Planet Mageia (English)

We have always had bots visiting our website. They were mostly kind bots, like the crawlers that keep the databases of search engines up-to-date. Those kind bots start by looking at our robots.txt files before doing anything, and respect the restrictions that are set in those files.

However, things have changed. Like other websites, for instance Wikipedia, we are more and more being visited by AI scrapers, bots that scrape the Internet for anything they can find to train AI applications. They are usually extremely hungry for information, so they download much, much more than an ordinary user would do. Moreover, many of them are impolite: they don’t respect the rules set in our robots.txt files, they hide who they really are, they don’t put a little pause in between requests – on the contrary, they hammer our servers with requests from lots and lots of different IP addresses at the same time. The result is that parts of mageia.org, like our Bugzilla, Wiki and Forums, become unreachable.

Below you can see the CPU load of one of our most important servers, where, amongst other things, our forums and wiki are located:

Even if our infra upgrade had already been finished, this would be really hard to mitigate.

Blocking the used IP addresses is useless because they constantly switch to new ones. One of our sysadmins just told me about a big issue: “mobile proxies” where bots proxy their request through unsuspecting users’ phones. That makes the requests look much more legitimate and hard to block without also blocking real users. A lot of that happens without users even knowing their phone is being used like this. Some applications include proxies along with some game or other app and hide it in fine print in the terms of service. Last year, it was reported that Google had removed a bunch of such applications from their store.

Apart from phones, there are IoT devices and also ordinary computers that ended up in botnets, because they were not well protected. They can be used for AI scraping and probably are now.

Our sysadmins do time and again succeed in mitigating the problem, but it is a “cat and mouse game”, so the problem is likely to reoccur.

If you know people working on AI applications which need to be trained, please ask them to make sure their bots read and respect the robots.txt files they encounter. And, of course, please nudge your friends and family, when you think they need that, to make sure their computers and other smart devices get all security updates as soon as they are released.

To do a good job, we need good tools. Some of our servers are old, no longer powerful enough and have limited disk resources to meet the needs of developers. RPM manufacturing takes a long time and this is detrimental to the efficiency of maintaining and evolving the distribution. In short, the machines are well depreciated.

This is why our infrastructure is first getting a makeover. Better adapted to new technologies, it will allow our developers to work faster and more efficiently.

So where is this new infrastructure?

 We received 5 new servers:

– 2 new nodes for building packages: HPE ProLiant DL 360 Gen10 – 2xXeon 6126 (12C/2.6GHz) –

256GB RAM – 2xSSD 3.8TB HW Raid 1 – 2x10Gb/s NICs

– 2 servers to replace sucuk and duvel: HPE ProLiant DL 380 Gen10 – 2 Xeon 6126 (12C/2.6GHz) –

256GB RAM – 2xSSD 3.8TB HW Raid 1 – 10xHDD 12TB HW Raid 5 – 2x10Gb/s NICs

– 1 server for deployment and backup: HPE ProLiant DL80 Gen9 – 2xXeon  E5-2603v4

(6C/1.7GHz) – 256GB RAM – 6xHDD 6TB (donated, with some renewed parts)

– 1 Arista 7120T switch 20xRJ-45 10Gb/s 4xSFP+ 10Gb/s for interconnecting the machines

One of the ideas is to use the latest server to deploy quickly and as automatically as possible the construction nodes and other machines. The method is ready for x86_64 nodes and is being finalized for ARM nodes. The preparation of the servers takes time because the teams anticipate the future and future developments.

Once the preparation part of our servers is finished, the integration part into the Data Center will remain.

We are therefore taking our time to do things well in order to perpetuate the future and future versions of Mageia.

In the meantime, the future version 10 of Mageia continues to bubble in its cauldron! But we are not ready yet to plan a release date for the moment.

Feel free to come and strengthen our teams.

Written by Atelier Team

That was fast: we have only just explained why our Mageia Application Database was offline and now papoteur tells us that new MADb is ready to be used.

