July 28, 2015

Como cambiar la duración del screencast en Gnome 3.16
En esta versión de Gnome 3.16 el valor por default del screencast es de 30 segundos, por lo que si...
How to change the duration of screencast in Gnome 3.16
The screencast tool of gnome is great ! but this have a little restriction ( the duration of...

July 27, 2015

Growth of Fedora Repository Has Almost Stalled

I went across statistics from Fedora Package Database and what caught my attention is that the increase of number of packages in the official Fedora repository has almost stalled:

fedora-number-of-packagesThe number of packages in Fedora 22 is 17021 and is not going much since Fedora 20. Does it mean there are no more projects worth packaging? I don’t think so. The number of open source projects goes up like never before, just look at GitHub.

I think this trend is related to the growth of Copr. The number of projects has been rising exponentially there. Mirek Suchý reported a couple of months ago that the number of projects in Copr was almost 3000 and almost 2000 were active. And the numbers have increased significantly since then.

It’s actually a success. It means we have achieved what we outlined in the Fedora.Next plans: we’ve built a ring of software around Fedora which has low barriers to entry for packagers and where software is easy to install for users. Although the number of packages in the official repositories is not growing like in the past the total amount of software available to Fedora users has grown like never before. That’s great.

What we’re still failing at a bit is how to build on this and bring the best of Copr to official Fedora repositories and convert the most promising Copr packagers into Fedora packagers. The official repositories still have their relevance. The quality of packages there is significantly higher than in Copr. We should encourage Copr packagers to work on their packages to meet Fedora standards and become Fedora packagers. We should show them the path. I can imagine that we offer an option in Copr to run the source packages against fedora-review to give the packager a hint what needs to be done to meet the official repository standards and if he/she is interested we can point him/her to documentation for the rest of the process.

The current situation is a great opportunity if we streamline the path to quality. Then Copr can serve as a broad source of “playground” software from which useful and proven projects can get deserved quality of integration and make it to the official repositories. But it’s also a threat because if we don’t provide a path and encourage Copr packagers they may just be satisfied with the easy way to make and maintain packages in Copr and no one will want to package software for the official repositories any more.

Golang parallelism issues causing “too many open files” error

I’ve been hacking in golang for a while, but I’ll admit that I didn’t get too deep into some of the language nuances until more recently. Since some of them have started to bite me, here’s a little post-mortem of one of the problems I was having.

After hacking and testing code all day, I made a seemingly innocuous change, and when running my program, I saw the following error:

2015/07/10 14:34:12 too many open files

I didn’t know what I broke, but it was obviously my fault. I reverted my recent changes, but still the error persisted. Internet searches and many painful hours of debugging ensued.

I had definitely hit some sort of heisenbug.

I had definitely hit some sort of Heisenbug.

What had gone wrong? Digging around my system, I noticed something weird in my ps output:

$ ps auxww | grep go
james     3446  0.0  0.1 197392  9240 pts/4    Sl   11:48   0:00 go run ./main.go
james     3457  0.0  0.0   6268  1980 pts/4    Sl   11:48   0:00 /tmp/go-build030949627/command-line-arguments/_obj/exe/event
james     3487  0.0  0.1 197392  9184 pts/4    Sl   11:49   0:00 go run ./main.go
james     3501  0.0  0.0   6268  2040 pts/4    Sl   11:49   0:00 /tmp/go-build037131602/command-line-arguments/_obj/exe/event
james     3556  0.0  0.1 197392  9168 pts/4    Sl   11:49   0:00 go run ./main.go
james     3567  0.0  0.0   6268  1976 pts/4    Sl   11:49   0:00 /tmp/go-build957487534/command-line-arguments/_obj/exe/event
james     3788  0.0  0.0 197392  1636 pts/4    Sl   Jul04   0:07 go run ./main.go
james     3800  0.0  0.0   5180  1944 pts/4    Sl   Jul04   0:01 /tmp/go-build552106841/command-line-arguments/_obj/exe/event

Hoards and hoards of lingering go build artefacts, were still running. At one time I noticed over 42 of these! I quickly killed them all off:

# processes are named `event`, and I don't have any unrelated event processes running.
$ killall -9 event
kernel: ahh, much better! :)

Which brought my program back to life! Heisenbug gone… or was it? I soon noticed, that each time I ran my program, the left over process count would increment by one. What was causing this? After another session of debugging, I found that these leftovers were caused by a lack of clean up due to some buggy code. That buggy code is the interesting part. Let’s look at it:

for v := range obj.GetSomeChannel() {
    fmt.Printf("Processing: %v\n", v.Name)
    // BAD
    go func() {
        defer wg.Done()
        v.Start() // some method
        fmt.Printf("Finished: %v\n", v.Name)

I’m not sure how common this issue is, so if you’re not yet familiar with it, take a moment to try and figure it out.

Okay. The issue is that when you iterate through the loop, the v value which is passed in to the function (the closure) is actually referencing the memory space of v. As a result, whenever the v value changes (as it does in the loop) the v variable instantly contains the new value, and the go routine will see the value of whatever it happens to be when it uses it.

To get around this race (and it is a race) you need to copy in the value to the goroutine:

for v := range obj.GetSomeChannel() {
    fmt.Printf("Processing: %v\n", v.Name)
    // GOOD
    go func(v *Objtype) {
        defer wg.Done()
            v.Start() // some method
        fmt.Printf("Finished: %v\n", v.Name)


It so happens that v is a pointer, but that’s irrelevant. The value of the pointer still needs to be copied in to the goroutine that is being called to use it. In my case, v needs to be a pointer, because we want the same copy of our data to be used throughout the code.

Many thanks to bleidl for helping me with some of the analysis!

As a quick aside, I’m using this WaitGroup pattern, which replaced the much uglier version of this loop which I had previously written. For a language that claims to not be pattern and idiom heavy, there sure are a bunch that I’ve found so far, many of which come with gotchas.

Happy hacking!


Very slow ssh logins on Fedora 22

I’ve recently set up a Fedora 22 firewall/router at home (more on that later) and I noticed that remote ssh logins were extremely slow. In addition, sudo commands seemed to stall out for the same amount of time (about 25-30 seconds).

I’ve done all the basic troubleshooting already:

  • Switch to UseDNS no in /etc/ssh/sshd_config
  • Set GSSAPIAuthentication no in /etc/ssh/sshd_config
  • Tested DNS resolution

These lines kept cropping up in my system journal when I tried to access the server using ssh:

dbus[4865]: [system] Failed to activate service 'org.freedesktop.login1': timed out
sshd[7391]: pam_systemd(sshd:session): Failed to create session: Activation of org.freedesktop.login1 timed out
sshd[7388]: pam_systemd(sshd:session): Failed to create session: Activation of org.freedesktop.login1 timed out

The process list on the server looked fine. I could see dbus-daemon and systemd-logind processes and they were in good states. However, it looked like dbus-daemon had restarted at some point and systemd-logind had not been restarted since then. I crossed my fingers and bounced systemd-logind:

systemctl restart systemd-logind

Success! Logins via ssh and escalations with sudo worked instantly.

The post Very slow ssh logins on Fedora 22 appeared first on major.io.

Event report: FUDCon Pune 2015

Starting of the conversation

I don’t remember when I called Siddhesh for the first time to talk about organising FUDCon in India this year. But the discussion started, at first I wanted to bid with Durgapur as the venue. But after some discussion, we agreed that Pune is a better place in many cases which we want in a venue for FUDCon.

The bid and venue

I was in Kolkata, I was not directly involved with the bid. But the team did an amazing job in putting up the bid, doing many ground works. MITCoE was chosen as the venue, but we had few other college names in the list as backup.

Talk selection and website

Four of us (Siddhesh, Amit, Nipendra, and me) took the charge of selecting talks. After many long calls/videos chats we had the initial selected talk list, and it got published in the site on time. That reminds me to speak about the effort Siddhesh put up to fix our fudcon.in, I know how many sleepless nights he spent to get everything working as required.

Final ground work before event

I came down to Pune on 26th of May, and start working with rest of the organisers. My primary responsibility was related to final travel for the speakers/contributors, and doing the travel for the day of the events. Sanisoft helped us with the event schedule. Hasgeek stepped up to help with the video recording/streaming of the event.

Suprith came up as a volunteer, and he did a tremendous job while running around through out city, and getting best quotes for swag, and printing. Another super big help came from Rupali, who handled/worked on almost everything other than talk selection, and made sure that the event becomes a success

I spent two sleepless nights just before the event starts to make sure all speakers reach the hotel on time, and safely.

The event

Dennis Gilmore<script async="async" charset="utf-8" src="http://embedr.flickr.com/assets/client-code.js"></script>

Dennis Gilmore started the event with his keynote. We learned a lot about the future plans of Fedora release engineering team in that. After that we had the education panel with a opening event from the college authority.

Harish did the closing keynote on day one. Jiri did the opening keynote on day two. As you can see I am only talking about the keynotes as I was running around doing smaller tasks during the event. We also had Fedora Ambassadors APAC meeting during FUDCon.

Tenzin Chokden<script async="async" charset="utf-8" src="http://embedr.flickr.com/assets/client-code.js"></script>

The day two closing keynote was from Tenzin Chokden about the Tibetan Government and community in exile and how it safeguarded itself with help of open source tools and the Fedora community from the spying network called GhostNet. This was eye opening in different ways, showing the problems they face everyday, and about how the small contributions from the FOSS communities help them in bigger ways.

Day three was full with workshops and specialized groups. I gave a small 10 minutes talk about CentOS Cloud SIG in the Openstack track. Harish conducted an amazing workshop as GPG.

My job finished when the last speaker returned home safely. But this is not the end, we will be doing local event as follow ups to try to get more open source contributors. I was very happy to see many students who traveled more than one day to reach Pune for the event. If they continue their journey in the community, I am sure they will shine in their own career path.

Students from Amrita University<script async="async" charset="utf-8" src="http://embedr.flickr.com/assets/client-code.js"></script>

You can view the full photo set here.

Thank you volunteers

I don’t have words to praise the volunteers for the amount of work they put up for the conference. I can only say thank you all for everything. Just want to mention Siddhesh specifically. The community needs more leaders like you. I hope many will follow your path.

Call for Ideas: Graphical Test Coverage Reports

If you are working with Python and writing unit tests chances are you are familiar with the coverage reporting tool. However there are testing scenarios in which we either don't use unit tests or maybe execute different code paths(test cases) independent of each other.

For example, this is the case with installation testing in Fedora. Because anaconda - the installer is very complex the easiest way is to test it live, not with unit tests. Even though we can get a coverage report (anaconda is written in Python) it reflects only the test case it was collected from.

coverage combine can be used to combine several data files and produce an aggregate report. This can tell you how much test coverage you have across all your tests.

As far as I can tell Python's coverage doesn't tell you how many times a particular line of code has been executed. It also doesn't tell you which test cases executed a particular line (see PR #59). In the Fedora example, I have the feeling many of our tests are touching the same code base and not contributing that much to the overall test coverage. So I started working on these items.

I imagine a script which will read coverage data from several test executions (preferably in JSON format, PR #60) and produce a graphical report similar to what GitHub does for your commit activity.

See an example here!

The example uses darker colors to indicate more line executions, lighter for less executions. Check the HTML for the actual numbers b/c there are no hints yet. The input JSON files are here and the script to generate the above HTML is at GitHub.

Now I need your ideas and comments!

What kinds of coverage reports are you using in your job ? How do you generate them ? How do they look like ?

new release of zanata-python-client - v1.3.22
This blog post is about short note to new release of zanata-python-client.

zanata which is open source platform for localisation and used by  fedora and openstack. Zanata provides REST API so that developers can interact with zanata server.

I have been maintaining zanata-python-client and recently some developers requested small feature requests. This release contains:
  • Improved error codes, that means in case of error messages z-p-c returns appropriate error codes to system, this is useful for people who uses z-p-c from command line.
  • Bug fixes.
I have updated z-p-c in Fedora. Please feel free to play and report bugs.

