Canonical Voices

??1016111425

?Qt Quick????UI

?????????????????????????????????????

??http://v.youku.com/v_show/id_XMjM0NjczMjE2.html????????????????????????????????????

https://code.launchpad.net/~liu-xiao-guo/debiantrial/flickr

??????bzr????????

$?sudo apt-get install bzr

????????????????

$?bzr branch lp:~liu-xiao-guo/debiantrial/flickr

??????????




????Ubuntu????????????????????????????


 ?????????  ???????????????????  ??????????

Read more
??1016111425

QML????(3)

????????????????????????????????
Qml3.gif
????????????????Hello,World?????????????????????????

??????main.qml


import QtQuick 2.0
 
Rectangle {
id: page
width: 500; height: 200
color: "lightgray"
 
Text {
id: helloText
text: "Hello World!"
y: 30
anchors.horizontalCenter: page.horizontalCenter
font.pointSize: 24; font.bold: true
 
MouseArea { id: mouseArea; anchors.fill: parent }
 
states: State {
name: "down"; when: mouseArea.pressed == true
PropertyChanges { target: helloText; y: 160; rotation: 180; color: "red" }
}
 
transitions: Transition {
from: ""; to: "down"; reversible: true
ParallelAnimation {
NumberAnimation { properties: "y,rotation"; duration: 500; easing.type: Easing.InOutQuad }
ColorAnimation { duration: 500 }
}
}
}
 
Grid {
id: colorPicker
x: 4; anchors.bottom: page.bottom; anchors.bottomMargin: 4
rows: 2; columns: 3; spacing: 3
 
Cell { cellColor: "red"; onClicked: helloText.color = cellColor }
Cell { cellColor: "green"; onClicked: helloText.color = cellColor }
Cell { cellColor: "blue"; onClicked: helloText.color = cellColor }
Cell { cellColor: "yellow"; onClicked: helloText.color = cellColor }
Cell { cellColor: "steelblue"; onClicked: helloText.color = cellColor }
Cell { cellColor: "black"; onClicked: helloText.color = cellColor }
}
}

????main.qml???????Cell.qml?????????(2)?????????????????(2)???????????


    Text{
...
states: State {
name: "down"; when: mouseArea.pressed == true
PropertyChanges { target: helloText; y: 160; rotation: 180; color: "red" }
}
 
transitions: Transition {
from: ""; to: "down"; reversible: true
ParallelAnimation {
NumberAnimation { properties: "y,rotation"; duration: 500; easing.type: Easing.InOutQuad }
ColorAnimation { duration: 500 }
}
}
...
}

states???Text??????Text????????????????????????????????”down”,???“when”? ?????????????PropertyChanges??????????????????????????PropertyChanges?? “target”???id?”helloText”????????????y,rotation,color????
transitions ??????????????transitions????????Hello,World?????????,?????????????)???? ???transitions????????????????????“from”?”to”????????????????????? “from”?”to”???????State??”name”???
ParalleAnimation??????? ??????????NumberAnimation??qreal???????,ColorAnimation?????????? Animation??QML?????”Animation and Transitions”?
?????????? ??


 ?????????  ???????????????????  ??????????

Read more
??1016111425

QML????(2)

QML????(2)

????????????????QML???????Hello,World?????????????????????????Hello,World?????????????
Qml2.png

QML??

????????????6?????????????????????????????????(Component)?????????????????????????????????????????????????????????????????????????????? ????????QML????????????????????????????????????????????????????????Defining new Components??????????????Cell.qml???????Cell?????????


Cell.qml???


import QtQuick 2.0
 
Item {
id: container
property alias cellColor: rectangle.color
signal clicked(color cellColor)
width: 40; height: 25
Rectangle {
id: rectangle
border.color: "white"
anchors.fill: parent
}
MouseArea {
anchors.fill: parent
onClicked: container.clicked(container.cellColor)
}
}

??????


Item {
id: container
property alias cellColor: rectangle.color
signal clicked(color cellColor)
 
width: 40; height: 25

Item??????QML????????????????????????????????QtGui??QWidget???????????????rectangle?color????????????Cell???cellColor??rectangle?color?? signal clicked(color cellColor)?????????????????????????????


Rectangle {
id: rectangle
border.color: “white”
anchors.fill: parent
}

?????????????Item??????id?rectangle???????????????Item?


