RepoJournal
Linux

Linux

The kernel, distros, and the rigs of the moment

Pick a date

The Wire · Showcase

KERNEL RC8 LOCKS DOWN NAMESPACE MOUNTS, RISC-V AND POWER FIXES LAND

By RepoJournal · Filed · About Linux

The kernel is tightening namespace security while Arch's installer learns to handle missing keyrings and Wayland compositor startup.

Linux 7.1-rc8 is closing a namespace security hole that let attackers mount regular files over directories through OPEN_TREE_NAMESPACE and FSMOUNT_NAMESPACE, bypassing normal mount restrictions [1]. Simultaneously, power management fixes restore EPP control in amd-pstate [2] and RISC-V closes a CFI prctl implementation gap that was silently accepting invalid control bits [3]. Over in Arch's installer, three critical fixes landed overnight: custom mirrors now skip configuration if keyring sync fails rather than crashing with GPGME errors [4], Wayland desktop profiles now automatically add users to the seat group so sway and hyprland actually start [5], and Plymouth boot splash support arrived as an opt-in feature [6]. The namespace fix is kernel-critical for production systems. The Arch fixes matter heavily if you're shipping Wayland-first installs or running in environments where keyring sync is flaky.

Action items

References

  1. [1] namespace: restrict OPEN_TREE_NAMESPACE/FSMOUNT_NAMESPACE to directories torvalds/linux
  2. [2] Merge tag 'pm-7.1-rc8' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm torvalds/linux
  3. [3] Merge tag 'riscv-for-linux-7.1-rc8' of git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux torvalds/linux
  4. [4] Skip custom mirror config when keyring sync fails (#4577) archlinux/archinstall
  5. [5] Add users to seat group when seatd is selected (#4578) archlinux/archinstall
  6. [6] Add Plymouth configuration setup ↗ archlinux/archinstall

FAQ

What changed in Linux on June 11, 2026?
The kernel is tightening namespace security while Arch's installer learns to handle missing keyrings and Wayland compositor startup.
What should Linux teams do about it?
Review namespace mount restrictions in any custom mount tooling before next kernel deploy • Test Arch installer with keyring sync disabled to confirm mirror fallback works • Verify seat group provisioning in Wayland profile installs if deploying to user systems
Which Linux repositories shipped on June 11, 2026?
torvalds/linux, archlinux/archinstall

Related across the cluster

For your repos

The showcase is a teaser.
Your wire is the product.

Same engine. Different stack. Below: what changes when the wire is yours.

Showcase wire

  • 14 famous open source orgs
  • One wire per day
  • Public, generic
  • Read on the web, when you remember

Your wire

  • Up to 1,500 of your repos - orgs, deps, vendors
  • Morning and evening briefs
  • Action items routed to your team
  • Slack delivery, email, breaking-news CVE alerts

Want a hands-on demo first? Ask a current user for an invite link.