July 26, 2015

Activities from Mon, 20 Jul 2015 to Sun, 26 Jul 2015


Activities Amount Diff to previous week
Badges awarded 564 +12.13%
Builds 16399 +00.10%
Copr build completed 3445 -11.96%
Copr build started 3469 -11.78%
Edit on the wiki 562 +02.18%
FAS user created 103 -08.04%
Meeting completed 22 -21.43%
Meeting started 22 -21.43%
New packages 49 NA
Posts on the planet 55 -17.91%
Retired packages 0 NA
Updates to stable 366 +50.00%
Updates to testing 429 -04.24%

Top contributors of the week

Activites Contributors
Badges awarded mjeanson (12), alezzandro (7), ttorling (7)
Builds pbrobinson (5652), sharkcz (2729), karsten (2230)
Copr build completed avsej (483), smani (317), lsst (154)
Copr build started avsej (483), smani (324), lsst (154)
Edit on the wiki immanetize (56), aadityanair (48), wolnei (29)
Meeting completed dgilmore (7), nirik (4), roshi (4)
Meeting started Renault (1), Sparks (1), adamw (1)
New packages  
Posts on the planet admin (9), leinfeva (5), laubersm (3)
Retired packages  
Updates to stable siwinski (32), remi (29), raveit65 (16)
Updates to testing jchaloup (28), remi (22), siwinski (21)
New home storage box with Fedora and ARM

Buying the hardware

I was looking forward to setup a new storage box at home. The biggest two points were about being able to run Fedora, and to be in the cheaper side. After looking at the available hardware prices for the desktops, I thought I should look into something else.

While asking about the similar setups, Dennis Gilmore, and Peter Robinson from Fedora release engineering team suggested me to look at the ARM boards which can run the standard Fedora ARM. After looking into the boards which I can buy online from an Indian shop, I decided to go for a Banana Pi. It has Allwinner A20, 1GB DDR DRAM, and most important a SATA connector. I ordered the device from crazypi, I have bought many other things from them before. The device was delivered within 24 hours :)

The next issue was to get the hard drive for the system. After a few failed attempts to find a power cable for a SATA drive, I just decided to buy a desktop SMPS to power the hard drive (and it will power the future ones too), I also bought a 8 port switch as I was out of available ports in my home network.

The setup

OS installation

I downloaded the minimal Fedora ARM image (find it here). On my laptop first I installed fedora-arm-installer package. Used the same to get the image on a SD card

# dnf install fedora-arm-installer
# fedora-arm-image-installer --image=Fedora-Minimal-armhfp-22-3-sda.raw.xz --target=Bananapi --media=/dev/sdb --selinux=OFF

After everything was done, I reinserted the card in my laptop, and then edited the file extlinux.conf under boot partition, added the words console=tty0 as a parameter.

Network configuration

Next step was to connect the Banana Pi to a TV (it has HDMI), and boot the system, setup root password, timezone, and another user. After logging into the system, my next job was to setup a static ip for the system. To do so, add a new file /etc/sysconfig/network-scripts/ifcfg-eth0 and put the following (after changing the ip details) into it.


Brought back the system to my office room, setup the network switch, and the cables. Connected the system along with the hard drive, and I managed to connect to system from my laptop using ssh.

Setting up the SATA drive

The drive came up as /dev/sda in the system. I wanted to encrypt it first, that will keep the data secured in case it gets stolen. Install the following package for the same.

# dnf install cryptsetup

Then wanted to fill up the drive with some random data (this will take some time).

# dd if=/dev/urandom of=/dev/sda1 bs=1M

Then encrypted the drive.

# cryptsetup luksFormat /dev/sda1

This will overwrite data on /dev/sda1 irrevocably.

Are you sure? (Type uppercase yes): YES
Enter passphrase: 
Verify passphrase:

Next step is to open it with a given name (the name will come up under /dev/mapper), and format the partition as ext4.

[root@localhost ~]# cryptsetup luksOpen /dev/sda1 store1
Enter passphrase for /dev/sda1: 
[root@localhost ~]# 
[root@localhost ~]# ls /dev/mapper/
control  store1
[root@localhost ~]# mkfs.ext4 /dev/mapper/store1 
mke2fs 1.42.12 (29-Aug-2014)
Creating filesystem with 244189878 4k blocks and 61054976 inodes
Filesystem UUID: 43a8b791-3fac-43cb-8244-8988ff3fb749
Superblock backups stored on blocks: 
32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208, 
4096000, 7962624, 11239424, 20480000, 23887872, 71663616, 78675968, 
102400000, 214990848

Allocating group tables: done                            
Writing inode tables: done                            
Creating journal (32768 blocks): done
Writing superblocks and filesystem accounting information: done 

Now I do not want the drive to be automounted, that is why I added a script which will open it, and mount to /mnt in the future.

Software configuration

I tried to use Owncloud for some time on that box, it is an excellent application, but sadly mariadb was taking a lot of CPU. Later at night Dennis suggested me rdiff-backup. I am using that for now, I will update the post later with my experience.

Enable the autologin in lightdm
RequisitesRoot userYour favorite text editor (Gedit,Pluma,Nano,etc)1. You need edit the config file...
Activar el Inicio Automatico en ligthdm
RequisitosSer usuario rootUn editor de texto (gedit,pluma,nano,etc)1. Editaremos el archivo de...
Instalar ‘Security Lab’ en tu Fedora 22

Dentro de la era en la que nos encontramos en completamente normal querer aprender nueva información útil para nuestro día a día, desde un nuevo lenguaje de programación hasta cosas simples como noticias o leer consejos. Desde siempre lo que popularmente se denomina ‘hacking’ me ha llamado la atención, aunque tengamos claro algo: Hacker es la personas que hace que un sistema haga lo que el quiere, y no tenemos que irnos tanto al software, una persona que modifica carros literalmente es un hacker, ya que hace que ese sistema mejore a su conveniencia.

Si estas en Fedora en algún momento habrás escuchado sobre la opción de seguridad que brinda: Fedora Security Lab. El cual brinda gran parte de las herramientas que vienen integradas en la distro de Kali Linux. Lo primero que pensarás es “quiero usar las herramientas pero no quiero bajar y/o instalar Fedora Security Lab”, no es necesario bajar la .iso de Fedora Security Lab para poder utilizar estas herramientas. Para esto se utiliza el código: # dnf group install 'Security Lab'

Como ya sabemos, en Fedora 22 se empieza a utilizar por defecto el comando dnf para instalar nuevas aplicaciones dentro de las repos que ya hemos registrado en nuestra máquina. Luego de esto se utilizar la opción group install junto con el nombre del “laboratorio de Fedora” que desea instalar. Luego de esto podrá tener las aplicaciones que vienen por defecto en el Fedora Security Lab.

July 25, 2015

Flock is coming

Its just a few weeks to 3rd Flock, where the Fedora birds come together. The schedule is out for a while and as you can see I have two things which I will “present”.

The first one is Design Clinic, where you can come if you need help from the Design Team, Máirín Duffy, Ryan Lerch, Marie Nordin, Meghan Richardson and me will be there to helping you with problems you have. You can come with everything, you need a poster for an event so com, you need a logo so come, you need help with UX design so come, you have any idea where we can improve from the design perspective come and speak with us.

So far we have 3 projects we want already to work on:

  • Ralph Bean asked us a while ago if we can improve the “fedmenu”, some might have noticed it already that are the little buttons down in the corner if you are logged in into a page of Fedoras infrastructure.
  • Pierre-Yves Chibon, drives since a long time an service called “This week in Fedora” and he wants an design to present it better in the web.
  • Matt Miller wants help with an presence for “Two Week Atomic”

So if you have something just come along and grab us for help! You can also write to the design team mailing list, if you are not at Flock and have a thing where we should work on.

The second thing I have is the “Wallpaper Hunt“. As you might know I am responsible for getting the supplemental wallpapers for each Fedora release. Btw. our nice little application for doing that was started on first Flock but looking back to that Flock, I received after it some submissions from Charleston, that was definitely not good and there was so nice motives in Charleston to sad we had not one wallpaper in the next release which was shot during Flock. And there was so nice motives! This Flock I want to change that. With Marie Nordin I located a nice spot where we want to go and try to shoot pictures that can show up in Fedoras next version.

So I know we have talented photographer between us, lets get together going there and try get some nice pictures on this way we can share our knowledge and equipment and I think we will have some fun to. The only chance we have to do it, is Wednesday after the talks, so come to me before I will tell you where we meet.

On Saturday as you can see in the schedule we have some time then get the pictures processed.

Plasma Mobile – KDE still evolving

<iframe allowfullscreen="allowfullscreen" frameborder="0" height="360" src="https://www.youtube.com/embed/z5cjfRh0ucM?feature=oembed" width="640"></iframe>


Installing Netbeans 8.x on Fedora 21/22/23
Hello, first you need download the rpm of JDK of Oracle, according the architecture of your...
Instalando Netbeans 8.x en Fedora 21/22/23
Lo primero será descargar el rpm del JDK de Oracle dependiendo de la arquitectura de su máquina....
Useful DuckDuckGo bangs

DuckDuckGo bangs are just shortcuts to redirect your search to another search engine. My personal favorites:

  • !gnomebugs — Runs a search on GNOME Bugzilla. Especially useful followed by a bug number. For example, search for ‘!gnomebugs 100000′ and see what you get.
  • !wkb — Same thing for WebKit Bugzilla.
  • !w — Searches Wikipedia.

There’s 6388 more, but those are the three I can remember. If you work on GNOME or WebKit, these are super convenient.

July 24, 2015

Schedules for Flock and F23, Atomic & Workstation, DNF — and a Fedora job opening!

Fedora is a big project, and it’s hard to keep up with everything. This series highlights interesting happenings in five different areas every week. It isn’t comprehensive news coverage — just quick summaries with links to each. Here are the five things for July 21st, 2015:

Flock to Fedora schedule

Flock to Fedora is our big, annual conference for Fedora contributors and developers. This year, it’s in Rochester, New York, from August 12-15. The schedule of talks is online now; take a look and start planning your agenda.

Note that registration is closed, but we generally do have room for a few extra people if you are in the area and can join us. You won’t get a t-shirt, meals, or evening events, and you’ll have to write your own name tag. (Next time, please do preregister — it really helps with the logistics!)

Fedora 23 timeline

Speaking of schedules, Fedora 23 development is well underway. Last week, Fedora 23 branched from Rawhide, so that we can focus on stabilization and bugfixes for the planned October release while ongoing work on future features — Fedora 24 and beyond! — can continue in the development branch. The Alpha Freeze (where F23 features and changes are supposed to be substantially complete and testable) is scheduled for a week from today, with the actual Alpha release August 11th — the day before Flock starts. The QA team is already working on early test candidates, and Docs has put out a call for help with release notes.

See the F23 schedule wiki for other important dates.

Using Atomic tech for Fedora Workstation?

Project Atomic is a system for running containerized applications, a topic so much in vogue that the Linux Foundation has added “ContainerCon” to this year’s LinuxCon + CloudOpen.

GNOME developer and Fedora Workstation Working Group member Owen Taylor posted a long and interesting exploration of the idea of using these technologies on the desktop. Definitely worth reading if you’re interested in the future of OS design and Linux-based desktop environments.

Fedora Cloud applications programmer opening

Over on his blog, Fedora Engineering manager Paul Frields posted about a new job opening on his team. Red Hat is looking for someone to work full time on our tools for shipping cloud images to various providers, automating our various currently-manual processes, contributing to other Fedora Infrastructure applications, and not at all least, in helping build community around all of that. If this sounds at all interesting to you, you can apply here — or if you know someone who would be a good fit, don’t hesitate to pass this on.

DNF gets a refresh based on feedback

DNF is the new command-line package management tool in Fedora 23, replacing Yum. The new software has a lot of advantages — speed, a more mathematically correct SAT solver for resolving package dependencies, and — probably most crucially — a well-defined and documented API for plugins. But new software is never perfect, and changing DNF from optional to default resulted in a lot of feedback. The DNF team has now released version 1.0.2, addressing a lot of these bugs and feature requests.

The DNF team is very responsive and interested in providing a good experience for users, so please do keep that feedback coming.

Need sources of "IT for youth" (not programming)
At a recent event there was a participant who posed a serious problem. She has plenty of resources available to assist young women who are interested in learning to code. She also knows plenty of young women who are interested in other STEM topics in general but not interested in programming. Young women who have tried to code but found it is not for them. Learning the basic concepts of programming in order to understand the logic is great and important but there are other aspects to the IT world than just programmers. This event participant was looking for ways to interest (or keep interested) young women in information technology with tasks other than programming.

I keep meaning to put together a panel presentation for conferences about how to contribute to or make a living with open source when you do not consider yourself a programmer. I know people that do design, testing, documentation, security compliance, administration, and community management. They all have technical skills with various levels of scripting knowledge or have formerly been programmers. At least one has done special programs with the schools (teaching the use of InkScape) and is hosting a summer intern to assist with her UX job.

