Review The Reg FOSS desk took the latest update to openSUSE's stable distro for a spin around the block and returned pleasantly impressed.

As we reported earlier this week, SUSE said it was preparing version 15 SP4 of its SUSE Linux Enterprise distribution at the company's annual conference, and a day later, openSUSE Leap version 15.4 followed.

The relationship between SUSE and the openSUSE project is comparable to that of Red Hat and Fedora. SUSE, with its range of enterprise Linux tools, is the commercial backer, among other sponsors.

The picture is complicated by the fact that there are two different openSUSE distributions: Leap and Tumbleweed. Tumbleweed is a rolling-release distro, akin to Arch Linux; there's no stable version, and new packages emerge from the project's Factory every day.

In contrast, Leap is one of the most stable distros available. Major releases appear approximately every few years, with a new minor or point release annually. Since the last point release, 15.3, the project has synchronized its codebase with the enterprise distro. This makes it possible to migrate an installation of openSUSE Leap to the paid SLE product and receive commercial support.

As such, openSUSE Leap is more conservative technically, in part because it has a common codebase with a slow-moving enterprise distro. So while Ubuntu's latest LTS release has GNOME 42 and kernel 5.15, the latest Leap has GNOME 41 and kernel 5.14. Although SUSE Linux Enterprise does focus on servers, there is a desktop edition – but openSUSE Leap has a much broader selection of components.

Unlike the Ubuntu and Fedora model of live CDs, with different installation images for different desktop environments, the openSUSE installation image is just an installer.

Two versions are available: a 3.8GB offline image, which doesn't need a network connection, and a 173MB online installer, which fetches the source packages over the network. Both boot straight into the installation program, and there's no option to switch to a graphical desktop.

If you want to try before you buy install, the project also offers live images with KDE, GNOME, and Xfce, but the download page explicitly says: "They should not be used to install or upgrade. Please use the installation media instead."

The installer offers the same choice of three desktop environments as the live images, but that's not all. You can also install a text-only server, or an immutable server image with transactional updates, which is also available separately as Leap Micro 5.2.

There is also an option for a minimal graphical environment (which includes IceWM) onto which you can install one of the widest selection of desktops around: GNOME (basic, Wayland or X.11), KDE (basic or full), Xfce, Cinnamon, LXDE, LXQt, Enlightenment, MATE, Deepin, or Budgie, and also the Sway tiling Wayland compositor. The Deepin desktop is a new option for 15.4, and it still has some issues. Enlightenment isn't the author's favorite desktop, but still, it's good to see it included in a mainstream distro: 15.4 includes version 0.25.3, and it offers immense potential for customization as well as eye candy.

New in openSUSE Leap 15.4 is the Deepin desktop, but it still has a few rough spots

We tried KDE, as well as taking a look at Deepin and Enlightenment. As Scott Gilbertson said way back in 2015: "openSUSE's KDE desktop is one of the slickest KDE implementations around" – and we'd still agree with that. It uses the sensibly mainstream Firefox and LibreOffice, but most of the other components are KDE-specific apps, such as Kmail, Konversation, and Akregator.

There are also a few tricks in openSUSE's repertoire that few other distros do out of the box. The YaST2 system-administration tool is a huge boon. It's a point of pride among Linux illuminati to know where to find every obscure config file, what contents it should have, and which arcane text editor to use that allows them to accrue the most kudos from other geeks.

YaST lets you bypass almost all of that, using an easy menu-driven interface to configure just about every aspect of the system, from installing and updating software, the firewall, printers, the bootloader, to disk partitioning, including RAID and LVM.

In the bad old days, most distros had tools like this, but the handful of other survivors from the early 1990s have dispensed with them. It's to SUSE's credit that it still maintains this, and it works in text mode and over SSH. (Sadly, the WebYaST online version is deprecated. We'd like to see it get some TLC.)

Secondly, there's its snapshot support. By default, openSUSE formats your hard disk as a single large Btrfs volume, and enables the Snapper tool for system snapshots. This is more important if you use Tumbleweed with its frantic pace of updates, but even on Leap, if an update causes problems, the ability to simply boot back into a working snapshot is very useful in a crisis.