Open the site and at first glance you might think you have somehow connected to the old site as the differences between it and the new one are hard to spot (the top one is the old site):

However, this is only the outward appearance, as the style sheets (CSS) were re-used with little modification.

The tool itself, previously written in PHP, has been completely rewritten from scratch, using Python, Flask, Jinja2 and DNF5, so the runtime code is entirely new. Papoteur showed two code snippets as an example of what really changed (again, the top one is old):

That is as different as a page from an English book compared to a page from its Indonesian translation!

About 3000 new lines of code were written for this new MADb, which is now live and ready to answer your queries about Mageia applications.

As you use the site, we ask you to think about what questions you feel an integrated help function (not yet available) should answer, and also what you feel we should include in a new wiki article about MADb. Please note your suggestions in the comments to this post, as you are all the Mageia community and this tool is for you.

Thanks to the MLO community for hosting new MADb.

UPDATE: It is now possible to visit the new MADb here https://madb.mageialinux-online.org/. It will take a bit longer for https://madb.mageia.org/ to link to it.

Written by aguador.

In Mageia, MADb, the Mageia App Db, has been an essential tool, particularly for QA (Quality Assurance) testers. It is the goto site for information on applications in our repositories with links to bug reports, priorities for updates, version comparisons and more. Searchable by Mageia version and CPU architecture, the site has not only been key for developers and testers, but many users as well who have found it an alternative to searching with our MCC control center or the command line when looking for a package to do (“whatever”).

But, er, “Houston, we have a problem.” If I go to MADb (https://madb.mageia.org/) all I got was the error message below and now a redirect to this post!

MADb was not affected by the move of Mageia’s servers announced on this blog (https://blog.mageia.org/en/2024/10/08/most-of-our-servers-will-be-offline-because-they-are-relocating/) early this month because it was originally developed by two of our contributors many years ago, and running on a different server. Mageia.Org took over ownership of their rented server a few months ago. Unfortunately, that server passed away and since the technology behind the old MADb is not compatible with newer infrastructure (mostly newer php-version), we cannot bring it back as it was. However, not all was lost!

Back in April, papoteur had submitted his initial work on a new version of MADb for testing…and since then it has undergone numerous revisions and improvements. However, it still remains “under wraps” for most users (like the author of this post!) until everyone, above all papoteur, is satisfied that it is not only a solid db interface for users, but is even better than before.

Since MADb has played such a vital role in testing, the development version is available to the QA team and other testers. It is only fair that they get the first look and use given all the work they do to assure that Mageia remains a quality distro. The rest of us simply need a bit more patience.

Ah, and not to forget the servers, not only was the move successful, with the other services affected now back up and running smoothly, but we expect to announce more good news about our servers, soon. Apart from that, most Mageia mirrors are in a good shape (they are all hosted on external servers, which we do not control).

We are pleased to announce that our servers in Marseille will be moving to new premises, still provided free of charge by IELO. As a result, some services as the bug tracker, wiki, code servers, build system and others will be offline. The planned date is between now and October 9, 2024.

We apologize for the inconvenience. This is a necessary step before hardware renewal.

[Update October 9, 2024] The operation is done, all servers are back.

By: Marc Laan
Dutch translator for the Mageia Wiki

To my surprise, I’ve been a translator for Mageia for some time now. And guess what: it’s fun work. I translate English articles on the website https://wiki.mageia.org/en/ into my own language, Dutch.

It’s not only enjoyable. I also learn in a playful way how Mageia works . For example, since translating an article about USB memories, I can now use these sticks to boot Mageia on the go from another computer.

How did I get into this translation work? In a way I had not expected. I’ve been using Mageia since its predecessors Mandrake and Mandriva. Over the years, I have always valued the simplicity with which I, as a computer novice, can operate this Linux operating system.

When the Mageia servers went down for days last year, it really touched my heart. I asked on the website whether I could make a financial contribution to modernize the server park. I got a remarkable answer from Marja van Waes, who has been active for years as a leader and jack-of-all-trades for this non-profit organization: “I would rather you put your energy into translating Wiki documents.”

