LUG Community Blogs

Debian Bits: DebConf16: Call for Proposals

Planet HantsLUG - Sat, 19/03/2016 - 12:00

The DebConf Content team is pleased to announce the Call for Proposals for the DebConf16 conference, to be held in Cape Town, South Africa from 2 through 9 July 2016.

Submitting an Event

In order to submit an event, go to "Submit a talk" on your profile page in the DebConf16 website and describe your proposal. Please note, events are not limited to traditional presentations or informal sessions (BoFs). We welcome submissions of tutorials, performances, art installations, debates, or any other format of event that you think would be beneficial to the Debian community.

Please include a short title, suitable for a compact schedule, and an engaging description of the event. You should use the field "Notes" to provide us information such as additional speakers, scheduling restrictions, or any special requirements we should consider for your event.

Regular sessions may either be 20 or 45 minutes long (including time for questions), other kinds of sessions (like workshops) could have different durations. Please choose the most suitable duration for your event and explain any special requests.

Timeline

The first batch of accepted proposals will be announced in April. If you depend on having your proposal accepted in order to attend the conference, please submit it as soon as possible so that it can be considered during this first evaluation period.

All proposals must be submitted before Sunday 1 May 2016 to be evaluated for the official schedule.

Topics and Tracks

Though we invite proposals on any Debian or FLOSS related subject, we have some broad topics on which we encourage people to submit proposals, including:

  • Debian Packaging, Policy, and Infrastructure
  • Security, Safety, and Hacking
  • Debian System Administration, Automation and Orchestration
  • Containers and Cloud Computing with Debian
  • Debian Success Stories
  • Debian in the Social, Ethical, Legal, and Political Context
  • Blends, Subprojects, Derivatives, and Projects using Debian
  • Embedded Debian and Hardware-Level Systems
Video Coverage

Providing video of sessions amplifies DebConf achievements and is one of the conference goals. Unless speakers opt-out, official events will be streamed live over the Internet to promote remote participation. Recordings will be published later under the DebConf license, as well as presentation slides and papers whenever available.

Contact and Thanks to Sponsors

DebConf would not be possible without the generous support of all our sponsors, especially our platinum sponsor HPE. DebConf16 is still accepting sponsors; if you are interested, please get in touch!

You are welcome to contact the Content Team with any concerns about your event, or with any ideas or questions about DebConf events in general. You can reach us at content@debconf.org.

Registration Reminder

Registration for DebConf is open. Please log into the DebConf16 website and register from your profile page.

To request bursaries (sponsorship) for food, accommodation, or travel, you must be registered by Sunday, 10 April 2016.

After this date, registrations will still be accepted in any of the basic, professional, and corporate categories. However, accommodation on the campus will no longer be guaranteed, and requests for sponsorship will no longer be accepted.

Even if you are not certain you will be able to attend, we recommend registering now. You can always cancel your registration, before the deadline. We do suggest that attendees begin making travel arrangements as soon as possible, of course.

We hope to see you all in Cape Town!

Categories: LUG Community Blogs

Debian Bits: New Debian Developers and Maintainers (January and February 2016)

Planet HantsLUG - Mon, 14/03/2016 - 21:30

The following contributors got their Debian Developer accounts in the last two months:

  • Otto Kekäläinen (otto)
  • Dariusz Dwornikowski (darek)
  • Daniel Stender (stender)
  • Afif Elghraoui (afif)
  • Victor Seva (vseva)
  • James Cowgill (jcowgill)

The following contributors were added as Debian Maintainers in the last two months:

  • Giovani Augusto Ferreira
  • Ondřej Nový
  • Jason Pleau
  • Michael Robin Crusoe
  • Ferenc Wágner
  • Enrico Rossi
  • Christian Seiler
  • Daniel Echeverry
  • Ilias Tsitsimpis
  • James Clarke
  • Luca Boccassi

Congratulations!

Categories: LUG Community Blogs

Happy Pi Day! #piday #piday2016 #pi #pie

Planet SurreyLUG - Mon, 14/03/2016 - 10:05
from Instagram: http://ift.tt/1piA3MV

The post Happy Pi Day! #piday #piday2016 #pi #pie appeared first on life at warp.

Categories: LUG Community Blogs

Debian Bits: Debian selected to participate in the Google Summer of Code

Planet HantsLUG - Sun, 13/03/2016 - 16:00

For the tenth time running, Debian has been selected as a mentoring organization for the Google Summer of Code (Debian-specific program page), an internship program open to university students aged 18 and up.

Our team of amazing mentors has cooked up an exciting list of projects this year, and we would be glad to have you on board with Debian for one of those summer internships. The student application period will open on March 14 (and close on March 25), but feel free to subscribe to our mailing list and get in touch with our mentors. You can also catch us on our IRC channel #debian-soc.

Categories: LUG Community Blogs

Debian Bits: Debian is looking for three interns in the Outreachy Program

Planet HantsLUG - Sat, 12/03/2016 - 20:10

As part of its diversity outreach initiatives, Debian will be participating in the upcoming 12th round (May - August 2016) of Outreachy, an internship program open worldwide to women (cis and trans), trans men and genderqueer people, as well as nationals and residents of the United States of any gender who are Black/African American, Hispanic/Latin@, American Indian, Alaska Native, Native Hawaiian, or Pacific Islander.

Thanks to the generosity of our donors, and specifically of our sponsor Intel who has given us funds specifically for one intern, Debian will be able to welcome three interns this round.

