Latest 10 recent news (see index)
July 12, 2024
Welcoming a new committer
Since @triallax
has been doing a bunch of excellent work
in addition to being a great community member, we have decided
to grow the cports committers list a bit.
Additionally, @nekopsykose
is now a project owner, so it’s
no longer just @q66
.
Congrats to both :)
July 07, 2024
New images
As of 07 July 2024 new images have been published.
These are an incremental refresh with new software. They bring various minor changes.
Changes
The biggest visible change is that core
and minimal
rootfs tarballs are no longer distributed; you are expected
to use either the full
or bootstrap
tarballs. Any regular
installation is expected to use the base-full
metapackage
at very least (unwanted components can be removed by masking
them in the apk
world file).
The images are still based on GNOME 46 and kernel 6.6, but with all latest updates pulled in.
Otherwise, the images represent 3 months of software updates
in cports
, which are reflected here.
Upcoming changes
Before the beta release, there will be at least one more image refresh. The beta release is expected most likely during the fall this year.
April 21, 2024
New images
As of 21 April 2024 new images have been published.
These are mainly an incremental refresh. They bring a variety of
package updates and minor quality of life improvements, and
most importantly updated apk-tools
.
Changes
The graphical images are based on GNOME 46 and Linux kernel 6.6, alongside a variety of up to date software, such as the LLVM 18 toolchain.
The apk
package manager in this set fully supports the zstd
compression. The distribution will start rolling out packages
compressed with zstd
in the coming days (no world rebuild will
happen yet but newly built packages will be compressed with it).
The installer scripts had minor changes done in them, some of them
user-visible. Notably, chimera-chroot
will now alter the prompt
to be less confusing, and it makes bind-mounted pseudo-filesystems
properly unmountable.
The ISOs are newly based on GRUB 2.12. If this causes any regressions, please report them. All the ISO images were tested on their respective architectures without any issues found.
The MNT Reform images have been dropped. The packaging of the bootloader was unsatisfactory (done from binary builds) and there haven’t been any opportunities to figure out a proper source build. Additionally, the vendor now seems to be favoring newer SOMs by default. If you are interested in maintaining support for this or any other hardware, please reach out to us on one of the official channels.
Upcoming changes
There will be at least one more refresh before beta. Beta will likely
come with a world rebuild, which means zstd
for all packages.
January 22, 2024
2024 image refresh
The images have been refreshed yet again.
Most importantly these bring the 6.6 LTS kernel, an upgrade from the 6.1 series (except Raspberry Pi images, which have their own kernel) alongside minor user experience improvements.
Changes
We have upgraded the LTS kernel series from 6.1 to 6.6. Meanwhile, the installable “stable” kernel is now at 6.7.x.
Raspberry Pi images had their firmware updated, so wireless networking and Bluetooth should work equally well on 3, 4, and 5.
The apk package manager got a fix which likely resolves the issue when some directories were very rarely created with 000 permissions. This is not yet verified however, as the issue was not reproducible and therefore it is not possible to verify it.
Minor user experience improvements include support for fstab
LABEL=
and the likes for swap devices, support for timedated/localed/hostnamed
D-Bus services (mainly benefits GNOME) thanks to the openrc-settingsd
project from Gentoo/postmarketOS, various package updates, more atomic
apk transactions thanks to deployment of sysusers.d and tmpfiles.d,
chimerautils fixes (e.g. stdbuf
command now works properly), the
lsinitramfs
and unmkinitramfs
commands have been fixed, the cryptsetup
initramfs scripts have their module copying fixed, Python 3.12, and a
ton of other things.
Upcoming changes
We will likely introduce an installer in one of the future images, likely before beta release.
December 27, 2023
New images again
A new set of images has been released once again.
This is once again a refresh without any major functionality changes outside of new software; but it does bring important changes to apk-tools as well as out of the box support for Raspberry Pi 5. It comes with GNOME 45 and kernel 6.1.
Changes
As far as live-specific changes go, the strange GRUB message about “booting in blind mode” should now be gone. This was always harmless but was causing confusion in some users.
