News aggregator

Steve Kemp: This blog has moved

Planet HantsLUG - Mon, 18/07/2016 - 19:30
This blog has moved to https://blog.steve.fi/. Please update to use the new feed location.
Categories: LUG Community Blogs

Steve Kemp: This blog has moved

Planet HantsLUG - Sun, 17/07/2016 - 19:30
This blog has moved to https://blog.steve.fi/. Please update to use the new feed location.
Categories: LUG Community Blogs

Steve Kemp: This blog has moved

Planet HantsLUG - Sat, 16/07/2016 - 19:30
This blog has moved to https://blog.steve.fi/. Please update to use the new feed location.
Categories: LUG Community Blogs

Steve Kemp: This blog has moved

Planet HantsLUG - Fri, 15/07/2016 - 19:30
This blog has moved to https://blog.steve.fi/. Please update to use the new feed location.
Categories: LUG Community Blogs

begone systemd! 

Planet SurreyLUG - Fri, 15/07/2016 - 09:23

Should be an interesting morning. ☺ 

aptitude purge #systemd

#devuan #ftw #freedom

The post begone systemd!  appeared first on dowe.io.

Categories: LUG Community Blogs

Steve Kemp: This blog has moved

Planet HantsLUG - Thu, 14/07/2016 - 19:30
This blog has moved to https://blog.steve.fi/. Please update to use the new feed location.
Categories: LUG Community Blogs

Steve Kemp: This blog has moved

Planet HantsLUG - Wed, 13/07/2016 - 19:30
This blog has moved to https://blog.steve.fi/. Please update to use the new feed location.
Categories: LUG Community Blogs

Mick Morgan: show me yours

Planet ALUG - Wed, 13/07/2016 - 17:30

As Theresa May moves from the Home Office to Number 10, it is perhaps timely to reflect on public attitudes to surveillance as evidenced in Liberty’s campaign film “Show me yours” in April of this year. In the film (shown below), comedian Olivia Lee pursues members of the public with the intention of taking details from their mobile phones of all their recent communications or browsing activity. The reactions of the people approached speak for themselves. Unfortunately, Liberty research suggests that 75% of adults in the UK had never heard of the impending legislation laid out in the Investigatory Powers Bill.

Categories: LUG Community Blogs

Steve Kemp: This blog has moved

Planet HantsLUG - Tue, 12/07/2016 - 19:30
This blog has moved to https://blog.steve.fi/. Please update to use the new feed location.
Categories: LUG Community Blogs

Steve Kemp: This blog has moved

Planet HantsLUG - Mon, 11/07/2016 - 19:30
This blog has moved to https://blog.steve.fi/. Please update to use the new feed location.
Categories: LUG Community Blogs

Steve Kemp: This blog has moved

Planet HantsLUG - Sun, 10/07/2016 - 19:30
This blog has moved to https://blog.steve.fi/. Please update to use the new feed location.
Categories: LUG Community Blogs

Debian Bits: New Debian Developers and Maintainers (May and June 2016)

Planet HantsLUG - Sun, 10/07/2016 - 16:30

The following contributors got their Debian Developer accounts in the last two months:

  • Josué Ortega (josue)
  • Mathias Behrle (mbehrle)
  • Sascha Steinbiss (satta)
  • Lucas Kanashiro (kanashiro)
  • Vasudev Sathish Kamath (vasudev)
  • Dima Kogan (dkogan)
  • Rafael Laboissière (rafael)
  • David Kalnischkies (donkult)
  • Marcin Kulisz (kula)
  • David Steele (steele
  • Herbert Parentes Fortes Neto (hpfn)
  • Ondřej Nový (onovy)
  • Donald Norwood (donald)
  • Neutron Soutmun (neutrons)
  • Steve Kemp (skx)

The following contributors were added as Debian Maintainers in the last two months:

  • Sean Whitton
  • Tiago Ilieve
  • Jean Baptiste Favre
  • Adrian Vondendriesch
  • Alkis Georgopoulos
  • Michael Hudson-Doyle
  • Roger Shimizu
  • SZ Lin
  • Leo Singer
  • Peter Colberg

Congratulations!

Categories: LUG Community Blogs

Steve Kemp: This blog has moved

Planet HantsLUG - Sat, 09/07/2016 - 19:30
This blog has moved to https://blog.steve.fi/. Please update to use the new feed location.
Categories: LUG Community Blogs

Steve Kemp: This blog has moved

Planet HantsLUG - Fri, 08/07/2016 - 19:30
This blog has moved to https://blog.steve.fi/. Please update to use the new feed location.
Categories: LUG Community Blogs

Steve Kemp: This blog has moved

Planet HantsLUG - Thu, 07/07/2016 - 19:30
This blog has moved to https://blog.steve.fi/ please update your subscription.
Categories: LUG Community Blogs

Debian Bits: Debian Perl Sprint 2016

Planet HantsLUG - Wed, 06/07/2016 - 22:45

Six members of the Debian Perl team met in Zurich over the weekend from May 19 to May 22 to continue the development around perl for Stretch and to work on QA across 3000+ packages.