Applications for the program are open until March 22nd, so don't wait up! Debian has a lot of interesting internship opportunities this year. More info about the program is available on the Debian specific program page, as well as on the official website. Feel free to contact the outreach team and mentors on our mailing list or IRC channel #debian-soc in irc.oftc.net

If you want Debian to keep participating in such programs, and expand its outreach efforts, you can donate to one of the organizations supporting the Debian project, or volunteer some time by participating in discussions on our mailing list.

Categories: LUG Community Blogs

Bring-A-Box, Saturday 12th March 2016, Lion Brewery, Ash

Surrey LUG - Thu, 10/03/2016 - 23:09
Start: 2016-03-12 12:00 End: 2016-03-12 12:00

We have regular sessions on the second Saturday of each month. Bring a 'box', bring a notebook, bring anything that might run Linux, or just bring yourself and enjoy socialising/learning/teaching or simply chilling out!

This month's meeting is at the Lion Brewery Pub in Ash, Surrey.

New members are very welcome. We're not a cliquey bunch, so you won't feel out of place! Usually between 15 and 30 people come along.

Categories: LUG Community Blogs

A new, maintained fork of Freight

Planet SurreyLUG - Thu, 10/03/2016 - 12:33

In Foreman, we use the Freight repository manager to generate Debian package archives for a range of Debian and Ubuntu releases. It's a neat little project, just a handful of shell scripts which build and maintain the archive pool and necessary files for the dists and components. The output can then be served up by any web server.

Unfortunately the project ended up unmaintained and was missing some fixes required for newer apt client versions. Three of us have taken maintenance on and have forked the project to freight-team/freight on GitHub. So if you're looking to download it or send patches, please do so via the repo above. We hope this will serve as the canonical version in future.

Yesterday we cut the first release (v0.3.6) containing:

  • apt 1.1 support, required for Debian Stretch and Ubuntu 16.04
  • multiple GPG key support for better key rolling
  • some queued up bug fixes
  • a new test suite to catch regressions
... read more in the release notes.

Categories: LUG Community Blogs

Debian Bits: Hewlett Packard Enterprise Platinum Sponsor of DebConf16

Planet HantsLUG - Tue, 08/03/2016 - 12:00

We are very pleased to announce that Hewlett Packard Enterprise (HPE) has committed support to DebConf16 as a Platinum sponsor.

"We're excited to support Debian's annual conference which brings together Debian contributors from all around the world. In addition to our sponsorship, we will actively participate in DebConf", said Steve Geary, Senior Director at Hewlett Packard Enterprise.

HPE is one of the largest computer companies in the world, providing a wide range of products and services, such as servers, storage, networking, consulting and support, software, and financial services.

HPE is also a development partner of Debian, and provides hardware for port development, Debian mirrors, and other Debian services (hardware donations are listed in the Debian machines page).

With this additional commitment as Platinum Sponsor, HPE contributes to make possible our annual conference, and directly supports the progress of Debian and Free Software helping to strengthen the community that continues to collaborate on Debian projects throughout the rest of the year.

Thank you very much Hewlett Packard Enterprise, for your support of DebConf16!

Become a sponsor too!

DebConf16 is still accepting sponsors. Interested companies and organizations may contact the DebConf team through sponsors@debconf.org, and visit the DebConf16 website at http://debconf16.debconf.org.

Categories: LUG Community Blogs

Inventor of email sadly passes

Planet SurreyLUG - Sun, 06/03/2016 - 20:17

http://www.theverge.com/2016/3/6/11168718/ray-tomlinson-dead-inventor-of-email-obituary

Ray Tomlinson passed away Saturday.  What a legacy to leave.

The post Inventor of email sadly passes appeared first on life at warp.

Categories: LUG Community Blogs

The 10 biggest problems with Debian’s GNOME

Planet SurreyLUG - Fri, 04/03/2016 - 00:37

This post is not intended to start a flame/holy war or any other kind of religious conflict with regard to Linux desktop environments (DEs).  What it is intended to do, is to simply catalogue the multitude of problems I have been encountering while using Debian Jessie and GNOME 3.14.  

I LOVE GNOME (I truly do)

Let’s put this one right out there:  The GNOME Shell/GNOME 3 UI is, IMHO, the BEST desktop user experience out there for Linux.

Wait,” you might say, “doesn’t this conflict with the title of this blog post?

Well yes, it does.  But I want you, my learned reader, to understand that I wish that the GNOME DE was as stable and solid as it should be.  As it could be.  And hopefully as it will be.

You see, this is what Linux and other Unix-like operating systems have been known and reputed for – their stability.  I love what the GNOME devs did when they decided to reimagine the desktop for GNOME 3:  they used space sensibly, vertically, which to me feels more natural and intuitive.  And I love how it’s meant to stay out of the way – another good design motif.

But in terms of stability, sadly, GNOME has been something of a disappointment to me, and I wish this were not the case.  Perhaps this is just a consequence of its ambition, and that will always garner my respect.  Or maybe my install went terribly wrong, somewhere.  But I don’t reckon.  So, without further ado…

DISCLAIMER: WRT the issues with Debian Jessie‘s implementation of GNOME Shell/GNOME 3, I shall simply refer to it as GNOME.  I apologise to the purists out there.  I am only commenting on my experience in Debian Jessie, not anyone else’s, nor of any other GNU/Linux distribution.  Finally, I intentionally do not go into detail here and am not providing numerous distro/upstream links to “validate” my own claims.  I don’t need to.  If you’re interested, just search anything I have put below.  I am pretty confident you will find stuff…

The 10 Problems

Have you had similar experiences to these?  Do comment below.

