NEWS

Read hard, get it all caught up :-D

Things are (actually) going on around the community (surprise!), you may find latest news and happenings in and around the community, and of course, latest information for you to better enjoy AOSC OS.

Most good programmers do programming not because they expect to get paid or get adulation by the public, but because it is fun to program. – Linus Torvalds

ALL NEWS

  • An Important (and Unfortunate) Project UpdateAPRIL 1, 2018

    Now that April is in full swing, we have some news that should be taken notice by our friends here in this community…

    Recall the message sent out in a similar time last year:


    "Since 2014, our community repository has been growing in size due to our (essentially) permissive policy on keeping all old versions of all our packages.

    “As we stand today, the repository is roughly 500GiB in size. This is abnormal even when considering all of our architectural ports, as Debian, the largest binary-based *nix distribution requires just over 1TiB in size. This continuing growth in repository size has brought storage challenges to both our mirror hosts and our own repository server.”


    Another year has passed since the announcement was made, and unfortunately, our repository size has again skyrocketed to the point that we can no longer maintain a reasonable way to keep them there. In order to make the system more future-proof and robust to accommodate all users with all bandwidth limitations as well as our rapid-growing repository size, we have to make the tough decision to remove it entirely from the Internet, and use the more robust Sneakernet in lieu of it.

    The Sneakernet, backed up by the Anthon Optical Storage Center funded also in last year, would unlock the unprecedented experience of data transfer. If you are located within the US, the strong and robust Sneakernet would offer a maximum of 27.7 Mbps, improved to 57.9 Mbps in the upcoming month, at a cost of only USD 0.081/GiB - less than 1/10 of the price comparing to our closest competitor. If you are really in a deep budget, we also offer the lowest cost option of USD 0.044/GiB at a bandwidth of 3.97 Mbps. If you are unfortunately located outside of the US, a roaming charge would have to be applied to it, thus raising the cost slightly. The maximum bandwidth of 9.26 Mbps would come with a charge of 0.298/GiB, and the budget bandwidth of 1.98 Mbps would only come with a cost of USD 0.77/GiB - still cheaper than our closest competitor’s domestic rate.

    However in order to use the next-generation of Sneakernet-based repository distribution system, you would also need some new hardware requirement. The baseline system requirement would include a Blu-Ray Disc drive, in which you may easily find at anywhere at a price of less than USD 75, and it would be a one-time purchase that you can also use it with your Blu-ray HD Movies.

    In favor of the new Sneakernet-based repository, the legacy Internet-based repository would run for another month to allow a smooth transition for our users, and become part of the archive offered by the Anthon Optical Storage Center followed by its official closure date of 20180501T0000Z. While we appreciate the development and support of the Internet over the whole course of the AOSC, there are things we had to give up for others to work better, and unfortunately an Internet-based repository is one that has to go…


    Now, if you would like to purchase a subscription of our software repository and many additions that will enhance your software installation/update experience - you could do so here.

    Thank you for your continued support for our community and many of its projects.


    — Anthon Operation: Sneakernet Committee Chair Staph. O. aureus

  • New Tarball Releases!FEBRUARY 2, 2018

    A long over due batch of updates is now available for the AMD64 architecture, with a date of 20180128. With the last batch of tarballs released almost a year ago, this update should provide quite some convenience for new users, and old users trying to reinstall.


    plasma-20180128

    Finally, some new looks!


    Apart from updating the system releases, we have also made a series of changes to the tarballs - from how they were made, to the content of the tarballs:

    • All tarballs are now generated with Ciel, our in-house build environment manager. As compared to manual generation, like we did for the past three years, this method should create more consistent and sane tarballs.
    • All desktop-variant tarballs (GNOME, MATE, etc.) are now targeting a size of 2GiB, with the exception of ARMv7 and AArch64 (where space is expected to be more constrained). With the increased tarball size target, we have now pre-installed in addition LibreOffice, printing and scanning utilities, and a larger collection of fonts.
    • The tarballs no longer come with a default aosc user, or the users group occupying the 1000 UID and GID, respectively. You would have to create your own user, as discussed in the Wiki.
    • For AMD64 Linux Kernel and Intel Microcode are now updated and pre-installed to provide protection (mitigation) against the Meltdown and Spectre Vulnerabilities.

