Verzeichnis
Fedora People
Purtroppo installare Linux su queste macchine non è mai stato molto semplice per cui spero di portare buone notizie segnalando che in Fedora 17 il supporto alla installazione è decisamente migliorato; infatti grazie al lavoro di Matthew Garrett i supporti di installazione ora funzionano nativamente (ovvero si avviano in modalità EFI), essendo riconosciuti sia nelle preferenze "Disco di Avvio" che facendo il boot premendo "Opzione" (Alt).
Certamente questo è un ottimo risultato, ma allora perchè non è una Feature ufficiale di Fedora 17? In realtà, anche se ora l'avvio della installazione (o del LiveCD/USB) è semplicissimo, ci sono ancora diverse problematiche da risolvere. In particolare, sono supportati solo i Mac con firmware a 64bit (tutti quelli prodotti a partire grosso modo dal 2007); in più, ci sono diversi casi in cui lo schermo rimane nero a causa di bug non ancora identificati nel driver Radeon.
L'obiettivo è riuscire a fornire il supporto nativo all'hardware Mac in Fedora 18, per cui se avete un Mac su cui pensate di installare Linux nei prossimi mesi, il consiglio è di scaricare una Live di Fedora 17, provarla ed eventualmente riportare i problemi riscontrati.
Per molti altri dettagli sull'enorme lavoro svolto vi rimando al post di Matthew
A Fedora Activity Day event is scheduled for Saturday, June 2, 2012 at the Red Hat, Pune, India office premises.
Venue:
Red Hat Software Services Pvt Ltd
Tower X, Level-1,
Cybercity, Magarpatta City,
Hadapsar, Pune 411 013
Maharashtra
IndiaDate : Saturday, June 2, 2012.
Time : 1000 IST onwards.
Entry is free, but, we have limited seats (50). Online registration closes on Tuesday, May 29, 2012, 2359 IST. If you are interested in attending, please add your name to https://fedoraproject.org/wiki/FAD_Pune_2012_June_02.
There will be no registration on the day of the event.
This is purely an activity based event where you are required to work on Fedora related sub-projects. There will be no talks.
Lunch will be sponsored by Red Hat. We will also have an F17 release party!
Please make sure to bring a valid photo identity card (driving license/voter’s id etc.) to enter the premises.
If you would like to suggest projects/task to work on during the FAD, please feel free to update the wiki page.
You are encouraged to bring your laptop. Please do ensure that you have all the necessary software installed for your work, or atleast:
# yum install @development-tools fedora-packagerThere will be Internet access available at the facility.
I was glad to see the Fedora 17 Final is declared GOLD! announcement on the Fedora devel-announce list. If all goes well, we should see the formal release on May 29.
As some of you might have noticed, I'm a fan of Xen. If you want to get Fedora 17 rolling in XenServer right now, just try my minimal kickstart. I'll try to get a XVA/OVF-formatted image online in the next few days so you can hit the ground running if you're in a hurry.
Check out the new Fedora 17 features and improvements and prepare yourself for the Beefy Miracle.
Fedora 17 is a go! is a post from: Major Hayden's Racker Hacker blog.
Thanks for following the blog via the RSS feed. Please don't copy my posts or quote portions of them without attribution.
This last week and a half or so, I've been working on implementing Resource Management based on the new Kolab XML format version 3, which uses xCal for events.
Individual Resources
Individual resources -that is to say, the way I've implemented them- consist of a Calendar folder in IMAP (a Kolab Shared Folder in IMAP, with type 'event'), name ("label", if you will), and a recipient email address. Events for which a resource is invited are added to the relevant Calendar folder. For example, a resource "Volkswagen GTI" (of type "Car") gets recipient email address: resource-car-volkswagengti@example.org, and a shared event folder "shared/Resources/Volkswagen GTI@example.org".
Resource Collections
As described in the Resource Management article, we are considering resource collections ("cars", "confererence rooms") to be eligible for selection when a user seeks to make reservations for such resource. This enables users to indicate they want to make reservations for "a car" rather then a specific car. I've implemented this by collecting the individual resources in a collection as groups, which naturally have a title (the common name of the group, in fact).
When a user selects such a resource collection, and sends out the reservation request iTip, it is sent out to the canonical address for the resource collection (in this example resource-collection-car@example.org). A Kolab content filter named Wallace detects the fact the message contains an iTip, and that resource-collection-car@example.org (one of the attendees) is a resource collection.
Wallace (or actually, its 'resources' module) then takes the individual resources that are in the collection, and detects whether there is a conflict between the existing events scheduled for each individual resource.
If none of the individual resources have an event already scheduled, Wallace randomizes a selection and will attempt to use that resource instead of the original resource collection. In true iTip-style, this means a delegation response needs to be sent back to the organizer, with the delegator being the resource collection, and the delegatee being the individual resource selected.
This allows a user to invite a resource collection, but indicate a preference for a particular resource - though not implemented yet. Think, for example, a user could invite resource-collection-car+resource-car-volkswagengti@example.org.
Overall Thoughts
The implementation (of the aforementioned) is not fully done yet. I have a bunch of TODOs remaining:
L10n and/or i18n
On my personal TODO list is to allow this folder path to be localized, so that for an installation that has German configured as its locale, the folder name becomes "shared/Ressourcen/Volkswagen GTI@example.de", or, in Dutch, "shared/Middelen/Volkswagen GTI@example.nl". I'm awarding myself bonus points if I can also make the "resource-" and "resource-collection-" be localized somehow, though I realize it is in fact an arbitrary prefix altogether and could be made to dissappear.
The name used for the actual folder (as well as the transliteral, normalized ascii string for the email address) is a name the user supplies in the Kolab Web Administration Panel.
Delegation, Cancellation
While I pride myself these actions or iTip message types can be implemented quickly, it's not actually been implemented yet.
Caching
In my tests (sending tens of thousands of randomized reservation requests around), it can take Wallace a significant chunk of time to resolve conflicts as it operates against raw IMAP and thus has to retrieve all events, one by one, at least until a conflict is detected. This clearly doesn't scale, so Wallace will need some caching. I'm tempted to allow re-use of the caches that Roundcube already maintains, though there's little spare room for large quantities of events that users normally don't need caching for.
Naturally, there would also be the opportunity to use existing Free/Busy information, if any, and/or to create and/or update such Free/Busy information or trigger such update to happen. The backend for this Free/Busy information could be using the same caches as well...
Long story short, I'm not done with regards to caching and event conflict detection quite yet!
Recurring Events
Recurring events, or event occurrences to be exact, are not yet being parsed (fully). With libkolab however, it should become relatively easy to do with the existing codebase now still a part of kcalcore (from KDE).
Reservation Request Responses
The responses sent out to reservation requests do not look as pretty as I would like them to look, regrettably. I think the user experience (compared to what I have now) could be greatly improved.
To stick-shift, or not to stick-shift.
There's no design yet for parameters to a resource to be stored and taken into account, so that a user might select "a room with 6+ seats, a beamer and a wired internet connection for the speaker / for each participant". Similarly, Wallace might take into account a general reservation request with 7 attendees should not be allocating a room with 4 seats.
Users Should Not View the Resource Calendars
See the following screenshot for why users should not be able to access the resource calendars directly; Firstly, the number of resource calendars to a deployment be a very large. Secondly, these resource calendars may just contain too many events.
That is to say, of course, a particular type of user could get access to the resource calendar itself, such as a secretary, but it would likely be write access.
Click to enlarge the image.
User with Many Resource Calendars
It's Tempting to go Out-of-Specification
It's tempting to go outside of the specification, and attempt to automate things further. If a user were to propose a meeting time and no room is available, what could Kolab do? Kolab could issue a counter-proposal changing the event to a time a room is available, for example. Kolab could also CANCEL the event.
Also, when a user selects a resource collection (such as, in this example, "a conference room"), the specification says to send a delegation iTip message back to the organizer only. It is then, according to the specification, up to the organizer to choose whether or not to send out an updated event (with the actual room) to the other attendees. But, of course, a "room" may be bound to a physical location, and I would think one would want the attendees to be updated period, and not leave the choice whether or not to send the updated information out to the attendees to the organizer.
1. I installed Fedora 17 Beta and did a
yum update.2. I installed some common things like
vim and tree.3. I tried to install
rpm-build and rpmdevtools.
As soon as I did the third step, yum spit out an error saying that the version of "rpm" package I have is newer that what is required. Now there is a problem. Had it been any other package, I could simply have uninstalled the newer version by doing a yum erase and have installed the required version but what do I do now? If I uninstall rpm package then how will I install rpm package again? Yum itself uses rpm in the backend. I wasn't able to find any "force" flag for yum.
A simple solution to the problem above is to use rpm command instead of using yum. Go any of the mirrors and download the rpm package. Now you have the package use "--force" flag and install if via rpm command.
rpm -ivh --force rpm-4.9.1.3-6.fc17.x86_64.rpmThe trick worked well and I was able to resume work.
Estos dos últimos meses el equipo de Clase911 ha tenido muchas labores académicas por realizar lo cual nos ha hecho alejarnos un poco del sitio. Sin embargo, hemos aprovechado un tiempin libre para compartir con ustedes una herramienta que de seguro les será de gran ayuda. Se trata de una calculadora virutal que estima la potencia que disipa tu ordenador. Así que si estas próximo a comprar un nuevo ordenador y sabes sus características como tipo de motherboard, procesador, disco duro, memorias ram, tarjeta de vídeo, etc entonces ésta es tu herramienta perfecta para tener una estimación bastante buena de cuánto puede consumir tu equipo y así ver qué tipo de fuente deberás comprar, obviamente la idea principal es que se compra una de los super productos de Cooler Master.
Cooler Master Power Calculator
Beefy Miracle (aka F17) akan rilis pada 29 Mei. Hal ini dipastikan pada meeting Go/No-Go pada 24 Mei di #fedora-meeting-1.
Berikut log meeting tersebut:
- Rangkuman: http://meetbot.fedoraproject.org/fedora-meeting-1/2012-05-24/fedora_17_final_go_nogo_meeting_round_2.2012-05-24-17.01.html
- Salinan: http://meetbot.fedoraproject.org/fedora-meeting-1/2012-05-24/fedora_17_final_go_nogo_meeting_round_2.2012-05-24-17.01.log.html
Fedora 17 will be shipping next week. It's got a bunch of new features, none of which I contributed to in the slightest. What I did work on was improving our support for installation on x86 Apple hardware. There's still a few shortcomings in this so it's not an announced or supported feature, but it's sufficient progress that it's worth writing about.There's a few ways that Apple platforms differs from normal PC hardware. The first is that Apples are very much intended to be EFI first and BIOS second, while that's still not really true for commodity PC hardware. Apple launched Boot Camp shortly after they started shipping x86 Macs (and shortly after I'd got Ubuntu running on one for the first time[1]) but the focus of Boot Camp has always been to be good enough to boot Windows and not much else[2]. The other is the integration with the boot environment. You can boot Linux easily enough by setting the standard EFI boot variables, but if you ever boot back into OS X it's easy to trigger deletion of those. There's then no straightforward way of resetting them, and you're left having to recover your installation.