The participants had a good time, met friends from local groups and even found some geocaches. Obviously, the sprint was productive this time too:

  • 36 bugs were filed or worked on, 28 uploads were accepted.
  • The plan to get Perl 5.24 transition into Stretch was confirmed, and a test rebuild server was set up.
  • Cross building XS modules was demoed, and the conditions where it is viable were discussed.
  • Several improvements were made in the team packaging tools, and new features were discussed and drafted.
  • A talk on downstream distribution aimed at CPAN authors was proposed for YAPC::EU 2016.

The full report was posted to the relevant Debian mailing lists.

The participants would like to thank the ETH Zurich for hosting us, and all donors to the Debian project who helped to cover a large part of our expenses.

Categories: LUG Community Blogs

Steve Kemp: This blog has moved

Planet HantsLUG - Wed, 06/07/2016 - 19:30
This blog has moved to https://blog.steve.fi/ please update your subscription.
Categories: LUG Community Blogs

Jonathan McDowell: Confirming all use of an SSH agent

Planet ALUG - Sun, 03/07/2016 - 16:55

For a long time I’ve wanted an ssh-agent setup that would ask me before every use, so I could slightly more comfortably forward authentication over SSH without worrying that my session might get hijacked somewhere at the remote end (I often find myself wanting to pull authenticated git repos on remote hosts). I’m at DebConf this week, which is an ideal time to dig further into these things, so I did so today. As is often the case it turns out this is already possible, if you know how.

I began with a setup that was using GNOME Keyring to manage my SSH keys. This isn’t quite what I want (eventually I want to get to the point that I can sometimes forward a GPG agent to remote hosts for signing purposes as well), so I set about setting up gpg-agent. I used Chris’ excellent guide to GnuPG/SSH Agent setup as a starting point and ended up doing the following:

$ echo use-agent >> ~/.gnupg/options $ echo enable-ssh-support >> ~/.gnupg/gpg-agent.conf $ sudo sed -i.bak "s/^use-ssh-agent/# use-ssh-agent/" /etc/X11/Xsession.options $ sudo rm /etc/xdg/autostart/gnome-keyring-ssh.desktop

The first 2 commands setup my local agent, and told it to do SSH agent foo. The next stopped X from firing up ssh-agent, and the final one prevents GNOME Keyring from being configured to be the SSH agent, without having to remove libpam-gnome-keyring as Chris did. After the above I logged out of and into X again, and could see ~/.gnupg/S.gpg-agent.ssh getting created and env | grep SSH showing SSH_AUTH_SOCK pointing to it (if GNOME Keyring is still handling things it ends up pointing to something like /run/user/1000/keyring/ssh).

[Update: Luca Capello emailed to point out this was a bad approach; there’s thankfully no need to do the last 2 commands that require root. #767341 removed the need to edit Xsession.options and you can prevent GNOME Keyring starting on a per user basis with:

(cat /etc/xdg/autostart/gnome-keyring-ssh.desktop ; echo 'X-GNOME-Autostart-enabled=false') > \ ~/.config/autostart/gnome-keyring-ssh.desktop

]

After this it turned out all I need to do was ssh-add -c <ssh keyfile>. The -c says “confirm use” and results in the confirm flag being appended to the end of ~/.gnupg/sshcontrol (so if you’ve already done the ssh-add you can go and add the confirm if that’s the behaviour you’d like).

Simple when you know how, but I’ve had conversations with several people in the past who wanted the same thing and hadn’t figured out how, so hopefully this is helpful to others.

Categories: LUG Community Blogs

Chris Lamb: Free software activities in June 2016

Planet ALUG - Thu, 30/06/2016 - 21:32

Here is my monthly update covering a large part of what I have been doing in the free software world (previously):

Debian

My work in the Reproducible Builds project was covered in our weekly reports. (#58, #59 & #60)

Debian LTS

This month I have been paid to work 18 hours on Debian Long Term Support (LTS). In that time I did the following:

  • "Frontdesk" duties, triaging CVEs, etc.
  • Extended the lts-cve-triage.py script to ignore packages that are not subject to Long Term Support.

