22 Aug 2017

feedPlanet Gentoo

Alexys Jacob: py3status v3.6

After four months of cool contributions and hard work on normalization and modules' clean up, I'm glad to announce the release of py3status v3.6!

Milestone 3.6 was mainly focused about existing modules, from their documentation to their usage of the py3 helper to streamline their code base.

Other improvements were made about error reporting while some sneaky bugs got fixed along the way.

Highlights

Not an extensive list, check the changelog.

New modules

Milestone 3.7

This milestone will give a serious kick into py3status performance. We'll do lots of profiling and drastic work to reduce py3status CPU and memory footprints!

For now we've been relying a lot on threads, which is simple to operate but not that CPU/memory friendly. Since i3wm users rightly care for their efficiency we think it's about time we address this kind of points in py3status.

Stay tuned, we have some nice ideas in stock 🙂

Thanks contributors!

This release is their work, thanks a lot guys!

22 Aug 2017 6:00am GMT

21 Aug 2017

feedPlanet Gentoo

Agostino Sarubbo: sys-kernel/grsecurity-sources available!

Is known that the grsecurity project since few weeks made available the grsecurity patches only for their customers. In the meantime some people made their fork of the latest publicly available patches.

At Gentoo, for some reasons (which I respect) explained by the news item and on the mailing lists, the maintainer decided to drop the hardened-sources package at the end of September 2017

Then, I decided to make my own ebuild that uses the Genpatches plus the Unofficial forward ports of the last publicly available grsecurity patch.

Before you wondering about the code of the ebuild, let me explain the logic used:

1) The ebuild was done in this way because the version bump should result in a copy-paste on the ebuild side.
2) I don't use the GENPATCHES variable from the kernel eclass because of the previously explained point 1.
3) I generate the tarball via a bash script which takes the genpatches, take the unofficial-grsecurity-patches and deletes the unwanted patches.
4) I don't use the UNIPATCH_EXCLUDE variable because because of the previously explained point 3.

Don't expect a version bump on each minor release unless there are critical bugs and/or dangerous security bugs. So please not file version bump requests on bugzilla.

If you have any issue regarding grsecurity itself, please file a bug on the github issue tracker and if you will mention the issue elsewhere, please specify that the issue is with the unofficial grsecurity port. This will avoid to "damage" the grsecurity image/credibility.

The ebuild is available into my overlay
If you have trouble on how to install that ebuild, please follow the layman article on our wiki.

USE IT AT YOUR OWN RISK 😉

21 Aug 2017 3:11pm GMT

19 Aug 2017

feedPlanet Gentoo

Gentoo News: Hardened Linux kernel sources removal

As you may know the core of sys-kernel/hardened-sources has been the grsecurity patches. Recently the grsecurity developers have decided to limit access to these patches. As a result, the Gentoo Hardened team is unable to ensure a regular patching schedule and therefore the security of the users of these kernel sources. Thus, we will be masking hardened-sources on the 27th of August and will proceed to remove them from the main ebuild repository by the end of September. We recommend to use sys-kernel/gentoo-sources instead. Userspace hardening and support for SELinux will of course remain in the Gentoo ebuild repository. Please see the full news item for additional information and links.

19 Aug 2017 12:00am GMT