Mageia 9 alpha is here already

We are happy to announce the release of the test images of Mageia 9. These are available to early testers to help with the development towards a stable final release of Mageia 9. There have been large scale updates of all packages as well as new features implemented to improve what Mageia already offered.

Some of the key updates include:    

  • Kernel – 6.0.5
  • glib – 2.36
  • gcc – 12.2.1
  • rpm – 4.18.0
  • Chromium – 106
  • Firefox ESR – 102.5
  • LibreOffice – 7.4.2
  • Plasma – 5.25.9
  • GNOME 43.1
  • Xfce 4.17
  • LXQt 1.2.0

 A full list of included packages is available in the .idx file for the installation media.

For those that want to jump in and test straight away, the images can be downloaded here. As always with pre-release images, use your best judgement.

The available ISO images are the same as in Mageia 8, offering installation media for both 32 and 64bit systems, 64bit live images for Plasma, GNOME and Xfce, as well as a 32bit live image for Xfce.

The Control Centre now adds a new feature that will allow the removal of old kernels. This feature will be automated by default in Mageia 9, but will also allow the user to configure and run it manually. There are also improvements in boot times with the Plasma update to 5.25 and Systemd.

And as always there are many package updates. So please update during or at least soon after install.

Of course you’re very welcome to join us.

Current Roundup and News – Week 35

Neoclust wrote this blog post last Sunday, but we (Atelier Team) needed three days to enhance it a little and publish it, sorry about that to Neoclust and all our readers. If you want to join Atelier Team to help publish our blog posts faster and more often, you’re very welcome!

It is time to start having good habits again and tell what we do in Mageia.

It has been a busy week, as usual! Hundreds of packages were pushed to Cauldron (499 Source RPMs, so even many more packages). Security and bugfix updates for Mageia 8 landed on our mirrors, too.

Security updates in Mageia 8:

  • webkit2
  • ytnef
  • thunderbird
  • mariadb
  • postgresql11, postgresql13
  • clamav
  • net-snmp
  • python-ldap
  • firefox
  • and a lot more

Bugfix updates in Mageia 8:

  • apache
  • boinc-client
  • kernel
  • libreoffice
  • dkms-bbswitch
  • and a lot more

Summary of updates in Mageia 8

Since mageia 8 got out, we released 757 security packages and 323 bugfix packages.

Mageia 9 is boiling

Actually (as you may have understood when you read about the hundreds of packages that are made for Cauldron) a big work is done to update packages in the upcoming mageia 9.

Three highlights: We updated Gnome to its version 42, plasma to version 5.25.4. The kernel has been updated to the latest stable release: 5.19.6.

Time to Make Mageia 9 Beautiful – The Artwork Drop is Open

As with every release, the artwork for Mageia 9 will come from you, the great community that supports and makes Mageia possible. The Development of Mageia 9 is progressing quickly, with many major updates and key features getting ready for testing and release. With this progress, it’s time to get the artwork ready for release. As in previous years, we’re looking for your contributions and ideas, but not just images and photos – if you have icons and logos, or ideas on how login screens or animations should look, then it’s time to discuss or show them off.

Image credit XKCD

We will typically choose a digital abstract piece using the colours of the Mageia logo for the signature background. It should be easily cropped to different aspect ratios without losing the feel of the image and have a resolution of at least 3,200 by 2,400px, to accommodate a wide variety of monitors. Alternative background and screensavers have less restrictive guidelines, so if you feel like flexing your creativity, we’d love to see what you come up with.

Rules
The contest begins on the 4th of August 2022 and will run until the 25th of August 2022, Mageia will provide 1 official background, 10 additional backgrounds and all the other bits we do to make Mageia look great. If you’d like to participate, it’s easy:
Please submit your work to the Mageia 9 artwork drop. You also have the option to send a link to the Atelier mailing list. The Atelier team will choose 10 backgrounds from different contributors to be included in the “additional backgrounds”.