My panel idea is focused around contributing to open source projects and is targeted more at adults. It is a starting point for ideas. However, there are other IT related projects that can be of interest to youth (and other non-programmers) interested in other aspects of computers.  [Note: these are US infinitives aimed to help a group in Florida]

I believe that the event participant is a system administrator who can script and work with devops but does not consider herself a coder - much like my background. She is looking for ideas on how to share the message with today's youth that there is more to computer science and information technology than being a programmer. Here are some of my thoughts:

Originally for Junior ROTC programs but expanded to any high school group.

USFirst - Teaches teamwork through robotics which involves design and electronics as well as the programming.

Kaggle - "The Home of Data Science" has competitions that teach data science concepts and contribute to all kinds of research. Many projects need some scripting (coding) skills but others are more about statistics, graphing, and visualization. Check out the tutorials section.

Also check out local meetups and ask for assistance presenting options to youth. Look for groups such as:

  • HackerSpace or MakerSpace or Makers groups
  • Any group inventing with Raspberry Pi, Arduino, or similar devices
  • Meetups entertaining wearable electronics topics.
  • Groups working with 3-D printers (perhaps even for a good cause like http://enablingthefuture.org)

If anyone knows of programs specifically teaching system administration or network administration to youth, let me know so I can pass on the links.


Chrome and missing key

Are you using Chrome in Fedora? You might have noticed messages about a missing public key and you may have encountered problems with updating the application. That’s because Google fails to provide the public key for the Chrome RPM package. It’s become a serious problem in Fedora 22 where it aborts the update process completely and the package can’t be updated. The most convenient solution for users would be importing they key while installing the package, but some argue that an RPM should never automatically import keys.

Another solution is to simply add the following line to the repo file that the installation creates:


And you’ll be asked to confirm the key import during the next updating. This solution is a one-liner. It was reported to Google 10 months ago and the problem has not been fixed yet. This a bright example of problems with using proprietary software. You’re completely dependent on the vendor and on their will to solve your problems. Fedora developers are sometimes accused of not caring about how proprietary software runs on Fedora. At least here in the desktop team, we do care because we care about the experience our users have using Fedora. But in most cases including this one, we just can’t do anything. I can only advise you to import the key manually to get rid of the problems:

sudo rpm --import https://dl-ssl.google.com/linux/linux_signing_key.pub

Vote for my OpenStack Summit Tokyo Sessions

I’ll be in Tokyo this October for OpenStack summit. Here’s a list of my sessions, put in a vote if you have a chance.

Getting Started with OpenStack

Getting Started with OPNFV

Building your first VNF

TryStack.org: Free OpenStack for Planet Earth

Tuning HA OpenStack Deployments to Maximize Hardware Capabilities

Cutegram for Fedora 22, Rawhide and EPEL 7

Few days ago there was an article on Fedora magazine by Jiri Eischmann explaining the current situation of Telegram clients on Fedora.

One of the mentions was about Cutegram, and that was tentatively packaged by Jaroslav Reznik.
I asked for his bless to take a shot on it, and now during KDE’s Akademy i decided play a little with this, since we’re using as the main communication software during the conference.

So i’m glad to announce that the initial packaging, with little few patches was done, running and available on my COPR repository and ready to test.

I intend to submit to Fedora package system soon, but for now, COPR only.
Any suggestion or help will be welcome, i’m all ears :-)

PHP on the road to the 7.0.0 release

Version 7.0.0beta2 is released. It's now enter the stabilisation phase for the developpers, and the test phase for the users.

RPM are available in the remi-php70 repository for Fedora  21 and Enterprise Linux  6 (RHEL, CentOS) and as Software Collection in the remi-test repository.


emblem-important-4-24.pngThe repository provides developement versions which are not suitable for production usage.

Also read:

emblem-notice-24.pngInstallation : read the Repository configuration and choose installation mode.

Replacement of default PHP by version 7.0 installation (simplest):

yum --enablerepo=remi-php70 update php\*

Parallel installation of version 7.0 as Software Collection (x86_64 only, recommended for tests):

yum --enablerepo=remi install php70

emblem-important-2-24.pngTo be noticed :

  • EL7 rpm are build using RHEL-7.1
  • EL6 rpm are build using RHEL-6.6
  • various extensions are also available, see the PECL extension RPM status page
  • follow the comments on this page for update until final version.

emblem-notice-24.pngInformations, lire :

Paquets de base (php)

Software Collections (php70)

New "remi-php70" repository

I've just open the remi-php70 repository for Fedora ≥ 21 and Enterprise Linux ≥ 6.

Current version is PHP 7.0.0beta2 with about 25 extensions which are already compatible.

emblem-important-4-24.pngThis repository provides developement versions which are not suitable for production usage.

The repository configuration is provided by the latest version of the remi-release package:

  • remi-release-21-2.fc21.remi
  • remi-release-22-2.fc22.remi
  • remi-release-6.5-2.el6.remi
  • remi-release-7.1-2.el7.remi

emblem-notice-24.pngAs for other remi's repositories, it is disabled by default, so the update is an administrator choice.

E.g. to update the PHP system version:

yum --enablerepo=remi update remi-release
yum --enablerepo=remi-php70 update php\*

emblem-important-2-24.pngAs lot of extensions are not yet available, the update may fail, in this case you have to remove not yet compatible extensions, or wait for their update.

I don't plan to open this repository for EL-5 which is near to end of life.

PHP 7.0 as Software Collection stay in "remi-test" (before the switch to "remi") as there is no conflicts with the base packages.

PHP version 5.6.12RC1

Release Candidate versions are available in remi-test repository for Fedora and Enterprise Linux (RHEL / CentOS) to allow more people to test them. They are only available as Software Collections, for a parallel installation, perfect solution for such tests.

RPM of PHP version 5.6.11RC1 as SCL are available in remi-test repository for Fedora 19-22 and Enterprise Linux 6-7.

As PHP 5.5 is now in security mode only, there is no more RC.

emblem-notice-24.pngInstallation : read the Repository configuration and choose your version.

Parallel installation of version 5.6 as Software Collection (x86_64 only):

yum --enablerepo=remi-test install php56


  • version 5.6.11RC1 is also available in Fedora rawhide.
  • version 7.0.0beta2 is also available

emblem-notice-24.pngRC version is generally the same as the final version (no change accepted after RC, exception for security fix).

Software Collections (php55 - php56)

¿Qué hacer después de instalar Fedora 22? (Workstation/Server)

Guía de Post-Instalación
(Workstation & Server)

$ = usuario normal
# = usuario root


Primero abriremos una terminal y cambiamos a modo root con el siguiente comando en la consola:

$ su -

Ahora sí, comencemos con la guía...

Optimizar DNF

# dnf -y install yumex dnf-plugins-core

Actualizar tu Sistema

# dnf -y update

Repositorios Extra (Necesarios)

Añadiendo éstos repositorios a tu sistema, podrás encontrar prácticamente cualquier paquete de software (programa) sin problemas. Sólo tienes que recordar que algunos de éstos repositorios contienen paquetes que no se consideran 100% software libre. Sin embargo, en muchos casos necesitarás uno o dos paquetes que vengan de estos repositorios para hacer funcionar ciertas aplicaciones.

RPM Fusion (Free & Non-Free)

# dnf install --nogpgcheck http://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-stable.noarch.rpm http://download1.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-stable.noarch.rpm

# dnf -y update

KDE RedHat (Sólo usuarios de KDE)

# dnf -y install wget && wget http://apt.kde-redhat.org/apt/kde-redhat/fedora/kde.repo -O /etc/yum.repos.d/kde.repo

Drivers Gráficos Libres (NVIDIA ATI, INTEL)

Éstos son los drivers gráficos que deberías usar sin importar tu GPU si estás en Fedora Linux. En el post que enlazamos abajo, explicamos cómo sacar el máximo partido a tu hardware usando dichos drivers sin necesidad de recurrir a los drivers propietarios de los fabricantes.

Mejorar rendimiento de drivers gráficos libres (MESA) en Fedora Linux
Drivers Gráficos Propietarios

Úsalos solo si NO notas un buen rendimiento gráfico con los drivers libres aún después de seguir las instrucciones especificadas en el paso de arriba (y reiniciar) o bien, si vas a hacer gaming pesado en tu máquina.

NOTA: Si cuentas con gráficos AMD/ATI la verdad no vale la pena utilizar los drivers propietarios (a menos que tengas una muy buena razón como la minería de criptodivisas o algo así) ya que los libres funcionan muchísimo mejor en todos los casos de uso comunes, desde videos, pasando por gaming y hasta rendering (entre otras cosas).


Códecs y Aplicaciones

Los códecs son escenciales para poder reproducir diferentes archivos de audio/video en tu sistema independientemente del formato. Instálate un buen códec pack con el siguiente comando en consola:

# dnf -y install gstreamer1-libav gstreamer1-plugins-bad-free-extras gstreamer1-plugins-bad-freeworld gstreamer1-plugins-good-extras gstreamer1-plugins-ugly gstreamer-ffmpeg xine-lib-extras xine-lib-extras-freeworld k3b-extras-freeworld gstreamer-plugins-bad gstreamer-plugins-bad-free-extras gstreamer-plugins-bad-nonfree gstreamer-plugins-ugly gstreamer-ffmpeg mencoder

Como en todo Sistema Operativo, en Fedora necesitas aplicaciones para poder trabajar en tu computadora con diferentes archivos y bajo diferentes circunstancias/situaciones. Aquí una lista detallada de apps que no pueden faltar en tu sistema Fedora Linux según categoría:


# dnf -y install gimp scribus inkscape blender audacity-freeworld calligra-krita shutter pencil

En esta categoría otras apps importantes son el gestor de fotografías y editor rápido. GNOME tiene a Shotwell mientras que KDE tiene a DigiKam/ShowFoto.

Edición de Vídeo
Cómo instalar Lightworks video editor en Fedora Linux
Multimedia (Audio/Vídeo)

# dnf -y install vlc clementine soundconverter mediainfo

Rip & Burn

# dnf -y install k3b sound-juicer kid3

Administración del sistema

# dnf -y install gparted nano wget curl smartmontools htop inxi bleachbit firewall-config beesu pysdm

Mensajería y Comunicación

# dnf -y install pidgin xchat


# dnf -y install thunderbird


# dnf -y install unrar unzip zip p7zip p7zip-plugins


# dnf -y install python-qt4 hplip hplip-gui libsane-hpaio simple-scan


# dnf -y install firefox epiphany uget gigolo


# dnf -y install steam


# dnf -y install wine cabextract
# wget http://winetricks.org/winetricks -O /usr/local/bin/winetricks && chmod +x /usr/local/bin/winetricks


# dnf -y install java-1.8.0-openjdk java-1.8.0-openjdk-devel icedtea-web


# dnf -y install screenfetch rfkill lsb

Utilidades GNOME

# dnf -y install cheese gnome-shell-extension-common dconf-editor gnome-tweak-tool gtk-murrine-engine* libreoffice-langpack-es

Utilidades KDE

# dnf -y install kamoso digikam kde-i18n-Spanish kde-l10n-es

Software básico de compilación

Necesitarás instalar éstos paquetes si piensas compilar algo dentro de tu Fedora Linux (nunca está demás, siempre te puedes topar con software del que únicamente tengas un tarball por ejemplo); Es definitivamente recomendable instalarlos.

# dnf -y install kernel-headers kernel-devel dkms
# dnf -y install kernel-PAE-devel (Sólo Si tienes Kernel PAE)
# dnf groupinstall "Development Tools" && dnf groupinstall "Development Libraries"

Y con esto termina la parte de códecs y aplicaciones... Aquí también puedes aprovechar para personalizar un poco la selección de apps en tu sistema, yo personalmente elimino todo lo referente a evolution y rhythmbox (con mucho cuidado de no cargarme el sistema con las dependencias) ya que reemplazo estas 2 apps con thunderbird y clementine respectivamente.


Si tienes tu máquina Linux en red junto a máquinas Windows/Mac siempre es bueno tener a la mano un buen anti-rootkit y antivirus (por protección de los demás), ya que aunque linux es prácticamente invulnerable a las amenazas de malware comunes, los otros sistemas no:
Protección anti-malware en Linux (5 tips básicos)
Otras Apps

NOTA: Las apps que se descarguen como paquetes rpm en este apartado se instalan con el comando

dnf -y install ruta/al/paquete.rpm

Esto instalará las dependencias por nosotros y después el paquete descargado como es de esperarse.