1.  Tracker

The problems with GNOME start from the very moment you log in: it’s a disk-thrashing, sluggard of a desktop.  And yes, I am using a disk, not a SSD.  Why?  Because badly written software doesn’t deserve a place in my CPU, let alone being so resource-hogging as to require an SSD.

So yes, Tracker is the first problem with GNOME.  From logging in, all the way through your session, to shutting down your machine, it’s there – consuming all available CPU, disk I/O and (perhaps due to a memory leak), system memory.  Happily gobbling it all up like a sickly child with no manners.

Perhaps I am being unfair, inferring that Tracker is “bad software”.  It’s not a bad idea and its search seems to work well.  But it doesn’t reign itself in.  And software that doesn’t adhere to users’ choices through its own preferences panel is software that needs attention.

There are too many people/posts on the web with/of similar experiences.  But, why not just disable tracking completely, you ask?  Like, through the GUI you mean..?  Mmm.

Screenshot showing Tracker consuming loads of everything, just after log-in.

2. Crashes and Freezes

Next up is something akin to heresy: crashing and freezing of the whole desktop UI.  Seriously, it’s that bad.

You are in the middle of something, as you might be in a productive desktop environment, and BAM! no window response.  That’s it.  All gone.  This single issue is by far the most perplexing and irritating, totally demolishing my productivity recently.

When you start searching on t’interweb about this, you realise that this has haunted GNOME for years, and in multiple versions.  The nearest posts I have found on the web which seem related to the problem I have are here:

3. Crashes and Freezes after Live User Switching

Put GNOME through its paces by trying this one.

An alternative way to make GNOME hang on you is to use the live user switching.  Just set up another user account, then Switch User via this menu. Then, as your new user, switch back to your original account.

Do this a few times for maximum effect, until you get stuck looking at the frozen greeter, just after it’s accepted your password for logging back in.

Enjoy the view.

It’ll last a while.

In fact, no need to take a photo.  This’ll last long enough.

 

Moving on…

4. GNOME Online Accounts

Ahh, GOA.  Such a good idea.  Implemented in such an average way.

GNOME Online Accounts is meant to centralise internet service (or “cloud”, hwk-ding) accounts through one easy GUI component, and then share the online resources of each account with the appropriate desktop software.  Think, Google Calendar being visible in your desktop calendar, which is a separate desktop application than, say, your email reader (where you could read your GMail).  But no need to set up each application separately; just set up the GOA and each application gets relevant access.  Get the idea?

The account set-up bit of this is, actually, great.  I’m all for it too – this whole concept.  It just makes so much sense.

One of the problems with it is that things don’t work properly.  For example, if you use two-factor authentication in your Google account, and rely on application-specific passwords, then GOA doesn’t like that.  You will be constantly prompted for your Google account password, which is never accepted.

To be fair to Jessie, I haven’t seen this happen recently, so it may have finally been plugged.  Or I may just be lucky.

5. Evolution’s management of GOA’s SMTP/IMAP accounts

Another problem is SMTP/IMAP accounts.  Sure, they integrate nicely with Evolution.  Until you edit parts of the account in Evolution, which are more application-specific.  Then, you return to your account folders list with your GOA mail account being renamed to “Untitled”.  A rummage through, and edit of, the relevant ~/.config files is required to correct this error.  Not so slick.

I still have hope though.  One day this stuff will work great.

6. Evolution Hangs

Yep, another hangy-crashy thing.  Sometimes, for no discernible reason, when you close Evolution is hangs, mid-termination.  Forever.  You have to send a KILL to it to actually get it to close off completely.  Why?  Who knows.  It appears to be a timeout or spinlock type of problem.  Sorry for being vague, but look, just do this Google search and pick a year.  It looks like this bug has been around in one incarnation or another for a very long time.

7. Nautilus Hangs

Are you seeing a pattern here?  Yep, our faithful friend and file utility, Nautilus, also hangs.  Quite often.  Why it does this, I have not yet been able to determine.  Sigkill to the rescue.  (You can do a Google search on this too…)

8. Standby and resume with remote file system mounted

It might be chunky, but the T420 is a solidly-built machine, with good internals.

Now, I admit, this is a silly thing to do when you look at it, because you are clearly asking for trouble if you have a remote filesystem mounted into your own filesystem, and then put your machine to sleep for a while.

You can make the problem worse still, if you have laptop with a docking station.  Simply put it to sleep, undock, wake the machine, then reconnect using your wireless instead of ethernet.  The outcome varies from a locked desktop (where nothing works), to a frozen nautilus.

Again, a silly thing to do, perhaps, but also an innocent mistake at times.  Like, when you’re rushing to attend a meeting, for example.

So, why not be offered a notification, when requesting to “sleep” the machine, saying that remote filesystems are mounted?  I think even I might be able to knock up some code for that one (but I’d prefer to leave it to the experts, who I respect fully and who would do it far better than I).

9. Audio Output Switching

GNOME allows a nice, quick way of locating and launching its Settings dialogs.

As you may have gathered from previous comments, when it comes to GNOME I am primarily a business user.  My business runs and relies on GNU software & Linux.  For the experience and knowledge I have gained – not to mention being able to sustain an income and lifestyle I’m happy with, I am indebted to many people for their determined efforts in the free software community.