    In more detail, here are some of the changes we have made to specific variants:

    • Cinnamon has been updated to version 3.6.
    • GNOME has been updated to 3.26.2.
    • i3wm has slight visual make-over for the top panel and Conky.
    • KDE Frameworks have been updated to 5.41.0, while Plasma Desktop has been updated to 5.11.5, and KDE Applications to 17.08.3.
    • MATE Desktop has been updated to 1.18.2.

    You may ask, where is the variant for the Deepin Desktop Environment? We have decided not to ship this variant, as we recently discovered a “feature” in the DDE Daemon that changes the system GRUB (bootloader) theme without noticing the users. We are working on a method to remove or disable this feature by default, after which the tarballs could be generated with the next batch of updates.

    Speaking of the next batch, we do recognise that a year-long gap between updates has brought quite some inconvenience for new and old users a like - we do apologise for procrastinating. With automatic generation made available by Ciel, we are considering a fixed schedule for updating and releasing tarballs (say, monthly, or even weekly) to incorporate latest updates, bug fixes, and security updates. A news post will be made on this topic.


    As for other architectural ports of AOSC OS, we are still working on syncing package versions on these architectures, we are aiming for tarball releases in Mid-February.


    Thank you for choosing AOSC OS and we wish you enjoy the new releases!

  • Progress Report: AOSC OS, "Meltdown" and "Spectre"JANUARY 25, 2018

    Since our last progress report, the following progress has been accomplished in our effort to mitigate the “Meltdown” and “Spectre” vulnerabilities for our users:

    • Browsers. Chromium and Google Chrome 64 (64.0.3282.119), containing fixes for Spectre vulnerabilities, has been made available as a security update.
    • Virtualisation. VirtualBox 5.2.6, containing a fix for CVE-2017-5715, a variant of the Spectre vulnerabilities, has been made available as a security update.
    • Intel Microcode version 20180108 has been made available as a security update, however, it is warned by Intel that this update could lead to “unexpected reboots” on certain devices. We have decided to provide this update anyway, to make sure maximum patch availability for our users - though if you are encountering issues with this package, please uninstall intel-ucode. On the other hand, if you haven’t installed this package yet, please do so - though it should install automatically if you have boot-base installed.

    Please update your AOSC OS as soon as possible.

    — Mingcong Bai

  • Progress Report: AOSC OS, "Meltdown" and "Spectre"JANUARY 13, 2018

    Since our last progress report, the following progress has been accomplished in our effort to mitigate the “Meltdown” and “Spectre” vulnerabilities for our users:

    • Browsers. With the recently released WebKit2GTK+ 2.18.5, which addressed “Spectre”-related issues - at the present moment, it should be safe to use browsers and applications based on this engine: Midori, Epiphany (GNOME Web), Yelp (GNOME Help/Manual Browser), etc.
    • Microcode. Intel has released version 20180108 of their Microcode update package to further the mitigation of both vulnerabilities. However, there are reports announced by Lenovo and Intel regarding the update resulting in unexpected reboots. Please notify us if you encountered such issue.
    • Applications. Wireshark has recently released version 2.4.4 which mitigated one of the variants of “Spectre”, Kernel-Side Attack.

    Please update your AOSC OS as soon as possible.

    — Mingcong Bai

  • Core 5.1.1, "Meltdown", and "Spectre"JANUARY 10, 2018

    For the past several days we have been continuing our work on the mitigation of “Meltdown” and “Spectre” - though at this point, we are focusing on the latter.

    One of the more important progress is the release of AOSC OS Core 5.1.1, while containing some bugfixes and updates, comes with an updated GCC (GNU Compiler Collection) containing Clear Linux’s implementation/backport of Retpoline patch set to the 7.2 branch (which we are currently shipping). The patch set has the target to avoid “generating code which contains an indirect branch that could have its prediction poisoned by an attacker” - as described by an LLVM contributor. While it could take some serious reading to fully understand what is going on, this is a step towards a more complete mitigation of possible impacts of the “Spectre” vulnerability.