Prerequisites

  • minimal size: 3,200×2,400 px for images, preferably SVG for icons
  • no borders
  • no text inside: the Mageia logo may be placed for show, but will need to be removable
  • scalable or croppable for all possible aspect ratios: 4:3, 16:9, 16:10 etc.
  • License: CC By SA 3.0 or later

Please also have a look here for more information about things you have to watch out for or to see previous Mageia wallpapers. Some screensavers and the Mageia 8 background are uploaded on the artwork drop for reference.
Photos will be considered for screensavers and additional backgrounds, provided no recognisable people are visible. Please avoid copyrighted artwork, unless you own the copyright and agree to the CC By SA 3.0 license.
All the work needs to be original with the source files (SVG, xcf, etc) available and within Mageia’s artwork guidelines. Please upload a png or similar as they are much easier for previewing. We hope that these guidelines will make everything clear and help you to make something that will make Mageia look great.
The guidelines cover the Official Mageia Logo, colour scheme, website motif, fonts, wallpaper and other elements. The Mageia official logo is also covered by our Trademark Policy.
Take a moment to learn the rules, then, jump in and create with us!


Final choice
The Mageia council will choose the final winners and they will be announced on the Mageia blog.

So you are not good enough to contribute?

This blog post is especially written for those among us who could free up some time to contribute, but refrain from doing so because they think they are not good enough.
The last section is for former and current packaging apprentice candidates, who did get the impression that we think they are not good enough.

Change your perspective


Is this post going to say that everyone is good enough?

No. Only that you do not need to be good enough. Not a single one of us is, we all have gaps in our knowledge, we all have missing talents. Yet Mageia is still there, since over a decade. Why? Because, by bundling our very different skills and talents and by bundling our available time, Mageia became good as a whole.

But, if Mageia is good, then there is no need for new contributors. Never change a winning team!

Well, this team is continually changing without us pushing for a change:
First of all, we do not have eternal life. We have had several great contributors leave this world for good. Like Marek Laane last year. He was a very helpful member of the Internationalisation and Localisation Team and helped Documentation Team too.
Secondly, contributors can cease to have time. That can be caused by work, family, health, study and other circumstances. It just happens often.
Thirdly, the task of a contributor can change. For instance when someone sees she is more needed elsewhere in our project.

Apart from all that, many hands make light work 🙂

But, whichever company is behind Mageia can hire more people, why would I help without getting paid?

There is no company behind Mageia. Mageia is a community of volunteers who make a Linux distribution. There is no division between the community members who create Mageia and those who use it, we’re all Mageians and expected to contribute if, how and when we can. It is very rewarding to help, though. Mageia is a fascinating project with people from all over the world. Contributors usually learn a lot from contributing and get to know many nice people.

So, those who do not contribute are not allowed to install and use Mageia?

No, everybody is free to use it. If you use it but are unable to contribute, then you are still one of us, still a Mageian and member of our community. Besides, you may already have started to contribute without being aware, for instance by showing and telling others that you use Mageia.

But I am not French and not even European

Even if Mageia lives in France, you are welcome regardless of where you live or what your nationality is. We do not need to see your passport. You can contribute incognito, if you prefer, or choose a name from a different country than yours. We only need to know who you really are, if you become a member of our Board.

I am totally new to Mageia and know nothing about Linux

You have a very special, much needed skill: when reading our documentation, you will read what it really says. You will spot things that are unclear or do not work as described. Please register with Mageia and file a bug report about every such issue, or become a member of Documentation Team.
Experienced Mageians are often incapable of noticing errors or gaps in our documentation, because we fail to read as if it is completely new to us.

I have no doubts about my talents, but you seem to have doubts. I volunteered to become a packager, but no one offered to mentor me

Yes, that happens too often. Many of our potential mentors are overloaded. In general: many contributors see less than half the mails and other messages they would like to see, let alone find time to read them. So this is likely a problem in more teams.
It would be great if you would persevere. For instance, read the documentation about packaging and then find a bug in Bugzilla that you could fix. Attach your suggested patch to it and write dev ml a mail with “[Mentoring]” at the beginning of the subject, informing about your patch for that bug and asking for someone to review it.
Another option is to contribute in different ways first. For instance, Atelier Team could really use more contributors now. You would not feel alone there: its new leader joselp would very much like to become a packager, too.

[SOLVED] Most of our servers can not be reached since some hours ago.

Due to a problem in the Data Center where most of mageia.org is hosted, most of our website (like forums, wiki and bugzilla) cannot be reached since some hours ago.