Unfortunately, little bugs creep in here and there – that’s the rule of life.  One minor annoyance with Jessie, that wasn’t present in its predecessor Wheezy, is automatic audio output switching.  In Wheezy, after a small tweak to the kernel module loading (via /etc/modprobe.d), the audio output would be directed to my docking station’s analogue jack when the laptop was docked, and then automatically switch to the laptop’s speakers when undocked.

Unfortunately, in Jessie, when my laptop is docked I have to hit the Super (Windows) key and get to the Sound preferences, then switch the output device.  After undocking, the same story.  This is, apparently, fixed upstream, but regressive and annoying nonetheless.

The “Search and Indexing” preferences in GNOME Shell. I think the idea was to make things easier. :-/

10. The long pauses and (what seems like) catastrophic resource “sharing”

This is so subjective an issue that I thought it barely worth mentioning, but an issue it is nonetheless.  And one that I actually feel is perhaps the worst of all.

When key processes are busy in the GNOME Desktop Environment – say Tracker for sake of argument, the “hit” on the rest of the system is shocking.  Right now, as I type this blog entry, any mouse-based GUI interactions are extremely sluggish.  This could be the reason why:

top - 16:34:34 up 2:00, 2 users, load average: 16.31, 15.97, 13.93

 

So what is causing such a load on my machine?  It doesn’t take long to figure it out, in top:

PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND 9187 smd 39 19 2239548 210440 34852 R 83.7 1.3 3:50.74 tracker-extract 9148 smd 20 0 693940 59696 8652 S 7.6 0.4 4:33.53 tracker-store

For reference, my trusty ThinkPad T420 uses a 2nd gen Core i7 processor (dual core w/hyperthreading), 16GB DDR3 memory (dual channel), a 64GB mSATA SSD system drive and 500GB Seagate Momentus 7200.4 drive for my /home.  It’s a set-up that’s still powerful enough for getting things done, and I’ve grown quite fond of this chunky, heavy laptop (by 2016 standards).  Yes, it’s a bit clunky now, but it’s still got it where it counts, and has only required minimal servicing over the years (since 2011).

Back to the main issue, though.  You see, I grew up on Amigas.  Fully pre-emptive multitasking spoilt me, and I’ve never looked back, or sideways, since.  These days, all modern operating systems provide significantly more advanced multitasking and far, far more powerful hardware, but the user’s needs should always come first in a desktop environment.  So, having an unresponsive desktop for hours, because a non-GUI process is taking too much CPU and I/O, is not a productivity boon, to say the least.

And just when you thought my tirade was complete, for a special BONUS… 11. Dejadup/duplicity and the inability to restore a backup!!

I love how well integrated Dejadup is into Nautilus.  It’s a neat idea, to be able to just navigate to anywhere on your file-system and then say “hey, you know what?  I wonder if that file I was looking for used to live here?“, or “I really must restore the earlier version of this file, or that file…”.. And so on.  It even states on its website, that it “hides the complexity of doing backups the Right Way (encrypted, off-site, and regular) and uses duplicity as the backend” [my link].

‘GNOME Backups’ was designed to facilitate exactly this, using the Dejadup/duplicity combo, with two main Nautilus integration actions.  Firstly, you can right-click in a folder (on blank space) and select “Restore missing files”.  Or, you can right-click on a specific file and select “Revert to previous version”.  In either case, a dialog will appear prompting you to select a date, from a range of dates when backups occurred.  Great, huh?

Except a backup is only good when you’re able to restore it.  I was not able to restore mine.  The “Revert” functionality simply failed, every time I tried, with a “File not found in archive”-style error message each time.  I also tried restoring the entire backup, which also failed.  This issue pretty much covers it.

So, perhaps using duplicity (and not Duplicity) as the backend is exactly what it does.  I don’t trust it with my back-ups.  For that job, I use BackInTime.

Conclusion: I STILL LOVE GNOME

I was originally going to entitle this blog post, Debian’s GNOME is a broken user experience, but shied away from making such a bold, and somewhat unfair, claim.  However, it’s hard not to conclude that this might actually be the case.

GNOME 2 used to be amazingly solid.  In fact, in my younger years I didn’t use it because I perceived it as being a little boring, instead opting for KDE (v2, then v3) as my go-to desktop for quite a while.  I would love to have the stability of GNOME 2 – at least as I experienced it – just in GNOME 3 form.

The biggest problem about GNOME 3 / Gnome Shell, is that I like it so damn much.  For me, despite all the wrinkles and annoyances, the occasional memory leaks of “background” indexing processes, the frequent hanging of various applications and the seemingly (at times) untested nature of the software, it’s actually brilliant.  It’s fast, feature-full, yet fluid.  That’s a rare combination in software.

For me, it’s faster to work in than any other DE, because it combines enough functionality with equally enough transparency.  For instance, when I am editing a client’s website files and want to upload them, Nautilus is the hero – allowing me to quickly mount the remote filesystem, upload my files, and then disconnect.  No need to launch additional software for that task.  We’re just moving data from one filesystem to another, right?  That’s what a file manager does and, in the main, Nautilus is exceptional at it.

As an Emacs user, I know I could do a similar thing using Tramp and Dired mode.  And I’ll keep that as an option to probably explore someday soon.

