All TWiT.tv Shows (Audio) – Untitled Linux Show 210: Bash to the Future
Release Date: July 6, 2025
Host: Jonathan Bennett
Guests: Rob Campbell, Ken MacDonald
1. Introduction and Overview
The episode kicks off with Jonathan Bennett outlining the key topics for the day, highlighting a significant security vulnerability in sudo, the French city of Lyon's transition away from Microsoft products, updates from the Pipewire Workshop 2025, advancements in Rust drivers, new hardware announcements, and other notable Linux news. [00:00]
2. Sudo Security Vulnerabilities
Speaker: Rob Campbell
Timestamps: [03:13] – [35:09]
Rob Campbell takes the lead in discussing two critical security vulnerabilities discovered in sudo, identified by Rich Merch.
-
First Vulnerability (CVE-2025-32462):
- Description: Allows execution of any command on the local machine by leveraging the
-Hfeature added in 2013. - Severity: Low (CVSS score of 2.8).
- Impact: Primarily concerns systems where multiple users share
sudoconfigurations across remote hosts. - Mitigation: Update to a patched version of
sudo(version 1.9.17-p1) or avoid using the vulnerable feature. [03:42]
- Description: Allows execution of any command on the local machine by leveraging the
-
Second Vulnerability (CVE-2025-32463):
- Description: High severity vulnerability (CVSS score of 9.3) that allows unprivileged users to gain root access without predefined
sudorules by exploiting the-r chrootoption. - Impact: Critical for systems allowing multiple user logins, especially in chrooted environments.
- Mitigation: Immediate patching and reconsidering the use of the
-r chrootfeature, which may be removed in future releases. [04:25]
- Description: High severity vulnerability (CVSS score of 9.3) that allows unprivileged users to gain root access without predefined
Discussion Highlights:
- Jonathan Bennett emphasizes the importance of understanding the specific nature of the vulnerabilities, pondering whether the
-Hoption affects local permissions based on remote host configurations. [07:41] - Rob Campbell clarifies that the vulnerabilities pose significant risks in shared environments but are less concerning for typical home desktop users. [08:23]
- Ken MacDonald adds technical insights on checking
sudoversions and validating changes, illustrating practical steps for system administrators. [09:24] – [10:54]
Notable Quotes:
- Rob Campbell: "The second CVE is almost as severe as they get, so if you're running Linux devices that allow others to log in, you may want to listen up here." [05:00]
- Jonathan Bennett: "Most of you home Linux desktop users likely don't have much to worry about, but shared environments could be at risk." [07:41]
3. Pipewire Workshop 2025 Updates
Speaker: Ken MacDonald
Timestamps: [11:56] – [16:07]
Ken MacDonald provides an in-depth summary of the Pipewire Workshop 2025, focusing on collaborative developments and future directions for Pipewire.
Key Topics Discussed:
-
Video Transport Enhancements:
- Speaker: Wynn Tammons
- Overview: Aiming to enable video routing akin to audio, with automated conversion to/from common DSP formats using FFMPEG and Vulkan-based converters. Challenges include handling diverse application format requirements, notably from Firefox. [11:56] – [15:03]
-
Rust-Based Reimplementation:
- Speaker: Arun Raghaven
- Overview: Reimplementing Pipewire's SPA and LibPipeWire in Rust to facilitate native communication between Rust clients and the Pipewire daemon without relying on C libraries. [15:03]
-
Time-Sensitive Networking (TSN):
- Speaker: Alexje Rimpel
- Overview: Addressing issues with using dev PTP as a clock source, with detailed technical discussions deferred to further reading. [15:03]
-
Code Base Improvements:
- Speaker: Martin Greer
- Overview: Identifying and addressing specific areas in Pipewire and WirePlumber codebases that require attention to enhance performance and stability. [15:03]
-
Future Features:
- Discussions on GStreamer and Bluetooth support, with more intricate details available on George's blog. [15:03]
Discussion Highlights:
- Jonathan Bennett humorously notes the ubiquity of FFMPEG in live video functionalities and echoes the complexity of video synchronization across platforms. [15:03] – [15:42]
- Ken MacDonald and Rob Campbell discuss the technical intricacies and potential applications of the Rust-based enhancements and Pipewire's evolving capabilities. [15:42] – [16:07]
Notable Quotes:
- Ken MacDonald: "Wynn's idea is to eventually build a system that allows routing video just like audio, which is something we're definitely looking forward to." [11:56]
- Jonathan Bennett: "Audio and video is hard. Keeping them synced so everything just works is a really challenging problem." [15:42]
4. Writing USB Drivers in Rust
Speaker: Jonathan Bennett
Timestamps: [17:09] – [20:21]
Jonathan Bennett shares an intriguing development from Crescent Rose on Hackaday—a guide on writing USB drivers in Rust using libusb.