My first attempts were rather clumsy, but I got a lot of help from Marja and other volunteers. They taught me how to create the translations on the wiki website, from behind my pc at home. Once I got the hang of it, it became a piece of cake.

Of course, I secretly use online translation engines, to improve my own rough translation versions. However, I have learned that you have to check their output thoroughly; sometimes they provide utter nonsense.

Up until now, I have only been involved in translating wiki documents. I don’t have any experience with translating the help texts in the Mageia programs. All in good time, I’m just a simple Mageia user.

In the meantime, I’ve noticed that the wiki mainly contains documents in French, English, German and Portuguese. Articles in important language areas such as Chinese, Arabic, Russian, Hindi, Bengali, Italian or the Scandinavian countries are scarce.

In dozens of countries, there are thousands of Mageia users who have to do without wiki documentation in their own language. I hope that will change in the future. Fortunately, help texts in software packages as the Classical Mageia Installer and the Mageia Control Center (MCC) are available in more than 25 languages. As a comparison: LibreOffice supports 71 languages and Firefox even comes with 94.

Something else strikes me: there are few women in the ranks of wiki translators. This is remarkable, because I know that in the past women have played an important role in Mageia, for example as team leaders for building packages, in the Atelier team that does the design and marketing, in the Documentation team, and in the Bugsquad, the digital detectives who track down errors in the software.

Long story short: I hope for more translators for the wiki articles pitch in, especially in languages ​​that are currently missing. And it would be nice to see more women in our translation team. It’s certainly not an old-boys club!

Technical knowledge isn’t needed for this work, in my experience. And it’s enjoyable volunteer work, which costs me at most a few hours per translation -sometimes more, other times less.

Do you think you are up for it? Please contact the translation team (Internationalisation Team):

• Yuri Chornoivan – yurchor AT ukr DOT net
• Filip Komar – filip AT mageia DOT org

The above blog text is the final version; it replaces an earlier draft, that was published by accident. The first responses were reactions to the draft.

OpenSSH is a set of free software tools enabling secure communications over a computer network using the SSH protocol.

In particular, this tool enables remote server administration.

Recently, researchers demonstrated that under very specific conditions, when establishing a connection using the SSH protocol, a malicious operator could establish the connection without having the necessary rights. This is due to a desynchronization of controls during connection establishment.

This security flaw could compromise the integrity of a server by a malicious third party.

Fortunately, we were able to count on our packaging and quality assurance teams to quickly take this correction into account and distribute it to users. The Mageia team showed as much responsiveness as larger teams such as Debian, Ubuntu or Fedora.

So don’t delay, and don’t forget to update as packages fixed for CVE-2024-6387 was published on 1^st of July.

Our responsive teams are always on the lookout for support and manpower to ensure timely updates.

If you’d like to maintain a plurality of distributions and, above all, if you like Mageia for its community and warmth, come and reinforce our packaging, quality assurance and communication teams!

Together, let’s continue to make Mageia a responsive, high-quality, high-performance distribution for many years to come.

If you’d like to join one of our teams, please visit the Mageia contribution page.

︎

As you may have noticed, our servers are down. Investigations are underway. The wiki, build system, bug tracker and mirror list are offline. We’ll keep you informed of any developments here.

[Update Monday April 8 at 15:00] The servers have been restarted. This was due to an air-conditioning fault. The site, wiki, bug tracker and mirror list are back. We’re still updating the build system.

We are proud to announce the introduction of multi version support for php in mageia 9.

Now php 8.3 can be installed in parallel to the existing php 8.2 packages. Due to this, we also update the pecl packages as they would interfere with the process.
Please note, that the default configuration is used by both versions. In order to prevent warnings, all packages from php 8.2 have to be installed for php 8.3 too.

Update notice:
If you have installed php 8.2, and want to install the same packages, use

rpm -qa '*php*' --qf '%{name}\n'|sed 's/php/php8.3/'|\
xargs urpmi --auto

Remember that for the command to work you must have backports repositories enabled.