This affects more clients than just Mageia. Data Center staff members are working hard to solve the problem as soon as possible.

Edit: the problem is solved, the servers are back 🙂

Changed IBAN

Mageia switched to a different bank and has a new International Bank Account Number (IBAN) now.

If you want to transfer money to Mageia, please do not use the IBAN of the old account. Ask our treasurer (treasurer*at*mageia*dot*org) for the new number instead.

PwnKit (polkit’s pkexec exploit) – CVE-2021-4034

The update fixing the issue for Mageia 8 was released Wed, 26 Jan 2022 10:31 UTC (05:31 EST).

For anyone still running Mageia 7 (or older releases), the recommendation is …

As root run “chmod 0755 /usr/bin/pkexec”.
That will mean pkexec doesn’t work anymore. Running things like rpmdrake as a
regular user will not work. You must use an alternative approach to get root
privileges (open a terminal, use “su -” and then run rpmdrake or use sudo rpmdrake
if you’ve configured sudo).

Interview of Nicolas Lécureuil, chair of the Mageia Board, on Linuxfr.org

Last month a very nice interview of Nicolas Lécureuil, chairman of the Mageia Board, appeared on LinuxFr.org
It was written by Ysabeau. We translated it, so that you can enjoy it, too.

Nicolas Lécureuil (Neoclust)

Nicolas Lécureuil, alias Neoclust, is a long time user of LinuxFr.org. He has an account on the website dedicated to Linux since 2005. Nicolas became the president of the Board of Mageia early in 2021. Nicolas has been, and still is, very active everywhere in the Mageia forums, discussion lists and the cauldron development, where new versions of the distribution are being cooked. In this interview, we will see that he is an early Mageian. Also, we will discover his ambitions and projects for this distribution, which is one of the most accessible to the general public.

Contents

A new chair of the Board
Mageia and its environment
Mageia development
To finish

A new chair of the Board

How did you fall into the cauldron?

I accidentally started to contribute to Mandrake, I had seen a CD in a magazine, tested it and wanted to help.

Right away I found very nice people on IRC who were listening. Using KDE, a desktop environment that I found easy to access, as basis, I started to contribute by sending patches to the then maintainer, who was an employee of Mandrakesoft.

In a second step I started to really contribute to KDE.

One day, when an employee of Mandriva (after Mandrakesoft and Connectiva had merged) left, Anne Nicolas (Ennael) suggested me to replace him, I cannot thank her enough for that proposal. It is with pleasure that I joined the workforce. The feeling that I had as a contributor did not change, the colleagues were just as nice. I have gotten to know some people better. I will not mention them, I would be too afraid to forget one.

My role at Mandriva at the beginning was to take care of the “desktop” part of the distribution on the one hand and the relationship with our customers for their KDE bugs on the other hand.

Subsequently, I was a packager and in charge of the integration of the MBS (Mandriva Business server) distribution. This distribution was based on Mageia and made it possible to provide Pulse, which is a web software for managing IT equipment (inventory, deployment of packages, imaging, backup, etc.) to some of our customers.

So it was only natural for me to join my old friends, colleagues and contributors for Mageia. Even though I miss some (Coling and Mikala for example), I have always had a great time working with old and new persons alike. This entire little world makes me richer every day.

How does one become a member of the Mageia Board and its president?

Board members are elected by Mageia members, so you need to be known / recognized for your commitment to the distribution, eg by sorting out bugs and attending meetings on IRC. The mandates of secretary, treasurer and president, except on administrative matters, are irrelevant, as all decisions are collegial with the Board or the Council. It is true, being French-speaking necessarily helps with all administrative questions for these three roles.

What is the profile of the current members?

There is no profile so to speak, the people are very varied, both professionally and geographically, there is a nurse, a student, a few software developers, Finns, Canadians, people from the United States. United Kingdom, English, French, etc. But it’s the passion and commitment around Mageia that brings them together.

How do you see this governance of Mageia? And by the way, does this begin to happen?

I see this governance as ambitious and full of co-constructions. For the moment we are getting our bearings and starting in the office to work on what we can propose to the Council, the first project being the renewal of our server park.

The second project is to relaunch the development of certain bricks of our distribution such as urpmi. In fact urpmi is a complete, simple, and very well working package manager. It lacks support for new rpm features.

