debian

The Steam command line client, which I need to download the game data for the Doom3 BFG shooter, is only available as an Linux i386 binary. As my main home computer is an arm64 box, this could be an issue, but today we have no less than three different ways to run a Linux i386 binary on arm64: Fex, Box32/64 and the older qemu-user mode. According to the Box64 benchmarks, qemu-user is the slowest of the three. But since this is only to run a command line tool downloader, where network speed is the bottleneck, this doesn't matter a lot.

Running steamcmd outside of a chroot via qemu-user and dpkg multiarch support was failing me with the error i386-binfmt-P: Could not open '/lib/ld-linux.so.2': No such file or directory even after installing the i386 libc. So I went the way of qemu-user and a chroot environment, a bit more convoluted but I can run any i386 binaries there in the future.

Create a debian-i386 chroot environment via deboostrap:

$ sudo apt install qemu-user qemu-user-binfmt debootstrap
$ fakeroot debootstrap --foreign --arch=i386 debian-i386
$ sudo chroot debian-i386
# inside the chroot 
# /debootstrap/debootstrap --second-stage 
# exit

Add needed mounts to run binaries inside the chroot:

$ sudo mount --bind /dev/ debian-i386/dev/
$ sudo mount --bind /dev/pts debian-i386/dev/pts
$ sudo mount -t proc none  debian-i386/proc/

Install steamcmd in the chroot client:

$ sudo chroot debian-i386

# export LANG=C
# cat /etc/apt/sources.list
deb http://deb.debian.org/debian stable main contrib non-free
# apt update && apt install --yes steamcmd 
# useradd --create-home --shell /bin/bash steam
# su - steam
$ steamcmd 
... will download an updated version of the tool, and print a lot of tracing information

Steam> quit

From now on you can follow the Doom3 BFG instructions to download the game data.

Once you exit the chroot, the game data will be available at debian-i386/home/steam/

03 Jun 2026 8:50am GMT

This was a particularly busy month for me in terms of Debian contributions.

It started with a week in Hamburg for the MiniDebConf. I talked to many colleagues face-to-face and worked on various bugs and maintenance tasks. I'm pleased to have finally found the time to reproduce and fix the boot-time crashes in the parallel port subsystem that have been reported many times recently.

A series of easily exploited kernel LPE (local privilege execution) issues were published this month, mostly with very little coordination with distributions. Salvatore and I had to upload fixes for these at roughly weekly intervals. All of these fixes needed to be applied to 4 different upstream branches (currently 5.10, 6.1, 6.12, and 7.0) and 7 Debian branches (including backports).

