September 22, 2014

New preview release of yumex-dnf
I have released a new prerelease version of yumex-dnf, the next generation version of Yum Extender using dnf as a backend.
It is the first version where work nicely with F21 and Rawhide

http://www.yumex.dk/2014/09/yum-extender-407-released-dnf.html

Please test it and let me know what you think




On fêtera la sortie de GNOME 3.14 mardi soir à Lyon
In French, for a change :)

Mardi soir, le 23 septembre, quelques-uns d'entre nous se retrouveront vers 18h30 au Smoking Dog pour quelques boissons, et poursuivront avec un dîner indien prés du métro St-Jean.

N'hésitez pas à vous inscrire sur le Wiki, que vous soyez utilisateurs de GNOME, développeurs ou simplement des amis du logiciel libre.

À mardi!
Software Freedom Day Panamá – Reporte
El pasado sábado 20 de septiembre el equipo de Floss-Pa organizó el ya conocido evento Software Freedom Day. Este año fue realizado en la Universidad Interamericana contando con una buena asistencia. Panamá Hitek estuvo presente y presenté una ponencia acerca de cómo crear documentos con LaTeX. En donde se habló tanto de un poco de historia acerca de cómo nace LaTeX, y cuáles son los conceptos básicos a tomar en consideración para crear un contenido a través de este tipo de sistema.Software Freedom Day Flyer

Además de esta charla, también se contó con la partición deotras personas como Adrian Scott que habló acerca de cómo se puede comenzar a crear un startup utilizando herramientas de software libre que por cierto me parecio muy interesante ya que consideró aspectos muy importantes a la hora de saber cómo vender un producto =).

Por otro lado, otra de las charlas que se dieron fue la de Ytzvan Mastino acerca de desarrollo de API’s con Node.js que también fue bastante buena. En la presentación Ytzan explico cómo podemos hacer uso de API’s para crear criterios de filtros a la hora de crear un tweet.

También se tuvo la participación del equipo de Fedora Panamábrindando una charla del Proyecto Fedora. Esta charla fue dirigida por Alejandro Peréz y Luis Bazán, ambos grandes contribuidores del proyecto quienes compartieron con los asistentes sus conocimientos no solo del proyecto fedora en sí sino también de virtualización y la utilización de Docker IO.

También se contó con la partipación de otros ponentes que hablaron de FireFox OS entre otros temas como Drupal.

En pocas palabras el evento quedó realmente bueno. Fue una gran oportunidad para conocer nuevas personas interesadas en este tipo de temas.

Para aquellas personas que no pudieron asistir e igual para las que sí y quisiera tener mi presentación acerca de LaTeX, actualmente está disponible a través de esta dirección, en donde además de ver el PDF generado, también podrán acceder al código fuente y así poder estudiar a fondo cómo pueden crear sus presentaciones con LaTeX.

Para finalizar, añado algunas imágenes del evento.

software-freedom-day-panama-2014-1software-freedom-day-panama-2014-5software-freedom-day-panama-2014-2 software-freedom-day-panama-2014 software-freedom-day-panama-2014-4 software-freedom-day-panama-2014-3

The post Software Freedom Day Panamá – Reporte appeared first on Panama Hitek.

Software Freedom Day Barquisimeto 2014

I was invited to Software Freedom Day that was held in Barquisimeto, Lara Venezuela this last Friday 19th. I had a talk about Docker, "How to dockerize your distributed applications" and I've explained to attendees how to make Dockerfiles and expose their own applications trough of containers.

Also I had a tiny booth where I gave media to the people interested in use Fedora like main system. I saw a great interest in use Fedora after explain the efforts we are doing in the next versions of the our SO.

Besides me, some people of other distros and communities gave talks and workshops, these were.

  • Knowing Free Software, brief introduction to the Free software and its philosophy, by Tamara Lucena

  • Infogobierno, Knowing the law of IT in our country, by Samuel Rojas

  • Internet Radios, creation of a national movement of digital radios, by Augusto Dávila

  • Introduction to Python, by Samuel Rojas

  • Project management with Github, how to use issues and milestones for manage a project, by Alexander Salas

I leave some pictures of the event:

SFD Picture 1 SFD Picture 2 SFD Picture 3 SFD Picture 4 SFD Picture 5 SFD Picture 6 SFD Picture 7 SFD Picture 8 SFD Picture 9 SFD Picture 10

September 21, 2014

Activities from Mon, 15 Sep 2014 to Sun, 21 Sep 2014

Activities

Activities Amount Diff to previous week
Badges awarded 644 -19.30%
Builds 17654 +15.11%
Copr build completed 2518 -01.56%
Copr build started 2513 -02.37%
Edit on the wiki 1250 +53.00%
FAS user created 87 -09.38%
Meeting completed 26 -10.34%
Meeting started 26 -10.34%
New packages 257 +129.46%
Posts on the planet 84 -09.68%
Retired packages 0 NA
Updates to stable 450 +34.33%
Updates to testing 524 -15.35%

Top contributors of the week

Activites Contributors
Badges awarded tw2113 (12), anibal (9), ritsteve (9)
Builds pbrobinson (6089), sharkcz (3575), karsten (2534)
Copr build completed dvratil (194), msuchy (185), churchyard (157)
Copr build started dvratil (194), msuchy (185), churchyard (151)
Edit on the wiki pnemade (87), pwhalen (78), duffy (69)
Meeting completed dgilmore (8), nirik (6), roshi (6)
Meeting started sesivany (3), mattdm (2), smooge (2)
New packages jchaloup (90), jujens (27), fab (10)
Posts on the planet admin (9), tw2113 (7), smittix (5)
Retired packages  
Updates to stable remi (32), mrunge (22), pjp (17)
Updates to testing ralph (47), remi (23), cicku (18)
Stylus behaviour on Microsoft Surface 3 tablets

Note: The purpose of this post is basically just so we have a link when this comes up in future bugreports.

Some stylus devices have two buttons on the stylus, plus the tip itself which acts as a button. In the kernel, these two are forwarded to userspace as BTN_STYLUS and BTN_STYLUS2. Userspace then usually maps those two into right and middle click, depending on your configuration. The pen itself used BTN_TOOL_PEN when it goes into proximity.

The default stylus that comes with the Wacom Intuos Pro [1] has an eraser on the other side of the pen. If you turn the pen around it goes out of proximity and comes back in as BTN_TOOL_RUBBER. [2] In the wacom X driver we handle this accordingly, through two different devices available via the X Input Extension. For example the GIMP assigns different tools assigned to each device. [3]

In the HID spec there are a couple of different fields (In Range, Tip Switch, Barrel Switch, Eraser and Invert) that matter here. Barrel Switch is the stylus button, In Range and Tip Switch are proximity and "touching the surface". Invert signals which side of the pen points down, and Eraser is triggered when the eraser touches the surface. In Wacom tablets, Invert is always on when the eraser touches because that's how the pens designed.

Microsoft, in its {in}finite wisdom has decided to make the lower button an "eraser" button on its Surface 3 Pen. So what happens now is that once you press the button, In Range goes to zero, then to one in the next event, together with Invert. Eraser comes on once you touch the surface but curiously that also causes Invert to go off. Anyway, that's a low-level detail that will get handled. What matters to users is that on the press of that button, the pen goes virtually out of proximity, comes back in as eraser and then hooray, you can now use it as an eraser tool without having actually moved it. Of course, since the button controls the mode it doesn't actually work as button, you're left with the second button on the stylus only.

Now, the important thing here is: that's the behaviour you get if you have one of these devices. We could work around this in software by detecting the mode button, flipping bits here and there and trying to emulate a stylus button based on the mode switches. But we won't. The overlords have decreed and it's too much effort to hack around the intended behaviour for little gain.

[1] If marketing decides to rename products so that need a statement "Bamboo pen tablets are now Intuos. Intuos5 is now Intuos Pro." then you've probably screwed up.
[2] Isn't it nice to see some proper queen's English for a change? For those of you on the other side of some ocean: eraser.[3] GIMP, rubber tool, I'm not making this up, seriously
Fresh software from the 3.14 menu
Here is a small recap of the GNOME 3.14 features I worked on. Some are already well publicised, through blogs:
And obviously loads of bug fixes, and patch reviews. And I do mean loads :)

To look forward to

If all goes according to plan, I'll be able to merge the aforementioned automatic rotation support into systemd/udev. The kernel API is pretty bad, which makes the user-space code look bad...

The first parts of ebooks support in gnome-documents have already been written, scheduled for 3.16.

And my favourites

Note: With links that will open up like a Christmas present when GNOME 3.14 is released.

There are a lot of big, new features in GNOME 3.14. The Adwaita rewrite made it possible to polish the theme greatly. The captive portals support is very useful, the travelling you will enjoy this (I certainly have!).

But my favourite new feature has to be the gestures support in gnome-shell. I'll make good use of that :)
Throughout the day of September 19, Friday, I participated in 6th FTSL - Technology Forum on Free Software...
Throughout the day of September 19, Friday, I participated in 6th FTSL - Technology Forum on Free Software in Curitiba. On Saturday, 20 September, i gave a talk in X Software Freedom Day Curitiba about Why contribute to Free Software at morning and another talk of Fedora 21 at afternoon.
The people who participated in any talk received some buttons, stickers and medias of Fedora 20. #fedora #linux  

FTSL 2014


Teach how to think and not what to think
With the changing times and across levels of education, one thing that might have remained constant is that good teachers always teach how to think instead of being just the source of information on what to think. They use all the resources around them to help student's build their personalities. The goal of education cannot be mere preparation for earning livelihood in future. Coaching and training are enough for that purpose and anyone with proper access to the information can gain enough knowledge to earn a living. Better society is not formed by better earning future generation alone, it is formed by better ideas, innovation and evolution of human values, generation after generation. 

Given the technological advances and access to enormous information, students of 21st century are not dependent on formal coaching for making ends meet. Before a teacher starts teaching a topic in classroom, some of the students may already have number of different pieces of information on the topic which may very well be differing from the textbook version of the facts, not any particular of them being necessarily the correct one. This makes the role of teachers in the process of education of 21st century even more critical and challenging.
In the vast sea of information, teachers first need to learn fast on their own, be updated on the various perspectives on the same topic, learn from the students, and above all of this, they need to be the guides who will ensure that the learners are going in the right direction while surfing through all the information. While technology brings lot of resources for teachers, it also makes their role even more challenging. The more reluctant teachers are to adapting this change, the more directionless will be the future generations.
So should the teachers gain a lot of knowledge? Should they really know which direction is correct for each of the students? That would fairly impractical and inefficient. So while being updated on the teaching resources, the teachers need to be able to guide and mentor their students on certain basic values which will help them filter the information for its rationality, correctness, interest, ethics and practicality. There would be more such basic values and each teacher needs to develop them on their own. But once the students get the sufficient 'coaching' on these while learning the set courses, there is more likelihood that they would neither be lost in the amount of content, nor be restricted in their perspectives. This would further help them be more self-driven, innovative and practical. Once these values are imbibed, they would be sufficiently equipped to both sustaining a livelihood as well as making a better society of their own.
Teachers need not just remain the source of information, either from textbooks or from internet, either on paper or on the screen, they just need to provide proper pointers on what to look out for, how to filter that, and further encourage its practical use by means of 'creating' various kinds of useful resources from that. For doing all these, they can very well make use of the technology solutions, which facilitate creationism, collaboration, prototyping, and automation for the mundane tasks.
Depurando PHP con un poco más de estilo
Una de las mejores prácticas para probar si nuestra 'aplicación' Web en PHP, código...etc en PHP es depurarlo lo máximo posible. Y pasar horas y horas frente a la pantalla viendo errores, warnings...etc en una triste letra con un fondo blanco se nos hace un pelín más deprimente.

Si no te gusta, puedes cambiarlo a golpe de paquete llamado php-pecl-xdebug y reiniciando por supuesto el servidor de Apache (httpd).

Pasaremos de tener esta interfaz:

 Por esta:

Para más información, puedes visitar la página de Xdebug. Para modificar parámetros o añadirlos. El fichero está localizado en /etc/php.d/xdebug.ini

Nota: Tenemos que tener habilitadas los siguientes parámetros del fichero /etc/php.ini para poder visualizar correctamente los Warnings o errores a la hora de probar nuestro código:
error_reporting = E_ALL
display_errors = On

Fedora en Software Freedom Day Callao 2014

En una mañana bastante fría, muy nublada en el Distrito del Callao, exactamente en la Universidad Nacional del Callao, desde las 9.00 am. estuvimos presente como Fedora Perú en el SOFTWARE FREEDOM DAY CALLAO 2014 organizado por la Comunidad de Usuarios de Software Libre y GNU/Linux de la FFIS UNAC; después de un café bien caliente procedimos a instalarnos en los ambientes seleccionados para tal actividad académica.