We have in our hands a very good distribution that we can have ambition for, if we fill in a few gaps.

We might consider creating an LTS, if we can find new contributors to take care of security updates, because for now (except for packages maintained in stable by their official maintainers [like the kernel / glibc / rpm / …] I take care of a lot of these updates and I wouldn’t be against a little helping hand [it would allow me to free up some time for other tasks in the distribution]). An LTS version would allow some companies to consider using Mageia more confidently.

Do you have specific goals for your term of office?

I have several goals, but these are my commitments only, until I have discussed them with the Council.

The first is to relaunch communication around Mageia. We have a great team, the Atelier team, which is very responsive, it is up to us, developers, packagers, etc., to give them the facts to be well communicated. I would also like new people to be able to join these bodies because by having a new eye, new ideas, it can revive our way of communicating (we have to admit it, communication has never been our strong point).

We started with blog articles in order to boost the contribution to our distribution because, as in many projects, it is often the same people who contribute, some run out of steam and therefore take a step back from the project (but this is true for many projects in and outside the IT world).

We also need to attract new contributors. As I like to say: I’d rather have people who just take good care of one piece of software / one brick and do nothing else, rather than someone who wants to touch everything and ends up doing little.

I’m happy to always have had knowledgeable contributors around KDE / Plasma. I had mikala at one time (who can always come back if in the mood and especially if the time returns) and now I have David²) doing a tremendous job and I cannot thank him enough.

Do you have any training or background related to IT, if so, is this useful to you for Mageia?

I learned a lot on my own, and very much with the help and knowledge of other contributors.

I was originally trained as a biochemist, but I have always loved computer science. So after my studies, I took a course to get a degree as Linux support technician. I think my scientific background gave me a certain rigor. And, thanks to my company, which gives me the opportunity, I am gradually learning to develop.

Mageia and its environment

At the base of Mageia, we have an association governed by French law, what about the impact of Mageia outside of France?

I admit that I do not yet fully understand the impact of Mageia outside of France. What I do know is that we have contributors all over the world, and quite significantly in Spain with Blogdrake (ES).

If a Mageia community outside of France participates in an event to promote the distribution we are always interested to know, because we can make a blog post with pictures afterwards.

How do you analyze the fact that Mageia is no longer in the top ten in the Distrowatch ranking?

I think this is mostly due to the fact that we haven’t communicated much or well in recent years about our project. As a result, fewer people would be looking to find out about us on this site.

However, the Distrowatch ranking has never been a goal or a benchmark for me, because although it is a kind of “thermometer”, I don’t know of any average user who actually uses it. It highlights the number of clicks on the site but in no way the quality of the distribution, nor that of its community.

In fact, Mageia has a loyal community whether on the French side with Mageialinux-online (MLO) (FR) or Spanish with Blogdrake (ES) (to name just two).

Are there interactions between Mageia and other distributions?

There is, to only speak of David and I, an interaction with the Java team at Fedora. At Mageia, we use Fedora’s Java stack, and we try to provide them with fixes for that stack as soon as possible. I have planned to bring back to them the security fixes that we add to Mageia.

Has the pandemic affected the development of Mageia? If so, how?

Honestly, I have no idea.

We don’t have any audience measurement system, neither within the distribution nor within the development team, so on the usage side, we can’t say anything. In terms of engagement, it’s mixed. There are new people arriving to lend a hand, in teams such as communications and QA (testing packages and updates before “the general public”), and others who find themselves with more work in real life. In the end, we don’t feel that the pandemic has had much of an impact on Mageia’s development.

Mageia development

In the comments of the Mageia 8 release announcement²), Mageia was criticized for choosing not to include Nextcloud 21 right away because of the PHP version. Can you give us the background to this decision? (precision: Nextcloud has since been integrated into the distribution).

When maintaining a distribution there are several things to consider:

  • the delivery date of the distribution
  • the duration of maintenance of the latter
  • the migration that end users will need to do

Regarding the last point, we quite logically consider a migration when switching from one stable version to another but rarely when updating packages in a stable version. It is quite unpleasant for an administrator during a simple security update to have to change their configuration.