Additionally, the version of apk-tools available in these images comes with full support for xattr metadata. That means we will stop using post-install scripts for this in repo packages and instead migrate to this. That means you should always install from at least this version of the images from now on - older images may not work correctly for installations.
Raspberry Pi 5 is now supported in the Raspberry Pi images. The support has been present in cports since October and you could always generate your own image with chimera-live, but now there is no need to as the available images will work.
Outside of that, a lot of software has been updated, which affects the live image as well. Most notably, this means using GNOME 45 now.
Upcoming changes
This is a transitional set. The next set of images will probably come in relatively near future; this will bring some more major changes, for instance the Linux 6.6 kernel (which will become the new LTS) as well as quite possibly an installer and support for zstd in packages instead of zlib/deflate.
September 15, 2023
New images
A new set of images has been released once again.
This is mostly a refresh. The previous images still work fine for installation. These new images bring updated software, and a few other functional changes.
Major updates
- The
dinit-chimera
core service set has been overhauled. - NTP is active by default in the live images, so you will get correct date/time even without RTC as long as connected to the network.
- To avoid having files with timestamps in the future on hardware
without an RTC, the new
swclock
service will synchronize time to at least a specific timestamp. - PipeWire is now always implicitly active if present.
- The GNOME images no longer come with an X11 server (outside of XWayland). It can still be installed from the contrib repo.
- HDMI audio should now work universally, as well as sound on some laptops and devices such as the Steam Deck.
- And various minor changes.
June 11, 2023
Entering alpha stage
Today marks the day when the project enters the alpha phase. This has some implications, though it is not a release per se, considering Chimera is a rolling distribution; let’s take a look at what it means for potential users and contributors.
So, what does it mean?
Simply put, having entered the alpha phase means that the project is somewhat more ready to deal with users and potential repository expansion. A great deal of work has been done in all areas since the last update, and the distribution is now a lot more stable, with better infrastructure, and so on.
Of course, since it’s a mere alpha, it does not mean the system is considered stable per se. There may still be large-scale changes eventually (hopefully for the better) but early adopters may now consider actually daily-driving the system, and we are ready for the repositories to grow.
This phase is expected to last about a year. Obviously, it is not possible to create a distribution from scratch and immediately mark it stable. The current biggest things in the way are:
- There isn’t enough software in general
- Major improvements are still planned for service management
- Documentation needs work in all areas
- And obviously a lot of testing
During the next year, it is planned that those things (and others) will be addressed and the project will move towards beta.
In summary, the current state of the project means it’s daily-driveable and can be gradually updated without significant manual fixups, but there may still be bugs, missing documentation, and some things may still change at conceptual level.
Infrastructure
The distribution finally has proper infrastructure now. This means:
- Central build system (using Buildbot), taking care of automatically building and publishing packages for all supported architectures, and native builders for each.
- Continuous integration for pull requests.
- Package repository browser with advanced filtering and search.
- Nightly global update-check for packagers.
Thanks to all this, there is now streamlined workflow for adding new packages and updating existing ones, making it a significantly lesser effort.
Cports updates since last post
There has been a huge amount of changes since. A summary of these includes:
- Userland based on FreeBSD 13.2.
- All existing packages have been updated to their latest versions.
- LLVM 16 is now the system toolchain.
- GNOME 44 is the primary desktop environment.
- Qt6 toolkit is now present in the repositories.
- OpenJDK 17 Java is now in the repositories.
- Flatpak support.
- Several large pieces of software such as Thunderbird, GIMP, Inkscape, LibreOffice, QEMU, OpenMW, Xonotic, Sauerbraten, etc. are now present.
- Smaller useful software such as Chrony, htop, Deluge, Weechat, Neovim, Dino, Rsync, and others.
- The option of latest stable Linux kernel branch in addition to latest LTS branch.
- The cports repository now features more than 1000 templates in
main
andcontrib
, with more than 22000 total packages.
This list is not exhaustive.
New images
This update comes with a new set of images. The main improvement is
streamlined installation thanks to new chimera-install-scripts
package.
March 06, 2023
New images
As of today, a new set of images has been released. This is following the complete world rebuild that has been going on the last few days.
The new images are therefore generated from these new packages, and are the last images that are released before the alpha release.