IMG_4435 IMG_4438 IMG_4439 IMG_4441 IMG_4442 IMG_4450 IMG_4451 IMG_4457 IMG_4458 IMG_4462 IMG_4468 IMG_4479 IMG_4485
A las 10.30 a.m. aproximadamente iniciamos con un taller básico denominado “Primeros pasos en Linux usando Fedora” con un aproximado de 15 participantes, como ya es conocido era necesario trabajar con equipos virtuales, para nuestra sorpresa tenían S.O. de 32 bits, felizmente tenia un equipo virtual de Centos 32 bits y rápidamente copiamos a todos los equipos los packs y comenzamos a cargar Linux. Desde equipo con Fedora20 iniciamos con los comandos básicos del terminal hasta llegar el uso del visor cat, de los editores vi, vim; como era de esperarse el tiempo quedó muy corto y ya teniamos en la puerta esperando gente para el siguiente taller, esperamos pronto volver hacer más talleres…

IMG_4496 IMG_4500 IMG_4501 IMG_4502 IMG_4505 IMG_4506 IMG_4511 IMG_4513 IMG_4522 IMG_4522b
A las 12.00pm en la segunda parte de mi participación me tocó realizar una charla sobre “Estado actual de las comunidades de Software Libre” en el Perú, haciendo un breve análisis de las actividades, situaciones críticas vistas en estos últimos años, para luego finalizar con propuestas que permitan fortalecer el crecimiento de estas, invitando a los participantes a formar parte de las diferentes comunidades y seguir promoviendo eventos de Software Libre.

Luego de un buen almuerzo en el pueblo chalaco y con el frío que aún seguía a las 3:00 pm puse en marcha mi regreso a casa para pasar la tarde en familia.


September 20, 2014

Fedora 20 + Netflix

I’ve finally got native Netflix working in Fedora 20, this is what I had do to get it working.

  • Make sure you’re running Chrome Version 37 at least
  • Make sure you’re running NSS version 3.17
paulmellors@localhost ~]$ rpm -q nss 
nss-3.17.0-1.fc20.x86_64
  • Make sure you have the chrome user agent switcher installed
  • Think you can get it from here – https://chrome.google.com/webstore/detail/user-agent-switcher-for-c/djflhoibgkdhkhhcedjiklpkjnoahfmg

Installing this will place new icon in the right of the Chrome toolbar. Right-click on this item and select ‘Options’. We’ll now add the required HTTP agent with the following string (thanks to Mat Enders for these steps):

Name: Netflix Linux
String: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/38.0.2114.2 Safari/537.36
Group: (is filled in automatically)
Append?: Select ‘Replace’
Flag: IE
If you fill this in correctly you should have something like this:

netflix-user-agent-spoof-750x269

Click the ‘Add’ button at the far end to save your UA.

Now, load ‘netflix.com‘ in a new tab, and click the User-Agent Switcher toolbar icon, click ‘Chrome’ and select the ‘Netflix Linux’ entry. This will reload the page.

Optionally, you can set a permanent spoof rule to force this user-agent to take effect when loading Netflix:

netflix-user-agent-rule

You should now be able to watch netflix on Fedora :)

Thanks to info and images from this page.

The post Fedora 20 + Netflix appeared first on Paul Mellors [dot] NET.

flattr this!

Florida is back on the Map for Linux and Open Source conventions with FOSSETCON 2

DSCN1941It has been a long time coming for Linux professionals and users to have an event in Florida.

The last major event was in 2009 at the Florida Linux Show that promoted open and free software.
I was extremely excited when I heard that there was a central Florida conference, and even more since we (Fedora) were invited to attend. The event went as scheduled September 11th through 13.

The event coordinator Bryan Smith and I exchanged a few emails on the event prior to us arriving on the early morning on the 12th . The first day did not have any Expo hall activity, and since we were a short 2 and a half hours drive from the event I did not see any need to get there on the 11th.

Upon arrival at the Rosen Plaza Hotel in Orlando Florida we proceeded to the check and registration booth for the event. I spoke with the event coordinator briefly on what we were to expect today and get us checked into the event. He was truly excited to see Fedora show up and was ready to get us started. This was his first event planning for something this size and as everything that goes along with it including some equipment problems. Although minor equipment issues presented themselves, they always grow into larger problems as the days goes along. Nevertheless, eventually the worked out the bugs and got things rolling.

 

The Expo hall was large and accommodating, although we noticed that the booth was only sufficient enough for only two people to sit behind the table. Everything conveniently fit under the table without a problem. Sufficient power feeds were present and ready for use. We did not experience any difficulty with the set up or area. The Fedora booth was located directly across from the Red Hat booth and just to our right with CentOS. We owned the corner. The booth was ready to go at 9 am on the first expo day and we already had some of the other booth’s exhibitor’s show up at our booth. They were really glad to see us there and had questions for us right away. There were not a lot of O/S booths in attendance. Ours, CentOS and Ubuntu were in attendance, as well as some of the other folks we normally see in the area Omnibond, HP Open source, Free BSD just to name a few.

We had our standard run of swag stickers, pens, case badges, and I had a few Beefy Miracles left to hand out (they were quite popular). I also had a few other items that I handed out to those who were truly interested in Fedora and what Fedora does for them. I gave out about 20 USB Key’s to those who were really interested in our product. The first day proved to be quite busy for all three of us at the booth answering question and handing out media. Also as usual, the OLPC was running and drew lots of attention; there were several questions on how to get one. The Think pad was also set up to show the different versions of desktops Fedora provides with the Multi-DVD. It also proved useful in the acceptance of what we do. I gave out one full box of media on the first day. Many of the people that stopped by the booth were unaware of the Fedora Booth FOSSETCONother spins available from our website.

This alarmed me in the fact that there are many uses for the Security Spin.
I use the security spin for my personal business in looking at how secure small business’ are and what they can do to improve. They were also unaware of the media (graphic), JAM, and the Electronics lab Spins. This is an area I think we as ambassadors could improve in. There is no promotional media or fliers that would help us at the events. I plan on using another of my personal laptops to load one of the less known spins to promote more options.Also there were many discussions on the next release of Fedora and how the release will look. This was a good experience for us ambassadors and for the interested individuals.

On the second Day, the EXPO hall did not open until 1110. We were ready to go at 10am. Although the hall was not open (publicly) people still showed up and we were ready to help and distribute Fedora to anyone interested, that is when we noticed, No one else was there except the CentOS folks. This meant we had the corner on the market for the first ninety minutes. The second day was slower than the previous day but it had its advantages. We had some repeat individuals that had more questions about other issues that they were seeing on the install.
Nothing that we couldn’t handle there at the booth or that we could not get an answer to. We also had someone come up to help install Fedora and build a special live media for a gentleman that has some trouble with his wireless on the live media.

In summary the event was a good investment in time and booth expenses spent. We were able to distribute and promote Fedora in a very positive manner. More importantly getting more information on the various spins offered on our website pointed out to many individuals that there are more available on the Fedora Project website.. As the event ended on the 13th, I had had a conversation with the event coordinator with the plus side and the down side of what was going on.

The biggest problem was the frustration on not having things work the way it should have to begin with. Bugs and Gremlins are always present and hopefully the next year they will have them all worked out to make for a smoother running conference. I also discussed the Hotel and equipment issues briefly. The hotel could not have been more accommodating; there were available snacks and drinks in a small on property quick mart, full restaurants, fast food, and a mini coffee shop. The accommodations were more than satisfactory (in fact pretty darn good) for a very reasonable price. I feel that the event will only grow to a larger event if the coordinators can reach out to the surrounding larger cities such as Tampa, Miami, West Palm Beach/Ft Lauderdale, Tallahassee, and Jacksonville areas. These larger areas in fact do have a large Linux community and would probably travel if the correct advertising and reaching out to local Lugs is achieved.

We will definitely attend the next FOSSETCON in Orlando!

MACLUG Inauguration at New Delhi

Today I attend the inauguration ceremony of MACLUGMaharaja Agrasen College, GNU/Linux Users Group. I was honoured to have been invited among many esteemed guests to light the lamp of this wonderful new beginning. This reminded me how nine years ago I along with a bunch of enthusiasts started JMILUG.

I shared my thoughts on “Freedom – Community – Science – Innovation”

Four Freedoms

Let me begin with the Four Freedoms. A program is free software if the program’s users have the four essential freedoms:

  • The freedom to run the program as you wish, for any purpose (freedom 0).
  • The freedom to study how the program works, and change it so it does your computing as you wish (freedom 1). Access to the source code is a precondition for this.
  • The freedom to redistribute copies so you can help your neighbor (freedom 2).
  • The freedom to distribute copies of your modified versions to others (freedom 3). By doing this you can give the whole community a chance to benefit from your changes. Access to the source code is a precondition for this.

Why are these freedoms important?

It won’t take much to realize how these Four Freedoms are. For example, lets take parallel between Four Freedoms and other things that affect our lives daily. Take note that these freedoms are applicable for more things than just software programs:

  • Science – standing on the shoulder of the giants
  • Literature and entertainment – Comics books turned into Super Hero TV Series and Movies
  • Internet – wouldn’t be possible if Tim Bernes Lee didn’t share his idea and the technology

What if Newton or Einstein and many other scientists didn’t share their theories? There wouldn’t be modern science. What if all the literature was kept secret? There wouldn’t be no entertainment. And list would go on and on.

We must be aware of the freedoms we carry with chores of daily life.

How do we take these freedoms forward?

We can spread the awareness of the Four Freedoms only through a Community. Community is a social unit of any size that shares common values. The people invest with shared capital ( such as belongingness ) and people communicate ( via words, art, emotions etc ) to share their views. Community consists of creators ( or contributors ) and consumers. All of the people have different roles and it better be organic, so that it can thrive based on these parameters:

  • Motivation
  • Passion
  • Goals

We need to ensure a thriving community keeps everyone aware of these freedoms. I am confident that MACLUG students have these qualities, and I wish them good luck.

Welcome to the world of Free and Open Source Software :-).

For references:

Emacs Modules

I’ve been working on an odd Emacs package recently — not ready for release — which has turned into more than the usual morass of prefixed names and double hyphens.

So, I took another look at Nic Ferrier’s namespace proposal.

Suddenly it didn’t seem all that hard to implement something along these lines, and after a bit of poking around I wrote emacs-module.

The basic idea is to continue to follow the Emacs approach of prefixing symbol names — but not to require you to actually write out the full names of everything.  Instead, the module system intercepts load and friends to rewrite symbol names as lisp is loaded.

The symbol renaming is done in a simple way, following existing Emacs conventions.  This gives the nice result that existing code doesn’t need to be updated to use the module system directly.  That is, the module system recognizes name prefixes as “implicit” modules, based purely on the module name.

I’d say this is still a proof-of-concept.  I haven’t tried hairier cases, like defclass, and at least declare-function does not work but should.

Here’s the example from the docs:

(define-module testmodule :export (somevar))
(defvar somevar nil)
(defvar private nil)
(provide 'testmodule)

This defines the public variable testmodule-somevar and the “private” function testmodule--private.

Inkscape-Weekend Oktober 2014

Ich habe von verschiedenen Seiten Anfragen erhalten, ob ich denn nicht noch einen Inkscape-Wochenendworkshop anbieten könnte. Momentan ist meine Zeit allerdings begrenzt und es gibt nur eine Möglichkeit und zwar am Wochende vom 24.-26. Oktober 2014

Der Workshop beginnt am Freitag Abend mit einigen Dingen rund um SVG, der Oberfläche von Inkscape, den Verzeichnissen, Zooming und Panning und setzt sich dann am Samstag morgen fort mit den Zeichenwerkzeugen. Nach meinen Erfahrungen schaffen wir in bestimmte Themen, wie Live Pfadeffekte, Gekachelte Klone und vor allem Filter nur Einblicke aber die reichen aus, um im Selbststudium sich damit beschäftigen zu können. Wann immer es geht schieben wir auch praktische Teile ein, bist Sonntag Abend sollten wir auf diese Art und Weise alle Funktionen von Inkscape kennengelernt haben.