MouseArea {
anchors.fill: parent
onClicked: container.clicked(container.cellColor)
}

MouseArea??Item??????????????anchors??????Item?????????????????????onClicked????????????????????????????????clicked()?????????????Item??????signal? Cell.qml???????????????


main.qml???


import QtQuick 2.0
Rectangle {
id: page
width: 500; height: 200
color: "lightgray"
 
Text {
id: helloText
text: "Hello world!"
y: 30
anchors.horizontalCenter: page.horizontalCenter
font.pointSize: 24; font.bold: true
}
Grid {
id: colorPicker
x: 4; anchors.bottom: page.bottom; anchors.bottomMargin: 4
rows: 2; columns: 3; spacing: 3
 
Cell { cellColor: "red"; onClicked: helloText.color = cellColor }
Cell { cellColor: "green"; onClicked: helloText.color = cellColor }
Cell { cellColor: "blue"; onClicked: helloText.color = cellColor }
Cell { cellColor: "yellow"; onClicked: helloText.color = cellColor }
Cell { cellColor: "steelblue"; onClicked: helloText.color = cellColor }
Cell { cellColor: "black"; onClicked: helloText.color = cellColor }
}
}

??????????????Grid???x???4?????page????????????????? ???6?Cell????Cell.qml???????cellColor?????????????? ?Cell???onClicked?????,?????????Hello,World????????????????Cell?????clicked()?????????onClicked()???????Component???????????Cell.qml?????clicked(),????main.qml?????????onClicked()??

???????????????????????QML????:)


 ?????????  ???????????????????  ??????????

Read more
??1016111425

QML????(1)

?????????Qt Quick???????????Qt???????????????????????????????????????????

QML????

QML?????????????????.qml??????????CSS(????????)?????javacript???????? ????QtDesigner UI?QtScript????QtDesigner?????.ui????,??????Qt??C++??????QtScript???Qt???????????????????????????????QObject??????????????Qt?????????????QtScript???????QML????????????????????????????????????Qt??C++???????????????????

?????

????????????Qt C?????QML????????QML?????????????.qml??????Qt???????QML Viewer????.qml????????????Qt?bin?????????qml(Windows??qml.exe)????????????.qml????????????qmlscene filename.qml ??.qml????????????Hello,World??????



??QML?

???Hello,World?????


1 import QtQuick 2.0
2
3 Rectangle {
4 id: page
5 width: 500; height: 200
6 color: “lightgray”
7
8 Text {
9 id: helloText
10 text: “Hello world!”
11 font.pointSize: 24; font.bold: true
12 y: 30; anchors.horizontalCenter: page.horizontalCenter
13 }
14 }

?1??Qt QML??????????QML???Qt-4.7?????????????3??Rectangle??8??Text??3??????????????????????????4?????????????id?”page”?????????????id??????????????width/height/color?????????CSS?????????????”;”????8???12????????????????????????????Rectangle??Text?????anchors???????????anchors??????????????????????????????????“page“????????????anchors?????????????


????Hello,World??????????hellowordl.qml???????
qmlscene hellowrold.qml?????????????

?????

????????????Rectangle?Text????????????????????????????QML-Item?,Item??QML???????????????????????????????????????????

??, Happy QML?


 ?????????  ???????????????????  ??????????

Read more
??1016111425

????Ubuntu Touch???Device?

????????????????Ubuntu Touch????????????????Click package?????????


?) ??Click Package

  • ??Ubuntu SDK
  • ?????????


  • ??IDE?????????"Ubuntu Device (GCC armhf-ubuntu-sdk-14.10-utopic)"
  • ??IDE ???"Publish"?????????????????????????????Title?


  • ??"Click Package"?????????"test2"????????"build-test2-Ubuntu_Device_GCC_armhf_ubuntu_sdk_14_10_utopic-Default"??????"com.ubuntu.developer.liu-xiao-guo.test2_0.1_all.click"?click??????????????????

????Click???????

????Terminal????????????????????

$?adb push com.ubuntu.developer.liu-xiao-guo.test2_0.1_all.click /tmp
$?adb shell "sudo -iu phablet pkcon install-local /tmp/com.ubuntu.developer.liu-xiao-guo.test2_0.1_all.click"



???????"??”???????????????????????????????????



????IDE??????????

???????IDE??????????????????????

  • ?????????????"Ubuntu Device (GCC armhf-ubuntu-sdk-14.10-utopic)"
  • ????"Build" ==> "Ubuntu" ==> "Install Application on Device"


?????????????????????????

????Click????????

?????????Click?????????????????????????

$?click contents com.ubuntu.developer.liu-xiao-guo.test2_0.1_all.click



??click????????????????????

$?click --help

???????????

5)??????

?????????????????

$ adb shell

????????????????"phablet"???

root@ubuntu-phablet:~# su - phablet

??????????????????"phablet"






 ?????????  ???????????????????  ??????????

Read more
Dustin Kirkland



I hope you'll join me at Rackspace on Tuesday, August 19, 2014, at the Cloud Austin Meetup, at 6pm, where I'll use our spectacular Orange Box to deploy Hadoop, scale it up, run a terasort, destroy it, deploy OpenStack, launch instances, and destroy it too.  I'll talk about the hardware (the Orange Box, Intel NUCs, Managed VLAN switch), as well as the software (Ubuntu, OpenStack, MAAS, Juju, Hadoop) that makes all of this work in 30 minutes or less!