The other difficult bit has been actually starting the installer at all. If you're happy to use BIOS emulation than this can be done without too much misery, but you're then left with dealing with Apple's custom synchronised GPT/MBR. More modern Macs will boot via the standard EFI mechanisms, but there's a range of problems that can be caused that way. Fedora 17 is the first Linux distribution to ship install media that will EFI boot a Mac when either written to optical media or a USB stick[3]. Put the install media in your system and then either select it in the OS X Startup Disk preferences menu and reboot, or reboot and hold down the alt key. In the latter case there'll be a nice Fedora logo. Click on it and it'll boot.
The biggest difference between Apple hardware and anyone else is that we'd normally put the bootloader in a FAT partition that's shared with any other installed operating systems. That does actually work on Apples, but then you run into the earlier point I mentioned. The Apple startup picker that you get by holding down the alt key doesn't pay any attention to the standard EFI boot variables, so it won't show a FAT partition merely because it's got an EFI bootloader on it. The same is true of the OS X Startup Disk preferences. The best way to get a drive to appear in the menu is to make it look like an OS X drive.
This was problematic in a few ways, due to the requirement for an OS X drive to be HFS+. The first was that we didn't have any support for that in our installer, so work had to be done there. The second was that the state of HFS+ was woefully poor in Linux[4]. Linux will refuse to write to an HFS+ filesystem if it hasn't been cleanly unmounted or fscked, and since we can't rely on everyone always shutting their machine down cleanly that means a working fsck.hfsplus. In theory we were shipping one of those. In practice, it reliably segfaulted on 64-bit systems[5]. So I had to package the latest version of Apple's code, and doing that involved dealing with the fact that Apple now use blocks almost as much as Grub 2 uses nested functions, and that meant using Clang and that meant dealing with a bug where Clang segfaulted if it had been built with gcc 4.7[6], but finally once all of those yaks had been shaven we could trust our filesystem.
Of course, more problems existed. You can't just drop a bootloader onto an HFS+ partition and expect it to work. You need to write its inode value into the superblock. Trivial, except that if you do this from userspace then the kernel kindly overwrites your update when you unmount the disk and it updates the superblock. That required a mechanism for updating that data via the kernel, which meant adding an ioctl. This would have been fine, except the OS X Startup Disk preference looks for a bootloader in a location other than where Fedora installs it. Changing our bootloader install path wasn't a great option, so the easiest thing to do was just to link them together. Except HFS+ doesn't really support hardlinks. When you hardlink something the original file gets moved into a magic directory in the filesystem root and the links are special files that refer to it. And it turns out that it's not actually the inode that the firmware wants when finding the bootloader, it's the catalogue ID, and these aren't the same when hardlinks are involved. So, another kernel patch.
All that was left for the boot partition then was adding an icon and a drive label. We already had code for generating the icon, and the drive label wasn't that difficult. Hurrah!
Ok, so we can construct a filesystem that (a) appears in the bootpicker, and (b) appears in the OS X Startup Disk preferences. We can even put a bootloader on it. This led to the next problem. The bootloader started without any trouble. But the bootloader couldn't read any files off the boot partition, including its configuration. This should have been obvious with hindsight - the problem was simply that grub legacy[7] doesn't support HFS+. Writing an HFS+ driver seemed like an excessive amount of work, especially since the firmware already supported reading HFS+, so instead I wrote a simple grub filesystem driver that uses the UEFI interfaces to read files.
A working bootloader! One more problem there. grub looks in its startup directory to find its configuration file. We have two "copies" of grub hardlinked to each other, each looking in a different directory for configuration. Hardlinking the config files together worked fine, except that most tools that update config files have this irritating habit of writing to a temporary file and moving that over the original, thus breaking the hardlink. Easily solved by using a symlink instead, except that the UEFI filesystem semantics don't really support symlinks because UEFI only really envisaged using FAT. If you use Apple's UEFI HFS+ driver to open a symlink, you get a short file containing the target path of the symlink. Rather less than ideal, and a rather gross hack to cope with it.
All set now, other than a bug in some older Mac firmware where read would return BUFFER_TOO_SMALL without returning the real buffersize and the odd way that Apple treat CDs. Oh, and a bug in Apple's Broadcom wifi driver that could overwrite the kernel, and case-sensitivity, something that obviously isn't something you often hit on UEFI when all you usually see is FAT.
Kernel-side, we had a couple of things. Obviously there the bugs I'd mentioned in the past, but those had already been dealt with. New issues included the fact that we were frequently picking the wrong framebuffer address, especially on machines with multiple GPUs. Fixed now, along with another issue where we'd sometimes get confused by models with different GPU configurations. And at that point, most of the implementation work was done.
Of course, there was also the work of integrating this into the tools that we use to generate our install media, and I'd like to thank Will Woods, Brian Lane and Dennis Gilmore for the work they put into that, along with anyone I've forgotten. Tom Calloway handled getting the device label graphics generated right before deadline. A cast of thousands helped with testing.
So why did I mention shortcomings? First, this only works on machines with 64-bit firmware. Early 64-bit Apples still had 32-bit firmware. In theory we can support that case - in practice it's a moderate amount of writing, including some mildly awkward kernel code. But anything later than mid-2007 should have 64-bit firmware, so it's not a massive concern. Second, we seem to have fairly significant trouble with Radeon hardware on a lot of Macs. We fixed one bug there, but something's still going wrong in setup and you'll frequently end up with a black screen. And thirdly, I'm sure there's some other machines that still don't work for (as yet) undetermined reasons.
With luck we'll get these things dealt with by Fedora 18. But even with these flaws, Fedora 17 will work fine on a lot of Apple hardware, and testing it is as simple as downloading and booting a live image. Bugs go in the usual place.
[1] Note my charming belief that the Ubuntu installer would fully support this hardware via EFI in the near future. 6 years ago. It still doesn't.
[2] This can be fairly easily seen from little things like the name "Windows" being hardcoded into every UI that sees a Boot Camp drive.
[3] I cover this in more depth here
[4] To be fair, it mostly still is - there's plenty of work to be done there.
[5] Approximately nobody had noticed this, which is all kinds of unreassuring.
[6] Thanks to Kalev Lember for dealing with that
[7] Still the EFI bootloader in Fedora 17. We've already swapped Fedora 18 over to grub 2.
 |
| RPM logo |
 |
| Update: Data through May 23rd, 2012. |
Rik van Riel wrote:
A lot of the variation in PSBL zone size seems to be due to both random variations in spam volume, as well as law enforcement shutting down botnets. Whenever a big botnet has been shut down, spam activity tends to be noticably less than before. I expect email spam is down simply because the spammers have also found alternative ways to spam, eg. click hijacking and sharing of spam material through social media.This is an update to a similar chart from last year.
commit 654443e20dfc0617231f28a07c96a979ee1a0239 Merge: 2c01e7b 9cba26e Author: Linus Torvalds Date: Thu May 24 11:39:34 2012 -0700 Merge branch 'perf-uprobes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull user-space probe instrumentation from Ingo Molnar: "The uprobes code originates from SystemTap and has been used for years in Fedora and RHEL kernels. This version is much rewritten, reviews from PeterZ, Oleg and myself shaped the end result. This tree includes uprobes support in 'perf probe' - but SystemTap (and other tools) can take advantage of user probe points as well. Sample usage of uprobes via perf, for example to profile malloc() calls without modifying user-space binaries. First boot a new kernel with CONFIG_UPROBE_EVENT=y enabled. If you don't know which function you want to probe you can pick one from 'perf top' or can get a list all functions that can be probed within libc (binaries can be specified as well): $ perf probe -F -x /lib/libc.so.6 To probe libc's malloc(): $ perf probe -x /lib64/libc.so.6 malloc Added new event: probe_libc:malloc (on 0x7eac0) You can now use it in all perf tools, such as: perf record -e probe_libc:malloc -aR sleep 1 Make use of it to create a call graph (as the flat profile is going to look very boring): $ perf record -e probe_libc:malloc -gR make [ perf record: Woken up 173 times to write data ] [ perf record: Captured and wrote 44.190 MB perf.data (~1930712 $ perf report | less 32.03% git libc-2.15.so [.] malloc | --- malloc 29.49% cc1 libc-2.15.so [.] malloc | --- malloc | |--0.95%-- 0x208eb1000000000 | |--0.63%-- htab_traverse_noresize 11.04% as libc-2.15.so [.] malloc | --- malloc | 7.15% ld libc-2.15.so [.] malloc | --- malloc | 5.07% sh libc-2.15.so [.] malloc | --- malloc | 4.99% python-config libc-2.15.so [.] malloc | --- malloc | 4.54% make libc-2.15.so [.] malloc | --- malloc | |--7.34%-- glob | | | |--93.18%-- 0x41588f | | | --6.82%-- glob | 0x41588f ... Or: $ perf report -g flat | less # Overhead Command Shared Object Symbol # ........ ............. ............. .......... # 32.03% git libc-2.15.so [.] malloc 27.19% malloc 29.49% cc1 libc-2.15.so [.] malloc 24.77% malloc 11.04% as libc-2.15.so [.] malloc 11.02% malloc 7.15% ld libc-2.15.so [.] malloc 6.57% malloc ... The core uprobes design is fairly straightforward: uprobes probe points register themselves at (inode:offset) addresses of libraries/binaries, after which all existing (or new) vmas that map that address will have a software breakpoint injected at that address. vmas are COW-ed to preserve original content. The probe points are kept in an rbtree. If user-space executes the probed inode:offset instruction address then an event is generated which can be recovered from the regular perf event channels and mmap-ed ring-buffer. Multiple probes at the same address are supported, they create a dynamic callback list of event consumers. The basic model is further complicated by the XOL speedup: the original instruction that is probed is copied (in an architecture specific fashion) and executed out of line when the probe triggers. The XOL area is a single vma per process, with a fixed number of entries (which limits probe execution parallelism). The API: uprobes are installed/removed via /sys/kernel/debug/tracing/uprobe_events, the API is integrated to align with the kprobes interface as much as possible, but is separate to it. Injecting a probe point is privileged operation, which can be relaxed by setting perf_paranoid to -1. You can use multiple probes as well and mix them with kprobes and regular PMU events or tracepoints, when instrumenting a task." Fix up trivial conflicts in mm/memory.c due to previous cleanup of unmap_single_vma(). * 'perf-uprobes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: (21 commits) perf probe: Detect probe target when m/x options are absent perf probe: Provide perf interface for uprobes tracing: Fix kconfig warning due to a typo tracing: Provide trace events interface for uprobes tracing: Extract out common code for kprobes/uprobes trace events tracing: Modify is_delete, is_return from int to bool uprobes/core: Decrement uprobe count before the pages are unmapped uprobes/core: Make background page replacement logic account for rss_stat counters uprobes/core: Optimize probe hits with the help of a counter uprobes/core: Allocate XOL slots for uprobes use uprobes/core: Handle breakpoint and singlestep exceptions uprobes/core: Rename bkpt to swbp uprobes/core: Make order of function parameters consistent across functions uprobes/core: Make macro names consistent uprobes: Update copyright notices uprobes/core: Move insn to arch specific structure uprobes/core: Remove uprobe_opcode_sz uprobes/core: Make instruction tables volatile uprobes: Move to kernel/events/ uprobes/core: Clean up, refactor and improve the code ...
