Arch Linux in May 2023 #

Staff #

We would like to welcome Anton Hvornum (torxed) and Christian Heusel (gromit) among the Arch Linux Package Maintainers.

On top we would like to welcome Leonidas Spyropoulos (artafinde) to their new additional duties as Arch Linux Developer

Git packaging #

We are thrilled to announce the successful migration of our packaging ecosystem to Git, with package sources now accessible on GitLab. As part of this transition, we have developed a powerful new tool called pkgctl, available through devtools, offering a user-centric design and streamlined user experience for interacting with all aspects of Arch Linux packaging for users and packagers alike.

Please note that our bugtracker remains on Flyspray, and we are not currently accepting merge requests. However, opening the issue tracker and accepting merge requests on GitLab package repositories is a top priority for us, and we are actively working towards making this transition in the near future.

Infrastructure #

security-tracker #

We implemented nginx caching for the feed and API endpoints of the security-tracker, effectively reducing server resource consumption. This heavily improved server efficiency and the ability to handle a much higher volume of requests.

GitLab #

In preparation for the migration of our packaging infrastructure to GitLab, we successfully transferred the GitLab instance from a VPS to a harder, better, faster, stronger bare metal server. This move not only provided a more responsive user experience but also eliminated bottlenecks that occured during peak times.

To enhance the search capabilities across our GitLab instance, we’ve set up an OpenSearch instance. This allows us to enable advanced search functionality, facilitating faster and more efficient searches across the entire GitLab platform. Users can now benefit from improved search accuracy and speed, allowing for a more streamlined and productive experience when locating specific content within GitLab.

Open Technology Fund #

Our official application to the Open Technology Fund for a comprehensive audit of Pacman and its integration in Arch Linux has been approved. As the package manager plays a central role in fetching software updates over the network, it is vital for us to prioritize the safety and security of our user base. By undertaking this audit, we aim to enhance the overall reliability and protection of our distribution, ensuring a secure environment for our users.

The timeline for the audit is yet to be determined, and further planning on both sides is underway.

ArchISO #

We have removed the PGP-based signature for the root file system (/arch/x86_64/airootfs.sfs.sig) within the ISO. Its replacement is an OpenSSL CMS based signature which is available since the 2022.10.01 ISO. The signature is made using the same code signing certificate as already used for netboot images. The verify=y kernel command line option will stop working and must be replaced with cms_verify=y. The official netboot and ISO’s PXE menu entries have already been adjusted. Any custom PXE setups will need to update their boot menu entries manually.

This is done because GPG integrates poorly in the ISO build process. This only concerns PXE booting, the PGP signature for the ISO itself is still there and that will not change.

mkinitcpio #

We have released mkinitcpio v36, which brings a lot of improvements and several noteworthy changes. These include support for kernel command line drop-ins for UKIs in /etc/cmdline.d/ and mkinitcpio.conf drop-in files in /etc/mkinitcpio.conf.d/. To utilize the mkinitcpio.conf drop-in files, existing presets in /etc/mkinitcpio.d/*.preset must have ALL_config commented out.

Additionally, a new run_emergencyhook function has been added for busybox-based hooks, running before the emergency shell is launched.

alpm-types #

We started development on the Rust based alpm-types project, which is meant to provide low-level types for working with Arch Linux Package Management (ALPM). This library strives to provide all underlying types for writing ALPM based software.

AURWeb #

We have released AURWeb 6.2.4, which includes a number of bug fixes and improvements. Notably, we have incorporated important dependency updates to ensure compatibility with the latest software libraries. Additionally, we have implemented a new package name filter option for the “Requests” feature and support for the new repository layout for the git migration.

bash 5.2 #

Preparations for the bash 5.2 upgrade are underway, including compatibility fixes in various projects such as pacman, devtools, and others. These proactive measures ensure a seamless transition to the new version while minimizing any compatibility issues and disruptions within our ecosystem.