Koozali SME Server is a complete and versatile open-source Linux server distribution for home and small to medium-sized enterprises. It has been built from the source code of Red Hat Enterprise Linux, CentOS and Rocky Linux since 2007. Koozali SME Server is free to use for any individual or commercial organization and is supported solely through donations. Considered reliable and easy to use, Koozali SME Server provides a full range of services, including e-mail, firewall, file and print-sharing, web hosting, remote access, VPN and private cloud services. It integrates with Windows, Mac and Unix/Linux clients, and Linux and Windows network environments. It is simple to use as a business server platform and the entire system is modular and extensible. The project also provides plugins called "Contributions" with easy integration of popular software, such as Nextcloud, OnlyOffice, BackupPC or WireGuard.
BashCore is a Debian-based live Linux distribution designed for security professionals, networking enthusiasts and students. It is available in several editions. The original BashCore is a minimalist command-line only product based on Debian's "Oldstable" branch, while BashCoreX comes with the Xfce desktop, several privacy-oriented web browsers and other productivity tools. BashCoreZ, BashCoreT and BashCoreTX, based on Debian "Stable", are editions that range from ultra-minimal to a complete Xfce desktop. There are also BashLabOS and BashCoreGee, two general-purpose distributions for everyday use, with either Xfce or GNOME, and with various productivity applications, including GIMP, LibreOffice and several web browsers. The distribution also includes Tor and other privacy tools.
The Software Engineering Radio podcast has put up
an
interview with graphics maintainer Dave Airlie. Much of what is in
there will not be news to LWN readers, but it is an interesting overview of
the life of a large-subsystem maintainer.
I was talking to a few of the Rust people, and I thought: these are
very young people, these are a group of people in their 20s, maybe
30s, they are a younger cohort of developers than the people I am
normally used to dealing with. I thought there was maybe a good
way we could bring these groups together. I think that having
young people coming into the kernel using Rust is valuable... So I
thought that I should be supportive of bringing Rust into the
kernel.
The
splice()
and
vmsplice()
system calls are meant to improve performance for certain data-movement
tasks by minimizing (or avoiding altogether) system calls and the copying
of data. They also have a long history of security problems. The recent
flood of LLM-discovered vulnerabilities has drawn attention, once again, to
splice() and vmsplice(); as a result, they may end up
being removed altogether.
Version:next-20260604 (linux-next)
Released:2026-06-04
The EFF has a blog
post looking at a new bill in California that would exempt
open-source operating systems from the Digital Age Assurance Act
passed last year, but has problems of its own:
While the open source exemption, if passed, would improve the law, the
remaining amendments proposed by AB 1856 would require all web
browsers and websites to request and collect users' ages. This is an
expansion of last year's AB 1043's age-bracketing system that
compounds its constitutional harms to users' speech, privacy, and
security.
[...] EFF understands this amendment to exempt open-source
operating systems from the requirement to collect and transmit users'
age-bracket data. That is a definite win for open-source
developers. The bill is narrower now than it was before, and lawmakers
clearly responded to concerns raised by EFF and the broader
open-source community.
Some important questions still remain—for example, it is unclear
how the law would apply when an open-source operating system is
incorporated into a commercial product or service. And, given the
structure of where the exemption is placed under the "operating system
provider" definition, lawmakers could stand to clarify that the
exemption applies to open-source operating systems and
applications.
LWN covered
California's age-attestation law in March.