I recently had the chance to speak about systemd and other projects, as well as the politics behind them at a Bar Camp in Warsaw, organized by the fine people of OSEC. The presentation has been recorded, and has now been posted online. It's a very long recording (1:43h), but it's quite interesting (as I'd like to believe) and contains a bit of background where we are coming from and where are going to. Anyway, please have a look. Enjoy!
I'd like to thank the organizers for this great event and for publishing the recording online.
A bug fix and minor feature enhancement release has been built to the v1 stable repository (http://repos.fedorapeople.org/repos/pulp/pulp/v1/stable/). The fixed bug list is available below.
Upgrades Prior to 1.0.4
The package structure on disk changed in the 1.0.4 release. A script was provided in that release to migrate existing content. If upgrading from a 1.0.4 instance this script does not need to be run again.
Upgrading from versions prior to 1.0.4 however must run the migration script to avoid duplicating content on disk. Instructions on running that script can be found on the Pulp wiki.
Quick Links
- Installation Instructions
- User Guide
- Project Site
- Mailing List
- Chat: #pulp on Freenode
Bug Fixes
The list of bug fixes and implemented feature requests can be found using this bugzilla query.
v2 Community Releases
We’re nearing the point of being able to release a preview build of the v2 codebase. It won’t be complete (for instances, CDS support is entirely missing at the moment and will be undergoing a pretty drastic redesign) but it should give some transparency into what is planned for Pulp’s future. My current plan for this release is to target July 1st. More news to follow as it gets closer.
I’m a big fan of byobu. Even though folks have moved over to using tmux as the backend, I still use gnu screen. It works for me. Now, another tool that I’m a huge fan of is midnight commander, or as it’s referred to "mc". Using the default keybindings that byobu sets up makes mc a little difficult to use. The /usr/share/byobu/keybindings/f-keys.screen file will tell you why:
bindkey "^[[1;2A" focus up # shift-up | focus up bindkey "^[[1;2B" focus down # shift-up | focus down bindkey "^[[1;2D" focus up # shift-left | focus up bindkey "^[[1;2C" focus down # shift-right | focus down
These lines capture the shift + arrow keys. In mc, shift + up/down is used to select multiple files in the panels. Understandibly, this is an anoyance. I had a tough time when I wanted to select multiple files to copy/move in mc. I’ve been looking for a fix. The fix is to disable the byobu key bindings. This may be overkill, so you can just unbind the shift+arrow keys. I’ve disabled them, to use the default screen bindings. Now, here’s where a bug crept in. "Escape" + ! is supposed to be the "toggle f-keys" command. However, ctrl + a (escape) + ! for me only prints out the following on the terminal:
":source /usr/share/byobu/keybindings/f-keys.screen.disable" (with the starting ":")
I found a bug already mentioning the issue. I’ve filed a new one as requested in the last comment. There is a workaround which works well! I can now use mc properly with byobu!
Hello, Fedorans!There is a fairly large project joining the Linux Foundation in the near future and we are looking for a US- or Canada-based senior systems administrator to join our Linux Foundation IT team. We are looking for the following skills:
- Excellent knowledge of RHEL-6
- Familiarity with NetApp appliances
- Good knowledge of networking
- Vlans, iptables, ipv4, ipv6, etc
- HP ProCurve switches
- Juniper routers a plus
- Yum, RPM
- Puppet + Func
- SELinux
- Load balancing using nginx, haproxy, LVS
- OpenVPN
- Git (and gitolite)
- KVM+Qemu+libvirt/virsh
- Postfix+Dovecot
- Apache, PostgreSQL
- Work from home
- Receive excellent benefits
- Attend LF conferences in fun places
- Do cool things with cool people
- Feel awesome about your work
New Fedora and EPEL RPMs for Drupal 7 (drupal7-7.14-2) are on their way to updates-testing, please give them a shot and submit karma, they fix CVE-2012-2922. Thanks in advance!
Como no soy un asiduo usuario de este excelente utilitario de Linux, cada vez que tengo que trabajar con el tengo que ponerme a buscar cuales eran las combinaciones de teclas para operarlo. Mas aún, cuando lo abrimos en una ventana de consola y no podemos cerrarlo con el F10.
Acá van los atajos mas utilizados:
The 'F' (function) keys are widely used in mc for file operations. Read the bar at the bottom for their current function, which may differ according to the context, eg. browsing a directory, using the file viewer, or the editor.
In normal browsing mode:
F1 - help. More readable than the 2000-line man page, although difficult to browse.
F2 - user menu ( offers option to gzip files, etc.)
F3 - view (handy to check the contents of an rpm or tgz file, or read contents of files)
F4 - edit with internal editor, mcedit
F5 - copy
F6 - rename or move
F7 - create a directory
F8 - delete
F9 - pull-down - accesses the menu bar at the top.
F10 - quit. Closes mc, as well as mcedit and any unwanted open menu.
If you don't have F keys, use Esc - number sequence (1-0) instead.
F10 key in Gnome Terminal: opens the main terminal File menu instead, so click quit with mouse.
A heads-up to those who have been using the 0install application feeds I used to maintain for the OSR group at mojo.informatik.uni-erlangen.de: as I’m no longer employed there, the service has been disabled.
$ su -c "yum install 0install-injector" $ 0desktop http://rox.sourceforge.net/2005/interfaces/ROX-Filer # to get the ROX-Filer file manager added to your desktop # or $ 0alias rox http://rox.sourceforge.net/2005/interfaces/ROX-Filer # to get a command-line launcher in your path
FUDCon KL Day 2 had talks for newbies. There was very less for me to do since my talk on Puppet was the next day. The day started with keynote from Joshua a.k.a. sitapati. He talked about documentation and translation and encouraged the local people to contribute in building the first ever crowd sourced book in their regional language. After keynote, I went to hangout room to check if someone is there. I wanted to package graphite and nodejs and revive the kde netbook spin. Day 2 for me was mostly hacking around and talking to people as they came with questions. FUDPub was scheduled later that evening. I did miss the noise created at FUDPub Pune but the cake at KL was delicious. There was a point when my stomach was full but the temptation of cake..!
Day 3 was more eventful for me in the sense that I had a talk to deliver and not to mention it was the last day of FUDCon KL. My talk was scheduled at 11 am so that was the first thing I did. It seems that Ankur recorded it and uploaded it on archives.org. Goh Choon Ming’s talk was a short one. For the first time I got to learn the difference between hypervisor based virtualization and container based virtualization in a proper way. Post lunch we shifted to a bar camp style format again. Syamsul’s talk on Boxgrinder was amazing. I am planning to use to to build some custom stacks for ec2. Closing keynote was as inspiring as it can get. Abu Mansur delivered it and he talked about how and why we should encourage open source. The benefits we can get out it. I must say, he speaks with power and authority which is expected from a keynote speaker.
The FUDCon KL came to the end. I guess it was the least disastrous FUDCon ever. All the guys Izhar, Maverick, Gurdeep and all the volunteers did an excellent job. Putting together an event of this magnitude in just 8 weeks is really impressive. I hope I’ll see them again in some other event.
Postmortem:
I have packaged graphite (3 packages total) and they are up for review. I think Praveen has already taken graphite-web.
Here are the links for the Review request:
graphite-web: https://bugzilla.redhat.com/show_bug.cgi?id=824357
carbon: https://bugzilla.redhat.com/show_bug.cgi?id=824348
whisper: https://bugzilla.redhat.com/show_bug.cgi?id=824361
With help of Danishka’s kickstart file, I think I would be able to revive kde-netbook spin in a short time. I already have a build with me. I need to test it out before going ahead.
The system/infra and its components was originally developed for the Fedora Malaysia website, while keeping in mind to keep it generic enough so that other communities could use the same components for their own community sites. The infra is already at a usable state, and we can add new sites easily with just a few clicks.
Features in this consolidated infra are:
- Document/Content management (Plone built-in)
- Calendar system (powered by solgema.fullcalendar addon)
- Conference/BarCamp system (powered by collective.conference addon, which was developed for FUDCon Kuala Lumpur 2012)
- Blog (powered by Products.Scrawl)
- Simple yet powerful theming engine (powered by plone.app.theming/ Diazo) - Check out Diazo, you'll love it. Don't worry, its not plone specific.
- OpenID and OpenID Selector - we even have Fedora's OpenID as an option in the OpenID Selector
Besides those listed above, we are also planning to move some of these sites (which are also already on our infrastructure, albeit using our old, non-consolidated infra) to the current infra:
- FOSS Society Malaysia - plenty of legacy stuff, need quite some work
- FOSSChix.My
- Malaysia Python User Group
Code?
The code for this Plone buildout is here : https://dev.inigo-tech.com/svn/izhar/fedoramy.site/trunk/ . The buildout kindof a messy as it was hacked together at random times without spending much thinking. WARNING: lack of docs. If you need help, ping me :-)
Help Needed
Help needed to properly refactor some of the codes and make the infra more generic and reusable for everyone. I also need help in migrating some of the old infra sites to the current infra.
For those who are based in Malaysia, we will be having a hackathon after the Python Malaysia meetup this Saturday to migrate the Python Malaysia website to the new infra.
Main tasks:
- Setup new site for pythonmy on the current infra
- Write diazo theme transform rules for pythonmy site.
- Rename fedoramy.site to a new buildout, with a more generic name
- Get rid of apprepo.org dependencies from the buildout. Apprepo.org should be outside of this shared infra as it introduced a number of external deps thats not relevant for other sites.