Key Points:
-
Cross-Platform Capability:
libusbserves as a bridge between kernel and user space, enabling driver development without kernel recompilation, and supports both Linux and Windows environments. [17:09]
-
Efficiency and Simplicity:
- The guide demonstrates creating a functional USB driver in approximately 50 lines of Rust code, handling tasks like setting RGB keyboard colors and reading button inputs. [17:09] – [32:04]
-
Prospects for Developers:
- Encourages developers to create custom drivers for unsupported USB devices, leveraging Rust's safety and performance. [17:09] – [20:21]
Discussion Highlights:
- Comparison with Rust Learning:
- Jonathan discusses his personal journey with Rust, balancing it with existing commitments and exploring its applications in embedded systems. [19:11] – [20:21]
Notable Quotes:
- Jonathan Bennett: "If you've got some USB device out there and you've waited and wondered, and you would love to have driver support for it, and nobody in the kernel seems to be doing it, well, maybe it's time to just roll up your sleeves and write some Rust code." [18:00]
5. European Governments Transition to Open Source
Speaker: Rob Campbell
Timestamps: [21:05] – [28:35]
Rob Campbell discusses the growing trend among European governments to shift away from Microsoft and other American software, citing concerns over privacy, digital sovereignty, and potential cybersecurity threats.
Key Developments:
-
Case Study: Lyon, France:
- Transition Steps: Replacing Microsoft Office with OnlyOffice, migrating from Windows to Linux, and adopting a suite of open-source tools like Jitsi for video conferencing, Nextcloud for document sharing, Zimbra for email, Cameleo for online training, and Matrix for instant messaging.
- Funding and Adoption: The TNO initiative received approximately €2 million from the French ANCT and is currently deployed across several local government entities. [21:05] – [25:29]
-
Implications for Open Source:
- The move signifies a robust endorsement of open-source solutions, potentially influencing other European nations to follow suit. [27:15] – [28:35]
Discussion Highlights:
-
Choice of Linux Distributions:
- The panel speculates on which Linux distributions Lyon might adopt, considering options like OpenSUSE versus lesser-known distros like Slackware. [25:29] – [28:35]
-
Hardware Considerations:
- Potential shifts towards using Raspberry Pi for government infrastructure hardware, exploring embedded and efficient solutions. [28:11] – [28:35]
Notable Quotes:
- Rob Campbell: "Privacy, digital sovereignty, government surveillance, or even the possibility of digital attacks... are driving forces behind this transition away from Microsoft." [21:05]
- Jonathan Bennett: "It's a good trend for Open Source and signifies increasing trust and reliance on community-driven software solutions." [25:29]
6. Fedora’s Strategic Changes and Community Reactions
Speaker: Rob Campbell
Timestamps: [34:55] – [50:57]
Rob Campbell delves into recent developments within the Fedora Linux distribution, highlighting both the community's response to policy changes and the rationale behind them.
Key Topics:
-
Dropping 32-Bit Support:
- Original Plan: Fedora intended to remove 32-bit architecture support in Fedora 44.
- Community Backlash: Significant negative feedback led to the withdrawal of this proposal. [42:09] – [46:16]
-
New Proposal – Dropping UEFI Boot on MBR Disks:
- Details: Fedora plans to eliminate UEFI boot support for MBR partitioned disks starting with Fedora 43 to simplify installer code and discontinue support for rarely used boot configurations.
- User Impact: Potential bootloader crashes for new installations using MBR, but existing systems remain unaffected. [46:16] – [50:57]
-
Wayland and X11 Compatibility Layer – Wayback:
- Project Overview: "Wayback" aims to bridge the gap between Wayland and X11, allowing traditional X11-based desktops to run on Wayland compositors.
- Development Status: Aligns with previous attempts to integrate Wayland with legacy X11 environments, facilitating smoother transitions. [50:57] – [56:25]
Discussion Highlights:
-
Community Dynamics:
- Jonathan Bennett argues that Fedora’s responsiveness to community feedback is positive, ensuring that changes are well-considered and broadly supported. [46:16] – [48:22]
-
Technical Insights:
- The panel examines the practical implications of Fedora’s changes, such as the shift from MBR to GPT for UEFI booting and the challenges of maintaining 32-bit library support amidst evolving software requirements. [48:22] – [50:57]
Notable Quotes:
- Rob Campbell: "Fedora is the distro known for pushing the limits, cutting off the old and aggressively moving into the new." [42:09]
- Jonathan Bennett: "Bash is moving into the future with C23 conformance, but it also means it won't compile on legacy systems like PDP-11." [47:06]
7. Bash and Perl Updates
Speakers: Jonathan Bennett, Rob Campbell
Timestamps: [56:25] – [60:06]
Jonathan Bennett updates listeners on the latest releases of Bash and Perl.