It has only one snag in the author's experience: snapshots can use a lot of disk space. If you use Btrfs, it needs a big root partition, far more than other distros. Older versions of openSUSE used a separate /home partition, formatted with XFS, but no longer. Now, by default, you get one big volume. That's both good and bad.

The problem is that the "perpetually unfinished" Btrfs readily gets corrupted in the event of a power failure or the disk filling up. The latter is a particular danger for two reasons. Firstly, because it can't give a straight answer to how much free space is available, and secondly, because repairing a corrupted volume is difficult and dangerous.

So having one big partition is good because it won't fill up so easily. It's bad because if it does, it will likely get corrupted, and then your files are at risk. I'm a traditionalist: I advocate going with the old way and keeping a separate home partition. But make the root partition big: as in, give it hundreds of gigabytes, rather than tens.

Alternatively, you can dispense with Snapper, format your root partition with ext4, and treat it like any other distro.

These days, openSUSE ships with Flatpak pre-installed, but the project also has a very useful repository of additional software, which saves the Ubuntu PPA and Fedora COPR faff. There's also the external Packman repo with lots of useful tools such as multimedia codecs.

openSUSE also has the blingtastic Enlightenment desktop, with a wide selection of visual effects

You can download openSUSE Leap from the project's website. There are versions for x86-64, Arm aarch4, POWER ppc64le, and IBM z Series and LinuxOne. There are also ready-rolled minimal VM "JeOS" images for KVM and Xen, Hyper-V, VMware and OpenStack Cloud.

openSUSE Leap offers a good balance between the short life cycle of Fedora and the slow one of Ubuntu LTS releases. Between the Zypper package manager and YaST front end, and the additional repos available online, we rate its software packaging offerings as noticeably better than anything Red Hat or the various Mandriva descendants have to offer.

For servers and their stressed sysadmins, YaST is a fantastic tool, and there's also deployment using AutoYAST, SaltStack, and the Uyuni management tool. And of course there's the ability to migrate to the paid SLES and enterprise support without reinstalling.

Red Hat is higher-profile: it sponsors lots of conferences and events, and works hard to foster a large, enthusiastic and even evangelistic community. SUSE isn't as big or as loud, but it's slightly older – founded in 1992, it's in its third decade. openSUSE is a more polished and mature distro, and it's just about the best on the RPM side of the Linux world. ®

Disclaimer: the author worked for SUSE until last year, although not on the openSUSE project. He retains no connection or links with the company. (And some years before that, he also worked for Red Hat.)

Late last month, France's BEA-RI, or Bureau of Investigation and Analysis on industrial risks, issued its technical report on the March 10th, 2021 fire at the OVH datacenter in Strasbourg.

The French report [PDF] and summary [PDF] echo the findings of the Bas-Rhin fire service in March, 2022 that the lack of an automatic fire extinguisher system, the delay of electrical cutoff and the building design contributed to the spread of the blaze.

The BEA-RI findings also hint at a possible cause – a water leak on an inverter – while stating that the cause has not been conclusively determined.

Analysis For all the pomp and circumstance surrounding Apple's move to homegrown silicon for Macs, the tech giant has admitted that the new M2 chip isn't quite the slam dunk that its predecessor was when compared to the latest from Apple's former CPU supplier, Intel.

During its WWDC 2022 keynote Monday, Apple focused its high-level sales pitch for the M2 on claims that the chip is much more power efficient than Intel's latest laptop CPUs. But while doing so, the iPhone maker admitted that Intel has it beat, at least for now, when it comes to CPU performance.

Apple laid this out clearly during the presentation when Johny Srouji, Apple's senior vice president of hardware technologies, said the M2's eight-core CPU will provide 87 percent of the peak performance of Intel's 12-core Core i7-1260P while using just a quarter of the rival chip's power.

Microsoft has forgotten to renew the certificate for the web page of its Windows Insider software testing program.

Attempting to visit the Windows Insider portal was returning the familiar "Your connection is not private" warning – as if webpages larded with scripts and trackers can truly be called "private." The problem has now been fixed, and someone's no doubt getting an earful.

Browsers like Chrome, Firefox, and Safari will attempt to deter visitors from accessing the webpage, but will provide a link for those who ignore the warnings and persist on clicking through to advanced options.