IRC: Private messages considered harmful – or Be considerate to others on IRC2012-05-23T22:41:50+00:00
I use IRC a LOT. IRC Clients allow users to send what are called "private messages" (or PM’s). Today, I sent a private message to my friend Kevin Fenzi. I received the following reply:
‘(Autoreply) Please consider if what you are sending me needs to be in a Private message. See: http://tinyurl.com/64vdbql‘ (sic)
So I clicked…. and what I read pretty much fit my thought process. I think it’s pretty great, so I thought I would share with all of you.
—
There are a few cases where PM’s could possibly be acceptable:
- You have something that NEEDS to be private (account info, phone number, etc). You should ask yourself however if a unencrypted IRC session is the right place to send that info. Perhaps a phone call, a scp to a secure server, or a gpg encrypted email would be better?
- It’s something you need to impart to JUST that one person. A friendly jibe or conversation with someone you know well perhaps, or a quick note from someone that they are running late or are going to do something for you.
That said, there are a number of cases where they are NOT a good idea (especially in support channels):
- The person you are PMing might be busy, so you get no answer, but many others in a common channel may know the answer to your question.
- The person you are PMing might give you a incorrect or incomplete answer, which other people in a common channel could correct or expand on.
- Other people in a common channel cannot learn from your question or any answers you get. Perhaps they too were interested in doing that? Perhaps they have a related question that comes from that one? It’s good for everyone to ask questions in a common channel.
- It doesn’t scale. You can’t always ask a person your questions directly. Sometimes people are on vacation or busy and you will not get answers. If 100 people try and ask one person privately each question most IRC clients would go crazy with tabs and trying to keep track of those seperate conversations.
- Some people provide support for things for a living. If you are directly PMing them shouldn’t you pay for private support?
- IRC is somewhat transitory. Unless someone has setup a bouncer (znc, bip, dircproxy) and set it to record private messages, they can easily be lost (just reboot without checking all of them and many clients won’t show them on restart of the app). So, if you PM someone the message may well not get through anyhow.
Finally there are some modes of interest (on freenode at least):
- /umode +R – This will prevent people who are unidentified with freenode services from sending you private messages.
- /umode +g – This will prevent you from receiving private messages from anyone not on a session-defined whitelist. The content of the whitelist can be controlled using the /accept command. When a user not on the whitelist attempts to contact you, you will receive a notice informing you of the fact and you can then use /accept user to speak to them. Users can be removed from the whitelist using /accept -user. Finally, /accept * will print the whitelist.
- Other clients or IRC bouncers may have ways to log/ignore/etc private messages. See your clients docs.
In some channels/areas it’s polite to ask before PMing: "Hey, foo, mind if I PM you my phone number?" or "Hey foo, can I PM?".
So, next time you are in a community channel and want to PM someone, do consider the above before doing so, odds are it would be much better to just ask in the main community channel than PM some particular person.
—
Cheers,
herlo
It’s taken a while, but the move is complete. The source code for Eucalyptus 3.1 Beta is open and publicly available in Github. It’s actually been there for a while now, but we’ve done enough housekeeping and we’re ready to open the doors.
Build instructions can be found in the INSTALL file, but they are still in flux; comments and patches are welcome. Don’t hesitate to join us on #eucalyptus on freenode or on our community mailing list if you have questions.
Packages for the beta will be available for various distros in the coming days. Special props go to Debian Partner company Credativ for their impressive work on the Google Web Toolkit libraries.
We’re also working on our new bug tracker; we’re in private beta to work through various auth and workflow kinks. If you’re interested, ask for access on IRC or the mailing list, and we will set you up. After this beta period is concluded, we will open the new bugtracker to anyone and everyone — but we’re happy to give early access to anyone who asks.
This is another critical step in our evolution as an open source company. But we’re not done yet. Stay tuned.
It was Wednesday, and by early morning 7:30 am, I was ready to leave my house for the Hyderabad airport (to Chennai -> Kualalumpur) . With all the time I have to wait at Chennai International airport due to my early arrival and late evening flight to Kualalumpur, the only good part I felt was Kushal would be there for company, and 2ndly after all its a International airport so time should pass by like a breeze (based upon my Hyd and Bangalore Airport experiences).
Man proposes and GOD disposes. Chennai International airport looked as if a Open ground with 4 chairs around the corner. Free 20 minutes of Kbps speed wifi and a strong and weak AC at places started making life miserable the moment I arrived there. There were no food stalls around except some dead meat stale sandwiches. #yuck
After a long wait, cursing @AirAsia and Chennai International Airport, our flight had a delayed start of 3 hrs at 8:00 p.m IST. The problem was @KageSenshi was supposed to wait for us and we were afraid that from night 00:10 am KL time the wait can extend more 3 hrs till deep midnight. Kushal gave a call to Izhar(@kagesenshi) to explain him the state out here. Finally we boarded our AirAsia flight, and with lots of turmoils in which parts of the airbus was falling out during journey, we reached KL somehow safely.
Me and Kushal were ecstatic to see @kagesenshi was still waiting for us in KLCC airport till 3:30 am local time. He was given company by @FranciscoD, @adimania, @kumarpraveen who arrived 3 hrs before and were kind enough to wait for us. We boarded Kage’s mom’s van before which Aditya grabbed a Pizza for himself. With torrential rains and a long haul we finally reached the hotel and checked in. When we thought we probably could call a Good night to everyone, it was Kage who called and said he needed some help to get the swags from Car to the hotel room. In our dullest and drowsiest looks Kushal and me dragged ourselves and arranged the swags to the hotel room. As it was already 7:00 am, Kage, me and Kushal thought to have our breakfast done before going to "So called" nap. The nap did last for 2 hrs hardly, when the whole gang … Kage, Ankur, Aditya, Praveen, me, mak (@maktrix), Kushal got out for KL tour. We (atlast we consisted of Kushal and me, as rest of all people separated and roamed around their #placestovisit list) moved across the city and reached at hotel room by night 11:30 p.m (that too walking 3 kms from station to hotel). The whole day tour itself can be blogged separately (it was so full of variety) but probably I will do that later on. At around night 1:00 am we just slept not knowing we were sleeping till early morning #wakeup call came to let us know that "#fudconkl2012″ BEGINS !!
 |
| root detected! |
$ su -c "gedit /etc/group"
Contraseña:
(gedit:20984): EggSMClient-WARNING **: Failed to connect to the session manager: None of the authentication protocols specified are supported
** (gedit:20984): WARNING **: Could not connect to session bus
$
$ beesu nombre_programa
I arrived at Hotel Sri Petaling at around 3 AM on May 18, 2012. After very less sleep, I woke up at 6:30 AM. After having our breakfast at the hotel, we left for UCTI (the venue for FUDCON KL) in a bus arranged by the FUDCON KL organizers. After reaching the venue, we got ourselves registered at the registration booth for FUDCON and we received our coupons for lunch and tea. It didn’t take long for the other attendees to arrive at the venue.
The first day of FUDCON began with a key note speech by Christoph Wickert on "Leadership in leaderless organizations" and how this is in action in Fedora.
Christoph Wickert speaking on "Leadership in leaderless organizations"
Christoph Wickert with his key note
After the keynote, it was time for the bar camp. Although, many were skeptical about barcamp in the 1st day of a FUDCon, it turned out to be awesome. Many a people pitched their topics for the bar camp. Among others, I also pitched two topics:
- Transifex: A developer’s perspective
- Agile system tests in Django
FUDCON Attendees
Since there were a lot of topics proposed and there was limited time, the topics were shortlisted based on votes by the attendees. One of my pitched topics: "Agile system tests using Django" finally made it into the shortlist. The bar camp sessions were scheduled to start at 2:30 PM. Over lunch, I was having some nice conversation with Kushal, Michel and Soumya on various topics related to Open Source and the LUG related activities in our places.
Among the many interesting lighting talks I managed to attend some (though not all) talks: Improving collaboration with other open source projects, Fedora for students, Git, Fedora and packages, etc. I had my talk at 4 PM. I spoke on:
- System tests are needed
- Why we need fast system tests?
- How the Django test framework makes system tests slow?
- How can we remove unnecessary overheads?
- How we run faster system tests at Transifex?
For this, I used this post from blog.transifex.com.
It was an awesome 1st day of FUDCON KL. I participated in my first bar camp and it turned out to be a lot of fun and exciting. We had some post-event chats and discussions while leaving the venue. I also had some long conversation with Joshua Wulf while heading back to the hotel on matters related to spirituality. This was an eye opener and I had many of my doubts resolved by the grace of an elevated devotee like him.
So, it was an enlightening day for me, both in terms of FOSS and spirituality.
Host Aura Fedora talks to Trombone Shorty guitarist Pete Murano about playing Jazz Fest, the special side project Storm Warning, the influence of New Orleans music and an upcoming International tour..
This item belongs to: audio/opensource_audio.
This item has files of the following types: Metadata, Ogg Vorbis, VBR MP3
It is sort of becoming a tradition for each member of the Fedora Board to declare a personal goal of some sort and then lead by doing. So now that I am the newest Board member, some people are curious about my plans.
In 2010 I helped get Fedora’s Cloud SIG off the ground. At that point in time our main goal was to get a modern version of Fedora running inside Amazon’s popular cloud, EC2. Nowadays the EC2 image is part of Fedora’s regular release process and the Cloud SIG has grown into one of Fedora’s most vibrant groups, added support for one self-hosted cloud platform, and is on the way to adding several more.
In light of that, the answer is obvious: I plan to help the Cloud SIG continue to be successful.
Of course, that’s a rather vague goal, so here are some examples of what success for the Cloud SIG has meant in the past:
- Building and testing EC2 images
- Adding the EC2-controlling euca2ools command line suite to Fedora
- Porting the cloud-init boot-time scripts to systemd
Now that those are done, here are some things success for the Cloud SIG may mean today:
- Add more cloud software, such as the relatively venerable Eucalyptus, to Fedora
- Continue to stabilize cloud-init on Fedora
- Help make PaaS software like OpenShift and Cloud Foundry work with IaaS software like Eucalyptus and OpenStack
Lofty? Possibly. But they are certainly all worth the effort!
Want to give one of these a shot? Are you interested in attending a hackfest or an activity day for moving the cloud forward? Leave a comment or stop by #fedora-cloud on Freenode!
Day 2 was the last day at the conference. We woke around 0700 again, which is pretty early for me. I struggled to get ready and grab a bite of breakfast before running into the bus that would drive us to the venue.
Initially, the second day was to host pre-planned sessions. This proceeded until lunch, after which everyone unanimously decided to make it a barcamp style session again. I didn’t have a talk on this day. Both my sessions had finished on day 1. On the second day, I was going to run around and attend sessions!