List of package that are available in 9/core/backports

apache-mod_php8.3-8.3.4-4.mga9
php-latest-8.3.4-4.mga9
php8.3-amqp-2.1.1-2.mga9
php8.3-apcu-5.1.23-5.mga9
php8.3-apcu-admin-5.1.23-5.mga9
php8.3-ast-1.1.1-2.mga9
php8.3-bcmath-8.3.4-4.mga9
php8.3-bitset-3.0.1-18.mga9
php8.3-bz2-8.3.4-4.mga9
php8.3-calendar-8.3.4-4.mga9
php8.3-cgi-8.3.4-4.mga9
php8.3-cli-8.3.4-4.mga9
php8.3-ctype-8.3.4-4.mga9
php8.3-curl-8.3.4-4.mga9
php8.3-dba-8.3.4-4.mga9
php8.3-dbase-7.0.1-13.mga9
php8.3-devel-8.3.4-4.mga9
php8.3-dio-0.2.1-8.mga9
php8.3-doc-8.3.4-4.mga9
php8.3-dom-8.3.4-4.mga9
php8.3-ds-1.5.0-2.mga9
php8.3-enchant-8.3.4-4.mga9
php8.3-event-3.1.0-2.mga9
php8.3-exif-8.3.4-4.mga9
php8.3-expect-0.4.0-10.mga9
php8.3-fileinfo-8.3.4-4.mga9
php8.3-filter-8.3.4-4.mga9
php8.3-fpm-8.3.4-4.mga9
php8.3-fpm-apache-8.3.4-4.mga9
php8.3-fpm-nginx-8.3.4-4.mga9
php8.3-ftp-8.3.4-4.mga9
php8.3-gd-8.3.4-4.mga9
php8.3-gender-1.1.0-21.mga9
php8.3-gettext-8.3.4-4.mga9
php8.3-gmagick-2.0.6-0.RC1.9.mga9
php8.3-gmp-8.3.4-4.mga9
php8.3-gnupg-1.5.1-8.mga9
php8.3-iconv-8.3.4-4.mga9
php8.3-igbinary-3.2.15-2.mga9
php8.3-imagick-3.7.0-10.mga9
php8.3-imap-8.3.4-4.mga9
php8.3-ini-8.3.4-4.mga9
php8.3-inotify-3.0.0-9.mga9
php8.3-intl-8.3.4-4.mga9
php8.3-jsmin-3.0.0-19.mga9
php8.3-ldap-8.3.4-4.mga9
php8.3-mailparse-3.1.6-3.mga9
php8.3-mbstring-8.3.4-4.mga9
php8.3-mcrypt-1.0.7-2.mga9
php8.3-memcached-3.2.0-6.mga9
php8.3-mongodb-1.17.2-2.mga9
php8.3-msgpack-2.2.0-4.mga9
php8.3-mysqli-8.3.4-4.mga9
php8.3-mysqlnd-8.3.4-4.mga9
php8.3-odbc-8.3.4-4.mga9
php8.3-opcache-8.3.4-4.mga9
php8.3-openssl-8.3.4-4.mga9
php8.3-pcntl-8.3.4-4.mga9
php8.3-pdo-8.3.4-4.mga9
php8.3-pdo_dblib-8.3.4-4.mga9
php8.3-pdo_firebird-8.3.4-4.mga9
php8.3-pdo_mysql-8.3.4-4.mga9
php8.3-pdo_odbc-8.3.4-4.mga9
php8.3-pdo_pgsql-8.3.4-4.mga9
php8.3-pdo_sqlite-8.3.4-4.mga9
php8.3-pear-1.10.14-3.mga9
php8.3-pgsql-8.3.4-4.mga9
php8.3-phar-8.3.4-4.mga9
php8.3-posix-8.3.4-4.mga9
php8.3-pspell-1.0.1-2.mga9
php8.3-raphf-2.0.1-9.mga9
php8.3-readline-8.3.4-4.mga9
php8.3-redis-6.0.2-2.mga9
php8.3-rrd-2.0.3-9.mga9
php8.3-session-8.3.4-4.mga9
php8.3-shmop-8.3.4-4.mga9
php8.3-snmp-8.3.4-4.mga9
php8.3-soap-8.3.4-4.mga9
php8.3-sockets-8.3.4-4.mga9
php8.3-sodium-8.3.4-4.mga9
php8.3-sqlite3-8.3.4-4.mga9
php8.3-ssh2-1.4-3.mga9
php8.3-sysvmsg-8.3.4-4.mga9
php8.3-sysvsem-8.3.4-4.mga9
php8.3-sysvshm-8.3.4-4.mga9
php8.3-tidy-8.3.4-4.mga9
php8.3-tokenizer-8.3.4-4.mga9
php8.3-translit-0.7.1-10.mga9
php8.3-uuid-1.2.0-10.mga9
php8.3-xattr-1.4.0-11.mga9
php8.3-xdebug-3.3.1-2.mga9
php8.3-xmlreader-8.3.4-4.mga9
php8.3-xmlwriter-8.3.4-4.mga9
php8.3-xsl-8.3.4-4.mga9
php8.3-yaml-2.2.3-3.mga9
php8.3-zip-8.3.4-4.mga9
php8.3-zlib-8.3.4-4.mga9
php8.3-zstd-0.13.1-2.mga9
phpdbg8.3-8.3.4-4.mga9

