Mozilla is shutting down Pocket, the “read it later” service it acquired in 2017 and integrated into the Firefox web browser. Pocket shuts down on July 8, but existing users and paying subscribers will be able to export saved stories until October 8, 2025. After that, finito. “Pocket has helped millions save articles and discover stories worth reading. But the way people save and consume content on the web has evolved, so we’re channeling our resources into projects that better match browsing habits today,” they say. Why kill it? The driver, they say, was so it could “…focus our efforts […]

You're reading Mozilla Kills Pocket & Fakespot to Focus on Firefox, a blog post from OMG! Ubuntu. Do not reproduce elsewhere without permission.

Day-by-day we’re learning more on what to expect in Ubuntu 25.10 ‘Questing Quokka’, the next short-term release of Ubuntu due for release in October. Today, Canonical’s Kleber Souza, member of the Ubuntu Kernel Team, confirmed the plan is to ship the Linux 6.17 kernel in Ubuntu 25.10 – barring any unforeseen upstream hiccups, of course. As we’re yet to see the release of the Linux 6.15 kernel, and 6.16 is yet to enter development, committing to a version so far out may seem a bit optimistic. But it tracks. Last year Canonical made a major change to its kernel cadence […]

You're reading Ubuntu 25.10 Will Ship with the Linux 6.17 Kernel, a blog post from OMG! Ubuntu. Do not reproduce elsewhere without permission.

by George Whittaker

In an era where cyber threats are evolving rapidly, securing Linux systems goes far beyond basic user permissions. Traditional security mechanisms like Discretionary Access Control (DAC) offer limited safeguards against privilege escalation, compromised applications, and insider threats. To address these limitations, Security-Enhanced Linux (SELinux) offers a powerful, fine-grained framework for Mandatory Access Control (MAC) — and it's not just for Red Hat-based distributions anymore.

In this article, we'll explore how to integrate SELinux into Debian, one of the most widely used and respected GNU/Linux distributions. We'll break down its architecture, setup procedures, policy management, and troubleshooting techniques. Whether you're running a mission-critical server or seeking to harden your desktop environment, this guide will show you how SELinux can elevate your system security to enterprise-grade standards.

Understanding the Foundations of SELinux What Is SELinux?

SELinux is a kernel security module initially developed by the United States National Security Agency (NSA) in collaboration with the open-source community. It introduces the concept of mandatory access controls by enforcing policy-based rules that strictly define how processes and users can interact with files, directories, sockets, and devices.

Unlike DAC, where file owners control access, MAC policies are imposed by the system administrator and enforced by the kernel, regardless of user ownership or permissions.

Core Components of SELinux

• Subjects: Active entities (usually processes).

• Objects: Passive entities (like files, directories, devices).

• Contexts: Security labels assigned to subjects and objects.

• Types/Domains: Used to define access rules and behavior.

• Policies: Written rulesets that determine access control logic.

Enforcement Modes

• Enforcing: SELinux policies are applied and violations are blocked.

• Permissive: Policies are not enforced, but violations are logged.

• Disabled: SELinux is turned off entirely.

SELinux on Debian: A Reality Check

Debian has traditionally favored AppArmor for its simplicity and ease of integration. However, SELinux support is fully present in Debian’s repositories. As of Debian 12 (Bookworm) and later, integrating SELinux is more streamlined and better documented than ever.

Go to Full Article

GNOME is looking to jettison X11 session support - as soon as this year, which may impact Ubuntu's plans for its next long-term support release.

You're reading GNOME Dropping X11 Support May Complicate Next Ubuntu LTS, a blog post from OMG! Ubuntu. Do not reproduce elsewhere without permission.

High Tide, an unofficial TIDAL client for Linux, now offers background playback, audio normalisation, synced lyrics and various visual improvements.

You're reading High Tide (TIDAL Client for Linux) Gains New Features, a blog post from OMG! Ubuntu. Do not reproduce elsewhere without permission.

Fender Studio is a new free cross-platform DAW for Linux, backed by the iconic instrument maker. Learn what it can do and where to download.