Mageia 8 came out with PHP 8 and we expected an outcry because “it was too early”, “they are definitely not thinking” …

On the development mailing list, there have been rich discussions on this topic. This made it possible to highlight that it seems important to us that we would need to be able to either maintain several versions of PHP (in this specific case), or allow to co-install several versions (PHP 7 versus PHP 8).

The concern we had to face was that the end of life of PHP 7 was nearing at the beginning of the cycle, which would have forced users to migrate within a stable version of Mageia with all possible migration concerns.

Today, if a similar choice were to arise, what decision could Mageia make?

I think we have to analyze this situation and work so that such a worry, such a frustration does not happen again, while being aware of our “capacity to do”, that is to say, our capacity, on support time, to maintain one or more versions of the same software, of the same library.

I think in the distribution cycle we have to discuss well in advance which releases we want and stick to them and communicate about them. Consequently, it would have been done long before we were going to switch to php8 and so it would have left time for everyone to react.

Generally speaking, how do you decide which software to package, which software to put aside?

It’s all about utility. Our packers add what they use. However, even based on this logic some software is not allowed to be added.

In fact, if a software is proposed to be maintained, it must comply with a certain number of rules:

  • a compatible license above all;
  • no downloads during the build, all builds must be idempotent;
  • generally, no dead applications that are no longer maintained or applications with security vulnerabilities that have not been corrected for some time;
  • no application that requires hundreds of dependencies to be added to the distribution, without a maintainer.

Still in the comments of this announcement, about the duration of maintenance of Mageia 7 and versions N – 1 in general, you answer “We can very well consider modifying this date, that would not seem silly to me”. What would that give?

For the Mageia 7, it’s not huge, I’ll admit, but we’ve extended support for a month, until June 30th. It is quite complicated now, with the number of volunteers, to commit to too large an extension of the support. However, if we manage to include new contributors, this can / will be discussed again, whether they are packagers or help QA (quality assurance).

Because our QA doesn’t just test the installation of packages, it can not be done automatically. Our QA also checks that the CVEs ³) are no longer valid with the new versions. It takes time, but it is an added value for Mageia.

Mageia has a relatively long lifecycle, which is comfortable, but some heavily used software has significantly shorter cycles. Do you think it would be possible to change the current policy of Mageia and have more updates of such software between two versions?

I would very much like us to adopt this policy. It has already started with, for example, the update of LibreOffice. We will update to version 7.2 as soon as it becomes available.

I also think that it is possible to adopt this for some software if the maintainers are active and responsive. Regarding Plasma and other desktop environments, it’s a bit more complicated because, for example, for Plasma, there is Plasma-workspace as such, but there are also the KFrameworks to be updated regularly (one release per month), and the KDE Gears (KDE Applications like Dolphin, KMail, K3b…) which have major updates in April, August and December and lots of small minor versions in between.

It would be possible to release each new version, but that involves a very large amount of RPM packages to test and verify that they install correctly. The QA team lacks the hands for this (however this can change depending on the number of people involved).

One of the recurring criticisms from outside is about Mageia’s abundance of desktop environments. How do you respond to that?

To that I reply that it is a false debate for me. Indeed, if a contributor comes to Mageia with the desire to maintain a desktop environment and if they are told that it is better to maintain Plasma or Gnome, there is a one in two chance that he or she will not do it and either go elsewhere or become a simple user again. However, we would need to audit the desktop environments and keep only those that are maintained and functional.

Mageia until now used Google or Framasoft tools for certain tasks (collaborative writing, event planning, etc.). Are there plans for the distribution to use its own tools instead?

Currently there are no projects from the Mageia sysadmin team to host such tools, we already have quite a few projects going on, but once the list is cleared, it is not impossible.

If we want to get closer to the cauldron where the future Mageia is concocted, for instance by packaging, what should we do, have, know? How does that work?

To get closer to the development version, there are several approaches depending on what you want to do.

The first is to simply use it: when doing this, you can also (and it is even recommended) subscribe to the Mageia dev mailing list. This allows you to be aware of changes (for example recently when rpm changed its database manager).

The second is for people who want to get involved. To do this there is, in addition to the dev list, the packages-commits list, which allows you to have real-time mails of modifications in the distribution (rpms side), and soft-commits to have the modifications in the software (mcc , urpmi, installer, etc.).

