get into the kernel and these types of issues just go away, allowing developers and maintainers more time to focus on the real bugs that happen, such as logic issues, race conditions, etc. I’m all for moving our C codebase towards making these types of problems impossible to hit. The work that Keys and Gustavo and others are doing here is wonderful and totally needed. We have 30 million lines of C code that isn’t going anywhere any year soon. That’s a worthy effort and is not going to stop and should not stop no matter what. But for new code / drivers, writing them in Rust where these types of bugs just can’t happen or happen much, much less is a win for all of us. Why wouldn’t we do this? C++ isn’t going to give us any of that any decade soon. and the C++ Language Committee issues seem to be pointing out that everyone better be abandoning that language as soon as possible if they wish to have any code base that can be maintained for any length of time.

Michael:
[18:28] Wow, that’s some strong words. Rust also gives us the ability to define our in-kernel APIs in ways that make them almost impossible to get wrong when using them. We have way too many difficult, tricky APIs that require way too much maintainer review just to ensure that you got this right. That is a combination of both how our APIs have evolved over the years, how many different ways can you use a struct CDEV in a safe way, and how C doesn’t allow us to express APIs in a way that makes them easier / safer to use. Forcing us maintainers of these APIs to rethink them is a good thing as it is causing us to clean them up for everyone.

Michael:
[19:06] See users included already making Linux better overall. And yes, the Rust bindings look like magic to me in places, someone with very little Rust experience, but I’m willing to learn and work with the developers who have stepped up to help out here. Rust isn’t a silver bullet that will solve all of our problems, but it sure will help in a huge number of places. So for new stuff going forward, why wouldn’t we want that? Linux is a tool that everyone else uses to solve their problems. And here we have developers that are saying, hey, our problem is that we want to write code for our hardware that just can’t have all of these types of bugs automatically. Why would we ignore that? Yes, I understand our overworked maintainer problem being one of those people myself. But here we have people actually doing the work. Yes, mixed language code bases are rough and hard to maintain, but we are kernel developers. We’ve been maintaining and strengthening Linux for longer than anyone ever thought was going to be possible. We’ve turned our development model into a well-oiled engineering marvel, creating something that no one else has ever been able to accomplish. Adding another language really shouldn’t be a problem. We’ve handled much worse things in the past, and we shouldn’t give up wanting to ensure that our project succeeds for the next 20 plus years.”.

Michael:
[20:19] We’ve got to keep pushing forward when confronted with new good ideas and embrace the people offering to join us in actually doing the work to help make sure that we all succeed together.

Michael:
[20:31] Thanks, Greg KH. So in my opinion, this is awesome. This is a great message from Greg. It’s a very compelling argument. And I think it’s very important that this is being said because there’s the drama that’s happening around Rust for Linux is kind of interesting because it does seem like some people just don’t want to learn a new language and other people are trying to push a language that you know has merit and it feels like a you know one pushing like a brick wall and that sort of stuff so i hope that this kind of thing can be taken care of and the you know the linux kernel is more open to rust because there is a lot of people in the kernel project who are very open to Rust, not only Greg KH, but many others who have specifically gone like onto keynotes and stuff talking about it. And there’ve been many quotes from various different developers. So I think that ultimately what we need to have happen is that, well, this Rust becomes part of the Linux kernel and Greg KH says that it should be used going forward. And I think that’s a great way to do it. You’re not going to be able to transition Linux from C to Rust overnight. It would take forever, obviously. So to transition very slowly to a point where it just eventually becomes Rust based or maybe not fully Rust based, but you know, a combination of the two and have some things that are C for like legacy purposes or whatever.

Michael:
[21:58] I think that would be fantastic. And I hope any of the people who are part of the Rust development crew or the projects that were related to Rust and Rust for Linux would see this and potentially consider coming back. You know, if they’re burned out, I get it, but I hope at some point they could return and participate because for example, Hector Martin has done a lot of amazing work starting the Asahi Linux project, which a lot of people thought was a waste of time. I don’t know why they would think that, but I think it’s awesome that they would do it because, uh, because all the effort that Hector Martin did as well as the Asahi Linux team, which of course is still working. And they actually introduced a new, um, system of like they’re having a council of multiple people which i think is a really good idea instead of just having one person at the top having multiple people this can be fantastic so i think that the asali linux project is you know it’s still good to go it’s still being developed and all that but it would be really cool to see hector come back as well as the other people who have left the projects and stuff based on all this stuff it’s been happening for quite a while and a lot has unfortunately happened and i hope we can get back to a state where.

Michael:
[23:09] Where we can all just get along.

Michael:
[23:11] The OpenSUSE team have posted a really interesting milestone that they’ve hit for the reproducible builds project of OpenSUSE. So the reproducible OpenSUSE project, which is a proof of concept fork of OpenSUSE, has reached a significant milestone after demonstrating a usable Linux distribution that can be built with 100% bit identical packages.