You're reading Fender’s New Music Creation Software Supports Linux, a blog post from OMG! Ubuntu. Do not reproduce elsewhere without permission.

by George Whittaker Introduction

In today's fast-paced IT environments, performance, reliability, and scalability are critical factors that determine the effectiveness of a network. Advanced Linux networking techniques such as VLAN trunking, interface bonding, and Quality of Service (QoS) are key tools in the hands of system administrators and network engineers who aim to build robust and efficient systems. Whether you're managing a data center, configuring high-availability clusters, or optimizing bandwidth for critical services, these technologies provide the foundation for high-performance networking on Linux.

This article explores each of these advanced networking capabilities, explaining their benefits, configurations, and practical use cases. By the end, you will have a comprehensive understanding of how to implement VLANs, bonding, and QoS effectively on your Linux systems.

Understanding VLAN Trunking in Linux What is VLAN Trunking?

Virtual LANs (VLANs) allow the segmentation of a physical network into multiple logical networks. VLAN trunking is the process of transporting multiple VLANs over a single network link—typically between switches or between a switch and a server. This allows a single network interface card (NIC) to handle traffic for multiple VLANs, optimizing resource usage and simplifying cabling.

Trunking is crucial in virtualized environments where multiple virtual machines (VMs) or containers need to reside in separate VLANs for security or organizational reasons.

Why Use VLAN Trunking?

• Isolation: Separates traffic for security and compliance.

• Efficiency: Reduces the number of physical interfaces needed.

• Scalability: Makes it easy to add or modify VLANs without physical changes.

Linux Support for VLANs

Linux supports VLANs natively via the kernel module 8021q. The modern toolset uses the ip command from the iproute2 package for configuration. Older systems may use the vconfig utility, though it's now deprecated.

Ensure the module is loaded:

sudo modprobe 8021q

Creating VLAN Interfaces

Use the ip command:

sudo ip link add link eth0 name eth0.10 type vlan id 10 sudo ip addr add 192.168.10.1/24 dev eth0.10 sudo ip link set dev eth0.10 up

Persistent Configuration

On Ubuntu (netplan):

Go to Full Article

Well here’s a turn up: Microsoft just released the source code for Windows Subsystem for Linux (WSL), making the nifty tech open-source nearly a decade after development began. The tech giant announced the news at this year’s BUILD event, where it made some other open-source related announcements, including its own CLI text editor called Edit. Source code for WSL was quickly made available on the Microsoft GitHub. For those not familiar with it, WSL is a specialised virtualisation setup that lets Windows users run Linux distributions (like Ubuntu) inside of Windows, with tight system, software and hardware integration. Microsoft says […]

You're reading Microsoft Open-Sources Windows Subsystem for Linux, a blog post from OMG! Ubuntu. Do not reproduce elsewhere without permission.

A new version of the Vivaldi web browser is available to download, carrying changes said to make our collective “everyday browsing smoother, faster, and just a little more delightful.” How does Vivaldi 7.4 make browsing the increasingly gamified, algorithmically manipulative and AI slopified modern web more ‘delightful’? Shortcuts. More specifically, Vivaldi 7.4 gives you the ability to “fine-tune” how shortcuts behave on a per-site basis. If you want a website’s shortcuts to take priority over Vivaldi’s, you can. “It’s about putting you in control, making sure your shortcuts work where and when you need them most”, says Jon von Tetzchner, […]

You're reading Vivaldi 7.4 Update Adds New Keyboard Shortcut Controls, a blog post from OMG! Ubuntu. Do not reproduce elsewhere without permission.

The elementary OS 8.0.1 release back in March brought an appreciable set of improvements with it, including a much-improved Files app, but as ever in development: the work never stops! Project founder, Danielle Foré, recently recapped a few smaller features that have been issued to users of the Ubuntu-based Linux distribution as software updates, including: If you run elementary OS 8.x, install your updates and eat your greens, you should be benefitting from the changes listed above (if you don’t have them, go update to get ’em). But Danielle also gave us an early-look at an exciting new app and […]

You're reading elementary OS Preview Cool Upcoming Features, a blog post from OMG! Ubuntu. Do not reproduce elsewhere without permission.

Ubuntu 25.10 'Questing Quokka' will ship Loupe and Ptyxis as default image viewer and terminal apps in the upcoming October release.

You're reading Ubuntu is Replacing its Image Viewer and Terminal Apps, a blog post from OMG! Ubuntu. Do not reproduce elsewhere without permission.