SRPMS:
php-8.3.4-4.mga9.src.rpm
php-amqp-2.1.1-2.mga9.src.rpm
php-apcu-5.1.23-5.mga9.src.rpm
php-ast-1.1.1-2.mga9.src.rpm
php-bitset-3.0.1-18.mga9.src.rpm
php-dbase-7.0.1-13.mga9.src.rpm
php-dio-0.2.1-8.mga9.src.rpm
php-ds-1.5.0-2.mga9.src.rpm
php-event-3.1.0-2.mga9.src.rpm
php-expect-0.4.0-10.mga9.src.rpm
php-gender-1.1.0-21.mga9.src.rpm
php-gmagick-2.0.6-0.RC1.9.mga9.src.rpm
php-gnupg-1.5.1-8.mga9.src.rpm
php-igbinary-3.2.15-2.mga9.src.rpm
php-imagick-3.7.0-10.mga9.src.rpm
php-inotify-3.0.0-9.mga9.src.rpm
php-jsmin-3.0.0-19.mga9.src.rpm
php-mailparse-3.1.6-3.mga9.src.rpm
php-mcrypt-1.0.7-2.mga9.src.rpm
php-memcached-3.2.0-6.mga9.src.rpm
php-mongodb-1.17.2-2.mga9.src.rpm
php-msgpack-2.2.0-4.mga9.src.rpm
php-pear-1.10.14-3.mga9.src.rpm
php-pspell-1.0.1-2.mga9.src.rpm
php-raphf-2.0.1-9.mga9.src.rpm
php-redis-6.0.2-2.mga9.src.rpm
php-rrd-2.0.3-9.mga9.src.rpm
php-ssh2-1.4-3.mga9.src.rpm
php-translit-0.7.1-10.mga9.src.rpm
php-uuid-1.2.0-10.mga9.src.rpm
php-xattr-1.4.0-11.mga9.src.rpm
php-xdebug-3.3.1-2.mga9.src.rpm
php-yaml-2.2.3-3.mga9.src.rpm
php-zstd-0.13.1-2.mga9.src.rpm

We will announce on backports-announce@ml.mageia.org when new backports are available for testing and when they be promoted to backports repository, We are still tuning the process and the format for the announces.

Let us know what you think.

P.S: Some corrections received were applied to the suggested command to install the php 8.3 packages from the php 8.2 packages installed on your system.

http://distrib-coffee.ipsl.jussieu.fr/pub/linux/Mageia is not synchronized, and several of the servers use it as a source for synchronization.
We recommend setting up a custom server to urpmi or dnf .

Keep an eye on this article and the page https://mirrors.mageia.org/status.