LibreOffice (Si usas KDE)

# dnf -y install libreoffice libreoffice-kde libreoffice-langpack-es && dnf -y remove calligra*

Google Chrome

Muy importante ya que es la única manera oficial de poder disfrutar de Flash Player y Netflix en sistemas Linux como Fedora:

Descarga RPM - http://chrome.google.com/


Descarga RPM - http://www.skype.com/intl/es/get-skype/on-your-computer/linux/

Instalar Spotify Linux en Fedora 21 y 22
Atom Editor

Fedora es un sistema operativo mayormente enfocado para programadores e ingenieros, así que asumí que incluir ésta aplicación aquí no estaría demás:
Instalar Atom Editor en Fedora 21 y 22 
Electrum Bitcoin Wallet

En el mundo de hoy nunca está demás tener una cartera bitcoin a la mano:
#QuickTip: Install Electrum Bitcoin Wallet on Fedora Linux
Instalar PlayOnLinux en Fedora 21 y 22
Instalar VirtualBox en Fedora Linux

Y pues bueno, aquí termina la parte de post-install para la edición Workstation. Espero como con cada lanzamiento esta guía sea su referencia de elección tras instalar Fedora Linux y pues cualquier cosa no duden en dejarnos un comentario abajo.

Si esta guía te fue de ayuda, apóyanos con un tweet

<script>!function(d,s,id){var js,fjs=d.getElementsByTagName(s)[0],p=/^http:/.test(d.location)?'http':'https';if(!d.getElementById(id)){js=d.createElement(s);js.id=id;js.src=p+'://platform.twitter.com/widgets.js';fjs.parentNode.insertBefore(js,fjs);}}(document, 'script', 'twitter-wjs');</script>


DNF y utilidades

# dnf -y install nano wget curl dnf-plugins-core smartmontools htop inxi mc

Actualiza tu sistema

# dnf -y update

Configurar firewall

NOTA: Si por alguna razón quisieras usar iptables en lugar de firewalld puedes seguir estas instrucciones en lugar de los pasos descritos a continuación.

Primero necesitamos obtener la(s) zona(s) activas:

# firewall-cmd --get-active-zones

Este comando nos devolverá el nombre de la(s) zona(s) activa(s) (ej. public) y las interfaces de red que están ligadas a ella(s) como podrían ser eth0, p16p1, wlan0 etc.

Es recomendable también listar los puertos y servicios permitidos en la(s) zona(s) activas para hacer personalizaciones, esto se hace con:

# firewall-cmd --zone=myzone --list-all

Obviamente usando el nombre de la zona indicada en lugar de myzone.

Luego para abrir y cerrar puertos podemos usar:

# firewall-cmd --zone=myzone --add-port=xxxx/tcp --permanent
# firewall-cmd --zone=myzone --remove-port=xxxx/udp --permanent

Respectivamente, cambiando myzone por la zona indicada, xxxx por el número de puerto deseado y especificando el protocolo (tcp/udp) según corresponda. Si quisiéramos remover algunos de los servicios que vengan activados por defecto (por ejemplo el servicio de SSH si cambiamos el puerto 22 por otro para nuestro acceso y no requerimos ya tener el 22 abierto), tenemos que ejecutar:

firewall-cmd --zone=myzone --remove-service=myservice --permanent

Cambiando myzone por la zona indicada según nuestro caso y myservice por el servicio que queramos desactivar. Al finalizar tus cambios en el firewall deberás ejecutar:

service firewalld restart

para verlos aplicados.

Activar rc.local
Activar /etc/rc.local en Fedora Linux
Habilitar tuned

# dnf -y install tuned
# setenforce 0
# tuned-adm list
# tuned-adm profile perfil-deseado
# setenforce 1

Después añadimos a nuestro rc.local:

# Tuned
setenforce 0
service tuned start
setenforce 1

Esto se hace con el comando:

# nano /etc/rc.d/rc.local

Asumiendo que ya hayas activado el rc.local previamente.

Kernel VM Tunings
Kernel VM tunnings para mejorar rendimiento en Linux
Habilitar Zswap
Haz tu Linux más rápido con Zswap
Instalar Entorno Gráfico

NOTA: Hacerlo sólo si tienes una muy buena razón para ello.
Cómo instalar un entorno gráfico en Fedora Server
Protección Anti-Malware

En un servidor esto es cosa de sí o sí. Recuerda que en el caso de ClamAV (citado en el artículo a continuación) es recomendable establecer un cronjob como root para el análisis y limpieza de archivos infectados en directorios relevantes (por ejemplo el directorio de subidas públicas en un servidor web):
Protección anti-malware en Linux (5+ tips básicos)
Configurar Google DNS

Si no lo hiciste al instalar tu sistema y configurar tu red vale la pena hacerlo:
Google Public DNS
Aprende a usar SELinux
TUTORIAL: ¿Cómo c*rajo se usa SELinux?
Y pues bueno, aquí termina la parte de post-install para la edición Server. Espero que al igual que en el caso de la edición para estaciones de trabajo, esta guía se convierta en su referencia de elección tras instalar Fedora y pues cualquier cosa no duden en dejarnos un comentario abajo.

Si esta guía te fue de ayuda, apóyanos con un tweet

<script>!function(d,s,id){var js,fjs=d.getElementsByTagName(s)[0],p=/^http:/.test(d.location)?'http':'https';if(!d.getElementById(id)){js=d.createElement(s);js.id=id;js.src=p+'://platform.twitter.com/widgets.js';fjs.parentNode.insertBefore(js,fjs);}}(document, 'script', 'twitter-wjs');</script>
Git archive with submodules and tar magic

Git submodules are actually a very beautiful thing. You might prefer the word powerful or elegant, but that’s not the point. The downside is that they are sometimes misused, so as always, use with care. I’ve used them in projects like puppet-gluster, oh-my-vagrant, and others. If you’re not familiar with them, do a bit of reading and come back later, I’ll wait.

I recently did some work packaging Oh-My-Vagrant as RPM’s. My primary goal was to make sure the entire process was automatic, as I have no patience for manually building RPM’s. Any good packager knows that the pre-requisite for building a SRPM is a source tarball, and I wanted to build those automatically too.

Simply running a tar -cf on my source directory wouldn’t work, because I only want to include files that are stored in git. Thankfully, git comes with a tool called git archive, which does exactly that! No scary tar commands required:

Nobody likes tar

Here’s how you might run it:

$ git archive --prefix=some-project/ -o output.tar.bz2 HEAD

Let’s decompose:

The --prefix argument prepends a string prefix onto every file in the archive. Therefore, if you’d like the root directory to be named some-project, then you prepend that string with a trailing slash, and you’ll have everything nested inside a directory!

The -o flag predictably picks the output file and format. Using .tar.bz2 is quite common.

Lastly, the HEAD portion at the end specifies which git tree to pull the files from. I usually specify a git tag here, but you can specify a commit id if you prefer.

Obligatory, "make this article more interesting" meme image.

Obligatory, “make this article more interesting” meme image.

This is all well and good, but unfortunately, when I open my newly created archive, it is notably missing my git submodules! It would probably make sense for there to be an upstream option so that a --recursive flag would do this magic for you, but unfortunately it doesn’t exist yet.

There are a few scripts floating around that can do this, but I wanted something small, and without any real dependencies, that I can embed in my project Makefile, so that it’s all self-contained.

Here’s what that looks like:

    @echo Running git archive...
    # use HEAD if tag doesn't exist yet, so that development is easier...
    git archive --prefix=oh-my-vagrant-$(VERSION)/ -o $(SOURCE) $(VERSION) 2> /dev/null || (echo 'Warning: $(VERSION) does not exist.' && git archive --prefix=oh-my-vagrant-$(VERSION)/ -o $(SOURCE) HEAD)
    # TODO: if git archive had a --submodules flag this would easier!
    @echo Running git archive submodules...
    # i thought i would need --ignore-zeros, but it doesn't seem necessary!
    p=`pwd` && (echo .; git submodule foreach) | while read entering path; do \
        temp="$${path%\'}"; \
        temp="$${temp#\'}"; \
        path=$$temp; \
        [ "$$path" = "" ] && continue; \
        (cd $$path && git archive --prefix=oh-my-vagrant-$(VERSION)/$$path/ HEAD > $$p/rpmbuild/tmp.tar && tar --concatenate --file=$$p/$(SOURCE) $$p/rpmbuild/tmp.tar && rm $$p/rpmbuild/tmp.tar); \

This is a bit tricky to read, so I’ll try to break it down. Remember, double dollar signs are used in Make syntax for embedded bash code since a single dollar sign is a special Make identifier. The $(VERSION) variable corresponds to the version of the project I’m building, which matches a git tag that I’ve previously created. $(SOURCE) corresponds to an output file name, ending in the .tar.bz2 suffix.

    p=`pwd` && (echo .; git submodule foreach) | while read entering path; do \

In this first line, we store the current working directory for use later, and then loop through the output of the git submodule foreach command. That output normally looks something like this:

james@computer:~/code/oh-my-vagrant$ git submodule foreach 
Entering 'vagrant/gems/xdg'
Entering 'vagrant/kubernetes/templates/default'
Entering 'vagrant/p4h'
Entering 'vagrant/puppet/modules/module-data'
Entering 'vagrant/puppet/modules/puppet'
Entering 'vagrant/puppet/modules/stdlib'
Entering 'vagrant/puppet/modules/yum'

As you can see, this shows that the above read command, eats up the Entering string, and pulls the quoted path into the second path variable. The next part of the code:

        temp="$${path%\'}"; \
        temp="$${temp#\'}"; \
        path=$$temp; \
        [ "$$path" = "" ] && continue; \

uses bash idioms to remove the two single quotes that wrap our string, and then skip over any empty versions of the path variable in our loop. Lastly, for each submodule found, we first switch into that directory:

        (cd $$path &&

Run a normal git archive command and create a plain uncompressed tar archive in a temporary directory:

git archive --prefix=oh-my-vagrant-$(VERSION)/$$path/ HEAD > $$p/rpmbuild/tmp.tar &&

Then use the magic of tar to overlay this new tar file, on top of the source file that we’re now building up with each iteration of this loop, and then remove the temporary file.

tar --concatenate --file=$$p/$(SOURCE) $$p/rpmbuild/tmp.tar && rm $$p/rpmbuild/tmp.tar); \

Finally, we end the loop:


Boom, magic! Short, concise, and without any dependencies but bash and git.

Nobody should have to figure that out by themselves, and I wish it was built in to git, but until then, here’s how it’s done! Many thanks to #git on IRC for pointing me in the right direction.

This is the commit where I landed this patch for oh-my-vagrant, if you’re curious to see this in the wild. Now that this is done, I can definitely say that it was worth the time:

Is it worth the time? In this case, it was.

With this feature merged, along with my automatic COPR builds, a simple ‘make rpm‘, causes all of this automation to happen, and delivers a fresh build from git in a few minutes.

I hope you enjoyed this technique, and I hope you have some coding skills to get this feature upstream in git.

Happy Hacking,


July 23, 2015

A non-coder CAN contribute to open source
I am a Fedora Ambassador. I am Linux instructor. I am an advocate for Open Source initiatives be it project management, government, code, or anything else. It drives me bonkers when someone says they are not involved with an opensource community because they "don't code".

I attended Open Source Day at the Grace Hopper celebration several years in a row. Over and over I asked if someone was going to stop by the event and was told "No, I don't code". Over and over I tried to explain the many other ways of contributing to opensource projects.

Thankfully the past few years have brought much more awareness in this realm. More and more projects have a community advocate. Conferences like OSCON promote community building, documentation workshops, and how to let people know how they can contribute. Conferences like "All Things Open" promote the idea that not all opensource is about code.

Non programmers can write docs. They can design logos. They can help with user interface design. They can test fixes or new features. They can triage bugs by verifying that the submitted report can be recreated and adding additional details, logs, or config files. Larger projects need some infrastructure support that is more administration and security compliance than Java programmer. Many people who consider themselves non-programmers do have some pretty good scripting skills and can assist with packaging for distributions.

Meanwhile many (not all) programs to enhance diversity in opensource projects (a much needed enhancement for many projects) appear to focus on the coding side of things. Girls who code, pyLadies, OutReachy, and even Google's Summer of Code. Some are more in name than content. For example I know of at least one summer of code project that was more about documentation and packaging than programming. OpenHatch on campus programs are focused on programming contributions but their database of projects looking for assistance also includes a category of bugs labels as documentation.

Additionally - and much worse - calls for more contributions that end in hashtags like #programmer or look for "non-technical" people to write docs and test code, just further alienate non-programmer contributors. I may not feel like a "coder", but I am definitely "technical" and I can and do contribute to open source projects.