I sat in Praveen’s RPM packaging session to start with. Quite a few people had turned up. However, a majority of them weren’t fedora users, so the packaging bit was going a little over their heads. Uhm, a lot over their heads actually. Praveen finished in 20 minutes. The time alotted to him was an hour! Christoph was to take a session on advanced packaging, but he was still working on his slides. I filled in for a bit, and gave the audience a very very very high level summary of packaging. For instance, while explaining the spec file, I blah-blahed most of the parts. I just explained what goes on, without going into any specifics at all. They appeared to absorb some of it.
I finished up and ran to level 2 to attend Aditya’s talk on puppet.(He’s uploaded the slides here) I had attended an IRC session Aditya had taken on puppet a while back: everyone other than me had gotten puppet to work. So, I wanted to attend this second session in the hopes of getting it to work. During the talk however, I realized that puppet isn’t a lot of use for non sys admin users. I mean, I don’t need puppet to control my 3 or even 4 systems. It doesn’t quite make sense to take the trouble. It’s my opinion really. One might choose to use puppet even for two systems. I recorded the session. If you’re interested, you can see it here at archive.org.
After puppet, I ran to attend the session on oVirt that "wariola" was taking. Again, a video is available here at archive.org. It was a most interesting talk. There was a lot of cool stuff that he showed. I’ll nudge him for the presentations and put them up someplace.
This was followed by a quiet lunch.
The post lunch program was re-planned into barcamp format. So, we had pitches and voting. The first session was on some "User issues with gnome3″ or something. I sat there and listened. Personally, I felt the session was a huge waste. It was like one of those rants and crib sessions where one just keeps on pointing out his problems and follows them up with "someone should do this, I’d like that". Well, you only get your solutions when that "someone" is you. Talking about it, and making jokes to an audience, ninety percent of which have never used Fedora isn’t going to do anything. I didn’t speak at all during the session. I kept quiet. I’ve learnt to not participate in such debates. I shan’t say anymore about it.
I walked out of the above mentioned session and went back to the main auditorium for Izhar’s talk on LXC. I’ve uploaded a video of this too at archive.org. He was clearly unprepared for it. With all the organizing he was running around doing, no one really pestered him for not having slides etc. 
Post tea break, we had the keynote. I’ve put up whatever bits and pieces of it that I recorded. Abu Mansur put forward some really interesting opinions and thoughts. It was a good keynote. I’m glad I attended it.
Two Samsung galaxy tabs were given out in a lottery after this. I didn’t get any 
. However, both winners were from the organization team. Christoph correctly remarked that each person in the organization team would’ve been given one if we could afford it. Photo sessions followed. Team photos, and the FUDCon collective photo were taken. Folks had to leave already, and the parting began. It’s a part of life really, and I’m used to it. I still wished the conference would last longer and that more folks had made it really. Anyway, no one cried 
Back to the hotel, food, drinks, bed. The next morning Yogi and Dean escorted us to the train station where the train would take us to the LCCT. Flew home. The.. end.
You asked the questions, and they have been answered! The responses to the questionnaire are up. Read your candidates’ views!
https://fedoraproject.org/wiki/FAmSCo_election_2012_F18_nominations
https://fedoraproject.org/wiki/Development/SteeringCommittee/Nominations
https://fedoraproject.org/wiki/Board_nominations
While Jon McCann made changes to the System Settings UI, I was busy implementing an animated notebook, to make the switch between panels, overview and search less jarring.Video on YouTube.
Here's a list of what we fixed:
- Avoid scrollbars at all costs on startup (made possible by some GTK+ sizing bug fixes)
- Make the default window bigger, while supporting small displays (800x600 displays should now be usable)
- Bigger icons to match the Shell's overview
- Better layout of search results
- Animated transitions between panels, overview and search results
There will most likely be more tweaks of the UI between now and the GNOME 3.6 release, which I'll make sure to let you know about.
PS: Before you ask, we cannot animate window size changes. Hopefully this will be possible in the future.
Update: Fixed a double-negative. Also note that there are some differences between my screenshots and reality, like the separators, as my system wasn't fully updated.
Recently I talked about a new print spooler under development, printerd. In that post I mentioned briefly how printerd is structured, but did not go very deeply into why or what the project is for.
Firstly, printerd is experimental and is very far from being a functional print spooler. It doesn’t yet run any filters, for instance, and has no backends of its own to transport jobs to devices. So far it is just a test of what a Linux print spooler would look like if it were written today.
There are several problems printerd aims to solve. Some of the solutions come automatically from implementing it as a polkit-enabled D-Bus system service. I mentioned one of them in the original post about printer: the fact of having an asynchronous client API. All D-Bus services can be used asynchronously thanks to the D-Bus client library. This approach means the print dialog will be able to use printerd without blocking (and without having to start another thread to use it).
Another benefit is the fact that security/authentication can be made much cleaner and more well integrated into a desktop system if polkit is the basis for policy decisions. Although there is some support for adding polkit support to CUPS in the shape of cups-pk-helper, the way this works is to effectively bypass the standard CUPS policy mechanism. In order to completely limit some operation from users, two different policies must be changed: the built-in CUPS policy in cupsd.conf, and the polkit policy for cups-pk-helper.
In contrast, printerd’s only interface is D-Bus and it uses polkit to authenticate operations. If extra security policy is added in future that cannot be expressed using polkit (for instance, printer-specific policy rules like CUPS has), that extra policy layer will be in addition to polkit, not an alternative. Currently, for example, cancelling a job requires that the user is permitted to use the org.freedesktop.printerd.job-cancel action (a polkit check), as well as being the user that submitted the job in the first place (an additional check). Both requirements must be fulfilled.
One more benefit of printerd is the idea of splitting the IPP server out from the local spooler. Currently printerd only spools files and does not provide IPP services but the idea is that when it does, this will be implemented out-of-process by a program that acts as a client to printerd. It will use printerd’s D-Bus interface, just like any other client. That way, users that want to print to local printers but are not interested in sharing those printers on the network don’t even have to run the IPP server. In fact, as printerd is an activatable system service, the spooler itself won’t even be running unless there is something for it to do.
By accepting only one format for printing, some complexity can be removed from the spooler. Generally people print from applications that generate PDF for printing. By using PDF as the required format, the task of selecting pages and arranging several pages onto each side (i.e. number-up) is hopefully made a little easier, as the structure of PDF makes this task more straightforward than PostScript does. Increasingly printers are able to understand PDF natively themselves. This means converting between formats can be kept to a minimum.
Finally, printerd is experimental, so ideas can be tested and developed. For example, I hope to get printerd to improve the latency between cancelling a job and having the printer stop feeding paper, by splitting the backend out of the filter pipeline, killing its input, and telling it to discard its send buffer. Another idea related to separating the filter pipeline from the backend is to begin filtering the next job before the backend finishes clearing out the last of its send buffer. I’m sure there are other areas for improvement that can be played around with in a project like printerd.
Fedora gave up building on ppc as a primary architecture a while back [edit: see comments], but Ubuntu has a working ppc build. This is useful for testing software because it’s a big endian architecture, and therefore breaks some assumptions made by software that has only seen an Intel (little endian) architecture.
Fortunately it’s very simple to install Ubuntu/ppc as a qemu guest. Here is how I did it:
- Download mini.iso from here.
- Compile qemu from git (it’s easy!) so you have a
qemu-system-ppcbinary with a working bios. - Create a virtual hard disk:
truncate -s 10G disk.img - Boot the ISO:
./qemu-system-ppc -m 1024 -hda disk.img -cdrom mini.iso -boot d - At the first prompt, type
installand go through the installation.
At the end of the installation, it won’t install a boot loader, so the guest won’t be bootable without an external kernel and initrd. This is easy to arrange:
$ guestfish --ro -a disk.img -m /dev/sda2 \
download /vmlinux vmlinux : \
download /initrd.img initrd.img
With the external files vmlinux and initrd.img you can now boot your guest:
$ ./qemu-system-ppc -m 1024 \
-hda disk.img \
-kernel vmlinux -initrd initrd.img \
-append "ro root=/dev/sda3"
The day 1, 2012 May 18th (Friday) started and at that time we were at the hotel lobby surfing internet. There was no wifi in out rooms therefore we managed to get down to the lobby and had it. We went to bed at around 1 am and Danishka (snavin) got collected our t-shirts and goodies.
With short sleep we woke up around 7:00 thanks to the wake up call. Breakfast was offered at the ground floor where the dinning hall was. After the breakfast there was a bus to the venue. We reached UCTI at around 9:00 am and found out we are having another hour. There was wifi access and we are given food coupons and also we got registered.
The FUDcon KL 2012 started with the Christophs’ key note which was about "Leadership in Leaderless Organization" which was a nice sharing and insight towards the organization. There were some interesting questions from the audience inquring about the RedHats’ role with the Fedora project.
The later sessions are bar camped style and there was many proposed sessions from the Fedora contrubutors and from others as well. There was three halls arranged and I remained on the main auditorium. All sessions are limited to 30 minutes.
I had a session on "Google Summer of Code with Fedora" at the end of the day.
Tea was offered at the end of the day to attendees and bus was waiting to drop us to the hotel. We managed to go out to have the dinner. There was a Indian restaurant and we had our dinner there with Danishka, Kalpa, Uditha, Ankur and Praveen. At the end of the day we had a open discussion with the Fedora APAC Ambassadors. There was an interesting discussions and sharing among us. The main topic was how to increase the effectiveness on promoting Fedora and strategies.
Day 2 started with a talk from Joshua Wulf about the Fedora book written by the attendees. The idea seems to easy enough for the newbies to contribute but still they will require a bit knowledge of docbook I think.
Rest of the first half was spent discussing package Lisp modules in Fedora with Christoph Wickert. Now I am going to setup a repo with all the packages so that people can play around with them.
During lunch time I met another fellow Red Hatter, Luc de Louw. Lunch table discussions went on about various other FUDCons and funny incidents in them. The lighting talks session went really well. People submitted various ideas and started demoing various projects. While CWickert was showing LXDE, I decided to try it out and still now the performance looks amazing, though there are few small things needs to fixed.
The cloud talk by CWickert was hilarious. After the day finished we slowly moved to the hotel and FUDPub was supposed to start from 8pm in the same hotel. The food was nice and cake was delicious.
The number of attendees in the day 3 was smaller compared to the last two days. I had my talk on Darkserver in the morning. We had some good discussion about the future roadmap of the project during the talk. You can find the slides here. There was another good talk on various create applications available in FOSS world. In the second half of the day we decided to put up the talks and workshops for voting as number of people was less. I went ahead to do the python workshop as planned. Abu Mansur Manaf gave the ending keynote which should boost the newbies to become contributors.