I’ve been using Debian for some time now, migrating away from Fedora on my netbook to start with, and then later on my main work laptop.  In general it’s an operating system that does so much right, it’s hard when things occasionally don’t work as expected.

I won’t say that Jessie’s innings with GNOME have been the best; fair from it.  But hopefully we can look forward to a smoother experience as time goes on.

The post The 10 biggest problems with Debian’s GNOME appeared first on life at warp.

Categories: LUG Community Blogs

New Aston Martin? Go on, then.

Planet SurreyLUG - Wed, 02/03/2016 - 11:44

The new 5.2L V12 twin turbo DB11 from Aston has appeared at Geneva, with rather delicious body styling and gorgeous paint.  Why say no! (apart from price and availability)

http://www.cnet.com/roadshow/auto/2017-aston-martin-db11/

The post New Aston Martin? Go on, then. appeared first on life at warp (stevedowe.me).

Categories: LUG Community Blogs

Silly state of affairs, that smartphone memory bests laptops in some cases.

Planet SurreyLUG - Tue, 01/03/2016 - 16:28

It’s kind of silly that smartphones commonly have as much, if not more, memory than new laptops.

It’s also kind of sucky that phone screens commonly ship as 2560×1440, whereas premium laptops are still 1920×1080.

For $655 (£470) you can get:

http://liliputing.com/2016/03/vivo-xplay-5-first-phone-6gb-ram.html  ,  or

http://www.currys.co.uk/gbuk/computing/laptops/laptops/lenovo-g50-15-6-laptop-and-software-bundle-10140029-pdt.html

The post Silly state of affairs, that smartphone memory bests laptops in some cases. appeared first on life at warp.

Categories: LUG Community Blogs

Chris Lamb: Free software activities in February 2016

Planet ALUG - Mon, 29/02/2016 - 23:53

Here is my monthly update covering a large part of what I have been doing in the free software world (previously):

  • Various improvements to django-slack, a library to easily post messages to the Slack group-messaging utility from projects using the Django web development framework:
    • Added explicit support to send messages asynchronously via the Celery distributed task queue. (#29)
    • Worked with Patrick Clope to add an escapeslack template filter to ensure the correct characters for Slack's API are escaped — using Django's built-in safe is too invasive. (#36)
    • Corrected an issue where custom endpoints and channel names were incompatible. (#27)
    • Overhaul of the field/option/block parsing. (49ff3c4)
    • Moved away from using a django.template.Context instance, preventing a deprecation warning. (#31)
  • Added a create-folders subcommand to my tickle-me-email Getting Things Done (GTD) email toolbox to create numbered folders for the rotate "tickler" functionality. (#3)
  • Wrote and released a Django template tag to collapse multiple whitespace/newline characters in order to correctly format, for example, plaintext emails that make extensive use of for-loops. These would normally require careful and fragile placement of the {% for .. %} and {% endfor %} tags. (Repo)
  • Pushed a number of updates to my Strava Enhancement Suite, a Chrome extension that improves and fixes annoyances in the web interface of the Strava cycling and running tracker:
    • Fix unit conversion where the element was wrapped in an another HTML element. (#48)
    • Hide premium indicator from top-level navigation. (#45)
    • Correct matching of the "shop" link in top-level navigation and footer module. (#47 & #46)
    • Remove "premium" pages on Club pages. (#44)
  • Added a security-oriented warning to Ansible's documentation regarding the behaviour if an UFW firewall application profile is added and subsequently removed. (#1740)
  • Added support to my django-staticfiles-dotd "staticfiles" library — which concatenates Javascript and CSS files from .d-style directories — to support an arbitrary file rendering method. This allows the use of media pre-processors such as SASS within such directories. (#1)
  • Corrected my Chrome extension for the FastMail web interface to correctly hook into the internal "send" mechanism. (#2)
  • Moved my stravabot IRC bot to use dh-virtualenv and systemd, improving security and reliability. (1c48709)
  • Updated django-pedantic-http-methods — a tool to raise an exception during development when attempting to perform side effects in GET and HEAD HTTP methods — to support the latest version of Django. (#1)
Debian
  • Updated travis.debian.net — a hosted script to easily test and build Debian packages on the Travis CI continuous integration platform — to support:
    • Automatic bumping of the version number in debian/changelog based on TRAVIS_BUILD_NUMBER. (#14)
    • Security repositories. Thanks to Stefan Jenkner for the initial pull request. These are additionally now enabled by default. (#15)
    • The backports repositories. (#13)
  • Applied #812830 and #812830 from James Clark to the Debian Archive Kit to improve the interface of various webpages it generates.
  • Updated the SSL certificate for try.diffoscope.org, a hosted version of the diffoscope in-depth and content-aware diff utility. Thanks to Bytemark for sponsoring the hardware.
  • Worked on my slides for Reproducible Builds - fulfilling the original promise of free software, to be presented at FOSSASIA '16.