    Apart from that, we have the following updates since our last report:

    • Kernels. With the introduction of Retpoline patches to GCC, the 4.14 branch of Kernels (“Mainline” and “Libre”) has been rebulit with the patches from Clear Linux to include similar fixes in the Kernels. No patch had been made available for our 4.9 branch of Kernel yet.
    • NVIDIA. A new driver release, version 390.12 has been released to address the Spectre-related vulnerabilities. No statement from NVIDIA about the 340 branch for older cards has been issued, though question has been raised in the NVIDIA DevTalk Forum.

    That’s all for now. We’ll continue the progress reports in the coming weeks, possibly.

    — Mingcong Bai

  • Daily Progress Report: AOSC OS, "Meltdown" and "Spectre"JANUARY 7, 2018

    Here’s a follow up to yesterday’s Progress Report on the fixing of “Meltdown” and “Spectre” for AOSC OS. Several events have taken place in the past 24 hours:

    • Kernels. We have been able to produce and test both “LTS” and “Main” Kernels to address these security concerns. Please update to 4.9.75 (for “LTS”) and 4.14.12 (for “Main”) as soon as possible.
    • Browsers. A statement from our resident vulnerability tracker Zero King cited a link from Google Support:

    "Current stable versions of Chrome include an optional feature called Site Isolation which can be enabled to provide mitigation by isolating websites into separate address spaces. Learn more about Site Isolation and how to take action to enable it [from this link].

    “Chrome 64, due to be released on January 23, will contain mitigations to protect against exploitation.”

    At this moment, no other progress has been made on other issues stated on the last report.

    — Mingcong Bai

  • Progress Report: AOSC OS, "Meltdown" and "Spectre"JANUARY 6, 2018

    It’s been more than 24 hours since our last post, and I would like to offer an as-is progress report on our fixes for the “Meltdown” and “Spectre” bug, affecting Intel - potentially AMD and some ARM processors. To make this easy to read, I’ll list everything known at this point in bullet points:

    • Linux Kernel fixes. We have been able to produce a working build on the 4.9 branch (LTS current), with backported fixes; while for our 4.14 branch (Main), we are having some issues with DKMS, where kernel modules would fail to build indicating missing objtool. The issue with 4.14 is known to be a result of an added feature between 4.14.7 and 4.14.11 (for some reason, on a patch channel?), and we are currently working on a finalised solution.
    • Browsers. At this moment, not to be a “shill”, but we would not recommend any Web browser but Firefox. At this point, only Firefox 57.0.4 was released containing fixes for the “Spectre” security issue. Google has announced that they will make a release with the fixes on the 23rd. Nothing is known with the other browsers.
    • Compilers. GCC and LLVM/Clang have already implemented and proposed at least a partial fix, but neither have finalised a patch set for the current stable branch. GCC’s fix is not yet mainline, and LLVM/Clang has a patch for the current master.
    • Qemu and LibVirt. Qemu stated that “there are no public patches to KVM that expose the new CPUID bits and MSRs to the virtual machines, therefore there is no urgent need to update QEMU”. However, version 2.11.1 with “Spectre” fixes should be released in the coming days. We are yet to be able to pinpoint the exact fix commit for LibVirt - however, a security advisory was released by Red Hat.
    • Microcode updates. We have not been able to observe any updates from Intel or AMD, we will notify you with a security mail - if you haven’t subscribed to our security notification list, please do so here.

    At this point, only the Firefox 57.0.4 update has been pushed to the stable repository. I will post another news article here on the Portal tomorrow with (hopefully) some progress.

    Please update your AOSC OS at your earliest convenience, and adjust your software selection (highly recommended).

    — Mingcong Bai

  • AOSC OS End-of-2017 Wave of Updates!JANUARY 5, 2018

    First of all, a late Happy New Year…

    So, after two months of radio silence, here’s a (huge) batch of updates for AOSC OS - again, now for AMD64, and later for other ports. We have two major objectives for this wave of updates:

    • Processing package addition/update requests.
    • Introduce Deepin Desktop Environment.

    And indeed… We are able to push through with the two objectives:

    • Obviously, a full suite of Deepin Desktop Environment and its default applications are now available from the community repository.
    • We have been able to clear out all update requests from the list.
    • 261 new packages have been introduced to the repository as a result of the requests and their dependencies. However, some still remained to be processed for various reasons.