In both cases, you need to migrate an installation from Mageia 8 to Cauldron by modifying urpmi repositories using the method given in the Mageia wiki. Since Cauldron’s contents are often changed over the course of a day, it is best to use a specific mirror. If you are in France, we suggest using the one from free.fr.

As a first step, using the cauldron in a virtual machine is strongly recommended. Its use in production is not recommended. Updates are too frequent there and can sometimes break the system while waiting for most components to be recompiled (eg when updating the Perl or Python stack, etc.).

To finish

At the professional level, what free software do you use, on what OS?

Professionally my two most important tools are Vim and Git. I have never managed to use a graphical text editor to effectively replace Vim. I use them on Debian and Mageia (with a preference for one of the 2 😉).

Besides Mageia, do you have any other favorite GNU / Linux distribution or other free system (* BSD, Haiku, etc.)? And why, what are your favorite free programs?

For work I use Debian and Centos, as we provide our software on these two operating systems.

I use my computers almost only for work, so the amount of software used is quite limited, because in addition to Vim and Git I use Jitsi, Firefox, VLC.

Which question would you have loved to be asked? (obviously you can answer it)

What makes Mageia a great distro?

Mageia has, like everyone, its peculiarities, its specificities, it meets most of the usual needs, it is a good distribution, even if it may not appeal to everyone. This is based on several elements:

its active and attentive contributors who do their utmost to satisfy their use and that of users;
its very active community, whether in France or in other countries.

Listening is very important to have a good distribution, that’s why I think we should set up a system outside Bugzilla, to ask questions, and get the opinions of users in a more simple and efficient way.

Which question would you have hated to be asked? (hoping I didn’t ask you).

Isn’t it too hard to start to head Mageia after Ennael?

Simply because I owe everything to Anne, because if she hadn’t called on me twelve years ago, I don’t know if my professional path would have allowed me to have the time to contribute.

It allowed me to be part of a team of great people (no need to name them, they will recognize themselves) and to learn a lot of things.

Thanks again to her 🙂

Thank you very much Nicolas.

¹) David Geiger alias david_david who is the co-maintainer of KDE in Mageia.

²) https://linuxfr.org/news/la-huitieme-mageia

³) CVE is short for Common Vulnerabilities and Exposures

More on Open Source Experience

We have already announced that we will have a stand at Open Source Experience in Paris on the 9th and 10th of November. However, we did not say why we are so happy to be able to join this new event.


Open Source Experience aims to bring the entire open source ecosystem together for two dynamic days. “Entire” really means entire: From communities like Mageia to all sorts of companies, from students to experts, from journalists to politicians, from investors to researchers and inventors and much more, it is for anyone with a dedication to open source. Note that it is not just about open-source software, but also about open source hardware and network solutions, consultancy, training, cloud, data centres, security, AI, IoT, etc, more than can be mentioned.

Many interested people will visit the event, and certainly not only from France. The event will be hybrid: physical meetings on the 9th and 10th of November 2021 and a digital event platform, so (international) visitors who would otherwise be unable to attend can participate. At least one of the speakers happens to be a Mageia contributor and board member in his free time, Bruno Cornec. He will give two talks, one about an alternative for REST, the other about how (and how not) to open source a project.

Open Source Experience is an excellent opportunity to introduce Mageia to people who would potentially enjoy helping to make Mageia, but also to see what is going on in the open-source world, to learn and discover new developments, meet with other people and projects and to make the open-source ecosystem stronger.

Mageia at the Campus du Libre and at the Open Source Experience

We’re happy to announce two real-life events.

Mageia will be present again at the Campus du Libre in Lyon. The event will be held on Saturday 6 November 2021 from 10h till 17h30 on the Campus de la Doua, in the Nautibus building.

Thanks to DTux, alias DTux69, Mageia will also be present at the Open Source Experience on 9 & 10 November 2021 in the Palais des Congrès in Paris.

If you’re in France in November, these are excellent opportunities to meet some nice core members of Mageia.

Additional information, added on September 24, 16h01 UTC:

We’ll have a stand at both events, our members there will be happy to meet you, regardless of how experienced or inexperienced you are. You’re encouraged to visit the stand, especially if you have any questions regarding Mageia, if you’d like to contribute to our wonderful project, or if you’d simply like to meet other Mageians.