News aggregator

Steve Kemp: This blog has moved

Planet HantsLUG - Thu, 06/10/2016 - 18:30
This blog has moved to https://blog.steve.fi/. Please update to use the new feed location.
Categories: LUG Community Blogs

Steve Kemp: This blog has moved

Planet HantsLUG - Wed, 05/10/2016 - 18:30
This blog has moved to https://blog.steve.fi/. Please update to use the new feed location.
Categories: LUG Community Blogs

Steve Kemp: This blog has moved

Planet HantsLUG - Tue, 04/10/2016 - 18:30
This blog has moved to https://blog.steve.fi/. Please update to use the new feed location.
Categories: LUG Community Blogs

Daniel Silverstone (Kinnison): Gitano - Approaching Release - Work

Planet ALUG - Tue, 04/10/2016 - 04:41

I have been working quite hard, along with my friend and colleague Richard Maw, on getting Gitano ready for a release suitable for inclusion into Debian Stretch.

You can see how we're doing on the various Trello boards for:

As Richard and I work toward a version of Gitano we're prepared to support long-term in Debian we are making many changes to make our lives easier. For those of you who have been using Gitano over the past few years, you'll need to pay attention to some postings which will be coming soon about how to make the changes you need so as to not explode horribly when you upgrade to the version we're releasing soon. For those of you who are not yet using Gitano but feel like you might want to; I'll also be producing some postings about getting started with the packages. And for those happily running current HEAD of Gitano already, I'll be posting about some of the new features over the next little while in case you're not aware of them.

IMPORTANT: If you're using Gitano already and have any issues or feature requests then please please please let me know ASAP otherwise they're unlikely to be resolved/implemented before 1.0. irl already asked for the facility to verify GPG signed commits and tags, but if you want anything else considering then I need to know v. soon. (Ideally email me, but you may comment on this posting too if you must)

Categories: LUG Community Blogs

Steve Kemp: This blog has moved

Planet HantsLUG - Mon, 03/10/2016 - 18:30
This blog has moved to https://blog.steve.fi/. Please update to use the new feed location.
Categories: LUG Community Blogs

Steve Kemp: This blog has moved

Planet HantsLUG - Sun, 02/10/2016 - 18:30
This blog has moved to https://blog.steve.fi/. Please update to use the new feed location.
Categories: LUG Community Blogs

Steve Kemp: This blog has moved

Planet HantsLUG - Sat, 01/10/2016 - 18:30
This blog has moved to https://blog.steve.fi/. Please update to use the new feed location.
Categories: LUG Community Blogs

Chris Lamb: Free software activities in September 2016

Planet ALUG - Fri, 30/09/2016 - 21:44

Here is my monthly update covering what I have been doing in the free software world (previous month):

Reproducible builds

Whilst anyone can inspect the source code of free software for malicious flaws, most Linux distributions provide binary (or "compiled") packages to end users.

The motivation behind the Reproducible Builds effort is to allow verification that no flaws have been introduced — either maliciously and accidentally — during this compilation process by promising identical binary packages are always generated from a given source.

My work in the Reproducible Builds project was also covered in our weekly reports #71, #72, #73 & #74.

I made the following improvements to our tools:


diffoscope

diffoscope is our "diff on steroids" that will not only recursively unpack archives but will transform binary formats into human-readable forms in order to compare them.

  • Added a global Progress object to track the status of the comparison process allowing for graphical and machine-readable status indicators. I also blogged about this feature in more detail.
  • Moved the global Config object to a more Pythonic "singleton" pattern and ensured that constraints are checked on every change.

disorderfs

disorderfs is our FUSE filesystem that deliberately introduces nondeterminism into the results of system calls such as readdir(3).

  • Display the "disordered" behaviour we intend to show on startup. (#837689)
  • Support relative paths in command-line parameters (previously only absolute paths were permitted).

strip-nondeterminism

strip-nondeterminism is our tool to remove specific information from a completed build.

  • Fix an issue where temporary files were being left on the filesystem and add a test to avoid similar issues in future. (#836670)
  • Print an error if the file to normalise does not exist. (#800159)
  • Testsuite improvements:
    • Set the timezone in tests to avoid a FTBFS and add a File::StripNondeterminism::init method to the API to to set tzset everywhere. (#837382)
    • "Smoke test" the strip-nondeterminism(1) and dh_strip_nondeterminism(1) scripts to prevent syntax regressions.
    • Add a testcase for .jar file ordering and normalisation.
    • Check the stripping process before comparing file attributes to make it less confusing on failure.
    • Move to a lookup table for descriptions of stat(1) indices and use that for nicer failure messages.
    • Don't uselessly test whether the inode number has changed.
  • Run perlcritic across the codebase and adopt some of its prescriptions including explicitly using oct(..) for integers with leading zeroes, avoiding mixing high and low-precedence booleans, ensuring subroutines end with a return statement, etc.

I also submitted 4 patches to fix specific reproducibility issues in golang-google-grpc, nostalgy, python-xlib & torque.