I wonder how those that complain "we have too many users and not enough contributors" count those contributions?
  • Is is purely with the committer logs to the code source?
  • Do they count contributions to documentation? Or infrastructure trac systems?
  • What about (valid) bug reports?
  • The person that tests fixes, new features, or early release code AND provides feedback in crucial to a project. Are they a user or a contributor?
  • What about the person who helps out other users on a mailing list or in a chat room only a user or are they also a contributor?
  • Do the project developers really want to provide all the support and bug triaging in addition to writing the code and test suites?
What is the distinction between committer and contributor? Does it matter? Should it matter? The nature of open source is that anyone can use it without contributing back. Contributions may be the currency of open source (another OSCON quote), and suggestions, requests, and word of mouth advertising  may only be worth pennies, but they are contributions and just as important to a project as the trackable technical contributions. Once you catch and real in the interested technical contributor that can help out so much with non-programming tasks, what is to say they won't learn some programming along the way and even create a patch or even a new feature for your project in the future! Meanwhile they are doing other valuable work so programmers can code.

There were two talks at OSCON this year that I missed but by their descriptions address some related concerns:

Cómo instalar VirtualBox en Fedora Linux

Virtualbox es un gestor de máquinas virtuales (hypervisor) que nos permitirá correr otros sistemas operativos dentro de nuestro Fedora Linux. Acá el tutorial de cómo instalar VirtualBox 5.0 en tu Fedora 21 y/o Fedora 22 sin problemas. Como lo haremos desde el repositorio oficial de Oracle, ésta versión se actualizará por si sola; Para instalarlo entonces, correremos en terminal:

NOTA: Si tienes VirtualBox-4.3 instalado en tu sistema, recuerda eliminarlo previamente con el comando:

dnf -y remove VirtualBox-4.3 && dnf clean all && dnf makecache

$ su -
# dnf -y update
# dnf install -y kernel-headers kernel-devel dkms gcc
# dnf -y install kernel-PAE-devel (Sólo Si tienes Kernel PAE)
# wget http://download.virtualbox.org/virtualbox/rpm/fedora/virtualbox.repo -O /etc/yum.repos.d/virtualbox.repo
# dnf -y install VirtualBox-5.0
# /etc/init.d/vboxdrv setup
# usermod -G vboxusers -a username

(Reemplazando username por nuestro nombre de usuario en el último comando)

Y con ésto tendremos Oracle Virtualbox instalado en la PC. Ahora tenemos que descargar el Extension Pack para asegurar el óptimo funcionamiento y compatibilidad de las máquinas virtuales, (controladores de mejor calidad, carpetas compartidas, dispositivos USB y otras cosas); Dicho pack lo podemos obtener desde acá, y se instala como describimos en este otro post. Una vez instalado el extension pack, reiniciamos el equipo y luego estaremos listos para usar Vritualbox en nuestro sistema Fedora Linux.
Fedora 22: Fresh Install Script (Ongoing Development)

I have had this script for a while, it’s just something I created for personal use because I always had different versions of Fedora in virtual instances.

I wanted to put it out there so you can either make it better, say its crap or give me feedback on what you’d like to add.

It’s a simple bash script and is free to modify and do what you want with.

What exactly does it do?

Firstly, it will install the fastest mirror plugin to make sure you’re obtaining software from the quickest repositories near to you.

Then it goes on to install Satya’s ‘Fedy’ which I have written about in previous posts, RPM Fusion repositories and then updates & upgrades your system.

After your system is updated it goes on to install popular applications in the following categories which I use daily

  • Photography and Video editing suites
  • Virtualisation tools
  • Games
  • Utilities
  • Networking tools
  • Multimedia Applications
  • Spotify

For a full list of software please see the script below.

#! /bin/bash
# This is Smittix's Setup Script - www.smittix.co.uk
# I use this on new installations of Fedora any questions please ask smittix@fedoraproject.org

# dnf Fastest Mirror Plugin
dnf install -y yum-plugin-fastestmirror

# Gnome Tweak Tool and a few customizations
dnf install -y gnome-tweak-tool
dnf install -y terminus-fonts
dnf install -y elementary-icon-theme
dnf install -y gnome-shell-theme*

# Fedy
dnf install -y curl
curl https://satya164.github.io/fedy/fedy-installer -o fedy-installer && chmod +x fedy-installer && ./fedy-installer

#RPM Fusion Repos
dnf localinstall -y --nogpgcheck http://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-$(rpm -E %fedora).noarch.rpm http://download1.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-$(rpm -E %fedora).noarch.rpm

#Update the system
dnf update -y dnf
dnf update -y

#Plymouth Themes
dnf install -y plymouth-theme*

#Photography Software
dnf install -y gimp
dnf install -y inkscape
dnf install -y ufraw
dnf install -y luminance-hdr
dnf install -y darktable

#Video Editing
dnf install -y pitivi
dnf install -y kdenlive

dnf install -y @virtualization
dnf install -y libvirt

dnf install -y alsa-tools
dnf install -y tomboy
dnf install -y deja-dup

dnf install -y chromium-bsu
dnf install -y frozen-bubble
dnf install -y dosbox

dnf install -y transmission
dnf install -y thunderbird
dnf install -y remmina
dnf install -y remmina-plugins*

dnf install -y vlc
dnf install -y sound-juicer
dnf install -y audacity

#Nautilus Addons
dnf install -y nautilus-actions

#Youtube Downloader
dnf install -y youtube-dl

#Spotify Repo
dnf-config-manager --add-repo=http://negativo17.org/repos/fedora-spotify.repo

#Install Spotify
dnf install -y spotify-client

#Lets make the fonts look a little better
#gsettings set org.gnome.desktop.interface document-font-name 'Sans 10'
#gsettings set org.gnome.desktop.interface font-name 'Cantarell 10'
#gsettings set org.gnome.desktop.interface monospace-font-name 'Terminus 10'
#gsettings set org.gnome.desktop.wm.preferences titlebar-font 'Cantarell 10'
#gsettings set org.gnome.settings-daemon.plugins.xsettings hinting 'slight'
#gsettings set org.gnome.settings-daemon.plugins.xsettings antialiasing 'rgba'

#Adding the date and seconds to the clock
#gsettings set org.gnome.desktop.interface clock-show-date
#gsettings set org.gnome.desktop.interface clock-show-seconds

If you would like to add to the script please do so via github which can be found here.


As you will see at the end of the script there are commented out gsettings commands, I have commented these out as they won’t run automatically. Any help with that would be great and very much appreciated!




Once you have downloaded the script you will need to make it executable by doing

chmod +x

then run it with

sh freshfedora.sh

and voila! Everything in that script will be installed.

I really hope this is useful to someone, I know it’s a quick and dirty script but it has definitely saved me time over the years.

for any feedback either leave a comment or contact me over at smittix (AT) fedoraproject.org

Security researcher and penetration tester with a love of Linux especially Fedora.

Flattr this!

libuser vulnerabilities

Updated 2015-07-24 @ 12:33 UTC

It was discovered that the libuser library contains two vulnerabilities which, in combination, allow unprivileged local users to gain root privileges. libuser is a library that provides read and write access to files like /etc/passwd, which constitute the system user and group database. On Red Hat Enterprise Linux it is a central system component.

What is being disclosed today?

Qualys reported two vulnerabilities:

It turns out that the CVE-2015-3246 vulnerability, by itself or in conjunction with CVE-2015-3245, can be exploited by an unprivileged local user to gain root privileges on an affected system. However, due to the way libuser works, only users who have accounts already listed in /etc/passwd can exploit this vulnerability, and the user needs to supply the account password as part of the attack. These requirements mean that exploitation by accounts listed only in LDAP (or some other NSS data source) or by system accounts without a valid password is not possible. Further analysis showed that the first vulnerability, CVE-2015-3245, is also due to a missing check in libuser. Qualys has disclosed full technical details in their security advisory posted to the oss-security mailing list.

Which system components are affected by these vulnerabilities?

libuser is a library, which means that in order to exploit it, a program which employs it must be used. Ideally, such a program has the following properties:

  1. It uses libuser.
  2. It is SUID-root.
  3. It allows putting almost arbitrary content into /etc/passwd.

Without the third item, exploitation may still be possible, but it will be much more difficult. If the program is not SUID-root, a user will not have unlimited attempts to exploit the race condition. A survey of programs processing /etc/passwd and related files presents this picture:

  • passwd is SUID-root, but it uses PAM to change the password, which has custom code to modify /etc/passwd not affected by the race condition. The account locking functionality in passwd does use libuser, but it is restricted to root.
  • chsh from util-linux is SUID-root and uses libuser to change /etc/passwd (the latter depending on how util-linux was compiled), but it has fairly strict filters controlling what users can put into these files.
  • lpasswd, lchfn, lchsh and related utilities from libuser are not SUID-root.
  • userhelper (in the usermode package) and chfn (in the util-linux package) have all three qualifications: libuser-based, SUID-root, and lack of filters.

This is why userhelper and chfn are plausible targets for exploitation, and other programs such as passwd and chsh are not.

How can these vulnerabilities be addressed?

System administrators can apply updates from your operating system vendor. Details of affected Red Hat products and security advisories are available on the knowledge base article on the Red Hat Customer Portal. This security update will change libuser to apply additional checks to the values written to the user and group files (so that injecting newlines is no longer possible), and replaces the locking and file update code to follow the same procedures as the rest of the system. The first change is sufficient to prevent newline injection with userhelper as well, which means that only libuser needs to be updated. If software updates are not available or cannot be applied, it is possible to block access to the vulnerable functionality with a PAM configuration change. System administrators can edit the files /etc/pam.d/chfn and /etc/pam.d/chsh and block access to non-root users by using pam_warn (for logging) and pam_deny:

auth       sufficient   pam_rootok.so
auth required pam_warn.so
auth required pam_deny.so
auth       include      system-auth
account    include      system-auth
password   include      system-auth
session    include      system-auth

This will prevent users from changing their login shells and their GECOS field. userhelper identifies itself to PAM as “chfn”, which means this change is effective for this program as well.


Red Hat would like to thank Qualys for reporting these vulnerabilities.

Update (2015-07-24): Clarified that chfn is affected as well and linked to Qualys security advisory.

HIG updates

HIG Banner

The GNOME 3 Human Interface Guidelines were released just under a year ago. They incorporated material from the GNOME 2 HIG, but they were also a thorough rework: the GNOME 3 HIG has a radically different structure from the GNOME 2 one, and is largely based on a collection of design patterns. The hope was that this collection could grow and evolve over time, ensuring that the HIG is always up to date with the latest design practice.

I’ve recently been working on the first major update to the GNOME 3 HIG. This has enabled us to put the new structure to good use, and the number of patterns has increased. These new guidelines are the direct result of design work that has happened in the past year. They attempt to distill everything we’ve learned through our own process of trial and error.

There have been some other notable changes to the HIG. Navigation has been improved throughout: the introduction has been thinned down, so you can get straight to the interesting stuff. The front page gives a much better overview now, and the overview pages for design patterns and interface elements have been much improved.

HIG Front Page Design Patterns Interface Elements

Another nice addition is that the HIG now links to the relevant GTK+ API reference documentation for each design component. This is nice for knowing which widget does what; and makes the design guidelines a more effective accompaniment to the toolkit.

I’m hoping to continue fixing bugs in the HIG and expanding the collection of patterns for a little while, so let me know if there’s anything you’d like to see added.

[Edit: these improvements to the HIG are work in progress, and will be released with GNOME 3.18.]

Why has the libguestfs appliance grown by 281 MB?

a.k.a guestmount + filelight are awesome!

Click to see the full image


If you want to reproduce the same diagrams yourself, just do:

$ mkdir /tmp/mp
$ guestmount --ro \
    -a /var/tmp/.guestfs-1000/appliance.d/root \
    -m /dev/sda /tmp/mp
$ filelight /tmp/mp

RHEL 6.7 upgrades LibreOffice from to
The freshly announced RHEL 6.7 upgrades LibreOffice from to RHEL 7.2 will upgrade from to Fedora 23 will have 5.0.0 in it.
lsipc new command to list IPC facilities
Although it seems that System V IPC is obsolete thing, it's still used by many (enterprise) tools like databases, application servers etc.

The classic tool ipcs(1) provides basic overview, unfortunately the output is very fixed and it's impossible to mix the output columns (for example --pid and --creator cannot be used together etc.). It's also very difficult to extend the current implementation without break backward compatibility.

The solution is a new libsmartcols based tool: lsipc(1). It's like many another util-linux ls-like tools, columns are maintains independently, it's easy to extend, user has absolute control on the output and it provides more output formats (including JSON).