Neu dieses Mal ist, das wir verstärkt auf die neuen Funktionen von Inkscape eingehen, denn unter Umständen ist die Version 0.91 von Inkscape dann bereits erschienen. Diese bringt eine große Anzahl Neuerungen mit.

Wie bei allen anderen Workshops vorher auch gibt es wieder ein Formular zur Anmeldung, auch dieses Mal gilt ich mach mir nur die Mühe, wenn mindestens 3 Leute zusammen kommen. Ich gebe spätestens eine Woche vor Veranstaltung per Mail Bescheid, ob die Veranstaltung stattfindet.

Ansonsten bleibt alles beim alten Teilnahme frei, es sei denn ihr wollt mir etwas zustecken aber das bleibt euch überlassen.

September 19, 2014

What the GNOME release team is doing

shells

At the release team BoF at this years Guadec, I said I would write a blog post about the whats and hows and ifs of release team work. I’m a little late with this, but here it is: a glimpse into the life of a GNOME release team member.

We are in the end phase of the development cycle, when the release team work is really kicking into high gear.

Blocker bugs

Since the .90 release, we’ve been tracking blocker bugs.  The way this works is that we are setting the GNOME Target field to the next release. During the cause of the development cycle, we’ve had 50 bugs that were marked with

GNOME Target=3.14

at some point . Today, we’re down to a single one, which will hopefully be gone before the weekend is over.

In order to draw our developers attention to these bugs, we’re sending out regular reports to desktop-devel-list (see them here, here and here). Andre has taken over this task this cycle.

We don’t have formal criteria for what bugs to mark as blockers, we are mostly going by the instinct and experience of bug zapping veterans like Andre Klapper. My own criteria for setting this flag mostly come down to these questions:

Is it a crash in a core component ?
Is it very visible or annoying ?
Will it affect many users ?

For finding bugs that should be blockers, I am regularly scanning all incoming bugs in bugzilla. On an average day this query finds between 100 and 200 bugs – with some practice, one can get through that list in 15 minutes.

We also get ‘nominations’ for blockers from maintainers and developers, which is very helpful.

Development Releases

The duty of ‘doing’ releases is distributed among all of the current, active release team members.

Our development schedule has a pretty well-established cadence of development  releases: We do a number of early development snapshots which are roughly a month apart (3.13.1, 3.13.2, 3.13.3 and 3.13.4 this cycle), followed by the beta releases which are 2 weeks apart (3.13.90, 3.13.91, 3.13.92, this cycle).

The end product of each development release is a set of jhbuild modulesets and a forest of symlinks to the tarballs for individual modules that are included in the release.

Most of the mechanics of creating the modulesets by rewriting our regular modulesets (which point at git repositories, not tarballs), and creating those symlinks on the server are handled by scripts that have been passed down through the generations.

The time-consuming aspect of creating a release is that it usually takes several attempts to create candidate modulesets, hunt down missing releases (or doing them ourselves – which is sadly necessary for a number of ‘weakly maintained’ modules), and do a full jhbuild using the final modulesets. As a consequence, while our official release day is always Monday, the release typically happens on Wednesday or Thursday of the same week.

Planning

Towards the end of a development cycle, the release team also starts to plan for the next cycle.

This includes creating the schedule, taking a look at annoying bugs that we should tackle in the next cycle, figuring out if there are project-wide goals that we should push, and collecting input on new modules and features that people want to work on for the next release.

Since we are at this point right now, let me end with this request:

Please let us know what features are on your modules roadmap for the next cycle!
How to work with CentOS-5 in a CentOS-7 mock shell
So I have been spending a lot of time lately working on Extra Packages for Enterprise Linux (EPEL) as I know it is one of the undersold success stories of Fedora.

In doing so I have been focusing on EPEL-5 as it is the oldest release and something that most packagers do not actually think about (as they are usually focusing on the latest and greatest in Fedora or maybe Enterprise Linux-7). This has been a trip down memory lane as I have had to deal with things like ancient Python and a yum without the same command set or tools as 'current' ones.

One of the big things I have to remember is that EL-5 is based off Fedora 6 (<blink>zod</blink>) and so its RPM database is a different format than what is in any Fedora after version 8 (I believe). I rediscovered this format change when I was trying to see what packages in EPEL might replace 'core' packages in a bare bones CentOS-5 install. I was using mock to do this which uses the host system (in my case a EL-7 box) to populate the buildroot with packages from EL-5 tree.

I ran into this when I did a
[smooget@junk02 rpm]$ mock -r local-5-i386 --init
[smooget@junk02 rpm]$ mock -r local-5-i386 --shell
<mock-chroot>[root@junk02 /]# rpm -qa

</mock-chroot>

I got an error telling me that the database type(9) was unknown. After spending some time working through various people running into this on google, I was able to piece together the following on how to work with the rpm inside the mock shell appropriately.
  1. Before entering into the shell, dump the databases with the system db_dump
    [smooget@junk02 rpm]$ mock -r local-5-i386 --install db4-utils
    [smooget@junk02 rpm]$ sudo -i
    [root@junk02 rpm]# cd /srv/mock/tree/local-5-i386/root/var/lib/rpm # this is not DEFAULT location
    [root@junk02 rpm]# for i in Basenames Conflictname Dirnames Group Installtid Name Obsoletename Packages Providename Requirename Sha1header Sigmd5 Triggername ; do echo $i; db_dump $i > $i.x; done
    Basenames
    Conflictname
    Dirnames
    Group
    Installtid
    Name
    Obsoletename
    Packages
    Providename
    Requirename
    Sha1header
    Sigmd5
    Triggername
  2. Now we can load all those db (really on Packages is needed but I like to be a completist)
    [smooget@junk02 rpm]$  mock -r local-5-i386 --shell
    <mock-chroot>[root@junk02 /]# cd /var/lib/rpm
    <mock-chroot>[root@junk02 /]# for i in Basenames Conflictname Dirnames Group Installtid Name Obsoletename Packages Providename Requirename Sha1header Sigmd5 Triggername; do echo $i; rm -v $i; cat $i.x | db_load $i; done
    <mock-chroot>[root@junk02 /]# rpm --rebuilddb
    <mock-chroot>[root@junk02 /]# rpm -qa
    should give you a list of packages.
    </mock-chroot></mock-chroot></mock-chroot></mock-chroot>
Note once you have done this you can not use mock to install packages anymore. If you need to install more packages make sure you have installed yum before you do this.

So what does this give you if you have completed this and installed EVERY possible package (choosing one set in case of conflicts like samba/samba3)




=============================================================================================================================
Package Arch Version Repository Size
=============================================================================================================================
Updating:
agg i386 2.5-9.el5 extras 147 k
agg-devel i386 2.5-9.el5 extras 368 k
fribidi i386 0.19.2-2.el5 extras 53 k
fribidi-devel i386 0.19.2-2.el5 extras 53 k

Transaction Summary
=============================================================================================================================
Install 0 Package(s)
Upgrade 4 Package(s)

Total size: 620 k
Is this ok [y/N]:



So it looks like my next step will be to a) see if RHEL-5.10 updated those packages and if not have them 'removed' or something else. Also I need to figure out a better way of doing this so we can have a koji test to make sure the EPEL package doesn't ever get in the first place.
News: audible website come with Trial Membership .
The audible website come now with this great deal.

  • 30-day Trial Membership 
  • 1 book per month Free for the first 30 days and $14.95/month thereafter 
  • Membership continues until you cancel (by visiting your account or contacting customer service) Price - $0.00 .

You can login also with your amazon account.
Tools update

Hello,

Recently I pushed these packages to various Fedora repositories. Some of them were not in EPEL, some were missing from EPEL-7, one was not built since long time.

  • GNU Pem:- GNU Personal Expenses Manager
  • Is an extremely simple, yet powerful tool to help you track your income and expenses for next 100 years.

  • LZ4:- Extremely fast compression algorithm
  • Is a widely used fast compression algorithm providing compression speed at 400 MB/s per core and is scalable with multi-cores CPU.

  • PDFCrack:- PDF password recovery tool
  • Is a lightweight tool to recover password and content from PDF files. It comes with no dependencies.

  • Ptrash:- move file(s) to ~/.trash directory
  • Is a handy and competent replacement for ‘rm(1)’ command. I wrote it after accidentally deleting few important files.

  • Python-Unidecode:- ASCII transliterations of Unicode text
  • Is a simple Python module used to transliterate Unicode characters to their ASCII representation.

  • Whereami:- display work location
  • Is a handy tool to know your current work location like host name, working directory, IP address etc.

Please let me know if you face any difficulties. Hope you find them useful. :)


Licensing morality

I’ve written in the past about what a mistake it is to add behavioral incentives or morality clauses to the licenses for open-source projects. Briefly, these clauses are bad:

  • philosophically because they infringe the on basic software freedom to use a freely-available project for any purpose1;
  • legally because they generally rely on vague and subjective terms and (paradoxically) thus rendering your license both radioactive and unenforceable; and
  • practically because instead of preventing people from doing things that you don’t like, they just prevent people — even those who wouldn’t be inclined to do things you don’t like! — from using your work.

One software domain in which licenses with usage restrictions are commonplace (and, unfortunately, widely accepted) is digital fonts. This has historically been a problem for Fedora, since many “free” fonts are not open-source (in that they do not permit modification) or have usage restrictions (in particular, against “commercial” use). Furthermore, much like novel one-off open-source software licenses, most partially-free licenses authored by font creators are unlikely to be unambiguous or legally sensical.2

The problem gets far worse when we look at commercial fonts, for which the type of application and type of output are often incorporated in usage restrictions. Last year, I licensed a font whose EULA was self-contradictory; you can click the link for the whole story, but the main problem was that it claimed to broadly allow rasterization, including use to “create images on computer screens, paper, web pages, photographs, movie credits, printed material, T-shirts, and other applications,” but that I couldn’t use the font “as part of broadcasting video or film […] the use of the font software in titling, credits or other text for any onscreen broadcast via television, video, or motion picture.”

Since one of my creative endeavors is editing home and bicycling videos, the combination of being allowed to “create … movie credits” but not to “use the font software in titling, credits or other text for … motion picture” was pretty frustrating, especially since the EULA hadn’t been obviously available for review until after I licensed the face. (There were numerous other problems, ambiguities, and contradictions with the license, and when I asked the foundry for for a clarification, they curtly denied that there was anything to be confused about.)

For more than a year and a half, this inconsistent license has been my benchmark to evaluate whether or not a font is more trouble than it’s worth, and I’ve at least learned to be more careful reading font EULAs.3 However, I recently came across an example4 that so completely outclasses the contradictory license that I can’t imagine it will be replaced as the new standard for terrible usage clauses in licenses. Here’s an excerpt; the author’s name is redacted:

Fonts by [redacted] may NOT be used for pornographic, derogatory, defamatory or racist material (in any form, printed or virtual); fonts by [redacted] may NOT be used by individuals or companies involved in child abuse, child pornography or child labour; fonts by [redacted] may NOT be used by individuals or companies involved in destruction of natural resources and/or habitat, logging (even legal), palm oil exploitation/harvesting, tuna fishing, whaling, animal trafficking, oil and/or gas drilling or transporting and mining. Fonts by [redacted] may NOT be used by individuals or companies promoting an unhealthy lifestyle (fast food, energy drinks, foods containing GM ingredients). Fonts by [redacted] may NOT be used by companies or individuals involved in Genetic Modification / Genetic Alteration of organisms. Fonts by [redacted] may NOT be used by individuals or companies involved in fur trade, or making use of fur. Fonts by [redacted] may NOT be used by missionaries, individuals or institutions of any creed or faith for the purpose of converting others to their creed or faith. Fonts by [redacted] may NOT be used to instigate terror, hate, intolerance, fear or racism.

I almost don’t know where to begin with this one, since it raises so many questions for the licensor:

  • When do we cross the line from light-hearted ribbing to “derogatory material”? Are satire and parody proscribed?
  • Say I use this font to title a bicycling video; would the licensor need to see what sort of chain lubricant I used or whether or not I was a regular inner-tube recycler before determining that I wasn’t involved in “destruction of natural resources”? (What about people who eat animal protein? Or plants?)
  • Are we mostly worried about the Indonesian orangutan, or is (relatively-low-impact) West African palm oil OK? Is the palm oil industry full of typophiles? How many jars of palm oil bore the licensor’s glyphs before he added this clause?
  • How are we defining “unhealthy” or “genetic modification”? It seems like consensus regularly changes on the former and the latter is — like much of the language in this clause — actually kind of vague despite being deployed in an absolute manner. Can I replant seeds from my best tomatoes or must I toss them? (In a related question, since I have the suspicion that it might come up in a future revision of this license: is it OK to use this font to promote vaccination?)
  • What about people of faith whose creed includes a concept of vocation, or the notion that they serve God through their creative and professional work?