Debian
Patches contributed Debian LTS

This month I have been paid to work 12.75 hours on Debian Long Term Support (LTS). In that time I did the following:

  • "Frontdesk" duties, triaging CVEs, etc.
  • Issued DLA 608-1 for mailman fixing a CSRF vulnerability.
  • Issued DLA 611-1 for jsch correcting a path traversal vulnerability.
  • Issued DLA 620-1 for libphp-adodb patching a SQL injection vulnerability.
  • Issued DLA 631-1 for unadf correcting a buffer underflow issue.
  • Issued DLA 634-1 for dropbear fixing a buffer overflow when parsing ASN.1 keys.
  • Issued DLA 635-1 for dwarfutils working around an out-of-bounds read issue.
  • Issued DLA 638-1 for the SELinux policycoreutils, patching a sandbox escape issue.
  • Enhanced Brian May's find-work --unassigned switch to take an optional "except this user" argument.
  • Marked matrixssl and inspircd as being unsupported in the current LTS version.
Uploads
  • python-django 1:1.10.1-1 — New upstream release and ensure that django-admin startproject foo creates files with the correct shebang under Python 3.
  • gunicorn:
    • 19.6.0-5 — Don't call chown(2) if it would be a no-op to avoid failure under snap.
    • 19.6.0-6 — Remove now-obsolete conffiles and logrotate scripts; they should have been removed in 19.6.0-3.
  • redis:
    • 3.2.3-2 — Call ulimit -n 65536 by default from SysVinit scripts to normalise the behaviour with systemd. I also bumped the Debian package epoch as the "2:" prefix made it look like we are shipping version 2.x. I additionaly backported this upload to Debian Jessie.
    • 3.2.4-1 — New upstream release, add missing -ldl for dladdr(3) & add missing dependency on lsb-base.
  • python-redis (2.10.5-2) — Bump python-hiredis to Suggests to sync with Ubuntu and move to a machine-readable debian/copyright. I also backported this upload to Debian Jessie.
  • adminer (4.2.5-3) — Move mysql-server dependencies to default-mysql-server. I also backported this upload to Debian Jessie.
  • gpsmanshp (1.2.3-5) on behalf of the QA team:
    • Move to "minimal" debhelper style, making the build reproducible. (#777446 & #792991)
    • Reorder linker command options to build with --as-needed (#729726) and add hardening flags.
    • Move to machine-readable copyright file, add missing #DEBHELPER# tokens to postinst and prerm scripts, tidy descriptions & other debian/control fields and other smaller changes.

I sponsored the upload of 5 packages from other developers:


I also NMU'd:



RC bugs

I filed 37 FTBFS bugs against csoundqt, cups-filters, dymo-cups-drivers, easytag, erlang-p1-oauth2, erlang-p1-sqlite3, erlang-p1-xmlrpc, erlang-redis-client, fso-datad, gnome-python-desktop, gnote, gstreamermm-1.0, gtkglextmm, gupnp-dlna, haskell-hmatrix-gsl, jdeb, kryo-serializers, libcmrt, libfso-glib, libmonitoring-livestatus-perl, librasterlite2, network-manager, print-manager, psychtoolbox-3, python-3to2, python-tidylib, recutils, slang2, snd, sugar, tj3, transmission-remote-gtk, vino, webkit2pdf, xml-core, xml-core & xml-core.

I additionally filed 2 "important" bugs for packages that access the internet during build against gnupg2 & libgdata.