My work in the Reproducible Builds project was also covered in more depth in Lunar's weekly reports (#40, #41, #42, #43)

LTS

This month I have been paid to work 18 hours on Debian Long Term Support (LTS). In that time I did the following:

  • "Frontdesk" duty for the week of 22nd—28th, triaging CVEs, etc.
  • Proofread announcements, etc. for the upcoming migration to wheezy-lts.
  • Issued DLA 417-1 for xdelta3 to fix a buffer overflow that allowed arbitrary code execution from input files.
  • Issued DLA 420-1 for libmatroska, correcting a heap information leak.
  • Issued DLA 428-1 for websvn fixing a cross-site scripting vulnerability.
  • Issued DLA 429-1 for pixman fixing a buffer overflow issue.
  • Issued DLA 430-1 & DLA 431-1 for libfcgi and libfcgi-perl respectfully, fixing a remote denial-of-service (DoS) vulnerability.
Uploads
  • redis (2:3.0.7-2) — Correcting my SOURCE_DATE_EPOCH reproducibility patch as the conditional was accidentally inverted. Thanks to Reiner Herrmann (deki).
  • disque (1.0~rc1-5) — Making the parallel SOURCE_DATE_EPOCH patch change and additionally tidying the packaging after introducing procps as a build-dependency.
Patches/bugs contributed RC bugs

I also filed 137 FTBFS bugs against aac-tactics, angular.js, astyle, bcftools, blacs-mpi, bogofilter, boxes, caldav-tester, ccdproc, ckeditor, coq-float, cqrlog, dasher, django-recurrence, dspdfviewer, eclipse-egit, ess, etcd, felix-latin, fio, flexml, funny-manpages, gap-atlasrep, garmin-plugin, gitlab, gnome-mines, graphicsmagick, haskell-nettle, healpy, hg-git, hunspell, hwloc, ijs, ipset, janest-core-extended, jpathwatch, kcompletion, kcompletion, keyrings.alt, kodi-pvr-hts, kodi-pvr-vdr-vnsi, libcommons-compress-java, libgnome2-wnck-perl, libkate, liblrdf, libm4ri, libnet-server-mail-perl, libsis-jhdf5-java, libspectre, libteam, libwnck, libwnckmm, libxkbcommon, lombok, lombok-patcher, mako, maven-dependency-analyzer, mopidy-mpris, mricron, multcomp, netty-3.9, numexpr, ocaml-textutils, openimageio, openttd-openmsx, osmcoastline, osmium-tool, php-guzzle, php-net-smartirc, plexus-component-metadata, polari, profitbricks-client, pyentropy, pynn, pyorbital, pypuppetdb, python-aioeventlet, python-certifi, python-hglib, python-kdcproxy, python-matplotlib-venn, python-mne, python-mpop, python-multipletau, python-pbh5tools, python-positional, python-pydot-ng, python-pysam, python-snuggs, python-tasklib, r-cran-arm, r-cran-httpuv, r-cran-tm, rjava, ros-geometry-experimental, ros-image-common, ros-pluginlib, ros-ros-comm, rows, rr, ruby-albino, ruby-awesome-print, ruby-default-value-for, ruby-fast-gettext, ruby-github-linguist, ruby-gruff, ruby-hipchat, ruby-omniauth-crowd, ruby-packetfu, ruby-termios, ruby-thinking-sphinx, ruby-tinder, ruby-versionomy, ruby-zentest, sbsigntool, scikit-learn, scolasync, sdl-image1.2, signon-ui, sisu-guice, sofa-framework, spykeutils, ssreflect, sunpy, tomcat-maven-plugin, topmenu-gtk, trocla, trocla, tzdata, verbiste, wcsaxes, whitedune, wikidiff2, wmaker, xmlbeans, xserver-xorg-input-aiptek & zeroc-icee-java.

FTP Team

As a Debian FTP assistant I ACCEPTed 107 packages: androguard, android-platform-dalvik, android-platform-development, android-platform-frameworks-base, android-platform-frameworks-native, android-platform-libnativehelper, android-platform-system-core, android-platform-system-extras, android-platform-tools-base, android-sdk-meta, apktool, armci-mpi, assertj-core, bart, bind9, caja, caldav-tester, clamav, class.js, diamond, diffoscope, django-webpack-loader, djangocms-admin-style, dnsvi, esptool, fuel-astute, gcc-6-cross, gcc-6-cross-ports, gdal, giella-core, gnupg, golang-github-go-ini-ini, golang-github-tarm-serial, gplaycli, gradle-jflex-plugin, haskell-mountpoints, haskell-simple, hurd, iceweasel, insubstantial, intellij-annotations, jetty9, juce, keyrings.alt, leptonlib, libclamunrar, libdate-pregnancy-perl, libgpg-error, libhtml5parser-java, libica, libvoikko, linux, llvm-toolchain-3.8, lombok-patcher, mate-dock-applet, mate-polkit, mono-reference-assemblies, mxt-app, node-abab, node-array-equal, node-array-flatten, node-array-unique, node-bufferjs, node-cors, node-deep-extend, node-original, node-setimmediate, node-simplesmtp, node-uglify-save-license, node-unpipe, oar, openjdk-8, openjdk-9, pg8000, phantomjs, php-defaults, php-random-compat, php-symfony-polyfill, pnetcdf, postgresql-debversion, pulseaudio-dlna, pyconfigure, pyomo, pysatellites, python-fuelclient, python-m3u8, python-pbh5tools, python-qtpy, python-shellescape, python-tunigo, pyutilib, qhull, r-cran-rjsonio, r-cran-tm, reapr, ruby-fog-dynect, scummvm-tools, symfony, talloc, tesseract, twextpy, unattended-upgrades, uwsgi, vim-command-t, win-iconv, xkcdpass & xserver-xorg-video-ast.

I additionally REJECTed 4 packages.