World rebuild
The world rebuild has been successful and mostly uneventful on all architectures. There aren’t any or many updated versions, as that will happen after this.
However, it is very important that the rebuild has happened for the alpha release that will come soon after this.
Updates since last post
A lot of the work since the last update has been on cleanups and overall quality. Overall, a summary:
- The hardening overhaul fallout has been mostly addressed. There may be some crashes left, which will be dealt with over the next few weeks.
- The login stack has been switched from
util-linux
toshadow
. - Various service management fixes and cleanups.
- Overhaul of
console-setup
to uses non-XKB keymaps by default, removing base system dependency on Perl. - Chimerautils has been tagged, and various new tools have been
ported (e.g.
locate
,whereis
,script
,logger
,cal
, and others) and many others have been written from scratch. - Util-linux has been split up, and much less of it is now
installed by default. Several new
chimerautils
tools replace its various functionality. - Base metapackages have been cleaned up.
- The system has been switched from
eudev
tosystemd-udev
. - Support for kernel
efibootmgr
hook for automatic EFISTUB boot entries. - Automatic ZFS root detection has been fixed for GRUB, and there is now a new tool to detect root for U-Boot menu and other places.
- Overhaul of
agetty
handling, with support for config files to specify various parameters such as baud rate. - Our system toolchain now defaults to
-fno-semantic-interposition
. - The
apk
package manager will not mess up early permissions anymore, simplifying binary bootstrapping.
This is not an exhaustive list.
New images
The new images are mostly an incremental refresh, to allow for cleaner installations that do not update thousands of packages. There have been some notable improvements too, however:
- The new tools
chimera-live-bootstrap
andchimera-live-chroot
to simplify installations. - Much improved detection of serial terminals, which means in a lot
of cases it is not even necessary to specify a
console=
anymore. If the kernel is configured to output to serial in any way, the respectiveagetty
service will be configured, if it exists. - The graphical images now use
networkmanager
by default.
Upcoming alpha
Up next is updating our packages to their latest versions, as a lot of stuff in the repository is by now fairly out of date. Various minor improvements will be done while doing this, and issues reported with the new images will be addressed.
The alpha release should then come a few weeks from now, definitely during March.
The release will mark the next stage of the project, where adventurous people will be able to pick it up as their daily driver, and expansion of the package set can begin.
January 16, 2023
Chimera at FOSDEM 2023 and the path towards alpha
It has been a while without an update post, so perhaps it’s time to refresh things a little.
No news does not mean progress hasn’t been happening; there has been
a continuous stream of commits in cports
as well as other parts of
the project, so I will do my best to summarize it as well as provide
an updated overview of what’s going to happen.
FOSDEM 2023
FOSDEM 2023 is happening once again with an in-person format, as usual in Brussels, on the first weekend of February, which is the 4th and 5th this time. I will be giving a talk about Chimera, this time in the BSD devroom (huge thanks to the organizers for letting me have a slot, despite this project being a Linux system).
I will give a general overview of the project, our progress since last FOSDEM, as well as what’s planned for the future, and perhaps more, in the form of a full length talk (we have a 50 minute slot). The devroom changes into the LLVM devroom right afterwards, which is fitting considering we are also using the LLVM toolchain.
Cports progress since last post
The previous post was at the beginning of November, which is two and a half months ago. Since then, there has been a lot of updates in the project. Here are the main highlights, in chronological order.
- A general refresh of packaging templates, with everything being updated to its most recent version.
- Our suite of Dinit services,
dinit-chimera
has received a complete overhaul. Besides being more fine-grained, it also provides a cleaned up targets system, better thought-out configuration, and better integration. - Full-disk encryption is now supported, besides a variety of other initramfs improvements, which includes better support for LVM, root on ZFS and others.
- CKMS, our kernel module source build system that replaces DKMS, got an initial release, and no longer conflicts with binary modules (so you can have binary ZFS for some kernels while letting CKMS manage it for others without interfering).
- We now use a custom version of the musl libc, which uses Scudo (a part of LLVM and default in Android/Fuchsia) as the system allocator (malloc implementation). This brings significantly better performance in multithreaded scenarios.
