This is some pretty exciting news! The Arch Linux team have announced a new direct collaboration with Valve (Steam). Something that's not too surprising, since Valve do fund a lot of open source work, and SteamOS for Steam Deck is built directly on Arch Linux so working more closely together makes a lot of sense.
Posted to the Arch developer mailing list by Levente Polyak, the Arch Linux leader:
We are excited to announce that Arch Linux is entering into a direct collaboration with Valve. Valve is generously providing backing for two critical projects that will have a huge impact on our distribution: a build service infrastructure and a secure signing enclave. By supporting work on a freelance basis for these topics, Valve enables us to work on them without being limited solely by the free time of our volunteers.
This opportunity allows us to address some of the biggest outstanding challenges we have been facing for a while. The collaboration will speed-up the progress that would otherwise take much longer for us to achieve, and will ultimately unblock us from finally pursuing some of our planned endeavors. We are incredibly grateful for Valve to make this possible and for their explicit commitment to help and support Arch Linux.
These projects will follow our usual development and consensus-building workflows. [RFCs] will be created for any wide-ranging changes. Discussions on this mailing list as well as issue, milestone and epic planning in our GitLab will provide transparency and insight into the work. We believe this collaboration will greatly benefit Arch Linux, and are looking forward to share further development on this mailing list as work progresses.
[RFCs]: https://rfc.archlinux.page/
The secure signing enclave could certainly be an interesting one. What do you think Valve and the Arch team will be cooking up with that? This is something that could perhaps be a useful change for anti-cheat to have a more secure platform on Arch and so SteamOS / Steam Deck, and potentially get more games to enable it for us.
Update 28/09/24 - 14:13 UTC: Arch Linux packager and Valve collaborator Campbell Jones, mentioned to me:
The enclave is essentially intended to be a way for us to PGP-sign packages with a single signing key instead of how we do it right now, which is with one personal key per packager. It will not benefit Proton or the anti-cheat situation in any way and is completely unrelated.
Quoting: MrDerbyWe should hope they implement it in a way more distributions then SteamOS will profit.Quoting: scaineIf we're being optimistic about that secure signing piece targeting better anti-cheat, I'd suggest that Valve are looking to out-perform Windows in that regard, and turn SteamOS into THE trusted way to prevent cheating on any given game. Make it as trusted as a console, or more so if possible.
^^^^^ THIS! 10000%
Quoting: Liam DaweArticle updated to clarify, nothing to do with any anti-cheat stuff folks.Still a great project. The whole PGP keychain stuff can really byte you if start up an arch based device after a long time and try to update. As I switch locations quite often and have some dedicated devices for specific jobs, repairing these issues cost me days in the last years.
Quoting: constAs I switch locations quite often and have some dedicated devices for specific jobs, repairing these issues cost me days in the last years.I've run into the issue several times, but so far it could always be fixed with a quick
pacman -S archlinux-keyring
Did you try that?
QuoteThe enclave is essentially intended to be a way for us to PGP-sign packages with a single signing key instead of how we do it right now, which is with one personal key per packager.
My assumption is this requires building on build servers instead of building on maintainers' machines like they currently do.
See more from me