Categories: LUG Community Blogs

Meeting and Talk at "The Electric Club"

Wolverhampton LUG News - Mon, 29/02/2016 - 18:37
Event-Date: Wednesday, 2 March, 2016 - 19:30 to 23:00Body: Talk on Two-Factor Authentication The Electric Club St Marks Road, Chapel Ash, Wolverhampton WV3 0QH Food is available from a number of Take Aways on Chapel Ash, just around the corner.
Categories: LUG Community Blogs

Steve Kemp: If line-noise is a program, all fuzzers are developers

Planet HantsLUG - Mon, 29/02/2016 - 12:59

Recently I had a conversation with a programmer who repeated the adage that programming in perl consists of writing line-noise. This isn't true but it reminded me of my love of fuzzers. Fuzzers are often used to generate random input files which are fed to tools, looking for security problems, segfaults, and similar hilarity.

To the untrained eye the output of most fuzzers is essentially line-noise, since you often start with a valid input file and start flipping bits, swapping bytes, and appending garbage.

Anyway this made me wonder what happens if you fed random garbage into a perl interpreter? I wasn't brave enough to try it, because knowing my luck the fuzzer would write a program like so:

system( "rm -rf /home/steve" );

But I figured it was still an interesting idea, and I could have a go at fuzzing something else. I picked gawk, the GNU implementation of awk because the codebase is pretty small, and I understand it reasonably well.

Almost immediately my fuzzer found some interesting segfaults and problems. Here's a nice simple example:

$ gawk 'for (i = ) in steve kemp rocks' .. gawk: cmd. line:1: fatal error: internal error: segfault Aborted

I look forward to seeing what happens when other people fuzz perl..

Categories: LUG Community Blogs

Daniel Silverstone (Kinnison): Kicad hacking - Intra-sheet links and ERC

Planet ALUG - Mon, 29/02/2016 - 12:19

This is a bit of an odd posting since it's about something I've done but is also here to help me explain why I did it and thus perhaps encourage some discussion around the topic within the Kicad community...

Recently (as you will know if you follow this blog anywhere it is syndicated) I have started playing with Kicad for the development of some hardware projects I've had a desire for. In addition, some of you may be aware that I used to work for a hardware/software consultancy called Simtec, and there I got to play for a while with an EDA tool called Mentor Designview. Mentor was an expensive, slow, clunky, old-school EDA tool, but I grew to understand and like the workflow.

I spent time looking at gEDA and Eagle when I wanted to get back into hardware hacking for my own ends; but neither did I really click with. On the other hand, a mere 10 minutes with Kicad and I knew I had found the tool I wanted to work with long-term.

I designed the beer'o'meter project (a flow meter for the pub we are somehow intimately involved with) and then started on my first personal surface-mount project -- SamDAC which is a DAC designed to work with our HiFi in our study at home.

As I worked on the SamDAC project, I realised that I was missing a very particular thing from Mentor, something which I had low-level been annoyed by while looking at other EDA tools -- Kicad lacks a mechanism to mark a wire as being linked to somewhere else on the same sheet. Almost all of the EDA tools I've looked at seem to lack this nicety, and honestly I miss it greatly, so I figured it was time to see if I could successfully hack on Kicad.

Kicad is written in C++, and it has been mumble mumble years since I last did any C++, either for personal hacking or professionally, so it took a little while for that part of my brain to kick back in enough for me to grok the codebase. Kicad is not a small project, taking around ten minutes to build on my not-inconsiderable computer. And while it beavered away building, I spent time looking around the source code, particularly the schematic editor eeschema.

To skip ahead a bit, after a couple of days of hacking around, I had a proof-of-concept for the intra-sheet links which I had been missing from my days with Mentor, and some ERC (electrical rules checking) to go alongside that to help produce schematics without unwanted "sharp corners".

In total, I added:

  • an "intra-sheet link" schematic element, including:
    • the schematic element itself
    • loading and saving of the element (which required a bump in schematic file format versioning)
    • UI for adding intra-sheet links to your schematic
    • netlist build support to ensure that the links found their way into the internal netlist content.
  • an ERC tickybox "Strict wiring checks" and behind that I hid:
    • checks for wires with dangling ends (dangles are bad)
    • junctions which have no point in being present (pointless junctions are confusing to readers)
    • checks that intra-sheet links exist in groups of two or more on any given net, since individual links are pointless.

I forked the Kicad mirror on Github and pushed my own branch with this work to my Kicad fork.

All of this is meant to allow schematic capture engineers to more clearly state their intentions regarding what they are drawing. The intra-sheet link could be thought of like a no-connect element, except instead of saying "this explicitly goes nowhere" we're saying "this explicitly goes somewhere else on this sheet, you can go look for it".

Obviously, people who dislike (or simply don't want to use) such intra-sheet link elements can just disable that ERC tickybox and not be bothered by them in the least (well except for the toolbar button and menu item I suppose).

Whether this work gets accepted into Kicad, or festers and dies on the vine, it was good fun developing it and I'd like to illustrate how it could help you, and why I wrote it in the first place:

A contrived story

Note, while this story is meant to be taken seriously, it is somewhat contrived, the examples are likely electrical madness, but please just think about the purpose of the checks etc.

To help to illustrate the feature and why it exists, I'd like to tell you a somewhat contrived story about Fred. Fred is a schematic capture engineer and his main job is to review schematics generated by his colleagues. Fred and his colleagues work with Kicad (hurrah) but of late they've been having a few issues with being able to cleanly review schematics.