Hopefully, these kinds of questions — along with many more like them that you may be asking yourself — underscore why this kind of license is a problem: the licensor probably hoped to make a clear statement of principles, condemn what he saw as social ills, and avoid assisting people and groups he’d find objectionable. Instead, the license restrictions are so broad as to exclude use by anyone except the font’s creator (who is unlikely to sue himself for breach of contract). No matter who you are or what you do, if the licensor wanted to sue you, he probably could.

I’m inclined to excuse that last sentence, though, since the licensor seems to know a thing or two about instigating “hate, intolerance, [and] fear.”


  1. The GNU Project calls this “Freedom 0.”

  2. If you’re releasing open-source software, you should use a well-known license. If you want to release a font freely, you should have a very good reason for using anything except the Open Font License or the LPPL.

  3. This may be surprising to people used to regular software licensing, but I’ve seen fonts for sale in different places with different licenses! It seems like some sellers have standard EULAs and require font creators to allow distribution under these, while others maintain the creators’ EULAs.

  4. Alas, I came across this example after paying for a license.

3.14 On Its Way

I recently put the finishing touches to the GNOME 3.14 release notes, which means that the next GNOME release is getting pretty close now. I never cease to be excited by new GNOME releases, nor to be amazed by our community’s ability to discernibly improve the GNOME 3 user experience release on release. I’m definitely at the point where I want to be running 3.14 all the time – it’s obviously a lot better than the previous version.

You’ll have to wait for the release notes to get all the details about what’s in the new release. Nevertheless, I thought I’d give a sneak peek at some of my personal favourite features.

Often with new releases we focus on the big new features – obvious bits of new UI that do cool stuff. One of the interesting things about this release, though, is that many of the most significant changes are also the most subtle. There’s a lot of polish in 3.14, and it makes a big different to the overall user experience.

New Animations

<iframe allowfullscreen="allowfullscreen" frameborder="0" height="465" src="https://www.youtube.com/embed/ZOiLFx_LQBM?feature=oembed" width="620"></iframe>

It’s quite a while since Jakub first posted his motion mockups for the applications view. Since then we’ve been steadily and progressively iterating towards those mockups. With 3.14 we’ve finally got there, and it was worth the wait. The most noticeable effect is the new “swarm” animation, but also a lot of other subtle touches, such as when you browse application folders, or when you launch applications. We’ve also reworked the animations for when windows are opened and closed.

Animations might seem like unimportant window dressing, but it’s surprising how significant they can be for the user experience. They are the glue which binds the different parts of the UX together. By smoothing the transition between views, windows and applications, they make the entire experience feel responsive, fluid and more pleasurable to use. (And they actually make everything feel a lot faster, too. But don’t tell anyone.)

Google Images in Photos

Photos 3.14

GNOME’s Photos app has been steadily maturing over the past couple of releases, and it is turning into the dependable core app that we want it to be. The big news for 3.14 is that Photos will now pick up your Google photos, so any images you’ve uploaded with Picasa, Android, or posted on Google+ will be immediately available there. This is obviously incredibly convenient for users of Google services, and I know I’m looking forward to being able to quickly browse my online photos from within GNOME 3.

Rewritten Adwaita

GTK+ 3 Widget Factory 3.14

Jakub and Lapo have been tireless during the 3.14 cycle, and have completely rewritten Adwaita (the GNOME 3 GTK+ theme). This was a huge undertaking – around 8,000 lines of CSS have been reduced to about 3,300 lines of SASS. This was primarily intended to improve the maintainability of the theme. As such, there hasn’t been a dramatic change in the theme. What has happened, though, is that every aspect of the theme has been gone over with a fine-toothed comb.

There are some more noticeable changes. Progress bars have got thinner. Spinners look different (so much better). Switches are a bit different. However, the more exciting thing for me is that pretty much every part of the theme has changed in a subtle way. Everything feels crisper, sharper, and a bit lighter. There’s also a lot of subtle animations now (thanks to CSS animation support in GTK+), adding to the feeling of polish.

Search More Things

System search has been one of the most successful parts of GNOME 3, in my opinion. The number of applications that are feeding results to system search has continued to increase with 3.14, with two really useful new additions. The first is Clocks, which will return search results for world cities. Search is all you need to do to find the time in a place throughout the world.

search-clocks

The second new search provider in 3.14 comes from the Calculator. As you might expect, this allows you to perform simple calculations straight from the search box. It’s pretty exciting to see system search in GNOME 3 become so versatile, and the great thing about it is that it’s always a single keystroke away.

search-calculator

Go Go GTK+ Inspector

GTK+ Inspector 3.14

I don’t usually write about developer-focused features when I preview GNOME releases, but I can’t talk about 3.14 without mentioning GTK+ Inspector. If you work with GNOME technologies – as I do – this tool is something of a revelation. It’s amazing how quickly it becomes a core part of how you work. I’m already wondering how I ever lived without it.

The inspector isn’t just useful. It is also a lot of fun, and makes it easy to experiment. if you’re not a developer, or you don’t regularly work on GTK+ apps, I’d still recommend trying it out. Just hit Ctrl+Shift+I and have a play around.

Waiting Time

This is just a small selection of the features that are coming in the new release. To learn about everything else that’s coming, you’ll have to wait for the release notes. 3.14 should be out next week.

Smittix’s Top 5 GNOME Shell Extensions

GNOME Shell’s ability to have extensions is pretty brilliant in my eyes. Some developers have come up with some great extensions to make life easier within GNOME-Shell.

 

To install these extensions easily just open the links up within firefox, you will get a message bar asking if you would like to allow extensions.gnome.org to install them.  You need to allow this for them to work.

 

When you load one of the extension links you will be presented with a page like below, it has a nice easy “On/Off” toggle switch.

 

Screenshot from 2014-09-19 14:20:49

 

Hit the toggle to turn the extension on. You will be then asked if you want to install said extension. Click Install!

Screenshot from 2014-09-19 14:21:11

 

 

SystemMonitor

by gcampax

Description

This system monitor extensions shows your CPU and memory usage in the message tray, I think it’s pretty handy too.

 

Screenshot

Screenshot from 2014-09-19 14:25:29

 

Installation Link

https://extensions.gnome.org/extension/9/systemmonitor/

 

OpenWeather

by Jens

Description

This weather extension sits in your top panel and displays the weather in your location. More information is displayed by clicking on the weather icon.

I know a few people that use a different weather extension but sadly it didn’t have my city and relied on libgweathers locations.xml·

This extension uses http://openweathermap.org for its data.

Screenshot

Screenshot from 2014-09-19 14:19:50

 

Installation Link

https://extensions.gnome.org/extension/750/openweather/

 

Caffeine

by eon

Description

At the click of a button you can turn this extension on which disables the screensaver and auto suspend.

 

Screenshot

Screenshot from 2014-09-19 14:23:10

Shown as the small coffee cup in the above screenshot.

 

Installation Link

https://extensions.gnome.org/extension/517/caffeine/

 

Drop Down Terminal

by zzrough

Description

A handy drop down terminal that’s activated by pressing a single keystroke (The key directly above the TAB key by default).

Useful when you’re in the middle of something and you forget that you need a piece of software, hit the activation key insert your command and hit the key again. It will scroll back up and carry on with the command.

 

Screenshot

Screenshot from 2014-09-19 14:21:54

 

Installation Link

https://extensions.gnome.org/extension/442/drop-down-terminal/ 

 

NetSpeed

by hedayaty

Description

Simply put, it displays your network activity from either your ethernet or wifi devices nicely in the top panel. (customizable)

 

Screenshot

Screenshot from 2014-09-19 14:19:57

 

Installation Link

https://extensions.gnome.org/extension/104/netspeed/

 

Development of GNOME extensions

If you would like to try your hand at creating a GNOME shell extension the GNOME website has lots of useful information and even quick start scripts to get you going.  The possibilities are endless!

 

GNOME Extension Information

 

Tutorials

<script async="async" src="http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js"></script> <script> (adsbygoogle = window.adsbygoogle || []).push({}); </script>
Fedora 20: Games That Will Have You Addicted In Minutes

Everyone has to have some fun after a busy day of working on a computer, I normally post about applications and security and such but I thought we’d have a change for once.

Some of us retire to our Xbox’s and Play Stations but I just throw a few yum commands into a terminal and get some classic gaming action.

First on my list has to be my all time favourite.

 

Chromium-BSU -

A fast paced top scrolling shooter which reminds me of the classic Deluxe Galaga on the Amiga 1200

Screenshot from 2014-09-19 12:32:45

 

It’s quite tricky in parts and you need to make sure you don’t let any of the bad guys get past! Oh and be careful of how much you fire,

your ammo is limited until the next ammo drop :)

Screenshot from 2014-09-19 12:32:10

Want to give it a try?

To Install –  

Please su into root or use sudo

user@computer:$ yum install chromium-bsu

 

Frozen-Bubble – http://www.frozen-bubble.org/

Frozen-Bubble is a classic arcade game clone, simple really shoot your bubbles to a matching colour group and watch them drop!

Be careful though there’s a big platform that pushes all of the colours down if it reaches the bottom it’s game over!

Screenshot from 2014-09-19 12:33:14

 

Install it –

To Install –  

Please su into root or use sudo

user@computer:$ yum install frozen-bubble

 

Hedgewars – http://www.hedgewars.org/

Screenshot from 2014-09-19 12:45:02

Who can remember the great Worms series? Well hedgewars is just that but instead of Worms you’re Hedgehogs! blow the opposite team to smithereens using a plethora of deadly weapons.

Oh and it also has the silly voices which is nice to hear heh.

 

Screenshot from 2014-09-19 12:45:16

 

Look like fun? Install it!

To Install –  

Please su into root or use sudo

user@computer:$ yum install hedgewars

 

Minetest – http://minetest.net/

I could go on and on in this post as there are quite a few gems in the repositories such as Tux Racer and Tux Kart and the like, but I thought I would add Minetest as the last one.

Unless you have been living in a cave with no connections to the outside world for the past 3 years you should know what Minecraft is, well Minetest is an open source clone of it.

Recently with Microsoft’s take over of Mojang I think some of you will want to give it a try.

 

I was really impressed with it, yeah it’s not as full featured as Minecraft but it’s new and can only get better plus it’s in the Repositories!

 

Screenshot from 2014-09-19 12:25:28

Screenshot from 2014-09-19 12:29:20

 

Go on, you know you want to!

To Install –  

Please su into root or use sudo

user@computer:$ yum install minetest

 

How about letting me know what your favourite games are? Do you want me to review any or share with fellow Fedorians? Give me a shout over at Smittix AT fedoraproject.org

 

 

 

<script async="async" src="http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js"></script> <script> (adsbygoogle = window.adsbygoogle || []).push({}); </script>
Must-have GNOME extension: gTile

Tiling window managers have always interested me, but spending a lot of time tinkering with config files or learning how to wrangle them? Not so much. What I really want is a dead simple way to organize my windows and still use a friendly desktop. And I found it, finally: the gTile extension for GNOME.

If you are using GNOME, pop open Firefox and head to the extension page. Click “on” and go ahead and install the extension.

gTile Overlay

gTile Overlay

Once it’s installed, you can click the tile icon in the GNOME menu up top. You’ll see a little overlay with a bunch of squares. The gTile overlay will hover over an open window, and you can click one (or more) of the squares to place the window in that area.

Notice that there’s a row of icons that say “2×2″, “4×4″, etc.? That determines how the screen is tiled – so if you just want to divvy up your screen in four equal chunks, choose that. If you have a lot of screen real estate and want many more windows, choose the 6×6. (I’m using gTile with a 4K monitor, and go with 3×2 for six windows.)

The really nice thing about gTile is you’re not locked into tiling. New windows aren’t automatically put on the grid, and existing windows aren’t “locked” so you can have the best of both worlds.

Note that it also works well with multiple workspaces, and is also said to work well with multiple monitors.

If you’re a GNOME user and want a lightweight solution for tiling windows, give gTile a try. It’s been a great tool for me, and maybe it’ll make you more productive as well.

Samsung Galaxy S4 lockscreen clock lag

I have a Samsung Galaxy S4 (GT-i9506), which is a nice phone, and I’m quite content with it. So content that when we needed another smartphone in the house, we bought a second one.