Spent the evening in the hotel room discussing various functional programming languages and features of the languages and darkserver roadmap with hircus. Later in the night went out for dinner with the rest of the event crew members to a local food joint. Stayed up for the rest of the night as we had catch an early morning flight back to India.
Met many old friends and made many new ones, long discussions on project ideas, great food, sleep for only few hours everyday, this event was full on. The last FUDCon in India and this one, a large portion of the audience are total newbies and I hope they got good ideas on how to start contribute. My personal goals were to find new contributors for darkserver project and discuss the packaging ideas with CWickert and both went well.
This week started for me with sounds of well known tune:It's all about the situation where certain operations, described here in length, could break P2 profile in such a way, that P2 thought that physically removed bundle was still installed. The reproduction steps in the bug are really lengthy, but RPM version is short:
sudo yum install eclipse
sudo yum install eclipse-cdt
eclipse
sudo yum remove eclipse-cdt
sudo yum install eclipse-changelog
eclipse #what? CDT is still in the profile?
Further investigation has revealed that it was changelog bug (in the first place), because it did not required cdt although it should. During the reconciliation phase, cdt was not yet removed from the profile, so P2 believed it was able to prevent its uninstallation, and during debug, explained its plan with friendly messages:
[p2] Mon May 21 13:07:14 CEST 2012 - [Start Level Event Dispatcher]
[reconciler] [plan] Some units will not be uninstalled:
[p2] Mon May 21 13:07:14 CEST 2012 - [Start Level Event Dispatcher]
[reconciler] [plan] org.eclipse.cdt.ui 5.4.0.201203191015
[p2] Mon May 21 13:07:14 CEST 2012 - [Start Level Event Dispatcher]
[reconciler] [plan] org.eclipse.cdt.core 5.4.0.201203191015
So, my first attempt to fix the issue was rather naive - uninstall removed bundles first, then perform all the reconciliation that has left. Result: proper behaviour in this test case, but all other dropins tests broken. Not good.
But thanks to @dj_houghton and @prapicault, I was able to came up with something much easier, that not only fixes my unit tests case, but also manages to not break any other reconciler test:
@@ -123,6 +126,15 @@ public class ProfileSynchronizer {
if (moveResult.getSeverity() == IStatus.ERROR || moveResult.getSeverity() == IStatus.CANCEL)
return moveResult;
+ if (!request.getRemovals().isEmpty()) {
+ Collection requirements = new ArrayList();
+ for (IInstallableUnit unit : request.getRemovals()) {
+ RequiredCapability req = new RequiredCapability(IInstallableUnit.NAMESPACE_IU_ID, unit.getId(), new VersionRange(unit.getVersion(), true, unit.getVersion(), true), null, 0, 0, false, null);
+ requirements.add(req);
+ }
+ request.addExtraRequirements(requirements);
+ }
+
// now create a plan for the rest of the work and execute it
IStatus addRemoveResult = performAddRemove(request, context, monitor);
if (addRemoveResult.getSeverity() == IStatus.ERROR || addRemoveResult.getSeverity() == IStatus.CANCEL)
The patch should be read: for each removed bundle add a negative requirement to the request, so P2 will remove those bundles no matter what. That's so simple. I do not know why it took me 3 days :-(.
And now the explanation of the title. The whole situation with P2 refusing to uninstall deleted bundles reminds me of a polish health care. It's a well know fact that medical help should reach people needing it in 12 minutes because even seriously wounded usually do not pass away in that time. So the norm for an ambulance to reach its target was 12 minutes, but the ratio of timely arrivals was to low ( 85%). So the parliament extended the time to 16 minutes :-).
If all goes well, this fix may hit Fedora as yet another 0 day update.
And a small bonus - have you noticed that (at least on Linux) you are finally informed what will be the action invoked? Check the screenshot below:
For a long time it was almost a matter of luck - you never knew if you hit the button or drop down menu.
* I will buy** a beer to a person that finds a good rhyme here.
** Applicable when we meet in person.
EDIT: Added proper twitter link to LeNettoyeur which turned out to be prapicault.
If you upgrade your Fedora 15/16 to Fedora 17 before it is officially released, there is a high probability that you encounter a bug, where your computer receives a kernel panic when you try to shut down/reboot. This is documented in bug 820351. The problem is that since Fedora 17 updates repository is still not open, your system might still have an older kernel installed. To fix this issue, just install the latest kernel from Fedora 17 updates-testing repository, like this:
$ yum update kernel\* --enablerepo=updates-testing
After one more reboot, your system should be fixed.
Please note: This bug should not appear once we officially release Fedora 17 (a.k.a GOLD), so that extra step won’t be necessary.
Slides from the "Moving your business of Think, Draw, Write, Compose, Animate, etc ... .... forward." session http://fedora.my/events/fudconkl2012/session-22.
This item belongs to: texts/opensource.
This item has files of the following types: Metadata, Unknown
Abu Mansur's keynote on Day 2 (May 20) of Fedora Users and Developers Conference at Kuala Lumpur May 18-20.
This item belongs to: movies/opensource_movies.
This item has files of the following types: Metadata, Ogg Video
My packaging talk started at audi, I talked about very basic stuff like creating a spec, little bit of macros and tags, rpmbuild, rpmlint and fedora rpm build server(koji), then Ankur jumped in and gave some additional background. After that Christoph advanced packaging talk scheduled. He again gave a basic demo and using packaging guideline he able to pack beaver from scratch within 20 mins. Then he showed some really cool stuff using his spec files.
Aditya was talking about puppet, I was not able to attend his session because of packaging session.
people seemed a little lethargic, andi kind of empty then after lunch again we announced barcamp. That was a great idea, looked like everyone get energy and people were participating for talk and sharing their ideas. I jumped in with rpm packaging workshop.
I missed Abu Mansur Manaf’s keynote because of workshop but when it completed I run to audi. Izhar was giving a thanks note to everyone who made this event a success, following that, lucky draw for 2 Galaxy Tabs which was sponsored by OSCC-MAMPU and great thing was both Tabs went to volunteers hand, Volunteers did a awesome job to make this event a success.
End of the day everybody gathered in front of college for group photo. Well every beginning have ending but it was a great experience, met lots of contributors, enthusiastic students , awesome volunteers. Again Kudos to organizing team who did a great job to make this event a success in less time.
The big ticket item for this year was a new bimini. Jenny really wanted one so that we could stay out on the boat longer during the summer months without getting burned. I was all for it as it would dress up the tower a bit more. However, I was a bit nervous about loosing headroom. Nothing is worse than having to duck or hit your head on a boat. We agreed to look for a over the tower bimini.
We did some research, and only found one place which would do this style. It is Tower Biminis out of California. We called them up, told them what we were looking for, and the type of boat we have. Ours is an older boat (2003) so the did not have a pattern for our tower. It was no issue tho. They sent out some measurements for us to take, we did so, and we were on our way. To make sure it would be a good fit, they even found a local place with a boat with our tower to double check the manufacturing.
2 weeks later, we had a new bimini. Blue to match the boat, with a white racing stripe. As you can see, it looks great:
When stowing it, it sits up high on the tower so that it is out of the way:
All and all, a great addition to the boat. Next year… LED lights!
I can feel it coming in the Air tonight... Excuse me a moment whilst I rock out to a killer electronic drum riff.
still there? Ok.
I've had a Macbook Air for a while now, not the original air, but the first redesign of it (sadly just before they did another redesign with a better chipset and backlit keyboard, oh well). When I first got it, I went a little crazy, and setup a triple boot system, OS X, Windows (Vista), and Fedora. Sadly, Fedora didn't work so hot. There were graphics issues, sound issues, touchpad issues, wireless issues, I mean, I think the issues had issues.
So instead of fighting all those issues, I did something even more silly. I found a virt software set in OSX that would allow me to attach a real partition to the guest. I setup a virtual disk image to do a minimal install of Fedora in, then edited the grub config so that it would actually load up the real disk partition as /. This actually worked, surprisingly well. I spent most the time in OSX with various X11 applications ran through ssh, and of course ssh'd into the guest to do all my command line work. It still felt dirty though. I would also let the guest boot up into graphical mode and make that go full screen in OSX Lion, which gave the illusion of using Linux native on the hardware. The upside was that the touchpad worked pretty well, and there weren't network issues. Video still sucked, no gnome-shell for me.
When I picked out the Air, I was thinking that it would be nice to have some hardware that was not the normal around the water cooler, so that we had a broader set of systems being used every day. I actually thought I could do something to fix issues that came up. Ha, hah. Turns out the most useful thing I could do was hand the system off to people who knew what they were doing.
Enter Super Hero mjg who decided (or got tasked with, I'm not sure which) that making Fedora work on Apple hardware like my Air was a thing he would do. And he sure did!
 |
| So you can wipe off that grin, I know where you've been |
That's the Fedora 17 Final (RC3) Desktop Live image being installed to my Air. It couldn't have been easier. dd the iso to a USB stick, boot holding down option, plug in the stick (because I forgot to do that first) and pick the Fedora Media. Anaconda did all the right things (even when I didn't) and I now have a simple dual booting macbook.
F17 looks awesome. First time I've really used shell, and I like it. Audio works, graphics work, webcam works, touch pad (mostly) works, even the brightness and volume buttons work. I can't wait to haul it down to my local Starbucks on my bike, then show it off to my hipster friends, because you see, I was using Fedora on my Air before it was cool.
Well I've been waiting for this moment for all my life....
Fedora User Developer Conference (FUDCon) Kuala Lumpur 2012 - which I was the event owner - ended successfully on Sunday, 20th May 2012. With only around 3 months of planning (1 month for the bid, and 8 weeks for the organizing process), FUDCon Kuala Lumpur might have been one of the shortest FUDCon planning ever, if not the shortest!!.
With roughly a total of 34 crew and volunteers, we managed to pull it off successfully. To some of the crews, our experience pulling off a crazy stunt of organizing FOSS.My 2008 in 30 days might have helped us in getting prepared for the worst.
We were hit by the Murphy's Law several times before and during the conference, and one of it was Harish unfortunate tennis calf injury made him unable to come to FUDCon KL. This created a challenge for us in the monetary stuff related to on-site payments, but thanks to Harish's swift action sending us some cash through Western Union , we managed to cover a number of them.
Pre-conference
With only 8 weeks to the event after winning the FUDCon APAC bid, the team scrambled to start shooting down tasks for the event. As usual for Fedora Malaysia events, we simply pick UCTI as our venue, primarily because there is Gurdip who will almost always get us what we need from the college.
We also hacked together a conference management system on Plone in less than a day worth of effective hours for the event site. Code is available here: https://github.com/inigoconsulting/collective.conference. The system served its purpose ok, though during the conference we discovered that certain things can still be done better, namely in session organizing and listing. For example, the agenda should display who is the speaker of a session and the listing of attendees need to be filterable easily.