Michael:
[23:35] Reproducible builds ensure software can be rebuilt in an identical bit for bit manner anywhere at any time using the same tools. This means that someone rebuilding the software from the same source code will get exactly the same results. This is awesome, and this is very important. Why? Well, they say, why is this important? Because it’s a crucial aspect for supply chain security. So the supply chain of being able to say you know exactly where the files came from and the packages came from, this is a big deal. This milestone for RBOS led by OpenSUSE member Bernard, Waiteman advances software supply chain security. These reproducible builds allow us to confirm that the binaries used are correct, which ensures software has not been tampered with, not that it has not been tampered with during the build process by comparing identical outputs from different build environments. Developers can detect issues such as accidental errors or malicious alterations as well. Without it, developers have to trust the build process blindly or review binary diffs manually, which is hard and time-consuming. In practice, reproducible builds have found dozens of bugs from race conditions to compiling incompatible CPUs. Since Linux is a major component that operates the internet.

Michael:
[24:52] Which is not only servers and routers, but also client machines, improving security is vital. They also go on to say that the nice people at the NLNet Foundation’s NGIO Entrust Fund sponsored open source initiatives that improve the security of the internet.

Michael:
[25:08] We’d have been took on this four-month-long project to create a fork of OpenSUSE that has 100% bit reproducible packages. So far, Ring0, aka Bootstrap, and Ring1 with 3,300 software packages have all successively been patched and tested. Overall, the 16,000 source packages in OpenSUSE factory have around 300 packages with issues left, and information about this can be found in the following links, and I’ll have those in the show notes, or the link to this blog post, which you can get from.

Michael:
[25:37] With this, it is now possible to do a change in a toolchain package, rebuild everything, and see exactly what changed as a result of this change. RbOS demonstrates how a full-bit reproducible OS could be produced. As patches make their way into OpenSUSE Factory, it should become easier to create a refresh in a year or two. Maybe it will become a little effort that each of the monthly slow roll snapshots can be adapted into RbOS snapshots, which would be very awesome. I think this is really good news because reproducible builds are a big deal, especially for supply chain aspects, but for a lot of things. But I think it’s awesome that they’re doing this work. I didn’t even know they were doing it until they hit this milestone. So well done to OpenSUSE. And if you’d like to learn more, links in the show notes.

Michael:
[26:21] We have some Linux gaming news for you, and that is Marvel’s Spider-Man 2 is now Steam Deck verified. They announced this on their Steam community page for the game, saying that we’re happy to share that Marvel’s Spider-Man 2 is Steam Deck Verified.

Michael:
[26:36] Experience two playable Spider-Men, traverse an expanded Marvel’s New York, and battle iconic Marvel supervillains on your handheld device now. Of course, this is Peter Parker and Miles Morales. So, that’s awesome. I haven’t actually played the first Spider-Man game. I really wanted to, but never got around to it. So maybe I’ll do that and then also play this one. But I love the fact that it is Steam Deck Verified, which means it’s very likely going to have really good support for Linux because, you know, Steam Deck and all. So this is great news. Well done to Marvel and the developer team for making this game and putting it, making it compatible with Linux and Steam Deck.

Michael:
[27:16] And also appreciate it. I love hearing about this. And if you know of a game that is making them, making sure they’re Steam Deck verified, let me know in the comments and maybe we’ll cover it on the show. And also Marvel seems to be doing really good about this because Marvel Rivals is also really focused on making support for Linux and Steam Deck. So because I mean, more even more than just the Steam Deck, because they also had like bug fixes with Bazzite. I actually covered that last week if you want to check out that episode of TWIL. But this is really cool news from Marvel. And yeah, keep it coming. I accidentally hit the spacebar right there. That’s why I jumped down like that.

Michael:
[27:53] Thanks for watching this episode of This Week in Linux. If you’d like to do here on this show and want to be kept up to date with what’s going on in the Linux and open source world, then be sure to subscribe. And of course, remember to like that smash button. If you’d like to support the show and the TuxDigital Network, then consider becoming a patron by going to tuxdigital.com/membership. We get a bunch of cool perks like access to the patron only section of our Discord server and so much more, including being able to join the patron only post show that happens every week after the This Week in Linux show, as well as the patron post show of the Destination Linux podcast, which happens every week after the Destination Linux recording, which is on Wednesdays. You can get more information about that at DestinationLinux.net/live. And if you’d like to watch the live streams, you don’t have to be a patron for that, but I would appreciate it if you did for TWIL. So if you go to thisweekinlinux.com/live, you can watch the live stream for this show, except for this week.

Michael:
[28:47] I recorded it ahead of time because I’m traveling, but next week is a big deal. Be sure to join us, thisweekinlinux.com/live because next week, I don’t know if you noticed, this week is episode 299.

Michael:
[28:59] So next week is episode 300. So you don’t wanna miss the live stream next Friday at 12 noon or whatever your time zone is. Don’t worry, just go to thisweekinlinux.com/live. It’ll tell you what the actual time is for you because YouTube automatically, well, if you’re logged in, if you’re not logged in, I don’t know what it does. But if you’re locked in, it’ll tell you what it is. So there you go. You can also support the show by ordering the Linux Save Over t-shirt or the This Week in Linux shirt at tuxdigital.com/store. Plus while you’re there, check out all the other cool stuff we have like hats,

Michael:
[29:31] mugs, hoodies, and more at tuxdigital.com/store. I’ll see you next time for another episode of Your Source for Linux GNews. Thanks again for watching. I’m Michael Tunnell. I hope you’re doing swell. Be sure to ring that notification bell. And until next time, I bid you farewell.