Now, on the second phone, there is a strange bug. When activating the phone from sleep, checking the lockscreen clock, the time displayed has a time lag, that might be a few seconds or minutes, or even hours, and it may take several seconds for it to get and show the current time. Clicking the power button twice, ie. switching the lockscreen off and on again, forces the phone to show the current time.

Searching for this bug on google gives a lot of hits, so I guess this is a quite common problem, but it does not plague all users, only a few. The most common forum answer is either to ignore it, or just to switch to another lockscreen widget. Samsung, in their Divine wisdom, does not allow changing the clock widget on a lock screen, unless the actual lock (pin, pattern, etc) is removed, and that is not an option for us.

For our phones, the problem is only visible on the second phone, not the first one. The phones are running the same firmware (Android 4.4.2 Kitkat), and roughly the same software and configuration. Both get current time from the network. But they have different carriers, roaming on different networks.

So, I have this theory: When activating the phone from sleep, it shows the lockscreen as it was when it went to sleep including the time, while asking the telephone network for the current time. Some networks use more time to serve current time of day to the phone than others.

To work around the problem, simply switch off using network-provided date and time, and trust the built-in clock.

Settings -> More -> Date and time -> Automatic date and time

If my theory is correct, Samsung should change their lock screen widget to show local time from the internal clock while waiting to get updated time from the network, when activating the phone from sleep.

Irssi – Reducing the noise.

I’ve been using irssi for years, one of the things, which to be honest I’ve been lazy about, that annoys me, is that when people are trying to get hold of me, I’m having to troll through the logs looking for their discussion while ignoring all the PARTS JOINS QUITS etc etc etc.

I decided I had to do something about this, so I’ve just typed this into the irssi window

/ignore #fedora-uk MODES JOINS PARTS QUITS

This will ignore all the JOINS PARTS QUITS from the #fedora-uk channel,  so all I see from now on is the conversation.  Just replace #fedora-uk for what ever channel you don’t want to see all the useless information from.  Yeah that’ll do me for now.

The post Irssi – Reducing the noise. appeared first on Paul Mellors [dot] NET.

flattr this!

[MBaaS] Red Hat aquires FeedHenry

FeedHenry

Red Hat, today announced that it has signed a definitive agreement to acquire FeedHenry, a leading enterprise mobile application platform provider.
FeedHenry expands Red Hat’s broad portfolio of application development, integration, and Platform-as-a-Service (PaaS) solutions – Openshift [1] – , enabling Red Hat to support mobile application development in public and private environments.


http://www.redhat.com/en/about/press-releases/red-hat-acquire-feedhenry-adds-enterprise-mobile-application-platform

<iframe allowfullscreen="true" class="youtube-player" frameborder="0" height="289" src="http://www.youtube.com/embed/Wag2PlTHKPk?version=3&amp;rel=1&amp;fs=1&amp;showsearch=0&amp;showinfo=1&amp;iv_load_policy=1&amp;wmode=transparent" type="text/html" width="460"></iframe>

[1] http://www.redhat.com/en/technologies/cloud-computing/openshift
KR
Frederic


reSIProcate migration from SVN to Git completed

This week, the reSIProcate project completed the move from SVN to Git.

With many people using the SIP stack in both open source and commercial projects, the migration was carefully planned and tested over an extended period of time. Hopefully some of the experience from this migration can help other projects too.

Previous SVN committers were tracked down using my script for matching emails to Github accounts. This also allowed us to see their recent commits on other projects and see how they want their name and email address represented when their previous commits in SVN were mapped to Git commits.

For about a year, the sync2git script had been run hourly from cron to maintain an official mirror of the project in Github. This allowed people to test it and it also allowed us to start using some Github features like travis-CI.org before officially moving to Git.

At the cut-over, the SVN directories were made read-only, sync2git was run one last time and then people were advised they could commit in Git.

Documentation has also been created to help people get started quickly sharing patches as Github pull requests if they haven't used this facility before.

pointer acceleration in libinput - a userstudy

This post is a summary, the full writeup with data is here (PDF). The texts are quite similar, so if you plan to read the paper you can skip this post.

Following pointer acceleration in libinput - an analysis, we decided to run an actual userstudy to gather some data on how our acceleration behaves, and - more importantly - test if a modified acceleration method is better.

We developed two new pointer acceleration methods (plus the one already in libinput). As explained previously, the pointer acceleration method is a function mapping input speed of a device into cursor speed in pixels. The faster one moves the mouse, the further the cursor moves per "mickey" (a 1-device unit movement). In a simplest example, input deltas of 1 may result in a 1 pixel movement, input deltas of 10 may result in a 30 pixel movement.

The three pointer acceleration methods used in this study were nicknamed:

<dh>smooth:</dh>
A shortening of "smooth and simple", this method is used in libinput 0.5 as well as in the X.Org stack since ~2008.
<dh>stretched:</dh>
a modification of 'smooth' with roughly the same profile, but the maximum acceleration is applied at a higher speed. This method was developed by Hans de Goede and very promising in personal testing.
<dh>linear:</dh>
a linear acceleration method with a roughly similar speed-to-acceleration profile as the first two. This method was developed to test if a simple function could achieve similar results, as the more complex "smooth" and "stretched" methods.</d>
The input data expected by all three methods is in units/ms. Touchpad devices are normalised to 400 dpi, other devices are left as-is. It is impossible to detect in software what resolution a generic mouse supports, so any acceleration method differs between devices. This is intended by the manufacturer, high-resolution devices are sold as "faster" for this reason.

The three pointer acceleration methods
As the graph shows, the base profile is roughly identical and the main difference is how quickly the maximum acceleration factor is reached.

Study description

Central component was a tool built on libinput that displays a full-screen white window, with a round green target. Participants were prompted by GTK dialog boxes on the steps to take next. Otherwise the study was unsupervised and self-guided.

The task required participants to click on a round target with a radius of 15, 30 and 45 pixels. Targets were grouped, each "set" consisted of 15 targets of the same size. On a successful click within the target, a new target appeared on one out of 12 possible locations, arranged in a grid of 4x3 with grid points 300 pixels apart. The location of the target was randomly selected but was never on the same location twice in a row.


Screenshot of the study tool with the first target (size 45) visible.

Each participant was tested for two acceleration methods, each acceleration method had 6 sets of 15 targets (2 sets per target size, order randomised). The two acceleration methods were randomly selected on startup, throughout the study they were simply referred to as "first" and "second" acceleration method with no further detail provided. Acceleration changed after 6 sets (participants were informed about it), and on completion of all 12 sets participants had to fill out a questionnaire and upload the data.

Statistical concepts

A short foray into statistics to help explain the numbers below. This isn't a full statistics course, I'm just aiming to explain the various definitions used below.

The mean of a dataset is what many people call the average: all values added up divided by the number of values. As a statistical tool, the mean is easy to calculate but is greatly affected by outliers. For skewed datasets the median is be more helpful: the middle value of the data array (array[len/2]). The closer the mean and the median are together, the more symmetrical the distribution is.

The standard deviation (SD) describes how far the data points spread from the median. The smaller the SD, the closer together are the data points. The SD is also used to estimate causality vs randomly induced sampling errors. Generally, if the difference between two items is more than 2 standard deviations, there's a 95% confidence that this is a true effect, not just randomness (95% certainty is a widely accepted standard in this domain). That 95% directly maps to the p-value you may have seen in other studies. A p-value of less than 0.05 equals a less than 5% chance of random factors causing the data differences. That translates into "statistically significant".

The ANOVA method is a standard statistical tool for studies like ours. (we're using one-way ANOVA only here, Wikipedia has an example here). If multiple sets of samples differ in only a single factor (e.g. pointer acceleration method), we start with the so-called Null-Hypothesis of "the factor has no influence, all results are the same on average". Our goal is to reject that hypothesis so we can say that the factor did actually change things. If we cannot reject the Null-Hypothesis, either our factor didn't change anything or the results are caused by random influences. The tools for ANOVA compare the mean value within each sets to the mean value differences across the sets and spit out a p-value. As above, a p-value less than 0.05 means greater than 95% confidence that the Null-Hypothesis can be rejected, i.e. we can say our factor did cause those differences.

One peculiarity of ANOVA is that the sample sets have to be the same size. This affects our samples, more see below.

Study participants

An email was sent to three Red Hat-internal lists with a link to the study description. One list was a specific developer list, the other two list were generic lists. As Red Hat employees, participants are expected to be familiar with Linux-based operating systems and the majority is more technical than the average user. The data collected does not make it possible to identify who took part in the study beyond the information provided in the questionnaire.

44 participants submitted results, 7 left-handed, 37 right-handed (no ambidextrous option was provded in the questionnaire). Gender distribution was 38 male, 6 female. Mean age was 33.3 years (SD 6.7) and participants had an mean 21.2 years of experience with mouse-like input devices (SD 4.9) and used those devices an average 58.1 hours per week (SD 20.0).

As all participants are familiar with Linux systems and thus exposed to the smooth acceleration method on their workstations, we expect a bias towards the smooth acceleration method.

Study data

Data was manually checked and verified, three result files were discarded for bugs or as extreme outliers, leaving us with 41 data files. The distribution of methods in these sets was: 27 for smooth, 25 for stretched and 30 for linear.

The base measurement was the so-called "Index of Difficulty" (ID), the number obtained by distance-to-target/width-of-target. This index gives an indication on how difficult it is to hit the target; a large target very close is easier to hit than a small target that is some distance away.


Illustration of the Index of Difficulty for a target.

In hindsight, the study was not ideally suited for evaluation based on ID. The targets were aligned on a grid and the ID based on the pointer position was very variable. As is visible in the graph below, there are few clear dividing lines to categorise the targets based on their ID. For the evaluation the targets were grouped into specific ID groups: ID < 4.2, ID < 8.4, ID < 12.9, ID < 16.9 < ID < 25 and ID > 25. The numbers were selected simply because there are clear gaps between the ID clusters. This division results in uneven group sizes, (I ran the same calculations with different group numbers, it does not have any real impact on the results.)


ID for each target with the divider lines shown
The top ID was 36.44, corresponding to a 15px radius target 1093 pixels away, the lowest ID was 1.45, corresponding to a 45px radius target 130 pixels away.

Number of targets per ID group
As said above, ANOVA requires equal-sized sample sets. ANOVA was performed separately between the methods (i.e. smooth vs stretched, then smooth vs linear, then stretched vs linear). Before each analysis, the two data arrays were cut to be of equal length. For example, comparing smooth and stretched in the ID max group shortened the smooth dataset to 150 elements. The order of targets was randomised.

Study Results

The following factors were analysed:

  • Time to click on target
  • Movement efficiency
  • Overshoot

Time to click on target

Time to click on a target was measured as the time between displaying the target and clicking on it. This does not take reaction time into account, but there is no reliable way of measuring reaction time in this setup.


Mean time to click on target

As is visible, an increasing ID increases the time-to-click. On a quick glance, we can see that the smooth method is slower than the other two in most ID groups, with linear and stretched being fairly close together. However, the differences are only statistically significant in the following cases:

  • ID 8.4: linear is faster than smooth and stretched
  • ID 12.9: linear and stretched are faster than smooth
  • ID 25: linear and stretched are faster than smooth
In all other combinations, there is no statistically significant difference between the three methods, but overall a slight advantage for the two methods stretched and linear.

Efficiency of movement

The most efficient path from the cursor position to the target is a straight line. However, most movements do not follow that straight line for a number of reasons. One of these reasons is basic anatomy - it is really hard to move a mouse in a straight line due to the rotary action of our wrists. Other reasons may be deficiencies in the pointer acceleration method. To measure the efficiency, we calculated the distance to the target (i.e. the straight line) and compared that to all the deltas added up to the total movement. Note that the distance is to the center of the target, whereas the actual movement may be to any point in the target. So for short distances and large targets, there is a chance that a movement may be less than the distance to the target.


Straight distance to target vs. movement path shows the efficiency of movement.

The efficiency was calculated as movement-path/distance, then normalised to a percent value. A value of 10 thus means the movement path was 10% longer than the straight line to the target centre).


Extra distance covered
Stretched seems to perform better than smooth and linear in all but one ID group and smooth performing worse than linear in all but ID group 4.2. Looking at the actual values however shows that the large standard deviation prevents statistical significance. The differences are only statistically significant in the following cases:
  • ID 4.2: stretched is more efficient than smooth and linear
In all other combinations, there is no statistically significant difference between the three methods.