FTP Team

As a Debian FTP assistant I ACCEPTed 147 packages: alljoyn-services-1604, android-platform-external-doclava, android-platform-system-tools-aidl, aufs, bcolz, binwalk, bmusb, bruteforce-salted-openssl, cappuccino, captagent, chrome-gnome-shell, ciphersaber, cmark, colorfultabs, cppformat, dnsrecon, dogtag-pki, dxtool, e2guardian, flask-compress, fonts-mononoki, fwknop-gui, gajim-httpupload, glbinding, glewmx, gnome-2048, golang-github-googleapis-proto-client-go, google-android-installers, gsl, haskell-hmatrix-gsl, haskell-relational-query, haskell-relational-schemas, haskell-secret-sharing, hindsight, i8c, ip4r, java-string-similarity, khal, khronos-opencl-headers, liblivemedia, libshell-config-generate-perl, libshell-guess-perl, libstaroffice, libxml2, libzonemaster-perl, linux, linux-grsec-base, linux-signed, lua-sandbox, lua-torch-trepl, mbrola-br2, mbrola-br4, mbrola-de1, mbrola-de2, mbrola-de3, mbrola-ir1, mbrola-lt1, mbrola-lt2, mbrola-mx1, mimeo, mimerender, mongo-tools, mozilla-gnome-keyring, munin, node-grunt-cli, node-js-yaml, nova, open-build-service, openzwave, orafce, osmalchemy, pgespresso, pgextwlist, pgfincore, pgmemcache, pgpool2, pgsql-asn1oid, postbooks-schema, postgis, postgresql-debversion, postgresql-multicorn, postgresql-mysql-fdw, postgresql-unit, powerline-taskwarrior, prefix, pycares, pydl, pynliner, pytango, pytest-cookies, python-adal, python-applicationinsights, python-async-timeout, python-azure, python-azure-storage, python-blosc, python-can, python-canmatrix, python-chartkick, python-confluent-kafka, python-jellyfish, python-k8sclient, python-msrestazure, python-nss, python-pytest-benchmark, python-tenacity, python-tmdbsimple, python-typing, python-unidiff, python-xstatic-angular-schema-form, python-xstatic-tv4, quilt, r-bioc-phyloseq, r-cran-filehash, r-cran-png, r-cran-testit, r-cran-tikzdevice, rainbow-mode, repmgr, restart-emacs, restbed, ruby-azure-sdk, ruby-babel-source, ruby-babel-transpiler, ruby-diaspora-prosody-config, ruby-haikunator, ruby-license-finder, ruby-ms-rest, ruby-ms-rest-azure, ruby-rails-assets-autosize, ruby-rails-assets-blueimp-gallery, ruby-rails-assets-bootstrap, ruby-rails-assets-bootstrap-markdown, ruby-rails-assets-emojione, ruby-sprockets-es6, ruby-timeliness, rustc, skytools3, slony1-2, snmp-mibs-downloader, syslog-ng, test-kitchen, uctodata, usbguard, vagrant-azure, vagrant-mutate & vim.

Categories: LUG Community Blogs

Steve Kemp: This blog has moved

Planet HantsLUG - Fri, 30/09/2016 - 18:30
This blog has moved to https://blog.steve.fi/. Please update to use the new feed location.
Categories: LUG Community Blogs

Steve Kemp: This blog has moved

Planet HantsLUG - Thu, 29/09/2016 - 18:30
This blog has moved to https://blog.steve.fi/. Please update to use the new feed location.
Categories: LUG Community Blogs

Steve Kemp: This blog has moved

Planet HantsLUG - Wed, 28/09/2016 - 18:30
This blog has moved to https://blog.steve.fi/. Please update to use the new feed location.
Categories: LUG Community Blogs

Chris Lamb: Diffoscope progress bar

Planet ALUG - Wed, 28/09/2016 - 11:45

Diffoscope is a diff utility which recursively unpacks archives, ISOs, etc., transforming a wide variety of files into human-readable forms before comparison instead of simply showing the raw difference in hexadecimal.

I recently added a progress bar when diffoscope is run on a terminal:

Note that as diffoscope can, at any point, encounter an archive or format that requires unpacking, the progress will always be approximate and may even appear to go "backwards".

The implementation, available in version 61, is simple (see #1, #2, #3 & #4) but takes into account of a number of subtleties by using context managers to correctly track the state throughout.

Categories: LUG Community Blogs

Steve Kemp: This blog has moved

Planet HantsLUG - Tue, 27/09/2016 - 18:30
This blog has moved to https://blog.steve.fi/. Please update to use the new feed location.
Categories: LUG Community Blogs

Steve Kemp: This blog has moved

Planet HantsLUG - Mon, 26/09/2016 - 18:30
This blog has moved to https://blog.steve.fi/. Please update to use the new feed location.
Categories: LUG Community Blogs

Steve Kemp: This blog has moved

Planet HantsLUG - Sun, 25/09/2016 - 18:30
This blog has moved to https://blog.steve.fi/. Please update to use the new feed location.
Categories: LUG Community Blogs

Steve Kemp: This blog has moved

Planet HantsLUG - Sat, 24/09/2016 - 18:30
This blog has moved to https://blog.steve.fi/. Please update to use the new feed location.
Categories: LUG Community Blogs

Steve Kemp: This blog has moved

Planet HantsLUG - Fri, 23/09/2016 - 18:30
This blog has moved to https://blog.steve.fi/. Please update to use the new feed location.
Categories: LUG Community Blogs

Steve Kemp: This blog has moved

Planet HantsLUG - Thu, 22/09/2016 - 18:30
This blog has moved to https://blog.steve.fi/. Please update to use the new feed location.
Categories: LUG Community Blogs

Steve Kemp: This blog has moved

Planet HantsLUG - Wed, 21/09/2016 - 18:30
This blog has moved to https://blog.steve.fi/. Please update to use the new feed location.
Categories: LUG Community Blogs

Mon 26 Sept monthly meeting at The Lord Darcy

West Yorkshire LUG News - Tue, 20/09/2016 - 18:34

This month sees us back in the Lord Darcy, which we have been to in the past. Anyone with something to show or talk about, please give advance notice on wylug-discuss on the meetups site< http://www.meetup.com/West-Yorkshire-Linux-users-group/  >or as a comment here. The time will be around 7:30 pm. Look for a bunch of us sitting round a laptop.

Syndicate content