A number of new personalisation features have been added to the Firefox New Tab page in the past year, including the ability to pick a background image from a small set of hand-picked pics and solid colours. Pleasant though those curated images are, they’re not to everyone’s tastes. This is why Mozilla’s engineers have been beavering away on a few enhancements to provide greater customisation — you can “test” them in the latest stable release, which is Firefox 138 at the time I write this. The big change is that you can now “upload your own image” to use as […]

You're reading Firefox Now Supports Custom Images on New Tab Page, a blog post from OMG! Ubuntu. Do not reproduce elsewhere without permission.

by George Whittaker

Bash scripting is often seen as a convenient tool for automating repetitive tasks, managing simple file operations, or orchestrating basic system utilities. But beneath its surface lies a trove of powerful features that allow for complex logic, high-performance workflows, and robust script behavior. In this article, we’ll explore the lesser-known but incredibly powerful techniques that take your Bash scripting from basic automation to professional-grade tooling.

Mastering Arrays for Structured Data Indexed and Associative Arrays

Bash supports both indexed arrays (traditional, numeric indexes) and associative arrays (key-value pairs), which are ideal for structured data manipulation.

# Indexed array fruits=("apple" "banana" "cherry") # Associative array declare -A user_info user_info[name]="Alice" user_info[role]="admin"

Looping Through Arrays

# Indexed for fruit in "${fruits[@]}"; do echo "Fruit: $fruit" done # Associative for key in "${!user_info[@]}"; do echo "$key: ${user_info[$key]}" done

Use Case: Managing dynamic options or storing configuration mappings, such as service port numbers or user roles.

Indirect Expansion and Parameter Indirection

Ever needed to reference a variable whose name is stored in another variable? Bash allows this with indirect expansion using the ${!var} syntax.

user1="Alice" user2="Bob" var="user1" echo "User: ${!var}" # Outputs: Alice

Use Case: When parsing dynamically named variables from a configuration or runtime-generated context.

Process Substitution: Piping Like a Pro

Process substitution enables a command’s output to be treated as a file input for another command.

diff <(ls /etc) <(ls /var)

Instead of creating temporary files, this technique allows on-the-fly data streaming into commands that expect filenames.

Use Case: Comparing outputs of two commands, feeding multiple inputs to grep, diff, or custom processors.

Using Traps for Cleanup and Signal Handling

Traps let you capture signals (like script termination or interruption) and execute custom handlers.

temp_file=$(mktemp) trap "rm -f $temp_file" EXIT # Do something with $temp_file

Common signals:

• EXIT: Always triggered when the script ends

• ERR: Triggered on any command failure (with set -e)

• INT: Triggered by Ctrl+C

Use Case: Cleaning up temporary files, resetting terminal states, or notifying external systems on exit.

Go to Full Article

Canonical commits to donating $120k to the open source developers building the projects and tools that help power the Ubuntu ecosystem.

You're reading Canonical Donating $120,000 to Open Source Projects This Year, a blog post from OMG! Ubuntu. Do not reproduce elsewhere without permission.

by George Whittaker

In an age where data breaches and cyber threats are growing both in frequency and sophistication, securing your Linux system is more important than ever. Ubuntu, one of the most popular Linux distributions, comes with a powerful security tool that many users overlook — AppArmor. Designed to provide a robust layer of defense, AppArmor enhances Ubuntu's built-in security model by confining programs with access control profiles.

This article will walk you through the ins and outs of AppArmor, explain why it's a crucial part of a hardened Ubuntu system, and teach you how to leverage it to protect your environment.

Understanding AppArmor: What It Is and Why It Matters

AppArmor (Application Armor) is a Mandatory Access Control (MAC) system that supplements the traditional Discretionary Access Control (DAC) provided by Linux file permissions. While DAC relies on user and group ownership for access control, MAC goes a step further by enforcing rules that even privileged users must obey.

AppArmor operates by loading security profiles for individual applications, specifying exactly what files, capabilities, and system resources they are allowed to access. This approach prevents compromised or misbehaving applications from harming the rest of the system.

AppArmor vs. SELinux

While SELinux (Security-Enhanced Linux) is another MAC system popular on Red Hat-based distributions, AppArmor is often preferred in Ubuntu environments for its ease of use, human-readable syntax, and simple profile management. Where SELinux can be daunting and complex, AppArmor offers a more user-friendly approach to strong security.