-
Bash 5.3:
- New Features: Introduces a new form of command substitution, a
replyshell variable post-command substitution, enhancements for C23 compliance, case-insensitive searching, improved glob sorting, and a new local variable for sorting path completions. - Breaking Changes:
Bash 5.3no longer compiles with older C compilers, signaling a move away from legacy system support. [56:25] – [59:04]
- New Features: Introduces a new form of command substitution, a
-
Perl 5.42:
- New Features: Incorporates Unicode 16 support, experimental operators for list manipulation (
anyandall), writer attributes for field variables, new core subroutines, and various enhancements beneficial to Perl developers. - Community Impact: Acknowledges that while Perl remains relevant, its user base has dwindled, with many developers transitioning to other languages. [59:04] – [60:06]
- New Features: Incorporates Unicode 16 support, experimental operators for list manipulation (
Discussion Highlights:
-
Relevance and Use Cases:
- The team reflects on the continued evolution of programming languages and the balance between maintaining legacy support and adopting modern standards. [56:25] – [60:06]
-
Personal Experiences:
- Jonathan and Rob share their personal engagements with
BashandPerl, highlighting the practical implications of these updates in their workflows. [59:04] – [60:06]
- Jonathan and Rob share their personal engagements with
Notable Quotes:
- Jonathan Bennett: "Bash is moving into the future, but you can't take it to compile for your Univac or PDP-11 anymore." [56:25]
- Rob Campbell: "Perl was my first language that I ever learned way back." [59:04]
8. Command Line Tips and Tools
Speakers: Rob Campbell, Ken MacDonald
Timestamps: [62:36] – [79:08]
The hosts share practical command-line tips to enhance productivity and system management.
-
Proxmox Monitoring with Pulse (Rob Campbell):
- Overview: Rob introduces Pulse, a monitoring tool for Proxmox servers that provides real-time insights into VM and container resource usage, including CPU, memory, disk, and network metrics.
- Features:
- Displays efficiency discrepancies between VMs and LXC containers.
- Offers filtering options and detailed storage and backup monitoring.
- Future plans include scripts for streamlined installation and integration with Proxmox Backup Server (PBS). [62:36] – [78:48]
-
Advanced grep Usage (Ken MacDonald):
- Overview: Ken demonstrates leveraging
grepfor filtering specific information from extensive command outputs, enhancing data parsing efficiency. - Example: Extracting lines related to
ALSA_outputfrompwc_info_alloutput usinggrepwith context options.- Command:
pwc_info_all 2>&1 | grep -F -A 15 'ALSA_output' - Explanation: Redirects standard error to standard output and filters lines containing
ALSA_output, displaying 15 lines after each match. [67:25] – [78:48]
- Command:
- Overview: Ken demonstrates leveraging
Discussion Highlights:
-
Rob Campbell elaborates on his experience using Pulse to optimize Proxmox server performance, noting significant memory usage differences between VMs and containers. He plans to transition more VMs to containers for enhanced efficiency. [62:36] – [78:48]
-
Ken MacDonald dives into the nuances of
grepcommands, emphasizing the importance of context options (-Afor lines after matches) and demonstrating how to systematically extract and manage relevant data from verbose outputs. [67:25] – [78:48]
Notable Quotes:
- Rob Campbell: "Pulse is just a nice simple tool to monitor Proxmox servers and see efficiencies and inefficiencies." [62:36]
- Ken MacDonald: "You can tame that crazy spew of information from commands like
pwc_info_allinto something manageable withgrep." [67:25]
9. Final Remarks and Community Engagement
Speakers: Jonathan Bennett, Rob Campbell, Ken MacDonald
Timestamps: [79:08] – [82:37]
As the episode winds down, the hosts promote their personal projects and community platforms.
-
Rob Campbell:
- Website Promotion: Encourages listeners to visit RobertPCampbell.com for more information, including links to his LinkedIn, Twitter, Mastodon, and donation options. [79:26] – [80:16]
-
Ken MacDonald:
- App Recommendations: Highlights Patrick Campanell’s list of nine essential applications for Linux on Chromebooks, suggesting listeners check the show notes for more details. [80:59] – [81:28]
-
Jonathan Bennett:
- Additional Content: Directs listeners to his security column on Hackaday and promotes Club Twit, an exclusive membership platform offering ad-free access to TWiT shows and participation in a dedicated Discord community. [81:28] – [82:37]
Notable Quotes:
- Jonathan Bennett: "Club Twit is the best way to support the network and your favorite shows. Join us and be part of the club where the cool kids are." [81:28]
- Rob Campbell: "Connect with me at RobertPCampbell.com to stay updated on my latest projects and discussions." [79:26]
Conclusion
This episode of Bash to the Future offers a comprehensive exploration of current Linux-related developments, from critical security vulnerabilities in sudo to the strategic shifts of European governments towards open-source solutions. The hosts provide valuable insights into system administration, programming language updates, and practical command-line techniques, all while fostering a sense of community among tech enthusiasts. Whether you're a seasoned Linux user or someone looking to deepen your understanding of open-source ecosystems, this episode delivers actionable knowledge and engaging discussions tailored to your interests.
For more detailed information, including links to projects and tools discussed, please refer to the show notes available on the TWiT.tv platform.