    EDIT: One of our community members pointed out that also as a part of this Wave of updates, a large collection of GIS (Geographic Information System/Science) software packages. All names of the packages added could be found here.


    aosc-os-deepin-201801

    AOSC OS running the Deepin Desktop Environment!


    I’m currently on a New Year’s trip so I will spare you of long paragraphs of details!

    For the rest of January, we will continue to work on synchronising updates on all our ports (apart from the MIPS ports, for their still questionable state), and to produce a new wave of tarball releases - it’s been almost one year since the last batch and it’s getting increasingly unpractical to download and update with.

    Apart from that I would like to drop a note about the recent Intel (and possibly AMD and ARM) Kernel/Compiler security issue, “Meltdown” and “Spectre”. Kernel updates are currently in the works, and will be pushed to the stable channel in 24 hours, as for compilers, they will be made available in roughly the same time frame (LLVM), and parts of them in the upcoming Core 5.1 update (probably the day after).

    I will leave a list of recommended sources for you to read up about the details. But for now, enjoy the updates and thank you for your continued support for AOSC OS!



    — Mingcong Bai

  • Today... Marks Our 6th Year!DECEMBER 1, 2017

    banner

    Once again it is December 1st, 6 years since the night when an idea sparked between two of my friends and I in a middle school dormitory - to make something of our own, something we could be proud of. It started as a “designed in China, and for China” Linux distribution project based on openSUSE: AnthonOS(安同 OS). Six years since that night our project still stands, bearing the name of AOSC OS - a Linux distribution which targets general usage (your desktop, server, laptop, tablets, etc.), and a strong emphasis on multilingual support and community interaction.

    Six years we have stood mostly in silence (well before I elaborate on a hype, partly due to our inability to self-advertise, giggles) - though our existence, much like an old Chinese poem, we come down like rains riding the winds of spring, “Silent and soft, it moistens everything”. Our contributors, as passionate as they have been to projects of our community, contributions are made to upstream projects either on behalf of the community or on individual basis. Icenowy Zheng is now a long term contributor to the mainlining effort for Allwinner-based ARM devices; Zixing Liu, and many others (me included) continue to provide Simplified Chinese translation enhancements to projects like MATE Desktop, GNOME, and WineHQ; along with multitudes of loose patches to over 50 projects as we push on with the development of AOSC OS. Our year since December of 2016 has been mostly normal, as we continued to embrace the upstream projects which made our work towards AOSC OS possible.

    That said, it doesn’t mean that we have kept to the old occupations and standards for another year. In our 6th year, we have pushed heavily on the standardisation of our development routines, and a harder push towards quality assurance. The introduction of Ciel and ACID marked the first step toward reproducible builds and continuous integration - while Ciel provides a tool to initialise, update, and rollback environments, ACID invokes Ciel to continuously create these build environments to build every single one of the packages available, and to find all those which failed to build or those in violation of a set of quality assurance requirements defined in Autobuild3 - our package building toolkit since 2014.

    Along with that, with help from Dingyuan Wang and Zero King who helped to provide integration of AOSC OS’ package catalogue with Repology, so that we could better track our updates - and to reference with other distributions, regarding their build configuration, and in some cases, fixes needed to complete a build, or to produce a working package.

    Community interaction has also seen improvements, introduction of new types of requests, optreq (Optimisation Request), updreq (Update Request), upon the original pakreq (Package Request) - users of AOSC OS could now shape the distribution they came to love with suggestions and requests, and we, as packagers/developers, could build AOSC OS to their needs and wishes.

    Looking forward, the 7th year presents quite some challenges for our fellow contributors. Since the introduction of monthly update cycles, we have been able to establish a dual-track system of feature-based updates and security/bug-fix updates - however, we have not been able to release monthly wave on time as often as we wished. In addition, our architecture ports (ARM, MIPS, PowerPC alike) had struggled to go in sync with AMD64 since the introduction of this monthly update pattern due to lack of computing power. We will, in the coming year, continue to find the solutions to the issue - as corporate as this sounds, we have yet to have the opportunity to look deeper into this issue.

    There are issues we are looking to fix before the end of 2017 though. For example, our system releases have not been updated since February, but we plan on releasing a new wave of system releases later in December - after November’s updates are ready (they will come in the first half of December), and that updates are synced among our architectures - unlikely for MIPS 32/64 bits, unfortunately.

