Release Notes for Alpine 3.13.0: Difference between revisions

From Alpine Linux
Line 5: Line 5:
musl has been upgraded to 1.2. This release changes the definition of <code>time_t</code> on 32-bit systems. See the [https://musl.libc.org/time64.html musl time64 release notes] for more details. All x86, armv7 and armhf packages have been rebuilt for this change. For users of these architectures, all self-compiled packages must be manually rebuilt after upgrading, even if relocation/SONAME errors are not encountered.
musl has been upgraded to 1.2. This release changes the definition of <code>time_t</code> on 32-bit systems. See the [https://musl.libc.org/time64.html musl time64 release notes] for more details. All x86, armv7 and armhf packages have been rebuilt for this change. For users of these architectures, all self-compiled packages must be manually rebuilt after upgrading, even if relocation/SONAME errors are not encountered.


In order to support dates after year 2038, musl 1.2 uses new time64-compatible system calls. Due to [https://github.com/opencontainers/runc/issues/2151 a long-standing Docker issue], these system calls incorrectly return EPERM when running under a Docker or libseccomp version predating their release. Therefore, due to [https://github.com/docker/for-win/issues/8326 open Docker for Windows issue 8326], Alpine Linux 3.13 is currently incompatible with Docker for Windows, and when running under Docker for Linux, Alpine Linux 3.13.0 requires the host Docker to be version 19.03.9 or greater and the host libseccomp to be version 2.4.2 or greater. Therefore, as of writing, the following systems are not suitable as Docker hosts for Alpine Linux 3.13.0: Amazon Linux 1 or 2, CentOS 7 or 8, Debian stable without debian-backports, Raspbian stable, and Ubuntu 14.04 or earlier. This applies regardless of whether the distribution Docker packages or separate Docker package repositories are used.
In order to support dates after year 2038, musl 1.2 uses new time64-compatible system calls. Due to [https://github.com/opencontainers/runc/issues/2151 a long-standing Docker issue], these system calls incorrectly return EPERM when running under a Docker or libseccomp version predating their release. Therefore, due to [https://github.com/docker/for-win/issues/8326 open Docker for Windows issue 8326], Alpine Linux 3.13 is currently incompatible with Docker for Windows, and when running under Docker for Linux, Alpine Linux 3.13.0 requires the host Docker to be version 19.03.9 or greater and the host libseccomp to be version 2.4.2 or greater.
 
Therefore, as of writing, the following systems are not suitable as Docker hosts for Alpine Linux 3.13.0: Amazon Linux 1 or 2, CentOS 7 or 8, Debian stable without debian-backports, Raspbian stable, and Ubuntu 14.04 or earlier. This applies regardless of whether the distribution Docker packages or separate Docker package repositories are used. When running on these systems, <code>--security-opt=seccomp=default.json</code> should be passed to <code>docker create</code> or <code>docker run</code>, where default.json is downloaded from [https://github.com/moby/moby/blob/master/profiles/seccomp/default.json] and on line 2, <code>defaultAction</code> is changed to <code>SCMP_ACT_TRACE</code>. Alternatively, <code>--security-opt=seccomp=unconfined</code> can be passed, but note that this will slightly decrease the security of the host against malicious code in the container.


=== Deprecation of Berkeley DB (BDB) ===
=== Deprecation of Berkeley DB (BDB) ===

Revision as of 01:37, 9 January 2021

aports

musl 1.2

musl has been upgraded to 1.2. This release changes the definition of time_t on 32-bit systems. See the musl time64 release notes for more details. All x86, armv7 and armhf packages have been rebuilt for this change. For users of these architectures, all self-compiled packages must be manually rebuilt after upgrading, even if relocation/SONAME errors are not encountered.

In order to support dates after year 2038, musl 1.2 uses new time64-compatible system calls. Due to a long-standing Docker issue, these system calls incorrectly return EPERM when running under a Docker or libseccomp version predating their release. Therefore, due to open Docker for Windows issue 8326, Alpine Linux 3.13 is currently incompatible with Docker for Windows, and when running under Docker for Linux, Alpine Linux 3.13.0 requires the host Docker to be version 19.03.9 or greater and the host libseccomp to be version 2.4.2 or greater.

Therefore, as of writing, the following systems are not suitable as Docker hosts for Alpine Linux 3.13.0: Amazon Linux 1 or 2, CentOS 7 or 8, Debian stable without debian-backports, Raspbian stable, and Ubuntu 14.04 or earlier. This applies regardless of whether the distribution Docker packages or separate Docker package repositories are used. When running on these systems, --security-opt=seccomp=default.json should be passed to docker create or docker run, where default.json is downloaded from [1] and on line 2, defaultAction is changed to SCMP_ACT_TRACE. Alternatively, --security-opt=seccomp=unconfined can be passed, but note that this will slightly decrease the security of the host against malicious code in the container.

Deprecation of Berkeley DB (BDB)

Oracle has changed the license of BDB to AGPL-3.0, making it unsuitable to link to packages with GPL-incompatible licenses. Since the old version is no longer maintained, the db package is now deprecated. Alpine Linux packages are being transitioned to alternatives or, where no alternatives exist, removed entirely.

For postfix, support for hash and btree databases has been removed. lmdb is the recommended replacement. Before upgrading, all tables in /etc/postfix/main.cf using hash and btree must be changed to a supported alternative. See the Postfix lookup table documentation for more information.

Switching from busybox ifupdown to ifupdown-ng

The default ifupdown implementation has been switched from busybox to ifupdown-ng. ifupdown-ng is intended to be compatible with debian ifupdown and busybox ifupdown, but all users of /etc/network/interfaces should read the ifupdown-ng readme and the ifupdown-ng admin guide before upgrading.

ifupdown-ng has native vlan support, so the vlan package is no longer required and can be uninstalled. The bridge and bond packages are still required.

GCC 10

GCC has been upgraded to version 10. GCC 10 sets the -fno-common option by default. All Alpine Linux packages have been fixed, but users compiling other software on Alpine Linux may need to make changes to their code. For more information, see the GCC 10 porting guide.

PHP 8.0

PHP 8.0 with a common set of extensions is now available as php8. PHP 7.4 (php7) remains the default.

xorg-server has moved to community

xorg-server and related packages have been moved from main to community. To install it, ensure /etc/apk/repositories contains the community repository.

Running setup-xorg-base will automatically enable the community repo before installing xorg-server.

busybox

Removed applets

The following applets have been removed:

  • hdparm: Missing many features. Use hdparm instead.
  • fdformat: Rarely used. Use util-linux instead.
  • readprofile: Rarely used. Consider perf or use util-linux instead.
  • lspci: Missing many features, such as hwdb support. Use pciutils or grep . /sys/bus/pci/devices/*/* instead.
  • conspy: Rarely used.
  • smemcap: Rarely used.
  • dumpleases: Rarely used.

Alternatives for conspy, smemcap, and dumpleases are not currently packaged due to a lack of interest. If you require these programs, please file an issue at Alpine GitLab.

Changes

The following applets now support long options:

  • gzip
  • install
  • ipcalc

apk-tools

Man page

apk-tools now has an official man-page: apk-tools-docs. If the docs package is installed, man pages will automatically be installed and updated for all installed packages.