The important and unique is the default (--global) output:

# lsipc
MSGMNI Number of message queues 32000 0 0.00%
MSGMAX Max size of message (bytes) 8192 0 0.00%
MSGMNB Default max size of queue (bytes) 16384 0 0.00%
SHMMNI Shared memory segments 4096 21 0.51%
SHMALL Shared memory pages 268435456 294049 0.11%
SEMMNS Total number of semaphores 1024000000 0 0.00%
SEMMNI Number of Semaphore IDs 32000 0 0.00%
the information about shared memory is provided with COMMAND column, that makes things more human friendly:

# lsipc --shmem
0x6c6c6536 0 rw------- root 4K 0 Jul16 288 288
0x00000000 327681 rw------- kzak 4M 2 dest Jul16 1487 992 gjs /home/kzak/.local/share/gnome-shell/extensions/
0x00000000 393219 rw------- kzak 512K 2 dest Jul16 1141 2853 /usr/bin/gnome-shell
0x00000000 2064389 rw------- kzak 384K 2 dest Jul17 9443 992 xchat
0x00000000 47611910 rw------- kzak 8M 2 dest 10:07 2853 804 /usr/lib64/firefox/firefox
0x00000000 2228231 rw------- kzak 384K 2 dest Jul17 9443 992 xchat
0x00000000 2195464 rw------- kzak 2M 2 dest Jul17 9443 992 xchat
0x00000000 42303503 rw------- kzak 8M 2 dest Jul22 1340 992 /usr/bin/gnome-software --gapplication-service
0x00000000 42270736 rw------- kzak 4M 2 dest Jul22 1340 992 /usr/bin/gnome-software --gapplication-service
0x00000000 43188243 rw------- kzak 4M 2 dest Jul22 8873 1845 /usr/libexec/gnome-terminal-server
0x00000000 33882133 rw------- kzak 384K 2 dest Jul20 26049 992 /usr/bin/python3 /usr/bin/hp-systray --force-startup
and you can define your own output:

# lsipc --shmem -o KEY,SIZE,PERMS
0x6c6c6536 4K rw-------
0x00000000 4M rw-------
0x00000000 512K rw-------
0x00000000 384K rw-------
0x00000000 8M rw-------
0x00000000 384K rw-------
0x00000000 2M rw-------
0x00000000 8M rw-------
0x00000000 4M rw-------
0x00000000 4M rw-------
0x00000000 384K rw-------
or ask for specific segment:

# lsipc --shmem --id 47611910
Key: 0x00000000
ID: 47611910
Owner: kzak
Permissions: rw-------
Creator UID: 1000
Creator user: kzak
Creator GID: 1000
Creator group: kzak
UID: 1000
User name: kzak
GID: 1000
Group name: kzak
Last change: Thu Jul 23 10:07:46 2015
Segment size: 8M
Attached processes: 2
Status: dest
Attach time: Thu Jul 23 10:07:46 2015
Creator command: /usr/lib64/firefox/firefox
Creator PID: 2853
Last user PID: 804
and it should be easy to export complex info about IPC to the monitoring tool:

# lsipc --json -o resource,limit,used
"ipclimits": [
{"resource": "MSGMNI", "limit": "32000", "used": "0"},
{"resource": "MSGMAX", "limit": "8192", "used": "0"},
{"resource": "MSGMNB", "limit": "16384", "used": "0"},
{"resource": "SHMMNI", "limit": "4096", "used": "11"},
{"resource": "SHMALL", "limit": "268435456", "used": "8097"},
{"resource": "SEMMNS", "limit": "1024000000", "used": "0"},
{"resource": "SEMMNI", "limit": "32000", "used": "0"}
lsipc(1) will be available in util-linux v2.27 (probaly August 2015).
Unpaid work training Google's spam filters

This week, there has been increased discussion about the pain of spam filtering by large companies, especially Google.

It started with Google's announcement that they are offering a service for email senders to know if their messages are wrongly classified as spam. Two particular things caught my attention: the statement that less than 0.05% of genuine email goes to the spam folder by mistake and the statement that this new tool to understand misclassification is only available to "help qualified high-volume senders".

From there, discussion has proceeded with Linus Torvalds blogging about his own experience of Google misclassifying patches from Linux contributors as spam and that has been widely reported in places like Slashdot and The Register.

Personally, I've observed much the same thing from the other perspective. While Torvalds complains that he isn't receiving email, I've observed that my own emails are not always received when the recipient is a Gmail address.

It seems that Google expects their users work a little bit every day going through every message in the spam folder and explicitly clicking the "Not Spam" button:

so that Google can improve their proprietary algorithms for classifying mail. If you just read or reply to a message in the folder without clicking the button, or if you don't do this for every message, including mailing list posts and other trivial notifications that are not actually spam, more important messages from the same senders will also continue to be misclassified.

If you are not willing to volunteer your time to do this, or if you are simply one of those people who has better things to do, Google's Gmail service is going to have a corrosive effect on your relationships.

A few months ago, we visited Australia and I sent emails to many people who I wanted to catch up with, including invitations to a family event. Some people received the emails in their inboxes yet other people didn't see them because the systems at Google (and other companies, notably Hotmail) put them in a spam folder. The rate at which this appeared to happen was definitely higher than the 0.05% quoted in the Google article above. Maybe the Google spam filters noticed that I haven't sent email to some members of the extended family for a long time and this triggered the spam algorithm? Yet it was at that very moment that we were visiting Australia that email needs to work reliably with that type of contact as we don't fly out there every year.

A little bit earlier in the year, I was corresponding with a few students who were applying for Google Summer of Code. Some of them also observed the same thing, they sent me an email and didn't receive my response until they were looking in their spam folder a few days later. Last year I know a GSoC mentor who lost track of a student for over a week because of Google silently discarding chat messages, so it appears Google has not just shot themselves in the foot, they managed to shoot their foot twice.

What is remarkable is that in both cases, the email problems and the XMPP problems, Google doesn't send any error back to the sender so that they know their message didn't get through. Instead, it is silently discarded or left in a spam folder. This is the most corrosive form of communication problem as more time can pass before anybody realizes that something went wrong. After it happens a few times, people lose a lot of confidence in the technology itself and try other means of communication which may be more expensive, more synchronous and time intensive or less private.

When I discussed these issues with friends, some people replied by telling me I should send them things through Facebook or WhatsApp, but each of those services has a higher privacy cost and there are also many other people who don't use either of those services. This tends to fragment communications even more as people who use Facebook end up communicating with other people who use Facebook and excluding all the people who don't have time for Facebook. On top of that, it creates more tedious effort going to three or four different places to check for messages.

Despite all of this, the suggestion that Google's only response is to build a service to "help qualified high-volume senders" get their messages through leaves me feeling that things will get worse before they start to get better. There is no mention in the Google announcement about what they will offer to help the average person eliminate these problems, other than to stop using Gmail or spend unpaid time meticulously training the Google spam filter and hoping everybody else does the same thing.

Some more observations on the issue

Many spam filtering programs used in corporate networks, such as SpamAssassin, add headers to each email to suggest why it was classified as spam. Google's systems don't appear to give any such feedback to their users or message senders though, just a very basic set of recommendations for running a mail server.

Many chat protocols work with an explicit opt-in. Before you can exchange messages with somebody, you must add each other to your buddy lists. Once you do this, virtually all messages get through without filtering. Could this concept be adapted to email, maybe giving users a summary of messages from people they don't have in their contact list and asking them to explicitly accept or reject each contact?

If a message spends more than a week in the spam folder and Google detects that the user isn't ever looking in the spam folder, should Google send a bounce message back to the sender to indicate that Google refused to deliver it to the inbox?

I've personally heard that misclassification occurs with mailing list posts as well as private messages.

Introducing flask-multistatic

flask is a micro-web-framework in python. I have been using it for different projects for a couple of years now and I am quite happy with it.

I have been using it for some of the applications ran by the Fedora Infrastructure. Some of these applications could be re-used outside Fedora and this is of course something I would like to encourage.

One of the problem currently is that all those apps are branded for Fedora, so re-using them elsewhere can become complicated, this can be solved by theming. Theming means adjusting two components: templates and static files (images, css...).

Adjusting templates

jinja2 the template engine in flask already supports loading templates from two different directories. This allows to ask the application to load your own template first and if it does not find them, then it looks for it in the directory of the default theme.

Code wise it could look like this:

    # Use the templates
    # First we test the core templates directory
    # (contains stuff that users won't see)
    # Then we use the configured template directory
    import jinja2
    templ_loaders = []
    # First load the templates from the THEME_FOLDER defined in the configuration
        APP.root_path, APP.template_folder, APP.config['THEME_FOLDER'])))
    # Then load the other templates from the `default` theme folder
        APP.root_path, APP.template_folder, 'default')))
    APP.jinja_loader = jinja2.ChoiceLoader(templ_loaders)
Adjusting static files

This is a little more tricky as static files are not templates and there is no logic in flask to allow overriding one or another depending on where it is located.

To solve this challenge, I wrote a small flask extension: flask-multistatic that basically allows flask to have the same behavior for static files as it does for templates.

Getting it to work is easy, at the top of your flask application do the imports:

    import flask
    from flask_multistatic import MultiStaticFlask

And make your flask flask application multistatic

    APP = flask.Flask(__name__)
    APP = MultiStaticFlask(APP)

You can then specify multiple folders where static files are located, for example:

    APP.static_folder = [
        os.path.join(APP.root_path, 'static', APP.config['THEME_FOLDER']),
        os.path.join(APP.root_path, 'static', 'default')

Note: The order the the folder matters, the last one should be the folder with all the usual files (ie: the default theme), the other ones are the folders for your specific theme(s).

Patrick Uiterwijk pointed to me that this method, although working is not ideal for production as it means that all the static files are served by the application instead of being served by the web-server. He therefore contributed an example apache configuration allowing to obtain the same behavior (override static files) but this time directly in apache!

So using flask-multistatic I will finally be able to make my apps entirely theme-able, allowing other projects to re-use them under their own brand.

Recording live events like a pro (part 1: audio)

Whether it is a technical talk at a conference, a political rally or a budget-conscious wedding, many people now have most of the technology they need to record it and post-process the recording themselves.

For most events, audio is an essential part of the recording. There are exceptions: if you take many short clips from a wedding and mix them together you could leave out the audio and just dub the couple's favourite song over it all. For a video of a conference presentation, though, the the speaker's voice is essential.

These days, it is relatively easy to get extremely high quality audio using a lapel microphone attached to a smartphone. Lets have a closer look at the details.

Using a lavalier / lapel microphone

Full wireless microphone kits with microphone, transmitter and receiver are usually $US500 or more.

The lavalier / lapel microphone by itself, however, is relatively cheap, under $US100.

The lapel microphone is usually an omnidirectional microphone that will pick up the voices of everybody within a couple of meters of the person wearing it. It is useful for a speaker at an event, some types of interviews where the participants are at a table together and it may be suitable for a wedding, although you may want to remember to remove it from clothing during the photos.

There are two key features you need when using such a microphone with a smartphone:

  • TRRS connector (this is the type of socket most phones and many laptops have today)
  • Microphone impedance should be at least 1kΩ (that is one kilo Ohm) or the phone may not recognize when it is connected

Many leading microphone vendors have released lapel mics with these two features aimed specifically at smartphone users. I have personally been testing the Rode smartLav+

Choice of phone

There are almost 10,000 varieties of smartphone just running Android, as well as iPhones, Blackberries and others. It is not practical for most people to test them all and compare audio recording quality.

It is probably best to test the phone you have and ask some friends if you can make test recordings with their phones too for comparison. You may not hear any difference but if one of the phones has a poor recording quality you will hopefully notice that and exclude it from further consideration.

A particularly important issue is being able to disable AGC in the phone. Android has a standard API for disabling AGC but not all phones or Android variations respect this instruction.

I have personally had positive experiences recording audio with a Samsung Galaxy Note III.

Choice of recording app

Most Android distributions have at least one pre-installed sound recording app. Look more closely and you will find not all apps are the same. For example, some of the apps have aggressive compression settings that compromise recording quality. Others don't work when you turn off the screen of your phone and put it in your pocket. I've even tried a few that were crashing intermittently.

The app I found most successful so far has been Diktofon, which is available on both F-Droid and Google Play. Diktofon has been designed not just for recording, but it also has some specific features for transcribing audio (currently only supporting Estonian) and organizing and indexing the text. I haven't used those features myself but they don't appear to cause any inconvenience for people who simply want to use it as a stable recording app.

As the app is completely free software, you can modify the source code if necessary. I recently contributed patches enabling 48kHz recording and disabling AGC. At the moment, the version with these fixes has just been released and appears in F-Droid but not yet uploaded to Google Play. The fixes are in version 0.9.83 and you need to go into the settings to make sure AGC is disabled and set the 48kHz sample rate.