  • Issued DLA 512-1 for mantis fixing an XSS vulnerability.
  • Issued DLA 513-1 for nspr correcting a buffer overflow in a sprintf utility.
  • Issued DLA 515-1 for libav patching a memory corruption issue.
  • Issued DLA 524-1 for squidguard fixing a reflected cross-site scripting vulnerability.
  • Issued DLA 525-1 for gimp correcting a use-after-free vulnerability in the channel and layer properties parsing process.
Uploads
  • redis (2:3.2.1-1) — New upstream bugfix release, plus subsequent upload to the backports repository.
  • python-django (1.10~beta1-1) — New upstream experimental release.
  • libfiu (0.94-5) — Misc packaging updates.
Patches contributed
RC bugs

I also filed 170 FTBFS bugs against a7xpg, acepack, android-platform-dalvik, android-platform-frameworks-base, android-platform-system-extras, android-platform-tools-base, apache-directory-api, aplpy, appstream-generator, arc-gui-clients, assertj-core, astroml, bamf, breathe, buildbot, cached-property, calf, celery-haystack, charmtimetracker, clapack, cmake, commons-javaflow, dataquay, dbi, django-celery, django-celery-transactions, django-classy-tags, django-compat, django-countries, django-floppyforms, django-hijack, django-localflavor, django-markupfield, django-model-utils, django-nose, django-pipeline, django-polymorphic, django-recurrence, django-sekizai, django-sitetree, django-stronghold, django-taggit, dune-functions, elementtidy, epic4-help, fcopulae, fextremes, fnonlinear, foreign, fort77, fregression, gap-alnuth, gcin, gdb-avr, ggcov, git-repair, glance, gnome-twitch, gnustep-gui, golang-github-audriusbutkevicius-go-nat-pmp, golang-github-gosimple-slug, gprbuild, grafana, grantlee5, graphite-api, guacamole-server, ido, jless, jodreports, jreen, kdeedu-data, kdewebdev, kwalify, libarray-refelem-perl, libdbusmenu, libdebian-package-html-perl, libdevice-modem-perl, libindicator, liblrdf, libmail-milter-perl, libopenraw, libvisca, linuxdcpp, lme4, marble, mgcv, mini-buildd, mu-cade, mvtnorm, nose, octave-epstk, onioncircuits, opencolorio, parsec47, phantomjs, php-guzzlehttp-ringphp, pjproject, pokerth, prayer, pyevolve, pyinfra, python-asdf, python-ceilometermiddleware, python-django-bootstrap-form, python-django-compressor, python-django-contact-form, python-django-debug-toolbar, python-django-extensions, python-django-feincms, python-django-formtools, python-django-jsonfield, python-django-mptt, python-django-openstack-auth, python-django-pyscss, python-django-registration, python-django-tagging, python-django-treebeard, python-geopandas, python-hdf5storage, python-hypothesis, python-jingo, python-libarchive-c, python-mhash, python-oauth2client, python-proliantutils, python-pytc, python-restless, python-tidylib, python-websockets, pyvows, qct, qgo, qmidinet, quodlibet, r-cran-gss, r-cran-runit, r-cran-sn, r-cran-stabledist, r-cran-xml, rgl, rglpk, rkt, rodbc, ruby-devise-two-factor, ruby-json-schema, ruby-puppet-syntax, ruby-rspec-puppet, ruby-state-machine, ruby-xmlparser, ryu, sbd, scanlogd, signond, slpvm, sogo, sphinx-argparse, squirrel3, sugar-jukebox-activity, sugar-log-activity, systemd, tiles, tkrplot, twill, ucommon, urca, v4l-utils, view3dscene, xqilla, youtube-dl & zope.interface.