The funding request approval was one of the tough stages during the organizing process. We wanted to bring as many contributors as possible to FUDCon Kuala Lumpur, however, we also need to keep it within our budget limit. Deciding on the seection fairly was tough and for those who did not manage to get the funding, please no hard feelings, we hope you do try again.
We also created several artworks for swags and banners for the FUDCon. We produced 170 T-shirts, 1000 Fedora 1.5" buttons (500 for the event, 500 for distributing across APAC), 10 banners (2 roll up generic fedora/fedora-my, 6 x-stand generic, 1 x-stand FUDCon-specific, 1 big gate banner), and 350 FUDCon stickers. We chose to focus on creating generic swags so that we can reuse in the future, especially the banners.
Nearing the event, OSCC-MAMPU contacted us for a meeting, and from the meeting, they offered 2 Samsung Galaxy Tabs for lucky draw , in exchange for us getting attendees to fill in a survey form regarding to FOSS. We however, could not announce this early as we only get the final confirmation on the tablets on Saturday, 19th May.
Murphy's law does not leave us alone however. A few days before the event, around the final 2 weeks, we received some sad news from Heherson, David Ramsey and Harish that they could not make it to the event. The news about the absence of Harish created a challenge for us related to monetary stuff as we need petty cash for a number of stuff during preparation, and the FUDCon days. As a temporary measure, I put aside my own money, and cut off some items from our things-to-buy list and try to get some items - like lunch and tea - to be paid later. Harish also sent some cash to us on Saturday. Fortunately, it kindof works out.
Day 0 : Thursday, May 17 2012
Ankur (ankursinha), Praveen (kumarpraveen), Aditya (adimania), Kushal (kushal) and Soumya (soumyac) arrived early on this morning and I was in charge of picking them up. Ankur, Praveen and Aditya arrived roughly on time on 12:30am, however, Kushal and Soumya's arrival were delayed for almost 3 hours, and we only manage to leave the airport around 3:30am.
We arrived at the hotel around 5am and after check-in, I left the hotel to home to switch the van which I was driving, to my car, and return back to the hotel. Managed to get a short nap. Afterwards, I took the group to the LRT station for a short tour around KL. We dropped by Low Yat plaza and grabbed some simcards for the group. After briefing the group how to take the train lines and places which they might want to visit, at noon, I left them on their own and head to UCTI for the preparation for FUDCon KL.
When I arrived at UCTI, I was surprised to notice that Tuan (tuanta) was already there. After giving instructions to the volunteers on the tasks that need to be done, I drove tuanta to the hotel to check-in his room. At the hotel lobby, we met with Christoph (cwickert) who apparently already arrived and was hanging out at the lobby. After tuanta left his belongings in his room, we head back to the venue, this time, with cwickert.
Preparation ended at around 10:00pm as the venue was closing. There were however, some more tasks left , which some of the team then later continued them at the crew hotel room.
Mahay (mak), Buddhike (bckurera), Danishka (snavin), Kalpa (callkalpa) and Uditha (udinnet) arrived some time on this day too, and they checked into their rooms themselves.
Day 1: Friday, May 17 2012
Caius (kaio) and Ratnadeep (rtnpro) arrived early this morning around 1am, and they were picked up by Meng (seatux86) from the airport.
The crew started our day very early at around 6:00am and head to the venue at 7:00am. Registration desk finished setup at around 8:20am but we already had a few people coming at around 8:00am. At around 9:00am, the rate of people coming started increasing.
The opening keynote started on time on 10:00am. Harish was supposed to give the opening keynote, however, as he could not make it, we had cwickert to do it. Cwickert gave a talk on "Leadership in Leaderless Organization" which, in my opinion, fits very well to what we will be having right after the keynote, a Fedora BarCamp!.
After the keynote, I gave the attendees a short briefing on what is a BarCamp and how the BarCamp voting process will flow. We then had quite a number (15++?) of talks submitted, that we shortened our 1 hour slots to 30 minutes. Plenty of the topics were really interesting, which made me somewhat regretted setting Day 2 and Day 3 to fixed schedule. I never been in a BarCamp which had more than 20 geeks who are able to give talks before, and was not expecting such interesting outcomes. If we had made all 3 days a BarCamp, we might be able to go into deeper stuff, depending on what the audience interested in.
After the day ended we head back to the hotel. I then went out to a Western Union agent to cash out some money Harish sent to us for petty cash for the event. At around 10pm, the APAC Ambassadors met up in the crew hotel room to discuss future activities for APAC. We had a very interesting discussion and sharing session which lasted until 1am. If I remember correctly Yogi (jurank_dankkal) was typing down the notes from the meeting, not exactly sure whether it has been uploaded somewhere or not.
Day 2 : Saturday, May 17, 2012
Like yesterday, the crew started our day at around 6am and head to the venue on 7am. Registration desk open at 8:30am, and at around 9am we had a bus full of students from the German Malaysian Institute registering and attending the event.
The day started without any incident with Joshua Wulf (jwulf) giving the opening keynote for Day 2 where he introduced his project - a crowdsourced Fedora book. The day then continues according to schedule.
After lunch we had a little hiccup as there were some confusion about some sessions that was actually meant to be a discussion session, but was submitted as a talk. We simply cancel out the session and proceed the day as scheduled.
After the final session, we then did a lightning talk session. Afterwards, there were a lucky draw for a Red Hat keyboard which was sent by Harish through Alan Ho earlier in the day before. Swee Meng (sweester), one of our local FOSS community geek, won the keyboard.
Afterwards, we then head to the hotel. FUDPub / FUDCon Dinner then starts at 8pm in a function room at the hotel. Cwickert brought his Beefy Miracle costume and surprised us in the middle of the FUDPub!. After everyone finished enjoying the food there, we took out the cakes for an early celebration for Fedora 17 and also for FUDCon KL. When cwickert was cutting the cake, I noticed kushal whispering something to cwickert. I was then caked by kushal!!. I should have remembered what he did during FUDCon Pune to Rahul (rahulsundaram) !!. That inevitably initiated a cake war where everybody cake each other!!.
Dinner ends at around 10pm, and we all head back to our rooms and houses, full with food, and exhausted running around from being caked.
Day 3 : Sunday, May 18, 2012
Final day of FUDCon Kuala Lumpur. Unlike the days earlier, the crew started the day late today, at around 7:00am and only head to the venue at 8:00am. Attendee count on this day was also lower than the attendee count on the earlier days.
The day started slow, where people only started to come in at around 10am. Due to the low attendee count, and a very slow day, at lunchtime, we decided to scrap whatever that have been planned, and run a BarCamp instead. All sessions which were submitted was put up for voting again, shortened, and we reorganized the schedule. This turned to be a good decision as it injected back some life into the event.
At the end of the day, Abu Mansur, a well respected local FOSS community person, which also an employee of Red Hat Malaysia, gave the closing keynote. Right after the keynote, I took some time to thank everyone who have been contributing to the event and have made FUDCon Kuala Lumpur a success. Following that, we then draw 2 more lucky draw for 2 Galaxy Tabs which was sponsored by OSCC-MAMPU and the day ended with a final group photo in front of UCTI.
Post conference
Some of the Fedora contributors left early (jwulf on Saturday afternoon, kaio on Sunday morning). While the rest left after the event with cwickert is one of the earliest which is right after the group photo session, followed by Mahay around 1.5 hours later.
Those who yet to leave, met up for a dinner at a nearby Old Town kopitiam. When we were having our dinner, we was contacted with an emergency call from Mahay that he had took the wrong train and is in danger of missing his flight. Fortunately, he managed to reach the airport barely in time before the boarding closes.
After dinner, I asked Fedora Ambassadors who still around to come to the crew room to pick up one generic Fedora x-stand banner and some swags for their place and future events.
At around 2am, kushal, bckurera, snavin, udinnet, soumya, tuanta and callkalpa then checks out and left the hotel on a van to the airport as their flights are on 6am~7am.
rtnpro was the only one left out of the sponsored attendee list as his flight was on Tuesday. All rooms were checked out on Monday morning, so rtnpro had to stay at Yee Myat (MavJS)'s place for a night.
After checking out all of the rooms on Monday, I then went around to drop swags at OSCC-MAMPU thanking them for the sponsorship of the Galaxy Tabs, and also met up with Siva of Red Hat Singapore which Harish sent over to settle some payment issues we had with the hotel. Passed some swags to him and a t-shirt for Harish.
There are still some post-conference work left for me for FUDCon KL, primarily sorting out the receipts, some final invoices which still need to be paid, and claim back the money me and Eric used for FUDCon due to Harish could not attend. Hopefully all these will be done by end of this week or early next week.
Remarks/Notes
Things we learned, discovered, and some advises/suggestions for future FUDCon - or even for other events.
- A free-to-participate event is much much much easier to run and less stressful than a paid event. Primarily due to the lack of overhead related to registration and less obligation related to swags and food - removing a lot of headaches and stress we once had during FOSS.My 2008/2009.
- In an event where there are plenty of attendees who are willing to talk or run sessions, a BarCamp format rocks. I kindof regretted not running the whole conference using a BarCamp format considering we had almost 20 Fedora contributors attended. BarCamp format also helps in adding more session which might be of more interest to the audience, and dropping sessions which are of less interest.
- Keynotes helps in getting everyone in the same room. Try to have keynotes on each start and end of each day. This is useful for announcements, or for ensuring everyone are in the same room before BarCamp pitches+voting start, or for the closing of the event.
- Walkie talkies are essential for large events. Ensure several handy for the core crew members.
- Generic swags rocks - anything extra, use it for future local events
- FUDCon is one of the few times where we are able to gather a lot of contributors at the same place. Make use of it fully for discussions, meeting, hacking and for distributing swags across the region.
- Sponsoring attendees who can contribute to the event is a GoodIdea(TM).
- Close the registration before printing the registrant list. So that there are no people asking - "Oh I have registered, but my name is not on it"
- Tags and food coupons should be printed earlier - we printed them late, almost screwed ourselves up.
- Give food coupons to volunteers before the event, not during the event. Giving them during event can cause confusion.
- Have a crew room in the hotel, regardless whether the crews are staying nearby or not. The crew room can be used for meetings and preparation stuff.
- Always have a whiteboard for the schedule. Printed schedules could not be reorganized. However, people still need a place to refer to the updated schedule. Online schedule does not really work as they did not have time to load up the site during the event.
- Do not rearrange sessions in the schedule after they have been assigned, and the event have started. Cancel the session and move it to later on the day or to the next day. Do not shift up sessions as that causes confusion.