Whatever app you choose, the following settings are recommended:

  • 16 bit or greater sample size
  • 48kHz sample rate
  • Disable AGC
  • WAV file format

Whatever app you choose, test it thoroughly with your phone and microphone. Make sure it works even when you turn off the screen and put it in your pocket while wearing the lapel mic for an hour. Observe the battery usage.


Now lets say you are recording a wedding and the groom has that smartphone in his pocket and the mic on his collar somewhere. What is the probability that some telemarketer calls just as the couple are exchanging vows? What is the impact on the recording?

Maybe some apps will automatically put the phone in silent mode when recording. More likely, you need to remember this yourself. These are things that are well worth testing though.

Also keep in mind the need to have sufficient storage space and to check whether the app you use is writing to your SD card or internal memory. The battery is another consideration.

In a large event where smartphones are being used instead of wireless microphones, possibly for many talks in parallel, install a monitoring app like Ganglia on the phones to detect and alert if any phone has weak wifi signal, low battery or a lack of memory.

Live broadcasts and streaming

Some time ago I tested RTP multicasting from Lumicall on Android. This type of app would enable a complete wireless microphone setup with live streaming to the internet at a fraction of the cost of a traditional wireless microphone kit. This type of live broadcast could also be done with WebRTC on the Firefox app.


If you research the topic thoroughly and spend some time practicing and testing your equipment, you can make great audio recordings with a smartphone and an inexpensive lapel microphone.

In subsequent blogs, I'll look at tips for recording video and doing post-production with free software.

Mate-desktop Work, and work fine on Fedora23 /o/

Mate-desktop Work, and work fine on Fedora23 /o/

All systems go
New status good: Everything seems to be working. for services: Fedora Wiki, Fedora People, Zodbot IRC bot, Darkserver, Tagger, Package Database, Fedora pastebin service, Blockerbugs, Badges, FedoraHosted.org Services, Mirror Manager, Ipsilon, Mirror List, Package maintainers git repositories, Account System, Fedora websites, Documentation website, COPR Build System, Package Updates Manager, Ask Fedora, Fedora Packages App, FreeMedia, Fedora elections, Mailing Lists, Fedora Calendar

July 22, 2015

3D printing in Fedora: From an idea to the thing

There are a lot of tools and applications connected to 3D printing available to Fedora users. In this article, I’ll guide you through one possible scenario of creating a 3D physical object: from an idea to a real thing.

My friend asked me few days ago to 3D print something for him. He said his kitchen tap is too low for him and that it obstructs him when washing dishes. He would like to move it up a bit using a circular tube with this profile (numbers are in millimeters):

A sketch of the desired object

A sketch of the desired object

Creating a digital 3D model

Already knowing how the object is shaped and sized, it might still be a hard task for someone with zero CAD or 3D modeler experience to create the model. Me being a programmer I like a modeler called OpenSCAD (you can get it in Fedora via the Software application, or using the command line with sudo dnf install openscad ).



In OpenSCAD, instead of drawing object with your mouse, you code them. I will not try to explain the entire syntax in this article (you can find it in the manual), I’ll just explain the code for the thing we want to make.

difference() {
    translate([0,0,-5]) cylinder(r=15,h=40);
    translate([0,0,30]) cylinder(r=22.5,h=10);

This code takes a cylinder (with radius 25 and height 35) and subtracts two smaller cylinders moved a bit along the Z axis. The last line only makes the object a bit smoother than the default is. With the code entered in OpenSCAD’s code editor on the left, I use Design → Render from the menu to render the 3D model. Then I use File → Export → Export as STL… to save the model in a file format commonly used for 3D printing.

OpenSCAD with the 3D model

OpenSCAD with the 3D model

Now when the STL file is ready, I can view it in various other tools, such as MeshLab (meshlab package) or ADMeshGUI (available from a Copr repository).

ADMeshGUI with our STL file

ADMeshGUI with our STL file

Note: OpenSCAD, as well as STL file format, uses no units. In the 3D printing area, the numbers used are usually considered millimeters, although you might find some files online using some non-standard units such as inches.

Slicing to layers

For the object to be printed it has to be sliced to layers and paths for the 3D printer’s nozzle. There are various apps available in Fedora capable of doing it, one of the most famous tools for this is Slic3r (package slic3r, newer version available from Copr).

Slic3r with our STL file loaded

Slic3r with our STL file loaded

For right result, it is crucial to have the correct slicer settings for your printer and material. You should obtain those from the whoever you’ve obtained your 3D printer (or just create your settings if you have built one yourself). When you select the right settings, just click Export G-code… to generate file with instructions for the printer.

Slic3r 1.2.9 from Copr repository with G-code preview

Slic3r 1.2.9 from Copr repository with G-code preview

The G-Code file is just a plain text with loads of numerical control commands. Here is a snip:

G21 ; set units to millimeters
M190 S60 ; wait for bed temperature to be reached
M109 S195
G28 ; home all axes
G92 E0  ;reset extruder
G90 ; use absolute coordinates
M83 ; use relative distances for extrusion
G1 F1800.000 E-1.00000
G1 Z0.300 F7800.000
G1 X77.706 Y77.667 F7800.000
G1 E1.00000 F1800.000
G1 X78.476 Y76.924 E0.07695 F1800.000
G1 X79.209 Y76.261 E0.07110
G1 X79.963 Y75.622 E0.07108
G1 X80.743 Y75.000 E0.07179
G1 X81.533 Y74.412 E0.07080
G1 X82.348 Y73.843 E0.07150
G1 X83.178 Y73.301 E0.07131
G1 X84.025 Y72.786 E0.07133
G1 X84.891 Y72.296 E0.07151
G1 X85.766 Y71.836 E0.07110
G1 X86.655 Y71.404 E0.07115
G1 X87.562 Y70.998 E0.07148


With the gcode file, all that’s left to do is to feed those numerical control commands to the 3D printer. Some printers might have the ability to print from an SD card, others have to be connected by an USB cable during the entire print. To control you printer from Fedora, you might use Pronterface tool from Printrun (install the pronterface or printrun package). To communicate with the printer, you’re user has to be in the dialout group.

Once Pronterface is connected, user can load the G-code file and start the print. When you are currently printing, be sure not to accidentally suspend your computer by closing the lid.

Pronterface: The print just started

Pronterface: The print just started

And finally, after some time, the real thing is ready, using only free software available in Fedora and open hardware. This article was not supposed to teach you everything about the tools presented here, nor list all the tools available in Fedora. However, you now might have the idea about how it works.

Photo of the printed thing

Photo of the printed thing

A short overview of touchpad devices

Below is an outline of the various types of touchpads that can be found in the wild. Touchpads aren't simply categorised into a single type, instead they have a set of properties, a combination of number of physical buttons, touch support and physical properties.

Number of buttons

Physically separate buttons

For years this was the default type of touchpads: a touchpad with a separate set of physical buttons below the touch surface. Such touchpads are still around, but most newer models are Clickpads now.

Touchpads with physical buttons usually provide two buttons, left and right. A few touchpads with three buttons exist, and Apple used to have touchpads with a single physical buttons back in the PPC days. Touchpads with only two buttons require the software stack to emulate a middle button. libinput does this when both buttons are pressed simultaneously.

A two-button touchpad, with a two-button pointing stick above.

Note that many Lenovo laptops provide a pointing stick above the touchpad. This pointing stick has a set of physical buttons just above the touchpad. While many users use those as substitute touchpad buttons, they logically belong to the pointing stick. The *40 and *50 series are an exception here, the former had no physical buttons on the touchpad and required the top section of the pad to emulate pointing stick buttons, the *50 series has physical buttons but they are wired to the touchpads. The kernel re-routes those buttons through the trackstick device.


Clickpads are the most common type of touchpads these days. A Clickpad has no separate physical buttons, instead the touchpad itself is clickable as a whole, i.e. a user presses down on the touch area and triggers a physical click. Clickpads thus only provide a single button, everything else needs to be software-emulated.

A clickpad on a Lenovo x220t. Just above the touchpad are the three buttons associated with the pointing stick. Faint markings on the bottom of the touchpad hint at where the software buttons should be.

Right and middle clicks are generated either via software buttons or "clickfinger" behaviour. Software buttons define an area on the touchpad that is a virtual right button. If a finger is in that area when the click happens, the left button event is changed to a right button event. A middle click is either a separate area or emulated when both the left and right virtual buttons are pressed simultaneously.

When the software stack uses the clickfinger method, the number of fingers decide the type of click: a one-finger is a left button, a two-finger click is a right button, a three-finger click is a middle button. The location of the fingers doesn't matter, though there are usually some limits in how the fingers can be distributed (e.g. some implementations try to detect a thumb at the bottom of the touchpad to avoid accidental two-finger clicks when the user intends a thumb click).

The libinput documentation has a section on Clickpad software button behaviour with more detailed illustrations

The touchpad on a T440s has no physical buttons for the pointing stick. The marks on the top of the touchpad hint at the software button position for the pointing stick. Note that there are no markings at the bottom of the touchpad anymore.

Clickpads are labelled by the kernel with the INPUT_PROP_BUTTONPAD input property.


One step further down the touchpad evolution, Forcepads are Clickpads without a physical button. They provide pressure and (at least in Apple's case) have a vibration element that is software-controlled. Instead of the satisfying click of a physical button, you instead get a buzz of happiness. Which apparently feels the same as a click, judging by the reviews I've read so far. A software-controlled click feel has some advantages, it can be disabled for some gestures, modified for others, etc. I suspect that over time Forcepads will become the main touchpad category, but that's a few years away.

Not much to say on the implementation here. The kernel has some ForcePad support but everything else is spotty.

Note how Apple's Clickpads have no markings whatsoever, Apple uses the clickfinger method by default.

Touch capabilities

Single-touch touchpads

In the beginning, there was the single-finger touchpad. This touchpad would simply provide x/y coordinates for a single finger and get mightily confused when more than one finger was present. These touchpads are now fighting with dodos for exhibition space in museums, few of those are still out in the wild.

Pure multi-touch touchpads

Pure multi-touch touchpads are those that can track, i.e. identify the location of all fingers on the touchpad. Apple's touchpads support 16 touches (iirc), others support 5 touches like the Synaptics touchpads when using SMBus.

Pure multi-touch touchpads are the easiest to support, we can rely on the finger locations and use them for scrolling, gestures, etc. These touchpads usually also provide extra information. In the case of the Apple touchpads we get an ellipsis and the orientation of the ellipsis for each touch point. Other touchpads provide a pressure value for each touch point. Though pressure is a bit of a misnomer, pressure is usually directly related to contact area. Since our puny human fingers flatten out as the pressure on the pad increases, the contact area increases and the firmware then calculates that back into a (mostly rather arbitrary) pressure reading.

Because pressure is really contact area size, we can use it to detect accidental palm contact or thumbs though it's fairly unreliable. A light palm touch or a touch at the very edge of a touchpad will have a low pressure reading simply because the palm is mostly next to the touchpad and thus the contact area itself remains small.

Partial multi-touch touchpads

The vast majority of touchpads fall into this category. It's the half-way point between single-touch and pure multi-touch. These devices can track N fingers, but detect more than N. The current Synaptics touchpads fall into that category when they're using the serial protocol. Most touchpads that fall into this category can track two fingers and detect up to four or five. So a typical three-finger interaction would give you the location of two fingers and a separate value telling you that a third finger is down.

The lack of finger location doesn't matter for some interactions (tapping, three-finger click) but it can cause issues in some cases. For example, a user may have a thumb resting on a touchpad while scrolling with two fingers. Which touch locations you get depends on the order of the fingers being set down, i.e. this may look like thumb + finger + third touch somewhere (lucky!) or two fingers scrolling + third touch somewhere (unlucky, this looks like a three-finger swipe). So far we've mostly avoided having anything complex enough that requires the exact location of more than two fingers, these pads are so prevalent that any complex feature would exclude the majority of users.

Semi-mt touchpads

A sub-class of partial multi-touch touchpads. These touchpads can technically detect two fingers but the location of both is limited to the bounding box, i.e. the first touch is always the top-left one and the second touch is the bottom-right one. Coordinates jump around as fingers move past each other. Most semi-mt touchpads also have a lower resolution for two touches than for one, so even things like two-finger scrolling can be very jumpy.

Semi-mt are labelled by the kernel with the INPUT_PROP_SEMI_MT input property.