FTP Team

As a Debian FTP assistant I ACCEPTed 186 packages: akonadi4, alljoyn-core-1509, alljoyn-core-1604, alljoyn-gateway-1504, alljoyn-services-1504, alljoyn-services-1509, alljoyn-thin-client-1504, alljoyn-thin-client-1509, alljoyn-thin-client-1604, apertium-arg, apertium-arg-cat, apertium-eo-fr, apertium-es-it, apertium-eu-en, apertium-hbs, apertium-hin, apertium-isl, apertium-kaz, apertium-spa, apertium-spa-arg, apertium-tat, apertium-urd, arc-theme, argus-clients, ariba, beast-mcmc, binwalk, bottleneck, colorfultabs, dh-runit, django-modeltranslation, dq, dublin-traceroute, duktape, edk2, emacs-pdf-tools, eris, erlang-p1-oauth2, erlang-p1-sqlite3, erlang-p1-xmlrpc, faba-icon-theme, firefox-branding-iceweasel, golang-1.6, golang-defaults, golang-github-aelsabbahy-gonetstat, golang-github-howeyc-gopass, golang-github-oleiade-reflections, golang-websocket, google-android-m2repository-installer, googler, goto-chg-el, gr-radar, growl-for-linux, guvcview, haskell-open-browser, ipe, labplot, libalt-alien-ffi-system-perl, libanyevent-fcgi-perl, libcds-savot-java, libclass-ehierarchy-perl, libconfig-properties-perl, libffi-checklib-perl, libffi-platypus-perl, libhtml-element-library-perl, liblwp-authen-oauth2-perl, libmediawiki-dumpfile-perl, libmessage-passing-zeromq-perl, libmoosex-types-portnumber-perl, libmpack, libnet-ip-xs-perl, libperl-osnames-perl, libpodofo, libprogress-any-perl, libqtpas, librdkafka, libreoffice, libretro-beetle-pce-fast, libretro-beetle-psx, libretro-beetle-vb, libretro-beetle-wswan, libretro-bsnes-mercury, libretro-mupen64plus, libservicelog, libtemplate-plugin-datetime-perl, libtext-metaphone-perl, libtins, libzmq-ffi-perl, licensecheck, link-grammar, linux, linux-signed, lua-busted, magics++, mkalias, moka-icon-theme, neutron-vpnaas, newlisp, node-absolute-path, node-ejs, node-errs, node-has-flag, node-lodash-compat, node-strip-ansi, numba, numix-icon-theme, nvidia-graphics-drivers, nvidia-graphics-drivers-legacy-304xx, nvidia-graphics-drivers-legacy-340xx, obs-studio, opencv, pacapt, pgbackrest, postgis, powermock, primer3, profile-sync-daemon, pyeapi, pypandoc, pyssim, python-cutadapt, python-cymruwhois, python-fisx, python-formencode, python-hkdf, python-model-mommy, python-nanomsg, python-offtrac, python-social-auth, python-twiggy, python-vagrant, python-watcherclient, python-xkcd, pywps, r-bioc-deseq2, r-bioc-dnacopy, r-bioc-ensembldb, r-bioc-geneplotter, r-cran-adegenet, r-cran-adephylo, r-cran-distory, r-cran-fields, r-cran-future, r-cran-globals, r-cran-htmlwidgets, r-cran-listenv, r-cran-mlbench, r-cran-mlmrev, r-cran-pheatmap, r-cran-pscbs, r-cran-r.cache, refind, relatorio, reprotest, ring, ros-ros-comm, ruby-acts-as-tree, ruby-chronic-duration, ruby-flot-rails, ruby-numerizer, ruby-u2f, selenium-firefoxdriver, simgrid, skiboot, smtpping, snap-confine, snapd, sniffles, sollya, spin, subuser, superlu, swauth, swift-plugin-s3, syncthing, systemd-bootchart, tdiary-theme, texttable, tidy-html5, toxiproxy, twinkle, vmtk, wait-for-it, watcher, wcslib & xapian-core.

Categories: LUG Community Blogs

Steve Kemp: So I've been busy.

Planet HantsLUG - Thu, 30/06/2016 - 07:52

The past few days I've been working on my mail client which has resulted in a lot of improvements to drawing, display and correctness.

Since then I've been working on adding GPG-support. My naive attempt was to extract the signature, and the appropriate body-part from the message. Write them both to disk then I could validate via:

gpg --verify msg.sig msg

However that failed, and it took me a long to work out why. I downloaded the source to mutt, which can correctly verify an attached-signature, then hacked lib.c to neuter the mutt_unlink function. That left me with a bunch of files inside $TEMPFILE one of which provided the epiphany.

A message which is to be validated is indeed written out to disk, just as I would have done, as is the signature. Ignoring the signature the message is interesting:

Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On Mon, 27 Jun 2016 08:08:14 +0200 ... --=20 Bob Smith

The reason I'd failed to validate my message-body was because I'd already decoded the text of the MIME-part, and I'd also lost the prefixed two lines "Content-type:.." and Content-Transfer:.... I'm currently trying to work out if it is possible to get access to the RAW MIME-part-text in GMIME.

Anyway that learning aside I've made a sleazy hack which just shells out to mimegpg, and this allows me to validate GPG signatures! That's not the solution I'd prefer, but that said it does work, and it works with inline-signed messages as well as messages with application/pgp-signature MIME-parts.

Changing the subject now. I wonder how many people read to the end anyway?

I've been in Finland for almost a year now. Recently I was looking over websites and I saw that the domain steve.fi was going to expire in a few weeks. So I started obsessively watching it. Today I claimed it.

So I'll be slowly moving things from beneath steve.org.uk to use the new home steve.fi.

I also setup a mini-portfolio/reference site at http://steve.kemp.fi/ - which was a domain I registered while I was unsure if I could get steve.fi.

Finally now is a good time to share more interesting news:

  • I've been reinstated as a Debian developer.
  • We're having a baby.
    • Interesting times.
Categories: LUG Community Blogs
Syndicate content