Overshoot

Somewhat similar to the efficiency of movement, the overshoot is the distance the pointer has moved past the target. It was calculated by drawing a line perpendicular to the direct path from the pointer position to the target's far side. If the pointer moves past this line, the user has overshot the target. The maximum distance between the line and the pointer shows how much the user has overshot the target.


Illustration of pointer overshooting the target.
The red line shows the amount the pointer has overshot the target.
Overshoot was calculated in pixels, as % of the distance and as % of the actual path taken. Unsurprisingly, the graphs look rather the same so I'll only put one up here.

Overshoot in pixels by ID group
As the ID increases, the amount of overshooting increases too. Again the three pointer acceleration methods are largely the same, though linear seems to be slightly less affected by overshoot than smooth and stretched. The differences are only statistically significant in the following cases:
  • ID 4.2: if measured as percentage of distance, stretched has less overshoot than linear.
  • ID 8.4: if measured as percentage of movement path, linear has less overshoot than smooth.
  • ID 16.8: if measured as percentage of distance, stretched and linear have less overshoot than smooth.
  • ID 16.8: if measured as percentage of distance, linear has less overshoot than smooth.
  • ID 16.8: if measured in pixels, linear has less overshoot than smooth.
In all other combinations, there is no statistically significant difference between the three methods.

Summary

In summary, there is not a lot of difference between the three methods, though smooth has no significant advantage in any of the measurements. The race between stretched and linear is mostly undecided.

Questionnaire results

The above data was objectively measured. Equally important is the subjective feel of each acceleration method. At the end of the study, the following 14 questions were asked of each participant, with answer ranges in a 5-point Likert scale, ranging from "Strongly Disagree" to "Strongly Agree".

  1. The first acceleration method felt natural
  2. The first acceleration method allowed for precise pointer control
  3. The first acceleration method allowed for fast pointer movement
  4. The first acceleration method made it easy to hit the targets
  5. I would prefer the first acceleration method to be faster
  6. I would prefer the first acceleration method to be slower
  7. The second acceleration method felt natural
  8. The second acceleration method allowed for precise pointer control
  9. The second acceleration method allowed for fast pointer movement
  10. The second acceleration method made it easy to hit the targets
  11. I would prefer the second acceleration method to be faster
  12. I would prefer the second acceleration method to be slower
  13. The two acceleration methods felt different
  14. The first acceleration method was preferable over the second
The figure below shows that comparatively few "strongly agree" and "strongly disagree" answers were given, hinting that the differences between the methods were small.

Distribution of answers in the questionnaire
Looking at statistical significance, the questionnaire didn't really provide anything of value. Not even the question "The two acceleration methods felt different" provided any answers, and the question "The first acceleration method was preferable over the second" was likewise inconclusive. So the summary of the questionnaire is pretty much: on the whole none of the methods stood out as better or worse.

Likert frequencies for the question of which method is preferable

Summary

Subjective data was inconclusive, but the objective data goes slightly in favour of linear and stretched over the current smooth method. We didn't have enough sample sets to analyse separately for each device type, so from a maintainer's point of view the vote goes to linear. It allows replacing a rather complicated pointer acceleration method with 3 lines of code.

PHP 5.4.33 and 5.5.17

RPM of PHP version 5.5.17 are available in remi repository for Fedora and in remi-php55 repository for  Enterprise Linux.

RPM of PHP version 5.4.33 are available in remi repository Enterprise Linux (RHEL, CentOS...).

These versions are now also available as Software Collections.

Version announcements:

emblem-important-2-24.png5.4.33 release is the last planned release that contains regular bugfixes. All the consequent releases will contain only security-relevant fixes, for the term of one year.

emblem-notice-24.pngInstallation : read the Repository configuration and choose your version and installation mode.

Replacement of default PHP by version 5.5 installation (simplest):

yum --enablerepo=remi-php55,remi update php\*

Parallel installation of version 5.5 as Software Collection (x86_64 only):

yum --enablerepo=remi install php55

Replacement of default PHP by version 5.4 installation (enterprise only):

yum --enablerepo=remi update php\*

Parallel installation of version 5.4 as Software Collection (x86_64 only):

yum --enablerepo=remi install php54

And soon in the official updates:

Reminder: Fedora 21 will provides PHP 5.6.

emblem-important-2-24.pngTo be noticed :

  • EL7 rpm are build using RHEL-7.0
  • EL6 rpm are build using RHEL-6.5
  • for php 5.5, the zip extension is now provided by the php-pecl-zip package.
  • a lot of new extensions are also available, see the PECL extension RPM status page

emblem-notice-24.pngInformation, read:

Base packages (php)

Software Collections (php54 - php55)

September 18, 2014

F21 Alpha on Tuesday, Fedora UK podcast, Flock bids, Fedora store, and badges!

Fedora is a big project, and it’s hard to follow it all. This series highlights interesting happenings in five different areas every week. It isn’t comprehensive news coverage — just quick summaries with links to each. Here are the five things for September 18th, 2014:

Fedora 21 Alpha Coming Tuesday

At today’s Go/No-Go meeting, engineering, release engineering, and QA all agreed that the Fedora 21 alpha release candidate is in sufficiently good shape to ship! So, with a few bits of rel-eng magic, it’ll be going out to mirrors and available to try on Tuesday, September 23.

As Fedora Program Manager Jaroslav Reznik says in announcing the decision to ship: “That’s one small step for mankind but one giant leap for Fedora — the first release on the way towards Fedora.Next!”

Fedora UK Videos

The Fedora UK video has started a video podcast, which will be broadcast every two weeks. Take a look at the first episode, appropriately titled S01EP01.

(No word yet on what the Scotland decision might mean for this podcast….)

Flock Bids Due Saturday!

Proposals for the 2015 edition of Flock, our annual contributor conference, are due Saturday. If you’re working on one, please get send it in. (Remember, of course, that hosting Flock is a lot of work — as Paul Frields notes, writing a bid is the easy part.)

This conference alternates between Europe and North America, and with last year’s very successful event in Prague, we’re back to the NA side of the Atlatic this time.

Fedora Store Coming Soon

I’m excited by the prospect of an official Fedora merch store — something we haven’t ever had before due to various red tape. Heroic tape-cutter Ruth Suehle tells us that we’re getting close. It’s not ready yet, but we’re looking for ideas for what you’d want — what you think would sell, and what you would buy. This won’t be a money-maker for us — it’s about getting Fedora-labeled stuff into the Fedora community’s hands. (It’s not possible to have too much!)

Fedora Badges Update

Fedora Badges are a fun ultimately-meaningless but still wonderful way to show off your contributions in Fedora — and to find new areas where you can help. For example, you can help with contributing to badges itself — there’s a badge for that, of course. On his blog, Fedora hacker Ralph Bean announces a mailing list to coordinate ongoing work (but disappointingly, also tells us that there’s no badge for just subscribing to the list).


Since it’s been quite a few weeks since this ran on a Tuesday, I think I’m going to stop pretending that they always do — but I will keep ‘em coming weekly on some day.


 

5tftw-large

And now for some hardware (Onda v975w)
Prodded by Adam Williamson's fedlet work, and by my inability to getting an Android phone to display anything, I bought an x86 tablet.

At first, I was more interested in buying a brand-name one, such as the Dell Venue 8 Pro Adam has, or the Lenovo Miix 2 that Benjamin Tissoires doesn't seem to get enough time to hack on. But all those tablets are around 300€ at most retailers around, and have a smaller 7 or 8-inch screen.

So I bought a "not exported out of China" tablet, the 10" Onda v975w. The prospect of getting a no-name tablet scared me a little. Would it be as "good" (read bad) as a PadMini or an Action Pad?


Vrrrroooom.


Well, the hardware's pretty decent, and feels rather solid. There's a small amount of light leakage on the side of the touchscreen, but not something too noticeable. I wish it had a button on the bezel to mimick the Windows button on some other tablets, but the edge gestures should replace it nicely.

The screen is pretty gorgeous and its high DPI triggers the eponymous mode in GNOME.

With help of various folks (Larry Finger, and the aforementioned Benjamin and Adam), I got the tablet to a state where I could use it to replace my force-obsoleted iPad 1 to read comic books.

I've put up a wiki page with the status of hardware/kernel support. It's doesn't contain all my notes just yet (sound is working, touchscreen will work very very soon, and various "basic" features are being worked on).

I'll be putting up the fixed-up Wi-Fi driver and more instructions about installation on the Wiki page.

And if you want to make the jump, the tablets are available at $150 plus postage from Aliexpress.
Fedora 21 Alpha to release on Tuesday

Today the Fedora Engineering Steering Commitee held a “Go/No Go” meeting regarding the Fedora 21 alpha, and it was agreed that the current release candidates for Fedora 21 met the release criteria. With this decision, this means that Fedora 21 will be released on Tuesday September 23, 2014.

The Fedora 21 Alpha will be the first test release of the new 3 product Fedora.next structure that introduces Fedora Workstation, Fedora Cloud and Fedora Server.

 

KDE Touchpad configuration ported to Frameworks 5

Fedora 20 with KDE SC 4.14 has been very stable, and after a while it gets…boring – especially when Plasma 5 is already released and you see screenshots everywhere. If you cannot hold the urge and feel sufficiently adventurous, Dan Vratil has built the Fedora 20 and 21 rpms here. If you install i386 versions, beware that baloo-widgets cannot be installed due to unmet dependencies. So, once you install dvratil’s copr repo, just do:

dnf copr enable dvratil/kde-frameworks dvratil/kde-frameworks-unstable dvratil/plasma5
dnf remove kde\* && dnf install kf5\* plasma5\* --exclude=kf5-baloo-widgets\*

I had to manually edit /usr/share/xsessions/plasma.desktop to change "/usr//usr/bin" to "/usr/bin” so that “Plasma 5″ appears in gdm list. After logging in, the desktop runs smooth, but you notice the lack of many applications because they are not yet fully ported to KF5/Plasma5.

KDE Plasma 5 desktop

KDE Plasma 5 desktop

Once I had the Qt5/KF5/Plasma5 based workstation fully operational, I could also develop, build and test KF5 based applications. Most of the KDE apps are ported or being ported to KF5 under 'frameworks' git branch. As the OpenSuSe team already have started building KF5 based apps in an unstable repository, I could leverage the spec files to build rpms.

The first itch I scratched was unavailability of touchpad configuration kcm. Not being able to enable touch-to-tap, vertical and horizontal scrolling is no fun. Looking at the git repo for kcm-touchpad showed that it is not yet ported to KF5. Checked out the git repo and started porting. There are quite some references, blogposts and tools available online to guide and ease the porting effort. As it is a kcm that is being ported, the first place to go is Frameworks Porting Notes. The subtopic of ECM (extended cmake modules) source incompatible changes is also handy updating CMakeLists.txt files. The next thing is reference to Martin Graesslin’s post on porting kcontrol module. And the final tool that is quite useful to port API changes is the kde-dev-scripts. Run the source files through relevant script – like "find -iname "*.cpp" -o -iname "*.h" -o -iname "*.ui" | xargs ~/Programs/Projects/kde-dev-scripts/kf5/<porting-script.pl>". When you hit an API change that cannot be automatically converted by the script, check frameworks at api.kde.org. Then port away, setup a build directory, compile, note the build failure, fix the build – repeat.

Alexander Mezin and Hrvoje Senjan reviewed the patches and after 6 revisions the patch is committed in kcm-touchpad frameworks branch.

KCM Touchpad on KF5

KCM Touchpad on KF5

RPMs for Fedora 20 and 21 (i386, x86_64) are built and available at my copr repo. It contains builds of kmix and konsole as well. More to build and I’ll make them available in the same repo once build completed. You are welcome to try at your own risk :-)


Tagged: kde, rpm
News: Wing IDE 5.0.9 Released .
At september 10, 2014 the development team released the new version of Wing IDE.
See the details here: 5.0.9 - CHANGELOG.txt , also if you want to purchase licenses then you have this choices:

Wing IDE Pro:

Commercial Use
For companies, paid individuals, organizations, and government
Full-Featured Python IDE
Windows, Linux, and OS X
Includes One Year Support+Upgrades
Extend Support+Upgrades at $89/year
License is Transferable
$245 per user
$1150 5-pack

Non-Commercial Use
For students, educators, academic researchers, hobbyists, and publicly funded charities
Full-Featured Python IDE
Windows, Linux, and OS X
Optional Support+Upgrades at $89/year
$95 per user

Wing IDE Personal:
General Use
A low-cost alternative Python IDE for students and hobbyists
Omits Some Features
Windows, Linux, and OS X
Optional Support+Upgrades at $89/year
$45 per user

Enterprise Linux 5.10 to 5.11 risk report

Red Hat Enterprise Linux 5.11 was released this month (September 2014), eleven months since the release of 5.10 in October 2013. So, as usual, let’s use this opportunity to take a look back over the vulnerabilities and security updates made in that time, specifically for Red Hat Enterprise Linux 5 Server.