Be sure to RSVP, as space is limited.

http://www.meetup.com/CloudAustin/events/194009002/

Cheers,
Dustin

Read more
beuno

I'm a few days away from hitting 6 years at Canonical and I've ended up doing a lot more management than anything else in that time. Before that I did a solid 8 years at my own company, doing anything from developing, project managing, product managing, engineering managing, sales and accounting.
This time of the year is performance review time at Canonical, so it's gotten me thinking a lot about my role and how my view on engineering management has evolved over the years.

A key insights I've had from a former boss, Elliot Murphy, was viewing it as a support role for others to do their job rather than a follow-the-leader approach. I had heard the phrase "As a manager, I work for you" a few times over the years, but it rarely seemed true and felt mostly like a good concept to make people happy but not really applied in practice in any meaningful way.

Of all the approaches I've taken or seen, a role where you're there to unblock developers more than anything else, I believe is the best one. And unless you're a bit power-hungry on some level, it's probably the most enjoyable way of being a manager.

It's not to be applied blindly, though, I think a few conditions have to be met:
1) The team has to be fairly experienced/senior/smart, I think if it isn't it breaks down to often
2) You need to understand very clearly what needs doing and why, and need to invest heavily and frequently in communicated it to the team, both the global context as well as how it applies to them individually
3) You need to build a relationship of trust with each person and need to trust them, because trust is always a 2-way street
4) You need to be enough of an engineer to understand problems in depth when explained, know when to defer to other's judgments (which should be the common case when the team generally smart and experienced) and be capable of tie-breaking in a technical-savvy way
5) Have anyone who's ego doesn't fit in a small, 100ml container, leave it at home

There are many more things to do, but I think if you don't have those five, everything else is hard to hold together. In general, if the team is smart and experienced, understands what needs doing and why, and like their job, almost everything else self-organizes.
If it isn't self-organizing well enough, walk over those 5 points, one or several must be mis-aligned. More often than not, it's 2). Communication is hard, expensive and more of an art than a science. Most of the times things have seemed to stumble a bit, it's been a failure of how I understood what we should be doing as a team, or a failure on how I communicated it to everyone else as it evolved over time.
Second most frequent I think is 1), but that may vary more depending on your team, company and project.

Oh, and actually caring about people and what you do helps a lot, but that helps a lot in life in general, so do that anyway regardless of you role  :)

Read more
David Planella

OSM GPS dump

We’re very excited to announce an agreement with Nokia HERE to provide A-GPS support on Ubuntu. The new platform service will enable developers to obtain accurate positioning data for their location-based apps in under two minutes, a significantly shorter Time To First Fix (TTFF) than the average for raw GPS technologies.

Faster positioning

While Ubuntu already features GPS-based location, it has always been a key requirement for the OS to provide application developers with rapid and efficient location positioning capabilities.

The new positioning service will be a hybrid solution integrating A-GPS and WiFi positioning, a powerful combo to help obtaining a very fast and accurate TTFF. The system is to be functional by the Release To Manufacturer (RTM) milestone, and available on the regular Ubuntu builds and for retail phones shipping Ubuntu.

Privacy and security

With the user’s explicit consent, anonymous data related to signal strength of local WiFi signals and radio cells can be contributed to crowd-sourcing location services, with the purpose of improving the overall quality of the positioning service for all users.

In line with Ubuntu’s privacy policy, no personal data of any nature is to be collected and released. Users will also be able to opt-out of this service if they do not wish their mobile handset to collect this type of data.

The positioning system will also be run under strict confinement, so that the service and its data cannot be accessed without the user explicitly granting access. With Ubuntu’s trust model, a confined application has to be granted trust by the user to gain access to security- or privacy-relevant system components.

Mapping capabilities

As the new service is to be focused on positioning, it will be decoupled from any mapping solution. Ubuntu Developers, as before, will have a choice of mapping services to use for their applications, including Nokia HERE, OpenStreetMap and others.

Header image based on “openstreetmap gps coverage” by Steven Kay, CC-BY-SA 2.0.

Read more
??1016111425

?????Ubuntu Touch??

???????????????????"Ubuntu SDK ??"?????????SDK?????????????????????????????????????????????

1?  ???????QML??
  • ??Ubuntu SDK
  • ????"File" ==> "New File or Project"
  • ??"App with Simple UI"


  • ??"Choose"???????????????????????


  • ????????????????????QML??????


2??Desktop????

?????????IDE????????????????Ctrl + R????????????????Desktop???????????????????????????????????



3??????????

??????????????????????????????

  • ??Ubuntu SDK
  • ??IDE???"Devices"?????????????????????????myinstance)????????????????????


  • ??????????????"Build"==>"Ubuntu"?????"Run Application on Device"??????????????Ctrl + F12? ???????????????