RSA Conference For the first time in over two years the streets of San Francisco have been filled by attendees at the RSA Conference and it seems that the days of physical cons are back on.

The security conference trade has been more cautious than most when it comes to getting conferences back up to speed in the COVID years. Almost all cons were virtual with a very limited hybrid-conference season last year, including DEF CON, where masks were taken seriously. People still wanted to mingle and ShmooCon too went ahead, albeit later than usual in March.

The RSA conference has been going for over 30 years and many security folks love going. There are usually some good talks, it's a chance to meet old friends, and certain pubs host meetups where more constructive work gets done on hard security ideas than a month or so of Zoom calls.

As compelling as the leading large-scale language models may be, the fact remains that only the largest companies have the resources to actually deploy and train them at meaningful scale.

For enterprises eager to leverage AI to a competitive advantage, a cheaper, pared-down alternative may be a better fit, especially if it can be tuned to particular industries or domains.

That’s where an emerging set of AI startups hoping to carve out a niche: by building sparse, tailored models that, maybe not as powerful as GPT-3, are good enough for enterprise use cases and run on hardware that ditches expensive high-bandwidth memory (HBM) for commodity DDR.

Oracle is planning to build a national database of individuals' health records for the whole United States following its $28.3 billion acquisition of electronic health records specialist Cerner.

In a presentation, CTO and founder Larry Ellison said electronic health records for individual patients were stored by hospitals and physicians, and not replicated or shared between providers.

"We're going to solve this problem by putting a unified national health records database on top of all of these thousands of separate hospital databases," Ellison said.

Analysis The European Parliament this week voted to support what is effectively a ban on the sale of cars with combustion engines by 2035, and automakers are not happy.

MEPs backed a plenary vote on Wednesday for "zero-emission road mobility by 2035" – essentially meaning no more diesel and gasoline-fueled vehicles on the road.

The ambitious target means the automotive battery industry will have to service a much larger demand over the coming years, and electric carmakers stand to benefit hugely – that is, if they can source the requisite semiconductors and batteries.

Intezer security researcher Joakim Kennedy and the BlackBerry Threat Research and Intelligence Team have analyzed an unusual piece of Linux malware they say is unlike most seen before - it isn't a standalone executable file.

Dubbed Symbiote, the badware instead hijacks the environment variable (LD_PRELOAD) the dynamic linker uses to load a shared object library and soon infects every single running process.

The Intezer/BlackBerry team discovered Symbiote in November 2021, and said it appeared to have been written to target financial institutions in Latin America. Analysis of the Symbiote malware and its behavior suggest it may have been developed in Brazil. 

Microsoft has treated some of the courageous Dev Channel crew of Windows Insiders to the long-awaited tabbed File Explorer.

"We are beginning to roll this feature out, so it isn't available to all Insiders in the Dev Channel just yet," the software giant said.

The Register was one of the lucky ones and we have to commend Microsoft on the implementation (overdue as it is). The purpose of the functionality is to allow users to work on more than one location at a time in File Explorer via tabs in the title bar.

Over recent years, Uncle Sam has loosened its tight-lipped if not dismissive stance on UFOs, or "unidentified aerial phenomena", lest anyone think we're talking about aliens. Now, NASA is the latest body to get in on the act.

In a statement released June 9, the space agency announced it would be commissioning a study team, starting work in the fall, to examine unidentified aerial phenomena or UAPs, which it defined as "observations of events in the sky that cannot be identified as aircraft or known natural phenomena."

NASA emphasized that the study would be from a "scientific perspective" – because "that's what we do" – and focus on "identifying available data, how best to collect future data, and how NASA can use that data to move the scientific understanding of UAPs forward."

The UK government has committed to ending its reliance on legacy applications, or at least those it deems the highest priority, by 2025.

In a policy paper released yesterday, the Central Digital & Data Office (CDDO) said the costly issue of technical debt had been allowed to build up over multiple financial cycles and was now a barrier to the delivery of policy and services.

In the US, according to a report by the Government Accountability Office, the government spent over $100bn in fiscal 2021 on IT.

The Register - Independent news and views for the tech community. Part of Situation Publishing

Biting the hand that feeds IT © 1998–2022