Debian packages:
- cis-tools:
  - Bugs:
    - replied to #1135267: pack_cis should be installed in /usr/bin
- dracut:
  - Bugs:
    - replied to #1131809: dracut: ppc64el autopkgtest are flaky and take 7 hours per run (and discussed it in-person in Hamburg)
- firmware-free:
  - Bugs:
    - closed #1122755: firmware-free: Please remove/replace usage of dh_movetousr
  - Merge requests:
    - opened !11: Apply relevant changes from firmware-nonfree
- firmware-nonfree:
  - Merge requests:
    - closed !68: Draft: Update bullseye in line with buster
    - reviewed and merged !146: gencontrol: s/initramfs-tools/update-initramfs/
    - merged !147: control: stop suggesting initramfs-tools
    - opened and merged !148: Update to 20260519
    - opened and merged !149: Include more firmware in binary packages
    - opened !150: Update and remove obsolete package relations
- gnome-shell:
  - Bugs:
    - replied to and reassigned #1135951: linux-image-6.12.85+deb13-amd64: secure data is visible when waking from suspsend
- initramfs-tools:
  - Bugs:
    - closed #1108924: initramfs-tools: Cannot boot Trixie d-i rc2 USB storage target riscv64 MODULES=most (missing: cdns3 cdns3_starfive)
  - Merge requests:
  - Uploads:
    - uploaded version 0.148.4 to trixie
- ktls-utils:
  - Merge requests:
    - merged !5: Update to 1.4.0
  - Uploads:
    - uploaded version 1.4.0-1 to unstable
- linux:
  - Bugs:
    - replied to #1130365: linux-image-6.18.15+deb14-amd64: kernel panic during startup
    - replied to #1136800: linux-image-7.0.4+deb14-amd64: fails to boot
    - replied to #1136894: linux-image-7.0.4+deb14-amd64: Kernel Panic - AMDGPU crash
    - replied to #1136978: linux-image-7.0.4+deb14-amd64: kernel NULL pointer dereference
    - replied to and closed #1137202: linux-image-7.1-amd64: Kernel panic on boot
    - replied to #1137203: bnx2: ifupdown-hotplug fails at boot, no network, regression from 5.10.0-42
    - replied to #1137642: linux-image-7.0.7+deb13-amd64: Failed to load Bluetooth driver
  - Merge requests:
    - closed !1720: arm64: Enable Renesas RZ/G2L features
    - merged !1759: [arm64] Enable AIR_EN8811H_PHY as module
    - merged !1792: [arm64] Enable BST platform support
    - closed !1817: [sparc64] Add patches to fix user stack sync and add clone3() syscall
    - merged !1837: [arm64] Enable configs for Qualcomm RB1 boards
    - reviewed !1845: [amd64,arm64] Enable KEXEC_HANDOVER and LIVEUPDATE
    - merged !1878: [riscv64] Enable CMA and DMA_CMA. Set CMA_SIZE_MBYTES=64
    - merged !1884: [amd64] Enable Intel USBIO bridge driver and submodules
    - opened !1904: Improve package descriptions for most of the kernel packages
    - reviewed and merged !1906: Enable SND_SOC_SDCA_CLASS and SND_SOC_SDCA_{FDL, HID, IRQ} for Panther Lake audio support
    - opened and merged !1910: Add backported patches for Dirty Frag attack
    - merged !1911: Qualcomm Monaco and Talos support
    - merged !1913: d/watch: migrate to version 5
    - reviewed !1936: [sparc64] Add nvme module to scsi-modules udeb
    - reviewed !1948: [amd64] Enable Intel Platform Hardware Support Drivers
    - opened and merged !1951: Fix dirtying of the source tree when building tools
    - merged !1954: 7.0 backport 'Fix for "fragnesia" (CVE-2026-46300) and variants'
    - merged !1955: 6.12 backport 'Fix for "fragnesia" (CVE-2026-46300) and variants'
    - opened !1956: Draft: Enable a fully parallel build
  - Uploads:
    - (LTS) uploaded versions 5.10.251-2, 5.10.251-3, 5.10.251-4, 5.10.251-5, 5.10.257-1 to bullseye-security
    - uploaded versions 6.12.85-1~bpo12+1, 6.12.86-1~bpo12+1, 6.12.88-1~bpo12+1, 6.12.90-1~bpo12+1, 6.12.90-2~bpo12+1 to bookworm-backports
    - uploaded versions 6.19.14-1~bpo13+1, 7.0.10-1~bpo13+1, 7.0.4-1~bpo13+1, 7.0.7-1~bpo13+1, 7.0.9-1~bpo13+1 to trixie-backports
- (LTS) linux-6.1:
  - Uploads:
    - uploaded versions 6.1.170-1~deb11u1, 6.1.170-3~deb11u1, 6.1.172-1~deb11u1, 6.1.174-1~deb11u1 to bullseye-security
- miniramfs:
  - Bugs:
    - replied to #1132532: miniramfs: Missing cpio dependency
- nfs-utils:
  - Bugs:
    - replied to and closed #1138209: nfs-kernel-server: Parameter RPCNFSDCOUNT from /etc/default/nfs-kernel-server is ignored after Upgrade from Deb12
- wireless-regdb:
  - Uploads:
    - uploaded version 2026.03.18-1 to unstable
Debian non-package bugs:
- release.debian.org:
  - opened #1135902: trixie-pu: package initramfs-tools/0.148.4
Mailing lists:

02 Jun 2026 2:17pm GMT

This was a particularly busy month for me in terms of Debian contributions.

It started with a week in Hamburg for the MiniDebConf. I talked to many colleagues face-to-face and worked on various bugs and maintenance tasks. I'm pleased to have finally found the time to reproduce and fix the boot-time crashes in the parallel port subsystem that have been reported many times recently.

A series of easily exploited kernel LPE (local privilege execution) issues were published this month, mostly with very little coordination with distributions. Salvatore and I had to upload fixes for these at roughly weekly intervals. All of these fixes needed to be applied to 4 different upstream branches (currently 5.10, 6.1, 6.12, and 7.0) and 7 Debian branches (including backports).