- Be flexible with the event. If you think something can be done better through changing some stuff, change it.
- Getting the cafe to be open is easier than to provide food for all attendees.
- As usual, 50% no-show rule applies for free event in Malaysia. We had almost 500 registrants on the website, but only about 260-80 attended throughout the 3 days.
- Coffee - meh .. Red Bull - win .. Managing coffee and water heater is difficult. Just provide cans of Red Bulls.
- If there are cakes nearby, and Kushal Das is in the event, be EXTREMELY careful.
Hello all,I am pleased to announce the immediate availability of nightly builds of the OpenShift Origin package set in RPM form, built for Fedora 16 available to anyone who might be interested in them here.
This repository should be utilized along with the instructions outlined in the "Build your own PaaS" article. The nightly repository will not take the place of any of those outlined in the guide but will instead supplement what is there and offer a new development snapshot of all the packages who's source code originates in the OpenShift Origin github repositories.
A little back story on this, the OpenShift Team at Red Hat has been looking for more ways to provide the community with as many opportunities to consume the on going development snapshots of the upstream code hosted on github. We initially launched OpenShift Origin's components Crankcase and OS-Client tools on github which is something I've been extremely excited about and along with that launch was a considerable amount of documentation for getting started and involved with OpenShift Origin which I would highly encourage everyone take some time to go check out, it's certainly exciting stuff!
Now, with the advent of the nightly rpm builds my hope is that this will be the first of many steps towards the goal of delivering the code in a more consumable manner so that end users who are wanting to get their hands dirty early on are able to do so without having to build everything from scratch. Another desire as a side effect of this is that those community members who do consume the nightly builds will find the project as exciting as those of us already involved and will hopefully be motived to join and contribute! I'm also hoping that we will be able to get to a point where we can also offer nightly builds of the OpenShift Origin LiveCD, that Krishna Raman has been doing great work on, but that is currently just an idea I've been pondering and I don't want to make any promises I am unable to deliver on. We'd like to make sure everyone does know we're continuing to brainstorm ideas, take suggestions and contributions, and make strides to continue our open source commitment to the community.
I suppose that's all for today, thanks to everyone who's been using OpenShift and becoming members of the OpenShift Origin community!
Happy hacking,
-AdamM
A simple way to protect your web server today, without creating any time a different user name/password, is to use one of the many openid server available on internet.
We can say that everyone today has a gmail (at least one) account, and, if you are one of the person all over the world that does not have a gmail account, we can add Twitter and Facebook and you are surely in.
Using a mod_auth_openid you can protect your web server directly in your apache configuration (conf or .htaccess) file. So, to use it you need first, to install this module. Fortunately I found on internet a repository with rpms for Centos5 and Centos6 and I created rpms for Fedora16 (that is my test machine at home).
So, for example on F16, you can do:
yum localinstall http://repos.mornati.net/openid/fedora16/RPMS/libopkele-2.0.4-1.fc16.i686.rpm yum localinstall http://repos.mornati.net/openid/fedora16/RPMS/mod_auth_openid-0.6-3.fc16.i686.rpm
I used yum localinstall because libopkele has some dependencies that are resolved (and installed) by yum.
Now your apache web server is ready to use OpenID. To configure it you can check official doc on the project website. Following an example of my configuration to use Google OpenID.
Check your configuration to verify if access restriction override is allowed. For example in /etc/httpd/conf/httpd.conf
#
# Possible values for the Options directive are "None", "All",
# or any combination of:
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
#
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
#
# The Options directive is both complicated and important. Please see
# http://httpd.apache.org/docs/2.2/mod/core.html#options
# for more information.
#
Options Indexes FollowSymLinks
#
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# Options FileInfo AuthConfig Limit
#
AllowOverride All
#
# Controls who can get stuff from this server.
#
Order allow,deny
Allow from all
The line to check is AllowOverride, you should have AuthConfig (or All like in my example).
Then you can create a .htaccess file in the folder you want to protect. And put a content like the following
AuthType OpenID require valid-user AuthOpenIDTrusted ^https://www.google.com/accounts/o8/ud AuthOpenIDSingleIdP https://www.google.com/accounts/o8/id AuthOpenIDAXRequire email http://openid.net/schema/contact/email ilmorna@gmail.com
AuthOpenIDAXUsername email
The first two line specifies that you want to use OpenID as authentication system and you want a valid-user to allow the access (that just means the user should be authenticated on gmail).
Then, the property AuthOpenIDSindleIdP specify to the mod_auth_openid the address to use for the authentication (here is the google one); the property AuthOpenIDAXRequire, as product doc says, can be used to verify some openid parameters, like the email, first and last name, birth date, etc. It’s important if you really want to protect your server because, without this, any person that has a gmail account (and if you remember we supposed that anyone today has this kind of account) can access to your "web pages".
In my example I get the check the email parameter with the "regex"; is not really a regex with a single mail specified, but you can create a line like:
AuthOpenIDAXRequire email http://openid.net/schema/contact/email [mail@gmail.commail2@gmail.commail3@gmail.com]
or, if you have a google apps account
AuthOpenIDAXRequire email http://openid.net/schema/contact/email @businessmail\.com$
Here you can find description for any other OpenID available parameter if you need other access rules.
After this little conf, if you try to get access to to your protected page, you will be redirected to gmail login, or to a gmail page asking for access if you are already logged in into gmail account. After the gmail login open id parameters are sent to your server and checked with your access rules. If all is passed –> Access to page.
Two really interesting articles from Ken Shirriff’s blog:
http://www.arcfn.com/2012/05/apple-iphone-charger-teardown-quality.html
http://www.arcfn.com/2012/03/inside-cheap-phone-charger-and-why-you.html
While Fedora has standardised on NSS for security services, a large swath of the world uses OpenSSL. Here are roughly comparable steps to sign a message with OpenSSL as I previously posted using NSS.
UPDATED: the format of the message is now as small as possible and still compatible with the NSS version. Also, the verification code was wrong before.
I followed the steps here to generate a signing certificate.
To sign a message:
openssl cms -sign -in auth_token.json -nosmimecap -signer cert.pem -inkey key.pem -outform DER -nodetach -nocerts -noattr -out auth_token.signed
And to Verify
openssl cms -verify -in auth_token.signed -certfile cert.pem -out signedtext.txt -CAfile cacert.pem -inform DER
I put the whole thing into a makefile.
TARGETS = private/cakey.pem cacert.pem req.pem req.pem cert.pem all: $(TARGETS) cacert.pem : private/cakey.pem private/cakey.pem : private openssl req -new -x509 -extensions v3_ca -keyout private/cakey.pem -out cacert.pem -days 3650 -config ./openssl.cnf private : mkdir -p private req.pem: openssl req -new -nodes -out req.pem -config ./openssl.cnf cert.pem : req.pem newcerts index.txt openssl ca -out cert.pem -config ./openssl.cnf -infiles req.pem newcerts: mkdir newcerts index.txt : echo '01' >serial touch index.txt # Old version #auth_token.signed : cert.pem auth_token.json # openssl cms -sign -in auth_token.json -text -out auth_token.signed -signer cert.pem -inkey key.pem # New Version auth_token.signed : cert.pem auth_token.json openssl cms -sign -in auth_token.json -nosmimecap -signer cert.pem -inkey key.pem -outform DER -nodetach -nocerts -noattr -out auth_token.signed Old version, broken #verify: # openssl cms -verify -in auth_token.signed -signer cert.pem -out signedtext.txt -CAfile cacert.pem verify: openssl cms -verify -in auth_token.signed -certfile cert.pem -out signedtext.txt -CAfile cacert.pem -inform DER display: $(TARGETS) openssl x509 -in cacert.pem -noout -text openssl x509 -in cacert.pem -noout -dates openssl x509 -in cacert.pem -noout -purpose openssl req -in req.pem -text -verify -noout clean: rm -f $(TARGETS)
A bit of fooling around with the pyRdfa library
English version
I just started to play around with the pyRdfa library.
The really cool features it has is to be able to retrieve/generate complete RDF document from RDFa (which is basically RDF embedded within html).
Using it you are therefore able to add RDFa to your website, retrieve the RDF content which is in it and reason on the RDF as you normally do with RDF.
Some demo:
- Install the dependencies:
yum install python-isodate python-html5lib python-rdflib
- Clone the sources:
git clone https://github.com/RDFLib/pyrdfa3.git
- Go in the sources:
cd pyrdfa3
- Open a python shell and play:
from pyRdfa import pyRdfa
proc = pyRdfa()
print proc.rdf_from_source('https://github.com/RDFLib/pyrdfa3', 'nt')
This will print you the RDF retrieved from the github project (I discovered in the meanwhile that github uses RDFa)
Output:
>>> from pyRdfa import pyRdfa
>>> proc = pyRdfa()
>>> print proc.rdf_from_source('https://github.com/RDFLib/pyrdfa3', 'nt')
"https://github.com/RDFLib/pyrdfa3" .
"GitHub" .
"githubog:gitrepository" .
"pyrdfa3 - RDFa 1.1 distiller/parser library: can extract RDFa 1.1 (and RDFa 1.0, if properly set via a @version attribute) from (X)HTML, SVG, or XML in general. The module can be used to produce serialized versions of the extracted graph, or simply an RDFLib Graph." .
"https://a248.e.akamai.net/assets.github.com/images/gravatars/gravatar-140.png?1329275856" .
"pyrdfa3" .
So rdf_from_source nicely provides you a string of your RDF document (Note: this method also accept text files for input).
You can of course also change the format:
print proc.rdf_from_source('https://github.com/RDFLib/pyrdfa3', 'xml')
Which returns:
>>> from pyRdfa import pyRdfa
>>> print proc.rdf_from_source('https://github.com/RDFLib/pyrdfa3', 'xml')
https://github.com/RDFLib/pyrdfa3
https://a248.e.akamai.net/assets.github.com/images/gravatars/gravatar-140.png?1334862345
GitHub
pyrdfa3 - RDFa 1.1 distiller/parser library: can extract RDFa 1.1 (and RDFa 1.0, if properly set via a @version attribute) from (X)HTML, SVG, or XML in general. The module can be used to produce serialized versions of the extracted graph, or simply an RDFLib Graph.
pyrdfa3
githubog:gitrepository
And finally, it is nice to retrieve a string but you will likely want to retrieve a graph if you are already familiar with RDF, so have a look at graph_from_source which returns you a RDFLib graph:
>>> print proc.graph_from_source('https://github.com/RDFLib/pyrdfa3')
[a rdfg:Graph;rdflib:storage [a rdflib:Store;rdfs:label 'IOMemory']].
Hope this helps, at least I am quite happy to have found a library to check my RDFa!