Fred's colleagues are not the neatest of engineers. In particular they tend to be quite lazy when it comes to running busses, which are not (for example) address and data busses, around their designs and they tend to simply have wires which end in mid-space and pick up somewhere else on the sheet. All this is perfectly reasonable of course, and Kicad handles it with aplomb. Sadly it seems quite error prone for Fred's workplace.

As an example, Fred's colleague Ben has been designing the power supply for a particular board. As with most power supplies, plenty of capacitors are needed to stabilise the regulators and smooth the output. In the example below, the intent is that all of the capacitors are on the FOO net.

Sadly there's a missing junction and/or slightly misplaced label in the upper section which means that C2 and C3 simply don't join to the FOO net. This could easily be missed, but the ERC can't spot it at all since there's more than one thing on each net, so the pins of the capacitors are connected to something.

Fred is very sad that this kind of problem can sometimes escape notice by the schematic designer Ben, Fred himself, and the layout engineer, resulting in boards which simply do not work. Fred takes it upon himself to request that the strict wiring checks ERC is made mandatory for all designs, and that the design engineers be required to use intra-sheet link symbols when they have signals which wander off to other parts of the sheet like FOO does in the example. Without any further schematic changes, strict wiring checks enabled gives the following points of ERC concern for Ben to think about:

As you can see, the ERC is pointing at the wire ends and the warnings are simply that the wires are dangling and that this is not acceptable. This warning is very like the pin-not-connected warnings which can be silenced with an explicit no-connect schematic element. Ben, being a well behaved and gentle soul, obeys the design edicts from Fred and seeks out the intra-sheet link symbols, clearing off the ERC markers and then adding intra-sheet links to his design:

This silences the dangling end ERC check, which is good, however it results in another ERC warning:

This time, the warning for Ben to deal with is that the intra-sheet links are pointless. Each exists without a companion to link to because of the net name hiccough in the top section. It takes Ben a moment to realise that the mistake which has been made is that a junction is missing in the top section. He adds the junction and bingo the ERC is clean once more:

Now, this might not seem like much gain for so much effort, but Ben can now be more confident that the FOO net is properly linked across his design and Fred can know, when he looks at the top part of the design, that Ben intended for the FOO net to go somewhere else on the sheet and he can look for it.

Why do this at all?

Okay, dropping out of our story now, let's discuss why these ERC checks are worthwhile and why the intra-sheet link schematic element is needed.

Note: This bit is here to remind me of why I did the work, and to hopefully explain a little more about why I think it's worth adding to Kicad...

Designers are (one assumes) human beings. As humans we (and I count myself here too) are prone to mistakes. Sadly mistakes are often subtle and could easily be thought of as deliberate if the right thought processes are not followed carefully when reviewing. Anyone who has ever done code review, proofread a document, or performed any such activity, will be quite familiar with the problems which can be introduced by a syntactically and semantically valid construct which simply turns out to be wrong in the greater context.

When drawing designs, I often end up with bits of wire sticking out of schematic sections which are not yet complete. Sadly if I sleep between design sessions, I often lose track of whether such a dangling wire is meant to be attached to more stuff, or is simply left because the net is picked up elsewhere on the sheet. With intra-sheet link elements available, if I had intended the latter, I'd have just dropped such an element on the end of the wire before I stopped for the day.

Also, when drawing designs, I sometimes forget to label a wire, especially if it has just passed through a filter or current-limiting resistor or similar. As such, even with intra-sheet link elements to show me when I mean for a net to go bimbling off across the sheet, I can sometimes end up with unnamed nets whose capacitors end up not used for anything useful. This is where the ERC comes in.

By having the ERC complain if a wire dangles -- the design engineer won't forget to add links (or check more explicitly if the wire is meant to be attached to something else). By having junctions which don't actually link anything warned about, the engineer can't just slap a junction blob down on the end of a wire to silence that warning, since that doesn't mean anything to a reviewer later down the line. By having the ERC warn if a net has exactly one intra-sheet link attached to it, missing net names and errors such as that shown in my contrived example above can be spotted and corrected.

Ultimately this entire piece of work is about ensuring that the intent of the design engineer is captured clearly in the schematic. If the design engineer meant to leave that wire dangling because it's joining to another bit of wire elsewhere on the sheet, they can put the intra-sheet links in to show this. The associated ERC checks are there purely to ensure that the validation of this intent is not bypassed accidentally, or deliberately, in order to make the use of this more worthwhile and to increase the usefulness of the ERC on designs where signals jump around on sheets where wiring them up directly would just create a mess.

Categories: LUG Community Blogs

New hardware ordered for @warphost. Onwards and upwards!

Planet SurreyLUG - Fri, 26/02/2016 - 18:01
Making the most of hardware at WarpHost (@warphost)

Just ordered a new PSU for re-purposed server (from front-line to a backup server), plus drive caddies for new front-line servers.  Great guns!

Re-purposing a server into a back-up role.

The post New hardware ordered for @warphost. Onwards and upwards! appeared first on life at warp.

Categories: LUG Community Blogs

Please, Interweb, no more top-down coffee, notepad and pastry photos.

Planet SurreyLUG - Fri, 26/02/2016 - 00:40

If I see just one more clichéd, top-down  image of a coffee cup, notepad, laptop and pastry, I’m gonna … I’m gonna … be miffed. And maybe write a letter.

The post Please, Interweb, no more top-down coffee, notepad and pastry photos. appeared first on life at warp.

Categories: LUG Community Blogs
Syndicate content