supervision - discussion about system services, daemon supervision, init, runlevel management, and tools such as s6 and runit
 help / color / mirror / Atom feed
* [announce] Summer 2022 release
@ 2022-06-14 11:49 Laurent Bercot
  2022-06-15 11:38 ` Alexis
  0 siblings, 1 reply; 2+ messages in thread
From: Laurent Bercot @ 2022-06-14 11:49 UTC (permalink / raw)
  To: skaware; +Cc: supervision


  New versions of some packages are available.

  skalibs has undergone a major update, mostly to yet again revamp
librandom. This time I am happy with the API and implementation: I 
it finally addresses all the cases in a satisfying way, providing cross-
platform failure-free pseudorandom number generation with options to 
between waiting until the entropy pool has been initialized and possibly
getting less cryptographically secure data if the entropy pool is too
shallow. It wasn't easy to design; it's here at last.

  Compatibility with previous skalibs version is not assured, but apart
from librandom, and one additional function, no other interface has been
modified, so the compatibility breaks are minimal and a lot of software
will still build with this version without needing any modification.

  Most of the rest of the software stack has undergone at 
a release bump, in order to build with the new skalibs; a large part of 
has also received some changes and fixes. Some packages did not need
changing at all: no release is provided for these, they should keep 
with the new stack.

  execline comes with a quality-of-life parser change: backslashes at the
end of lines are now ignored, which makes it possible to directly copy
some multiline commands from shell scripts.

  s6-linux-utils comes with a new utility, rngseed, which is an original
implementation of Jason Donenfeld's seedrng[1]. This is the work that
made it necessary to get librandom right once and for all. With rngseed,
no Linux system should ever have uninitialized entropy pool problems 

  The new versions are the following:

skalibs-          (major)
utmps-             (minor)
execline-          (major)
s6-               (release)
s6-rc-             (release)
s6-linux-init-     (minor)
s6-portable-utils- (minor)
s6-linux-utils-    (major)
s6-dns-            (release)
s6-networking-     (release)
mdevd-             (release)
dnsfunnel-         (release)

  Details of some of these package changes follow.

* skalibs-

  - librandom rewritten. random_init and random_finish functions removed.
The new random_buf function, which replaces random_strin), never fails.
It blocks if the entropy pool is not initialized; the new 
function is the same, but does not block. random_devurandom is now
exported, but should not be needed except in very specific cases 
  - New functions added: waitn_posix and waitn_reap_posix, openc*_at.
  - readnclose is now exported.
  - openreadnclose_at() now returns an ssize_t, aligning with 
You should check your code for any use of openreadnclose_at(), and adapt 
to the new API. (Previously it returned a size_t and the user was 
to assume an error if it didn't fill the entire length of the buffer. 
errors are reported with -1.)
  - Endianness conversion primitives reworked. The nonportability of 
and bswap has always been a pain point; the new portable functions in 
should now be just as efficient as the system-dependent endian.h 
  - Added an implementation of the blake2s hash.

* utmps-

  - Nothing to do with the new skalibs; utmps- has been available 
a while, but was never properly announced. The main feature is that
utmps-wtmpd can now take an argument naming its database file. This is
useful for implementing btmp, one of the numerous idiosyncrasies of 
Linux software.

* execline-

  - Bugfixes.
  - The execlineb parser has been rewritten and its transition table is 
  - The wait command can now wait for *one* of the listed processes, in
addition to its original capability of waiting for *all* of them. It can
also stop waiting after a timeout. The new features can be used even 
wait is used in posix mode.

* s6-linux-init-

  - The system scandir is now configurable at compile-time via the
--scandir configure option. It is a relative path under the tmpfsdir.
The default is still "service", for a /run/service default scandir.

* s6-portable-utils-

  - s6-test now understands the =~ operator, matching its left argument
against an extended regular expression given as its right argument (this
is originally a GNU bash extension to test).

* s6-linux-utils-

  - New command: rngseed. It can read a seed file from the disk and use 
it to
seed the Linux kernel's RNG, wait until the entropy pool is initialized,
and get a new seed and write it to the disk. All these operations can be
performed separately - always in a secure fashion, but giving more 
to the user than the original seedrng[1] implementation.
  - s6-fillurandompool removed. Its functionality is implemented by 


* mdevd-

  - This is only a bugfix release, but worth mentioning because the fixed
bug is an important one. Previously, "-" markers, meaning "keep reading 
file after interpreting this line", did not interact correctly with
spawned commands. This version implements the semantics of "-" markers 
it was intended.

  Bug-reports welcome.


^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2022-06-15 12:07 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-06-14 11:49 [announce] Summer 2022 release Laurent Bercot
2022-06-15 11:38 ` Alexis

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).