Security updates have been issued by AlmaLinux (.NET 10.0, compat-openssl10, compat-openssl11, delve, expat, httpd:2.4, libexif, mod_http2, openssl, ruby4.0, samba, thunderbird, unbound, and vim), Debian (ceph and sudo), Fedora (libsoup3, pie, roundcubemail, and xorg-x11-server-Xwayland), Mageia (lxc), Oracle (expat, gnutls, kernel, php:8.2, thunderbird, and uek-kernel), Slackware (httpd, net, proftpd, tigervnc, and xorg), SUSE (apache-sshd, apptainer, atril, bind, busybox, cloudflared, evolution-data-server, golang-github-prometheus-prometheus, golang-github-v2fly-v2ray-core, grafana, helm, kernel, libgphoto2-6, libjxl-devel, libsoup, libsoup-2_4-1, libsoup-3_0-0, memcached, ovmf, python-cairosvg, python-flask, python-pip, python-pymupdf, python-pyOpenSSL, python-urllib3, python-urllib3_1, python3-pyOpenSSL, restic, rsync, salt, sdbootutil, tor, tree-sitter, vorbis-tools, and yq), and Ubuntu (exim4, frr, gst-plugins-base1.0, libtemplate-perl, libwww-perl, mysql-8.0, nginx, python-pip, python-urllib3, and twisted).
The Amnesic Incognito Live System (Tails) is a Debian-based live DVD/USB with the goal of providing complete Internet anonymity for the user. The product ships with several Internet applications, including web browser, IRC client, mail client and instant messenger, all pre-configured with security in mind and with all traffic anonymised. To achieve this, Incognito uses the Tor network to make Internet traffic very hard to trace.
CalamaroOS is a Gentoo-based Linux distribution for the desktop, using either KDE Plasma or Xfce desktop environment. It features the Calamares system installer, out-of-the-box support for Flatpak packages, support for BTRFS, XFS and F2FS filesystems, and the systemd software suite for system and service management. The project's goal is to bring the power of Gentoo Linux to an average user by eliminating the complex and time-consuming process associated with the classic Gentoo install method.
Inside this week's LWN.net Weekly Edition:
- Front: MeshCore; x32 ABI; Open-source security; Package-manager metadata; More LSFMM+BPF coverage; Loadable crypto module.
- Briefs: Lightwell; jqwik protestware; RedHat package compromise; DistroWatch; Fedora election; Rust 1.96.0; rsync; Vim Classic 8.3; Quotes; ...
- Announcements: Newsletters, conferences, security updates, patches, and more.
Version:next-20260603 (linux-next)
Released:2026-06-03
TrueNAS CORE (previously known as FreeNAS) is a free and Open Source Network-Attached Storage (NAS) operating system that supports file, block and object storage. TrueNAS CORE is FreeBSD based and is a community-supported branch of the TrueNAS project, sponsored by iXsystems. It also has a commercial branch called TrueNAS Enterprise and a free and HyperConverged storage solution called TrueNAS SCALE. The TrueNAS SCALE branch is based on the Debian Linux distribution.
Over time, many open-source maintainers face the same problem: they
lack the time to do all of the work that their project needs, and no
one else is stepping up to provide adequate help. Maintainers, though,
are often reluctant to throw in the towel. The result is suboptimal
all around; the maintainer is stressed out, project quality suffers,
and users face security risks that they may not be fully aware of. At
the 2026 Open
Source Summit North America, Robin Bender Ginn spoke about this
problem, when it might be time for maintainers to pass the torch, and
the responsibilities of users.
Alexei Starovoitov gave "less of a presentation, more of a scream of
realization" at the BPF track of the 2026
Linux Storage, Filesystem,
Memory-Management, and BPF Summit. He shared a set of ideas for how BPF could
change to avoid being swept away by the sea-change in programming represented by modern
large language models (LLMs) and the coding agents based on them.
In a follow-up session, the discussion covered
more problems with how coding agents use tools like bpftrace, and the current deluge of
patches in need of review in the BPF subsystem.
Andrew Tridgell has written a blog
post responding to complaints that he has begun using LLM tools in
his work maintaining rsync:
Like many developers of open source packages I've been hit by a
flood of security reports lately in my role as the rsync
maintainer. Many of those reports are AI generated (not all though,
there are some notable ones with very careful and high quality manual
analysis).
As this flood started to get more intense I realised I needed to
raise the defences on rsync a lot — we needed much more thorough test
suites, code coverage analysis, CI testing on a lot more platforms,
deliberate and thorough scanning for possible security issues (so I
find at least some of them before other people!) and the addition of a
whole lot of defence-in-depth hardening techniques.