Red Hat Enterprise Linux 5 is in Production 3 phase, being over seven years since general availability in March 2007, and will receive security updates until March 31st 2017.

Errata count

The chart below illustrates the total number of security updates issued for Red Hat Enterprise Linux 5 Server if you had installed 5.10, up to and including the 5.11 release, broken down by severity. It’s split into two columns, one for the packages you’d get if you did a default install, and the other if you installed every single package.

Note that during installation there actually isn’t an option to install every package, you’d have to manually select them all, and it’s not a likely scenario. For a given installation, the number of package updates and vulnerabilities that affected your systems will depend on exactly what you selected during installation and which packages you have subsequently installed or removed.

Security errata 5.10 to 5.11 Red Hat Enterprise Linux 5 ServerFor a default install, from release of 5.10 up to and including 5.11, we shipped 41 advisories to address 129 vulnerabilities. 8 advisories were rated critical, 11 were important, and the remaining 22 were moderate and low.

For all packages, from release of 5.10 up to and including 5.11, we shipped 82 advisories to address 298 vulnerabilities. 12 advisories were rated critical, 29 were important, and the remaining 41 were moderate and low.

You can cut down the number of security issues you need to deal with by carefully choosing the right Red Hat Enterprise Linux variant and package set when deploying a new system, and ensuring you install the latest available Update release.

Critical vulnerabilities

Vulnerabilities rated critical severity are the ones that can pose the most risk to an organisation. By definition, a critical vulnerability is one that could be exploited remotely and automatically by a worm. However we also stretch that definition to include those flaws that affect web browsers or plug-ins where a user only needs to visit a malicious (or compromised) website in order to be exploited. Most of the critical vulnerabilities we fix fall into that latter category.

The 12 critical advisories addressed 33 critical vulnerabilities across just three different projects:

  • An update to NSS/NSPR: RHSA-2014:0916(July 2014). A race condition was found in the way NSS verified certain certificates which could lead to arbitrary code execution with the privileges of the user running that application.
  • Updates to PHP, PHP53: RHSA-2013:1813, RHSA-2013:1814
    (December 2013). A flaw in the parsing of X.509 certificates could allow scripts using the affected function to potentially execute arbitrary code. An update to PHP: RHSA-2014:0311
    (March 2014). A flaw in the conversion of strings to numbers could allow scripts using the affected function to potentially execute arbitrary code.
  • Updates to Firefox, RHSA-2013:1268 (September 2013), RHSA-2013:1476 (October 2013), RHSA-2013:1812 (December 2013), RHSA-2014:0132 (February 2014), RHSA-2014:0310 (March 2014), RHSA-2014:0448 (Apr 2014), RHSA-2014:0741 (June 2014), RHSA-2014:0919 (July 2014) where a malicious web site could potentially run arbitrary code as the user running Firefox.

Updates to correct 32 of the 33 critical vulnerabilities were available via Red Hat Network either the same day or the next calendar day after the issues were public.

Overall, for Red Hat Enterprise Linux 5 since release until 5.11, 98% of critical vulnerabilities have had an update available to address them available from the Red Hat Network either the same day or the next calendar day after the issue was public.

Other significant vulnerabilities

Although not in the definition of critical severity, also of interest are other remote flaws and local privilege escalation flaws:

  • A flaw in glibc, CVE-2014-5119, fixed by RHSA-2014:1110 (August 2014). A local user could use this flaw to escalate their privileges. A public exploit is available which targets the polkit application on 32-bit systems although polkit is not shipped in Red Hat Enterprise Linux 5. It may be possible to create an exploit for Red Hat Enterprise Linux 5 by targeting a different application.
  • Two flaws in squid, CVE-2014-4115, and CVE-2014-3609, fixed by RHSA-2014:1148 (September 2014). A remote attacker could cause Squid to crash.
  • A flaw in procmail, CVE-2014-3618, fixed by RHSA-2014:1172 (September 2014). A remote attacker could send an email with specially crafted headers that, when processed by formail, could cause procmail to crash or, possibly, execute arbitrary code as the user running formail.
  • A flaw in Apache Struts, CVE-2014-0114, fixed by RHSA-2014:0474 (April 2014). A remote attacker could use this flaw to manipulate the ClassLoader used by an application server running Stuts 1 potentially leading to arbitrary code execution under some conditions.
  • A flaw where yum-updatesd did not properly perform RPM signature checks, CVE-2014-0022, fixed by RHSA-2014:1004 (Jan 2014). Where yum-updatesd was configured to automatically install updates, a remote attacker could use this flaw to install a malicious update on the target system using an unsigned RPM or an RPM signed with an untrusted key.
  • A flaw in the kernel floppy driver, CVE-2014-1737, fixed by RHSA-2014:0740 (June 2014). A local user who has write access to /dev/fdX on a system with floppy drive could use this flaw to escalate their privileges. A public exploit is available for this issue. Note that access to /dev/fdX is by default restricted only to members of the floppy group.
  • A flaw in libXfont, CVE-2013-6462, fixed by RHSA-2014:0018 (Jan 2014). A local user could potentially use this flaw to escalate their privileges to root.
  • A flaw in xorg-x11-server, CVE-2013-6424, fixed by RHSA-2013:1868 (Dec 2013). An authorized client could potentially use this flaw to escalate their privileges to root.
  • A flaw in the kernel QETH network device driver, CVE-2013-6381, fixed by RHSA-2014:0285 (March 2014). A local, unprivileged user could potentially use this flaw to escalate their privileges. Note this device is only found on s390x architecture systems.

Note that Red Hat Enterprise Linux 5 was not affected by the OpenSSL issue, CVE-2014-0160, “Heartbleed”.

Previous update releases

We generally measure risk in terms of the number of vulnerabilities, but the actual effort in maintaining a Red Hat Enterprise Linux system is more related to the number of advisories we released: a single Firefox advisory may fix ten different issues of critical severity, but takes far less total effort to manage than ten separate advisories each fixing one critical PHP vulnerability.

To compare these statistics with previous update releases we need to take into account that the time between each update release is different. So looking at a default installation and calculating the number of advisories per month gives the following chart:

Security Errata per month to 5.10This data is interesting to get a feel for the risk of running Enterprise Linux 5 Server, but isn’t really useful for comparisons with other major versions, distributions, or operating systems — for example, a default install of Red Hat Enterprise Linux 4AS did not include Firefox, but 5 Server does. You can use our public security measurement data and tools, and run your own custom metrics for any given Red Hat product, package set, time scales, and severity range of interest.

See also:
5.10, 5.9, 5.8, 5.7, 5.6, 5.5, 5.4, 5.3, 5.2, and 5.1 risk reports.

New DNF Project Leader

As I will be moving on to work on other things beyond Linux software management soon, I decided to step down as a leader of the project.

The new leader of the project is Jan Šilhan, the change is effective as of today. Jan is a talented, result-oriented software developer and I am convinced he is just the right type for the job.

It has been exciting and fun three years and a big thanks to all of you who contributed, consulted, supported or generally shared the ride.

Ales

Medit – Great text editor, but where is it?

Here is some features

medit is a programming and around-programming text editor.

Started originally as a simple built-in editor component in GGAP, it grew up to a real text editor.

Features

  • Configurable syntax highlighting.
  • Configurable keyboard accelerators.
  • Multiplatform – works on unix and windows.
  • Plugins: can be written in C, Python, or Lua.
  • Configurable tools available from the main and context menus. They can be written in Python or Lua, or it can be a shell script.
  • Regular expression search/replace, grep frontend, builtin file selector, etc.

 

Searched through the fedora repo, didn’t find it. Started to search on google, but didn’t manage to find latest version for Fedora 20.

 

Page: http://mooedit.sourceforge.net/

 

So is there someone that knows where you can download rpm files for Fedora 20?

The post Medit – Great text editor, but where is it? appeared first on Fedora Online.

NOTABUG in glibc

The glibc malloc implementation has a number of heap consistency checks in place to ensure that memory corruption bugs in programs are caught as early as possible and the program aborted to prevent misuse of the bug. Memory corruption through buffer overruns (or underruns) are often exploit vectors waiting to be ‘used’, which is why these consistency checks and aborts are necessary.

If the heap of a program has been found to be corrupted, the program is terminated with an error that usually looks something like this:

*** glibc detected *** ./foo: double free or corruption (!prev): 0x0000000001362010 ***
======= Backtrace: =========
/lib64/libc.so.6(+0x78a96)[0x7f3df63aea96]
/lib64/libc.so.6(cfree+0x6c)[0x7f3df63b2d7c]
./foo[0x400e7c]
/lib64/libc.so.6(__libc_start_main+0xed)[0x7f3df635730d]
./foo[0x4008f9]
======= Memory map: ========

and when one looks at the core dump, the top of the call stack is all inside glibc:

Program terminated with signal 6, Aborted.
#0  0x00007fd0273b6925 in raise (sig=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
64    return INLINE_SYSCALL (tgkill, 3, pid, selftid, sig);
(gdb) bt
#0  0x00007fd0273b6925 in raise (sig=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
#1  0x00007fd0273b8105 in abort () at abort.c:92
#2  0x00007fd0273f4837 in __libc_message (do_abort=2, fmt=0x7fd0274dcaa0 "n not possible due to RF-kill") at ../sysdeps/unix/sysv/linux/libc_fatal.c:198
#3  0x00007fd0273fa166 in malloc_printerr (action=3, str=0x7fd0274daa5e "/proc/self/maps", ptr=<value optimized="optimized" out="out">) at malloc.c:6332
#4  0x00007fd0273fdf9a in _int_malloc (av=0x7fd027713e80, bytes=<value optimized="optimized" out="out">) at malloc.c:4673

The common mistake one may make here is to assume that it is a glibc bug because the crash is ‘caused’ by glibc. That is the equivalent of killing the whistleblower. The crash is indeed caused by glibc, but the bug is not in glibc. glibc has only caught the bug after it has happened and halted execution of the program.

And if you think glibc is overstepping its bounds by halting the program, you could tell it to not abort by exporting the MALLOC_CHECK_ environment variable set to either 0 (completely silent) or 1 (prints the message on stderr). Of course, you have to be smoking something very exotic to do that instead of finding and fixing the bug.

Lohit Tami 2.91.0 now available for testing
Done with the release of Lohit Tamil 2.91.0 with the improvements planned under Lohit2 project.

Following are highlights:
  1. Rewritten all Open type tables with supporting taml and tml2 tags.
  2. Renamed all the glyphs by following AGL syntax.
  3. Open type tables are available in .fea file and this time it is compiled with AFDKO.
  4. Reusing glyphs by "COPY REFERENCE"
  5. Added GRID FITTING table and auto-hinting by fontforge. (Need to use ttfautohint but we need Latin support to do that)
  6. Tested with Harfbuzz NG and Uniscribe (W8)  (Need to test on WinXp yet)
  7. Auto test module available with test files. (Please help me to add more test cases.)

This release now support characters required for minority orthographies. For more details visit bugzilla

Stopped using deprecated ligature for SRII. See bugzilla for more information.
Launching the project 'i18nWidgets for Android'
A lot of Android devices, platforms and apps have several issues regarding rendering of non-English text especially that of Indic text. Though many of them claim to support various Indic and other languages, it usually either means that they have a font for that language included or they have some of the native apps supporting all these languages. But this does not mean all the app will be able to render the non-English text properly. This usually happens for one of the following problem being present:

1. No fonts added in the device (or the native android system)
2. Fonts are not accessible by the third party application
3. App has its own Unicode font, but the native android system does not support text layout rendering for the language
4. App has the font and the android system also supports the language, but the sdk for the particular platform does not have widgets integrated with the complex text rendering features.

This problem gave birth to the idea of developing and extending android widgets which will be integrated with text layout and rendering system on their own. So that, the apps that make use of these widgets will have their own independent rendering system free from the underlying bugs and limitations of the base android system.

The good part is, we do not need to rewrite those rendering systems. The two very well known projects that we need to make use of are Harfbuzz and Freetype. Harfbuzz for text layout of the complex scripts, and Freetype for drawing the font glyphs. 