Core Concepts of AppArmor

Before diving into how to use AppArmor, it's important to understand its core concepts:

Profiles

A profile is a set of rules that define what an application can and cannot do. These are usually stored in the /etc/apparmor.d/ directory and loaded into the kernel at runtime.

Modes

• Enforce: The profile is actively enforced, and actions outside the defined rules are blocked.

• Complain: The profile logs rule violations but doesn’t enforce them, which is useful for debugging.

Profile Components

Profiles specify permissions for:

• File access (read, write, execute)

• Capabilities (e.g., net_admin, sys_admin)

• Network operations

• Signals and inter-process communications

Go to Full Article

NordVPN has announced a major update to its Linux app, adding a much-requested GUI front-end that makes it easier to control, configure and monitor secure connections. Linux users have been able to use an official, comprehensive command-line interface for NordVPN for many years. The addition of a graphical user-interface (which can be used alongside the command-line one) should help the company broaden access to its services by making it easier to use NordVPN without needing to look up commands and type them in. NordVPN say the Linux GUI provides “visually rich elements and ease of use without compromising advanced features. […]

You're reading NordVPN Linux App Updated with New GUI, a blog post from OMG! Ubuntu. Do not reproduce elsewhere without permission.

If you’ve been itching to do an in-place upgrade to Ubuntu 25.04 from 24.10, your patience has paid off — upgrades have been re-enabled. For those unaware, Ubuntu was forced to halt upgrades to the new Ubuntu 25.04 release a few hours after its release on April 17 after major bugs were reported, affecting users across different Ubuntu flavours were discovered. Users were left with broken desktops (environments, that is – upgrading didn’t smash motherboards); had third-party packages removed that shouldn’t have been, and users on Qt-based flavours couldn’t upgrade using the GUI tool due to missing dependencies. Less Plucky, […]

You're reading Ubuntu 25.04 Upgrades Have Been Re-Enabled, a blog post from OMG! Ubuntu. Do not reproduce elsewhere without permission.

A few months back I reported that Kagi, the company behind the paid, private and privacy-focused search engine of the same time, is porting its Orion web browser to Linux – now we have our first look at how its Linux GUI is shaping up. A recent development screenshot of Orion’s WIP Linux build was shared by Kagi devs—pictured in the hero image above—and it reveals that Orion for Linux will use GTK4/libadwaita for its GUI. A logical (and expected) choice: GTK4 is a modern, widely-used toolkit across Linux distros, with consistency at its core. And libadwaita provides widgets and […]

You're reading Kagi’s Orion Browser Linux Port Uses GTK4/libadwaita, a blog post from OMG! Ubuntu. Do not reproduce elsewhere without permission.

If you’re running Kubuntu 25.04 and want the latest fixes the KDE Plasma 6.3.5 release, you can use the Kubuntu backports PPA to get ’em. KDE Plasma 6.3.5 popped out a few weeks back, serving as the fifth and (likely) final bug-fix release prior to the next major release, KDE Plasma 6.4. Over the weekend, Kubuntu developers announced that the Kubuntu backports PPA has added the requisite packages for Kubuntu 25.04. Thus, Kubuntu users can add (or enable) the PPA to get the update now, rather than wait for the update to filter out through the usual software channels. The […]

You're reading KDE Plasma 6.3.5 Update Available to Kubuntu Users, a blog post from OMG! Ubuntu. Do not reproduce elsewhere without permission.

Ubuntu is one of the leading Linux distributions for RISC-V hardware thanks to Canonical’s strategic partnerships with companies like DeepComputing – who just announced a powerful new RISC-V AI PC running Ubuntu 24.04 LTS. The DC-ROMA RISC-V AI PC—apologies for the caps, it’s how it’s stylised—is built around the company’s new RISC-V Mainboard II, which is designed for use in the Framework 13″ and 14.2″ laptops. Though designed for Framework laptops, owning one isn’t a requirement. A nifty enclosure allows this mainboard to be used as a regular PC you connect to a monitor, keyboard and mouse. The board itself […]

You're reading RISC-V AI PC Delivers 50 TOPS, Runs Ubuntu 24.04, a blog post from OMG! Ubuntu. Do not reproduce elsewhere without permission.