[...] Now to the future, because we're not done yet by a long
shot. The security reports keep rolling in. I'm working on a bunch of
CVEs right now. Luckily I've been joined by some other very good
developers with great systems development skills and security
knowledge. Some of these people came to my attention partly because of
all the rage happening at the moment, so I get some rage storm clouds
have silver linings. Watch out for some credits for some great new
rsync developers in the next release.
Security updates have been issued by Debian (php-twig), Fedora (hplip, python-wsgidav, roundcubemail, and xorg-x11-server), Oracle (compat-openssl10, httpd:2.4, and kernel), Red Hat (osbuild-composer), SUSE (busybox, cloudflared, cockpit, cups, ffmpeg-4, gnutls, google-osconfig-agent, helm, hplip, kernel, kubelogin, libjxl, libsoup, libunbound8, LibVNCServer-devel, mapserver, nvidia-open-driver-G06-signed, nvidia-open-driver-G07-signed, openssh, python-idna, qemu, rqlite, shadowsocks-v2ray-plugin, ucode-intel, unbound, vim, vorbis-tools, and xorg-x11-server), and Ubuntu (age, dovecot, editorconfig-core, gobgp, libapache-mod-jk, libcommons-lang-java, libcommons-lang3-java, libeconf, linux, linux-aws, linux-aws-6.8, linux-aws-fips, linux-azure, linux-fips,
linux-gcp, linux-gcp-6.8, linux-gcp-fips, linux-gke, linux-gkeop,
linux-hwe-6.8, linux-ibm, linux-ibm-6.8, linux-nvidia, linux-nvidia-6.8,
linux-nvidia-lowlatency, linux-nvidia-tegra, linux-oracle,
linux-oracle-6.8, linux-raspi, linux-raspi-realtime, linux-realtime,
linux-realtime-6.8, linux, linux-aws, linux-azure, linux-azure-6.17, linux-hwe-6.17,
linux-nvidia-6.17, linux-oem-6.17, linux-oracle, linux-oracle-6.17,
linux-raspi, linux-realtime, linux-realtime-6.17, linux, linux-aws, linux-gcp, linux-ibm, linux-nvidia, linux-oracle,
linux-raspi, linux-realtime, linux-aws-6.17, linux-gcp, linux-gcp-6.17, luanti, mysql-8.0, mysql-8.4, node-tar-fs, and unbound).
T2 Linux SDE is an independently-developed open-source system development environment (or distribution build kit). It enables the creation of custom distributions with bleeding-edge technology. Currently, the Linux kernel is used, but the project plans an expansion to Hurd, OpenDarwin and OpenBSD kernels too. T2 started as a community driven fork from the ROCK Linux Project with the aim to create a decentralised development and a clean framework for spin-off projects and customised distributions.
Nemesis Linux is a set of lightweight, minimalist live Linux distributions inspired by the Slackware-based Porteus project, but based on Artix Linux instead. It uses the Pacman package manager and the OpenRC init system. Nemesis Linux offers four desktop variants featuring the Cinnamon, LXDE, LXQt and Xfce desktop environments.
Aeon is an immutable desktop Linux distribution based on openSUSE. It is a relatively small, low-maintenance system with automated daily updates, thus recommended for Linux beginners or "lazy developers". Some of the distribution's other features include a custom system installer called Transactional Installation Kit (TIK), a pre-configured GNOME desktop, out-of-the-box support for Flatpak packages, Distrobox configured to launch Tumbleweed containers, and automatic rollbacks to its last working state.
HackerOS is a live Linux distribution based on Debian's "Testing" branch and designed for regular users, gamers and cybersecurity enthusiasts. Some of its features include an optimised XanMod Linux kernel for faster boot times and reduced resource usage, out-of-the-box support for NVIDIA graphics cards, and a collection of cybersecurity tools, such as enhanced firewalls and intrusion detection software. The distribution uses the KDE Plasma desktop.
Pages