- A big overhaul of kernel packaging, alongside Linux 6.1, which is the new baseline version. The new packaging brings support for kernel backups on upgrades besides other things.
- Cbuild hardening overhaul, with significantly expanded list of hardening types, and new defaults. Now, templates are built with UBSan integer overflow checks by default, as well as hidden visibility and CFI (Control Flow Integrity) by default. Enabling templates to properly use it is still a work in progress. There is also initial infrastructure for other hardening including Intel CET and ARM BTI (which will both need support in musl to be useful) as well as Clang SafeStack. All ELF files are now also checked for executable stack in the build system.
- Cbuild now supports locking, preventing race conditions when building multiple things in parallel. The sources are properly locked, as are the repositories when generating packages.
- Cbuild no longer requires
fakeroot
in the host system. - New policy packages
base-devel
andbase-devel-static
. These provide a way for users to declare that they want development packages to be automatically installed alongside runtime packages. This allows users to choose whether they wish to save space not installing development files (default) or whether they want the convenience of having development files for everything (similarly to e.g. Arch Linux).
This list is not exhaustive, but includes most major things.
The Chimera handbook
The documentation for the project has undergone significant expansion, now containing detailed installation instructions including how to deal with things like disk encryption and root oN ZFS, and various configuration tasks.
The FAQ is now a part of the handbook and has been expanded as well.
Preparing for alpha
We still have plans to release an alpha as soon as possible. This will be the point where the distro is ready for early adopters. The following needs finishing:
- The hardening overhaul fallout. Since we have enabled the UBSan checks as well as CFI by default, this exposes all sorts of bugs in libraries and applications, turning them into crashes. Therefore we are rebuilding and testing things as necessary, trying to iron out most issues to have a stable experience before the alpha launches.
- Packages will need updating to their latest version at the time of the alpha.
- Automated build system for packages still needs launching. This is experiencing delays, but we plan to have that up as soon as possible.
- There will be a world rebuild before the alpha happens, on all 4 architectures that are currently supported in repositories. This is needed in order to accommodate the various cbuild updates that have happened in the meantime.
Since these are still pretty significant tasks, it will take some time to get them done. Therefore, the alpha will not come out before the FOSDEM talk. Right now, the idea is to make it coincide with one of the beta releases of FreeBSD 13.2, to get a chance to rebase the userland. That means mid February to early March most likely.
There will be a new set of ISO images before the alpha comes out, to give people a chance to test and expose various issues. Another set will then be made for the alpha release.
After the alpha
The alpha cycle is planned for 6 months to 1 year. Once it is over and the project is ready to be declared beta quality, another world rebuild will be done.
Summary
I am hoping there will be no more significant delays. Right now, it is very near, with only a small number of tasks remaining to do. Those tasks however cover a lot of ground, so they take time.
November 03, 2022
Roadmap for near future
It is November, and so far without a release. While progress is happening and there is pretty much constant flow of improvements, the idea was to get something out faster, and that has unfortunately not happened yet.
So instead here is a rough plan for the near future, with an alpha release at the end (hopefully).
Current work in progress
But first, about the progress. The packaging work is not quite finished yet, and there are several things being worked on at the same time:
- Service management. The
dinit-chimera
suite is currently receiving a variety of improvements. - Userland hardening. The idea is to enable CFI (Control Flow Integrity) in some form on supported platforms, limited UBSan (Undefined Behavior Sanitizer) with production runtime, GWP-ASan (a limited, low overhead form of address sanitizer) and possibly other things before the distro goes stable. Use of the Scudo hardened allocator (in use in production by notably the Android and Fuchsia OSes) is being investigated for improved performance over Musl stock allocator.
- Kernel packaging. The current form is not quite there yet, and needs an implementation of kernel backups as well as packaging improvements for better flexibility. Additionally, CKMS needs polishing.
- Various minor tasks.
Work done since last update
A bunch of work has been done since the last update on October 12:
- Kernel dotconfigs got a large sync and cleanup. That means they are much closer between architectures in terms of feature sets.
- The vanilla kernel now has improved support for a large variety of AArch64 devices, primarily from PINE64. The device-specific Pinebook Pro kernel was removed, with the vanilla kernel now preferred.