Physical properties

External touchpads

USB or Bluetooth touchpads not in a laptop chassis. Think the Apple Magic Trackpad, the Logitech T650, etc. These are usually clickpads, the biggest difference is that they can be removed or added at runtime. One interaction method that is only possible on external touchpads is a thumb resting on the very edge/immediately next to the touchpad. On the far edge, touchpads don't always detect the finger location so clicking with a thumb barely touching the edge makes it hard or impossible to figure out which software button area the finger is on.

These touchpads also don't need palm detection - since they're not located underneath the keyboard, accidental palm touches are a non-issue.

A Logitech T650 external touchpad. Note the thumb position, it is possible to click the touchpad without triggering a touch.

Circular touchpads

Yes, used to be a thing. Touchpad shaped in an ellipsis or circle. Luckily for us they have gone full dodo. The X.Org synaptics driver had to be aware of these touchpads to calculate the right distance for edge scrolling - unsurprisingly an edge scroll motion on a circular touchpad isn't very straight.

Graphics tablets

Touch-capable graphics tablets are effectively external touchpads, with two differentiators: they are huge compared to normal touchpads and they have no touchpad buttons whatsoever. This means they can either work like a Forcepad, or rely on interaction methods that don't require buttons (like tap-to-click). Since the physical device is shared with the pen input, some touch arbitration is required to avoid touch input interfering when the pen is in use.

Dedicated edge scroll area

Mostly on older touchpads before two-finger scrolling became the default method. These touchpads have a marking on the touch area that designates the edge to be used for scrolling. A finger movement in that edge zone should trigger vertical motions. Some touchpads have markers for a horizontal scroll area too at the bottom of the touchpad.

A touchpad with a marked edge scroll area on the right.
There are scheduled downtimes in progress
New status scheduled: Updates in progress: https://fedorahosted.org/fedora-infrastructure/ticket/4832 for services: Fedora Wiki, Fedora People, Zodbot IRC bot, Darkserver, Tagger, Fedora pastebin service, Package Database, Badges, Blockerbugs, FedoraHosted.org Services, Mirror Manager, Ipsilon, Mirror List, Package maintainers git repositories, Account System, Fedora websites, Documentation website, COPR Build System, Package Updates Manager, Ask Fedora, FreeMedia, Fedora Packages App, Fedora elections, Mailing Lists, Fedora Calendar
Feedback from FUDCon and progress with integration
Here are the findings of my mentors Suchakra and Sarup from the feedback they have received from the people at FUDCon. And here in my blog post I will post what I think about the things they have suggested and my ideas about incorporating them with the styles. Readers of this post are welcome to make any suggestions and ideas on what I have included here in the post so I can further get an idea about what it going to be good and what is going to be bad.


1. Footer is off, the gradient does not go well with the site. A long form footer like other getfedora.org sites can be good.

I also think that the footer in the getfedora.org site will go well with AskFedora. And I was wondering where to put the links for privacy policy, get feedback and the paragraph ("Ask Fedora is community maintained and Red Hat or Fedora Project is not responsible for content. Content on this site is licensed under a CC-BY-SA 3.0 license."). Having a footer like in getfedora.org will enable us to have them also in the footer.

2. Possibly Reduce border radius of cards, make card shadow a bit lighter

For the border in question cards, how about not having a border? I just removed the border from the browser and thought it then blends well with the background. Then the background color of the questions cards need not be changes as they need some contrast from the background.

3. Tags look very prominent - make them light. Hover color on yellow tag does not seem ok.

I tried with using a color like #9E9E9E which is more lighter. Will something like that go well with it? I also had this strange feeling that the hover color is not quite okay with the yellow tags. Will something brighter like #FFA500 work on it like what it has in StackOverFlow?  

4. Fedora logo is not the standard one. Colors are off. 

Well isn't the Fedora logo the same as what they have in getfedora.org?

Hamburger menu: Probably remove it, new users were not able to identify what it was and why it was needed there. The unanswered, All and followed links could be put somewhere else - check stackoverflow for example.

Okay then the Hamburger menu needs to be removed. I was thinking about having the links All, Followed and Unanswered in the body area just about the question cards so that it will be easier to be located. I could not think of any place else to put them in according to the current design. Do you have any place better?



1. Page looks too packed. Horizontal line spacing is very less. Proper margins and padding required

I will look into this matter while I am integrating the styles with the testing instance in Openshift. And experiment on increasing the horizontal line spacing as well as the margins and the padding.

2. Font sizes/typeface (bold, normal, light) are disproportionate in some places.

This can also be dealt while integrating. I will make the sizes, font-weights consistent throughout the page.


1. Tags != badges. They need separate designs - probably not pointed on one side as tags. Font size disproportioanate in profile overview section, also proper spacing

Yeah the badges design needs to be changed. I thought of removing the pointed section in the badges and just have them as simple rectangles with rounded edges.

2. Subscriptions and Moderations overflow from the bar on smaller screens (12 inch etc). On smaller screens these links vanish

I have made them vanish when it comes to smaller screen sizes because I thought they are not much required and also it will make the page unnecessarily cluttered. Do you still think these links of Subscriptions and Moderation are essential when it narrows down to small screen sizes?



1. Some screen space is wasted for no reason. We could spread things out a bit

Actually not only on the login page, I thought that the screen space is wasted on both sides when it comes to other pages as well. So, in the integration work I have worked on I have spread things out to both sides so that much of the screen space is utilized. A screen shot of the integration I have done is also shown below. 
2. Icons for services have to be uniform throughout the website.

I will be looking into this matter when doing the integration so that it would have uniform icons for services throughout the web site.


1. Line spacing, badges design change. 

The design of the badges will be changed so that they will not having the pointed part to the left and the line spacing will also be increased.


1. Spacing, margin between elements

Spacing between the elements like the text boxes will be increased so that it will have a better and uncluttered look. 

2. What is box below title?

I thought that having the text area just under the title text box will be quite obvious for the user to think that it is the place where they need to type in the details of the question. I got that idea from the StackOverFlow website but if it is quite confusing, we can add some wording on the top of the box saying "Type in the details" or something like that.

3. Text overflows from sidebar. With proper margin/padding and widths this may go away.

Yeah in the Post Question page the wording in the sidebar overflows in the right aside. Thanks for pointing that out I will look into that matter.

Progress with the integration

I have done some integration work with the Main and Badges pages of AskFedora and here are some screen shots of the work I have already done.

The Main Page

The Badges Page

The pages above are currently quite a mess because I have not done with the integration completely.

Yet I have met up with the following problem in the browsers in which I have not logged into the website.

UndefinedError at /badges/  'django.contrib.auth.models.AnonymousUser object' has no attribute 'is_read_only'.
You will also be able to see the error by going in to the site: http://askbotfedoratest-anuradhaw.rhcloud.com/questions/

I do not get this error in the browser in which I have logged in to the site. I haven't changed anything regard to implementation but have only changed the styles and templates. So, I wonder why this error is coming up. I hope to find out the error during this week and proceed with some more integration work with the website :)
Testing Fedora Cloud image with systemd-networkd

One of the change proposal I have submitted for Fedora 23 is about having systemd-netowrkd for network configuration. You can find the change page here. Instead of carrying the old network-scripts, we wanted to move to networkd, which is a part of systemd. Couple of the notable benefits are about how it will help us to keep the image size sane by not bringing in any external dependencies, and also about similarity between many different distribution based cloud images from users’ point of view. You can look into the discussions on the Talk page, and the trac ticket.

In the last week’s cloud meeting we decided to have a build of Fedora 22 cloud image with systemd-networkd on it. I made the required changes, and did the local build. You can download the qcow2 image, remember it is 218MB. You can use it in any cloud environment in a normal way. If you want to learn, and play around with the configurations, you may want to read this page. Please try the image and tell us what do you think in the comments section of this post.

All systems go
Service 'COPR Build System' now has status: good: Everything seems to be working.
DNF 1.0.2 released

Finally there’s the new release of DNF which fixes the bugs which were highly demanded from Fedora community (former yum users). When a transaction is not successfully finished DNF preserves downloaded packages until the next successful transaction. The resolution configuration hints are printed to the output and user is notified which packages were skipped during update in case there are conflicts. The new –repofrompath switch was added and many more.

FUDCon APAC 2015 in Pune
At the end of last month I participated in FUDCon Pune 2015 (26-28 June). Firstly I have to say it was a very well organized conference: almost everything went smoothly and as expected and the organizers and volunteers really did a great job.  Thank you very much for all your hard work which made the conference so pleasant and well run.

 The conference took place at MITCOE (Maharashtra Institute of Technology College of Engineering, University of Pune) in Kothrud, Pune. The campus has nice buildings and there was a large auditorium and lecture rooms in the adjoining building on several floors for the 6+ parallel sessions, which were well attended.

MIT College of Engineering
MIT College of Engineering
MIT College of Engineering
MIT College of Engineering

Here follows a summary of the talks and sessions I attended:

Day 1

 The conference started with a keynote presentation by Dennis Gilmore where he covered the work, efforts and roadmap of Fedora Release Engineering. It is good to see that this team has gradually grown somewhat to take on the increasing workload of all the different Fedora editions, architectures, and cloud/containers.
Dennis Gilmore
 Next there was a Education Panel discussion about the use and promotion of FOSS in the Education sector, and how to encourage students to get more involved in FOSS.

Education Panel

 Parag Nemade talked about DNF, its advantages, features, plugins and the libraries behind it.
Parag Nemade, DNF

 Before lunch, Pranav Kant talked about using the behave tool to test GUI application automatically. He showed how he applied this to create automated tests for the Gnome Photos application.
Pranav Kant, Behave
 After lunch there were Lightning talks. Then Jared Smith spoke about the new features in Drupal 8, which has a lot of nice new enhancements.
Jared Smith
 Nigel Babu talked about Documentation and applying what he learnt at "Write the Docs" to documenting the CKAN data management project.

 Day 1 ended with a keynote presentation by Harish Pillay on his yet-to-be-released project to gather and assess metrics for FOSS projects to determine what makes for successful, sustainable, and vital projects.
Harish Pillay

 Day 1 also featured a whole day Storage Track.

Day 2

from the bus to the venue

morning foyer
  Day 2 started with Jiri Eischmann's keynote talk on the Present and Future of Fedora Workstation.

 Next I gave my talk on Haskell where I explained why learning the language can help make one a better programmer, and gave a short taste of functional programming with Haskell, described various Haskell projects, and the Fedora Haskell SIG. 40 minutes is not really enough time to do the topic justice but I felt I managed to cover a lot of ground - next time I would really want to present it as a tutorial Workshop. My slides are here. A lot of people came up to me after the talk with questions and showing interest, which was very pleasant.

 Next was Pravin Satpute's talk on Fedora Internationalization and Globalization,where he covered the basics of modern i18n: like encodings, Unicode, locales, input methods, fonts and rendering.
Pravin Satpute, i18n and g11n

 Before lunch there was a detailed talk by Sayan Choudhury about Fedmsg (Fedora Message Bus) which now plays an important role in connecting Fedora infrastructure.
Sayan Choudhury, fedmsg
 After lunch we had the group photos (I am in the middle of the one taken from above but was too slow to make it into the one shot from below on the staircase).

 Izhar Firdaus spoke about starting Open Source businesses from his own experiences.
Izhar Firdaus, OSS business 101

 Then Aditya Patawari and Lalatendu Mohanty presented about Docker, Atomic and some of the technologies underneath it.

Docker and Atomic

 Day 2 had a OpenStack Track running the whole day. As part of it, Rohan Kanade presented a 101 on how to contribute to OpenStack.
Rohan Kanade

 Finally the day was rounded off by Tenzin Chokden, a technologist in the exiled Central Tibetan Administration, on how they have leveraged Open Source to safeguard against cyber-attacks like GhostNet from the China.
tenzin chokden
  Then there was the fun FUDpub party: 10-pin bowling and lively dancing!
tenzin chokden
tenzin chokden

Day 3

Day 3 featured a Containers Track, various workshops, and also the Bar Camp continued.
 I spent some time this day discussing about Fedora Haskell packaging with Pranav Kant - in particular the package review of the Haskell gtk3 package which had been waiting for a long time.

 After the closing ceremony people hung around in the foyer and talked more.

Dennis and Ryan talking over dinner

Overall it was a really fun lively, and interesting conference. I met a lot of people, faces, and new Fedora friends.  I really enjoyed my first FUDCon!!  Thank you FUDCon Pune very much.

July 21, 2015

There are scheduled downtimes in progress
New status good: Everything seems to be working. for services: Koschei Continuous Integration, The Koji Buildsystem, Package maintainers git repositories