Debian packages:
- cis-tools:
  - Bugs:
    - replied to #1135267: pack_cis should be installed in /usr/bin
- dracut:
  - Bugs:
    - replied to #1131809: dracut: ppc64el autopkgtest are flaky and take 7 hours per run (and discussed it in-person in Hamburg)
- firmware-free:
  - Bugs:
    - closed #1122755: firmware-free: Please remove/replace usage of dh_movetousr
  - Merge requests:
    - opened !11: Apply relevant changes from firmware-nonfree
- firmware-nonfree:
  - Merge requests:
    - closed !68: Draft: Update bullseye in line with buster
    - reviewed and merged !146: gencontrol: s/initramfs-tools/update-initramfs/
    - merged !147: control: stop suggesting initramfs-tools
    - opened and merged !148: Update to 20260519
    - opened and merged !149: Include more firmware in binary packages
    - opened !150: Update and remove obsolete package relations
- gnome-shell:
  - Bugs:
    - replied to and reassigned #1135951: linux-image-6.12.85+deb13-amd64: secure data is visible when waking from suspsend
- initramfs-tools:
  - Bugs:
    - closed #1108924: initramfs-tools: Cannot boot Trixie d-i rc2 USB storage target riscv64 MODULES=most (missing: cdns3 cdns3_starfive)
  - Merge requests:
  - Uploads:
    - uploaded version 0.148.4 to trixie
- ktls-utils:
  - Merge requests:
    - merged !5: Update to 1.4.0
  - Uploads:
    - uploaded version 1.4.0-1 to unstable
- linux:
  - Bugs:
    - replied to #1130365: linux-image-6.18.15+deb14-amd64: kernel panic during startup
    - replied to #1136800: linux-image-7.0.4+deb14-amd64: fails to boot
    - replied to #1136894: linux-image-7.0.4+deb14-amd64: Kernel Panic - AMDGPU crash
    - replied to #1136978: linux-image-7.0.4+deb14-amd64: kernel NULL pointer dereference
    - replied to and closed #1137202: linux-image-7.1-amd64: Kernel panic on boot
    - replied to #1137203: bnx2: ifupdown-hotplug fails at boot, no network, regression from 5.10.0-42
    - replied to #1137642: linux-image-7.0.7+deb13-amd64: Failed to load Bluetooth driver
  - Merge requests:
    - closed !1720: arm64: Enable Renesas RZ/G2L features
    - merged !1759: [arm64] Enable AIR_EN8811H_PHY as module
    - merged !1792: [arm64] Enable BST platform support
    - closed !1817: [sparc64] Add patches to fix user stack sync and add clone3() syscall
    - merged !1837: [arm64] Enable configs for Qualcomm RB1 boards
    - reviewed !1845: [amd64,arm64] Enable KEXEC_HANDOVER and LIVEUPDATE
    - merged !1878: [riscv64] Enable CMA and DMA_CMA. Set CMA_SIZE_MBYTES=64
    - merged !1884: [amd64] Enable Intel USBIO bridge driver and submodules
    - opened !1904: Improve package descriptions for most of the kernel packages
    - reviewed and merged !1906: Enable SND_SOC_SDCA_CLASS and SND_SOC_SDCA_{FDL, HID, IRQ} for Panther Lake audio support
    - opened and merged !1910: Add backported patches for Dirty Frag attack
    - merged !1911: Qualcomm Monaco and Talos support
    - merged !1913: d/watch: migrate to version 5
    - reviewed !1936: [sparc64] Add nvme module to scsi-modules udeb
    - reviewed !1948: [amd64] Enable Intel Platform Hardware Support Drivers
    - opened and merged !1951: Fix dirtying of the source tree when building tools
    - merged !1954: 7.0 backport 'Fix for "fragnesia" (CVE-2026-46300) and variants'
    - merged !1955: 6.12 backport 'Fix for "fragnesia" (CVE-2026-46300) and variants'
    - opened !1956: Draft: Enable a fully parallel build
  - Uploads:
    - (LTS) uploaded versions 5.10.251-2, 5.10.251-3, 5.10.251-4, 5.10.251-5, 5.10.257-1 to bullseye-security
    - uploaded versions 6.12.85-1~bpo12+1, 6.12.86-1~bpo12+1, 6.12.88-1~bpo12+1, 6.12.90-1~bpo12+1, 6.12.90-2~bpo12+1 to bookworm-backports
    - uploaded versions 6.19.14-1~bpo13+1, 7.0.10-1~bpo13+1, 7.0.4-1~bpo13+1, 7.0.7-1~bpo13+1, 7.0.9-1~bpo13+1 to trixie-backports
- (LTS) linux-6.1:
  - Uploads:
    - uploaded versions 6.1.170-1~deb11u1, 6.1.170-3~deb11u1, 6.1.172-1~deb11u1, 6.1.174-1~deb11u1 to bullseye-security
- miniramfs:
  - Bugs:
    - replied to #1132532: miniramfs: Missing cpio dependency
- nfs-utils:
  - Bugs:
    - replied to and closed #1138209: nfs-kernel-server: Parameter RPCNFSDCOUNT from /etc/default/nfs-kernel-server is ignored after Upgrade from Deb12
- wireless-regdb:
  - Uploads:
    - uploaded version 2026.03.18-1 to unstable
Debian non-package bugs:
- release.debian.org:
  - opened #1135902: trixie-pu: package initramfs-tools/0.148.4
Mailing lists:

02 Jun 2026 2:17pm GMT

fidzu : debian

03 Jun 2026

Planet Debian

Emmanuel Kasper: Running Linux i386 binary (steamcmd) via debootstrap foreign chroot

02 Jun 2026

Planet Debian

Ben Hutchings: FOSS activity in May 2026

Ben Hutchings: FOSS activity in 2025