- The redistributable binary firmware (
linux-firmware
) packaging was carefully cleaned up and split into many individual packages. Chimera’s elaborate policy packages system allows for simple management. - A shared
extlinux.conf
generator for U-Boot-based devices has been implemented, so that all devices can use a single boot menu system. - A Clang-compatible implementation of
_FORTIFY_SOURCE
has been added and is now in use by default for better hardening. - Speaking of hardening, the toolchain now applies
-Wl,-z,relro
and-Wl,-z,now
by default (without explicit flags) along with-Wl,--as-needed
on top of FORTIFY. - Full switch from linker
--hash-style=both
to--hash-style=gnu
. - The
dinit-userservd
project got an initial release. - The core services (
dinit-chimera
) now support system-enabled services, for both system and user. That means packaging can install implicit service links and users do not have to enable them manually. This applies to a select set of services such as the D-Bus system and session buses,udevd
andelogind
. The links are in dedicated packages with no hard dependencies, so they are fully optional (but still implicit for most users). - Console fonts and keymap are now managed using
console-setup
from the Debian project. - Various other improvements in core service management.
- Various packaging updates and
cbuild
cleanups, and so on.
Future plans
Now for the roadmap.
Right now, Chimera is not meant to be daily driven by most people. One thing is missing software, but also updates are not guaranteed to be safe and it takes a lot of knowing what one is doing to safely use the system.
This should change with the first alpha release, which is planned for the end of 2022 or beginning of 2023.
With the alpha release, new guarantees will be introduced. Notably,
package versioning will become more stable, with no more arbitrary
changes without incrementing revision numbers. That means it will
no longer be necessary to always use the --latest
flag when
updating.
Initial, rudimentary documentation will be available with the alpha release, covering things like installation, basic package management, service management and so on.
To reach the alpha release, there are several tasks left to do, tagged
with the right milestone in the cports
issue tracker.
The alpha release will not be suitable for general audience. It will be an early adopter release, for careful daily driving and testing. The amount of available software will grow during this period, and bugs will be fixed. It is expected that users will package software they need to use the system.
Sometime during this cycle, additional architecture support may be
introduced (notably for big-endian ppc64
and maybe 32-bit ppc
).
An automatic package build infrastructure should function during
this period and will be set up before the alpha phase begins.
Once the OS stabilizes further, the alpha cycle will be declared finished, and all packages will be rebuilt from scratch for every supported architecture. Users will be expected to carefully upgrade their systems (this will be announced ahead of time). The beta phase will begin, suitable for less adventurous users.
The current estimate for beta phase is sometime in 2023 (summer or fall). Another cycle will begin. This is expected to take at least until mid 2024, when the distro will be declared stable. This will come with another world rebuild, most likely.
Alpha and blockers
Unfortunately, one of the main blockers for alpha is outside of
the project’s control. It’s apk-tools
, which hasn’t had much
work done on it lately in the upstream, due to the maintainer
not having time. That means issues and pull requests also go
unaddressed, and there is nothing the project can do about it.
While currently most of the issues are minor and can be worked
around, it is blocking several features and improvements in
cbuild
, such as getting rid of host requirement for fakeroot
,
and cleanup of build dependency handling.
If the situation does not improve before the alpha release is
near, Chimera will continue to rely on a Git snapshot of apk-tools
during the alpha phase. The situation is supposedly temporary,
and the idea is to keep the amount of downstream patching to
a minimum. The project would definitely prefer not having to
fork the package manager, so as long as there is nothing truly
major, the preferred strategy is to wait and see, at least until
beta is near.
In addition to packaging work scheduled for before alpha, it will
be necessary to launch automated build infrastructure. This needs
work on Chimera’s own primary server (which currently does not have
its own public IP) as well as various improvements in cbuild
.
The build infrastructure is absolutely necessary, as the current
manual workflow takes too much effort with the growing number
of supported architectures.
Other issues can be tracked here.
Summary
Hopefully this clears things up a little. There will be at least one new set of testable images before the alpha phase is reached. Soon there will also be initial work on the Chimera handbook, which will serve as the primary source of documentation.