So, this is what the project 'i18nWidgets for Android' is, under which we are developing independent widgets for app development which will have their own complex text rendering support through integration with freetype and harfbuzz libraries.



The project tree is already made suitable for using with eclipse and hence is readily testable from within eclipse. There are three dependencies to take care of while building:
1. Andoroid SDK 14/15: You may have to configure your development environment for Android SDK 14/15 
2. Android NDK 8: Make sure to have NDK 8 support enabled. 
3. Also have the appcompat_v7_2 library added properly to the project dependencies. 

Please make sure to have exact sdk and ndk versions setup, as the project includes working with native C/C++ libraries along with android platform and hence may run into tedious binary incompatibility issues if not built with proper resources. I have made best attempt to keep things simple for working within eclipse, but do go through the documentation of above development environment thoroughly if you are new to developing native android apps, in case you are struck at some compilation issue.

The project tree has following important components:
1. /jni : This contains the complex-script-rendering library that integrates Android Java widget with the C/C++ libraries of Harfbuzz and Freetype. The entire source tree of particular working snapshot of HB and FT are given in the repo to avoid any incompatibilities during the compilation. Also their makefiles are tuned to work with the given setup.
2. /src/gujaratirendering : This package contains a widget IndicTextView, an extension to the TextView widget which can render Gujarati text. Currently 
3. /src/com/example/i18nwidgetdemo: This is a demo package for testing the the IndicTextView widget with sample text on a simple app screen with Lohit-Gujarati font.
4. /assets: It contains the Lohit-Gujarati font to be used in the demo app

The library complex-script-rendering is based on the original work from Shiva Kumar, and is enhanced and made more generic. Indeed the attempt is to make it further generic and extendable. 

As of now, the project supports text rendering on app being developed for ICS platform and Gujarati language, but the language is not a necessarily limitation. Its just that I tried it with one language to start with, and this can be easily extended and made flexible for auto-supporting any language on the fly. Currently, one will have to make a small change in the complex-script-rendering.c to support language other than Gujarati and add the font of the respective language.

The objectives of the project are:
1. To further improve the library and the widgets code (may involve a lot of code cleaning to fit the norms)
2. Add support for all the languages, by detecting the language of the running text
3. Add more extended widgets to support complete android SDK
4. Create and maintain different branches supporting different android platforms

As of now the platform supported is Android 4.0.3 ICS. One would argue why support an older revision, but that's exactly where the problem is relevant. As many of the lower end widely used android devices are still to upgrade to the latest version, there are vast number of users still struggling to use their native languages, where as the developers who wish to maintain compatibility with these devices are also struggling while making apps for those users. 

While the language support on android systems and their sdk is continuously improving, there is no reason why an independent, reliable, native lang support cannot be added to the apps with help of widgets developed in such manner. This would only improve the reach of technology to those who are facing the economical and linguistic barriers. 

September 17, 2014

Fedora 21 Virtualization Test Day is Thursday September 25

https://fedoraproject.org/wiki/Test_Day:2014-09-25_Virtualization


virt-v2v preview packages for RHEL and CentOS 7.1 are available

virt-v2v is a small program for converting guests from VMware or Xen, to run on KVM, RHEV-M or OpenStack. For RHEL 7.1, I am rewriting and enhancing virt-v2v, so it’s much faster and easier to use.

To install, follow the instructions here for setting up the yum repository, and then you can do:

yum install virt-v2v

To use it, start with the manual here that has lots of examples and the full reference documentation.


Quick Install Spotify For Linux In Fedora 20

If you love your music whilst hacking away on your computer I am sure you have tried Spotify!

Screenshot from 2014-09-17 20:42:03

Installing it doesn’t have to be a hard task and it’s even easier thanks to Slaanesh over at http://www.negativo17.org

He has kindly repackaged the latest Spotify client from the Ubuntu packages to work with Fedora and the like.

Current Supported Distributions

Fedora 19 – x86_64
Fedora 20 – x86_64
Fedora 21 – x86_64
RHEL/CentOS 7 – x86_64

 

To Install –  

You must be root!

Firstly we need to add the repository that Slaanesh has created for all his packages.

user@computer:$ yum-config-manager --add-repo=http://negativo17.org/repos/fedora-spotify.repo

Then install the client

user@computer:$ yum -y install spotify-client

Once it’s installed hit your super key and start typing spotify! Happy Listening!

Screenshot from 2014-09-17 20:37:59

It’s worth also checking our Slaanesh’s other packages as there might be something else you need! http://negativo17.org

 

<script async="async" src="http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js"></script> <script> (adsbygoogle = window.adsbygoogle || []).push({}); </script>
A follow up to yesterday's Videos new for 3.14
The more astute (or Wayland testing) amongst you will recognise mutter running a nested Wayland compositor. Yes, it means that Videos will work natively under Wayland.

Got to love indie films

It's not perfect, as I'm still seeing hangs within the Intel driver for a number of operations, but basic playback works, and the playback is actually within the same window and correctly hidden when in the overview ;)
controlando un robot con señales MIDI
El estándar MIDI (Musical Instrument Digital Interface) es un protocolo muy usado en la industria musical para transmitir información entre dispositivos musicales, como teclados, samplers, equipos para sincronizar dispositivos, etc etc. Si bien es un estándar bastante antiguo, sigue siendo valido y aun hoy es una de las formas mas común de controlar distintos equipos musicales.
En los sistemas GNU/LINUX, también implementan una forma de controlar distintos software y hardware a través de señales MIDI, de esa forma, uno puede tener un controlador MIDI o un teclado con salida MIDI  y controlar distintos programas de audio como LMMS, Hydrogen, Ardour o algunos sintes digitales como qsynth.
La forma de trabajar con auido en GNU/LINUX, puede ser un tanto complicadod e entender al principio, hay varios motores de sonido (OSS, ALSA) pero ademas, esta JACK, que se encarga de capturar el hardware y ser un buffer (o proxy si se quiere) que toma las entradas y salidas de los distintos software y los envía a la placa de audio, permitiendo hacer cosas como tomar la salida de LMMS y meterla dentro de un canal de Ardour y la salida maestra de Ardour derivarla a un multi efecto como Rakarrack, y después, todo eso a la salida de la paca de audio.


Ejemplo de Jack con su front-end qjackctl y LMMS

La idea del proyecto siguiente es poder hacer una interface que tome datos MIDI a traves de Jack y las re envié al puerto /dev/ttyACM0 para poder controlar un robot y hacer música. Para eso, use las librerías de pygame para control MIDI, que si bien son unas librerias gigantes, estan empaquetadas en casi todas las distribuciones GNU/LINUX (Y obviamente en FEDORA) y hay mucha documentación. Para el control del robot usao el modulo apicaro, que forma parte del proyecto ICARO y que me permite andar señales a la placa mediante python-serial y un firmware especial del lado del PIC (firmware tortucaro, que se carga desde la pantalla de icaro-bloques).

boton de carga para el firmware Tortucaro 
(para controlar la placa desde puerto /dev/ttyACMx)



<object class="BLOGGER-youtube-video" classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0" data-thumbnail-src="https://i.ytimg.com/vi/z8Isx_vEQh8/0.jpg" height="266" width="320"><param name="movie" value="https://www.youtube.com/v/z8Isx_vEQh8?version=3&amp;f=user_uploads&amp;c=google-webdrive-0&amp;app=youtube_gdata"/><param name="bgcolor" value="#FFFFFF"/><param name="allowFullScreen" value="true"/><embed allowfullscreen="true" height="266" src="https://www.youtube.com/v/z8Isx_vEQh8?version=3&amp;f=user_uploads&amp;c=google-webdrive-0&amp;app=youtube_gdata" type="application/x-shockwave-flash" width="320"></embed></object>

Video de un robot que toca el xilofon, 
controlado mediante LMMS y tambien un teclado controlador MIDI.

 Aca el código fuente del robot, no es muy difícil de entender, básicamente son 2 clases que controlan el MIDI y el puerto serie (usando apicaro)
import pygame
import time
import pygame.midi
import apicaro


class ROBOT:
""" clase robot, cotrola mediante apicaro los dos servomotores
de moviento del robot (izquierda/derecha, arriba/abajo """
escala={
"c":30,
"d":60,
"e":80,
"f":110,
"g":130,
"a":155,
"b":180,
"c2":205
}
golpe={
"sube":60,
"baja":29
}

def __init__ (self):
""" Class initialiser """

self.icaro=apicaro.puerto()
self.band=self.icaro.iniciar()
def mover(self,tecla):
self.icaro.activar_servo(1,self.escala[tecla])
def golpear(self):
self.icaro.activar_servo(2,self.golpe["baja"])
time.sleep(0.07)
self.icaro.activar_servo(2,self.golpe["sube"])


class MIDI:
""" inicia pygame.midi y tiene un diccionario con algunas notas MIDI """
notas={
60:"c",
62:"d",
64:"e",
65:"f",
67:"g",
69:"a",
71:"b",
72:"c2"
}
def __init__ (self):
""" Class initialiser """
pygame.midi.init()
print "set player"
self.player= pygame.midi.Input(1)
print "set instrument"

midi=MIDI()
robot=ROBOT()
while robot.band:
# nos fijamos si hay datos en el buffer
flag = midi.player.poll()
if flag == True:
data = midi.player.read(10)
senal = data [0][0]
nota = senal[1]
volumen = senal[2]
#~ print volumen
# si la nota esta dentro del diccionario, muevo el robot
if midi.notas.has_key(nota):
if volumen <>0:
robot.mover(midi.notas[nota])
time.sleep(0.2)
robot.golpear()

Try Minetest or Voxelands — open source voxel sandbox games for Fedora

In light of recent events it might be worth for fans of Minecraft to try out Minetest or it’s fork Voxelands. Both are open source, infinite voxel sandbox games that are currently available for Fedora.

Minetest is currently being developed on and is fairly simplistic without adding mods, it does have the main game mechanics of gathering resources, crafting and building structures. There are a range of Mods available to add functionality as well as texture packs to customise your experience. Minetest is available now in Fedora from the Software application, or using the command line yum install minetest.

minetest

Voxelands is a fork of Minetest that implements a wide range of additional functionalty that is either not available in Minetest, or is only available using Mods. It adds features such as mobs and farming. Voxelands is available for Fedora from this COPR repo.

voxelands

 

 

 

Compiling Lohit fonts feature file with Adobe Font Development Kit
This first came to notice with issue "OTM error #13". Everything was working perfectly with fontforge, creating feature file and importing feature file back :)

But certainly above issue open up number of issues with this process. Font designers were not able to import .fea file due to this issue.

Thanks to Dave and Frank for pointing to issue and directing me towards Adobe Font Development Kit (AFDKO). Adobe is the one created specification for .fea file and provided nice tools to compile it.  Most of the information already available AT http://www.adobe.com/devnet/opentype/afdko/topic_overview.html 

 This blog is specifically to update how i am using AFDKO in Lohit project.

Steps:
1. Write open type tables for Lohit fonts in Fontforge.
2. Export .fea file
3. Generate .ttf by importing .fea file to it using following commands.
4. makeotf -f Lohit-Tamil.ttf -ff Lohit-Tamil.fea

It fails with error but it generates unix Type1 font required for makeotfexe.

What errors :)

  makeotf command pass following arguments to makeotfexe

  "makeotfexe "-f" "Lohit-Tamil.ttf.tmp" "-o" "Lohit-Tamil.ttf.temp_cff" -ff "Lohit-Tamil.fea" -ga -gf "Lohit-Tamil.ttf.temp.GOADB" -mf "FontMenuNameDB" -shw"

In above argument  "-ga -gf "Lohit-Tamil.ttf.temp.GOADB"  are not required but somehow automatically gets added by makeotf.

But makeotf done one good job of converting source font 'Lohit-Tamil.ttf' to temporary Unix Type1 font file 'Lohit-Tamil.ttf.tmp'

5. run makeotfexe removing problem cuasing arguments.
 makeotfexe "-f" "Lohit-Tamil.ttf.tmp" "-o" "Lohit.ttf" -ff "Lohit-Tamil.fea" -mf "FontMenuNameDB" -shw

And here get you Lohit.ttf build by adding .fea file with AFDKO.

Hope so it will help to some others as well.

I specifically found this very useful for finding issues in Lohit-Devanagari.fea files.
Confusing the locale for the language

I wrote a short note on the history/context behind the bn-IN/bn-BD decision and other things here If you’d like to comment/discuss, I’d prefer the G+ post than this blog.