    With all that in mind, I wish all my friends of the community a happy anniversary - don’t overwork yourselves (says man sitting in front his Playstation while writing his post)!

    — Mingcong Bai

  • October Wave is Here!NOVEMBER 3, 2017

    We are happy to announce that our October Wave of updates is now ready for AMD64 users of AOSC OS! We are late for this wave due to the quantity of updates, which are applied to over 500 packages provided for AOSC OS - that is ~20% of all packages available.

    Anyways, let’s kick this announcement off with a new wallpaper made available to all AOSC OS users, as part of the default collection of wallpapers.

    core5-blender

    This wallpaper is made by Tianhao Chai - our resident Wine, NVIDIA, Linux Kernel package maintainer, and Blender enthusiast. This wallpaper is rendered with no other software than Blender, took almost two days to render on his own desktop computer (LOL). Blender project file for this wallpaper is available here, if you would like to make any changes/improvements to this wallpaper, or simply to warm up your room in the coming winter!


    Now, to some of the major updates made available in this wave of updates…

    GNOME 3.26

    Released earlier in September, is now packaged and tested for users of AOSC OS.

    GNOME 3.26 contains a large amount of changes made to further polish user experience. For example, the newly designed GNOME Control Center provides a pane-based layout which eases navigation, as opposed to the old icon-and-page-based design.

    HiDPI support also sees great improvement, the feature to set DPI scaling on a “fraction scale”, instead of jumping from 1x to 2x, etc. This should offer better flexibility for 2K/3K/4K/… owners.

    gnome-3.26

    KDE/Plasma Updates

    With the last months spent on “special” operations like ACID, our KDE/Plasma desktop stack was left outdated, with the October wave of updates, users of KDE/Plasma Desktop could enjoy the newest and (hopefully) greatest on offer by the KDE Community…

    • Qt 5.9.2, with a great number of bug fixes and performance optimisations.
    • KDE Frameworks 5.39.0 providing fixes and expanded functionality.
    • Plasma 5.11.2, providing a more polished desktop layout, a new System Settings application with improved layout and appearance, and better integration with the Kirigami adaptive UI framework.
    • KDE Applications 17.08.2, with latest fixes and security enhancements to the KDE application collection.

    Security Updates

    This section is dedicated to show our gratitude to Zero King, our new friend and collegue in the AOSC OS development effort. With great knowledge and diligent focus on security updates and announcements, Zero King reported security issues and offered update/patching advices to our ABBS Tree and Core Tree on a near-daily basis.

    Since his involvement with AOSC OS development, over 100 security advisories was announced in our security mailing list - virtually matching the total amount of advisories announced in 2016! If you haven’t subscribed to that mailling list yet, please do so here to keep yourselves informed with latest security updates made available to AOSC OS, and other security-related suggestions to better protect your privacy and data safety.


    Promises, Oh Promises…

    However, some updates are delayed due to the lack of time with our developers who work on a volunteer basis, making time out of their own busy lives and academic/work occupations…

    • Deepin Desktop Environment, which was scheduled for this wave of updates, will be delayed to the next.
    • Tarballs, also scheduled for an October refresh, will be delayed to early-to-mid November.

    MIPS Under Review

    Due to the lack of man power and device resources, in combination with the problematic implementation of MIPS ISA found in Loongson/Godson processors - our main maintainer of MIPS 32/64-bit ports, Junde Yhi finds it increasingly difficult to maintain these ports, letting alone keeping up with the large amount of updates.

    Therefore, he has proposed to reboot the MIPS 64-bit port with better adaptation to Loongson/Godson platforms - which realistically, are the only personally purchasable devices by our community members and developers. In addition, the MIPS-II port, targetting legacy MIPS 32-bit devices like the YeeLoong 8089D, is also under consideration to be dropped.

    For more details on the ongoing discussion, please refer to here.


    Problems sir?

    • Report any issue to our Issues page.

    Or alternatively…

    • Find us on the #aosc IRC channel, Telegram group information will be provided if requested on IRC.
    • Send us an e-mail at discussions@lists.aosc.io.

    More Details?

    • Full changelog of this Wave of updates is available here.