????????????????????????????????????????????????????

3???????

??????????????????????????????????????????????

  • ??Ubuntu SDK
  • ??IDE ???"Devices"??????"Ubuntu Device" (???????????????????????Qt Creator IDE???????????
  • ??"AutoCreate"?????Device Kits????????????????????
  • ??"Ubuntu Device"????????



  • ????????????????????????Ctrl + F12


????????????????????



??????"App with QML extension Library" ??

???????????QML extension Libray?????????




???????????????????



????"Ubuntu Device (GCC armhf-ubuntu-sdk-14.10-utopic)"????????????????????????????????????????????"Projects"????”Add Kit".



???????????????
  • ??"Devices", ?????????????????????myinstance)
  • ?????????????????
  • ??"Device Kits"????????"AutoCreate"??????????????????chroot????????????chroot?????????????????????????????



  • ?"Device Kits"?????????????


  • ??"Projects"?????"Add Kit"????????"myinstance (GCC i386-ubuntu-sdk-14.10-utopic)"?????????????????????
  • ??IDE????????????????????????????????????”myinstance (GCC i386-ubuntu-sdk-14.10-utopic)"??????????????????
??????????????????????????????????????????????????????????????????????????????????????????????????????????click???????????????

 ?????????  ???????????????????  ??????????

Read more
??1016111425

Ubuntu SDK ??

???????????????Ubuntu SDK??????????????????????????????????????????Ubuntu ??????????????


??????

Ubuntu Touch??Ubuntu 14.10 (Utopic)???????Scope??????????Ubuntu SDK?????Utopic?Ubuntu OS????????????????????????????VM(??VirtualBox?VMWare)??VM????Ubuntu OS 14.10???

??Phablet Tools PPA

Phablet Tools PPA ????????????device??????????????Ubuntu OS 12.04????????

????Ubunt 14.04 Trusty ??????????????Ubuntu??????????????????????

$ sudo add-apt-repository ppa:phablet-team/tools

??Ubuntu SDK ?? PPA?

????Linux?????

$ sudo add-apt-repository ppa:ubuntu-sdk-team/ppa

?? Ubuntu SDK

???????SDK?????????Linux?????

$ sudo apt-get update && sudo apt-get install ubuntu-sdk

????????????????Ubuntu 14.10 ( Utopic)????????????????????????
?????????????????

$ sudo apt-get update && sudo apt-get dist-upgrade

??Ubuntu SDK IDE

  • ?Ubuntu "Unity Dash Applications lens"????"Ubuntu SDK
  • ?????”Ubuntu SDK" ??

?????shell???Ubuntu SDK:

$ ubuntu-sdk 

???????????????????Ubuntu SDK IDE??????Ubuntu Unity ?????????????????????????SDK????Ubuntu??????????????SDK??????????????"Lock to Launcher"????SDK ??????????????

??Ubuntu SDK armhf chroot

???????????????????(armhf??)????????????????????????

  • ??Ubuntu SDK
  • ??IDE????"Tools"??????"Options"??????”Ubuntu"??????????
  • ??"Create Click Target"??????????????????"armhf/Framework-14.10"????????????????????????????????????????


?????????????????"utopic ubuntu-sdk ... armhf"?????????"update"?????????????????????"Maintain"??????????????chroot???????????????????????????????????????????????????????????????shell??????????????????????????????????????????????

???????????shell?????????

~$ schroot -l
chroot:click-ubuntu-sdk-14.10-armhf
chroot:trusty-amd64-armhf
chroot:trusty-armhf
chroot:utopic-amd64-armhf
source:click-ubuntu-sdk-14.10-armhf
source:trusty-amd64-armhf
source:trusty-armhf
source:utopic-amd64-armhf

?? "chroot:click-ubuntu-sdk-14.10-armhf"?????????????chroot?????????????target?????????????

??Ubuntu SDK i386 chroot

????????????????++??????C++ plugins)?????????????????????????????????????????????????????????????????????????????????????????????????"i386"???



??????????shell????????????????chroot?

~$ schroot -l
chroot:click-ubuntu-sdk-14.10-armhf
chroot:click-ubuntu-sdk-14.10-i386
chroot:trusty-amd64-armhf
chroot:trusty-armhf
chroot:utopic-amd64-armhf
source:click-ubuntu-sdk-14.10-armhf
source:click-ubuntu-sdk-14.10-i386
source:trusty-amd64-armhf
source:trusty-armhf
source:utopic-amd64-armhf

?????

???????????????????????????????????????????????????????????????????????????????????????

  • Ubuntu ??SDK
  • ??IDE???"Devices"???????????????"+"?????????????
  • ?????????????????????????"i386"?????"Create"????????????????????????????????????"armhf"??????????????"i386"???

???????????????????????????????????????????(myinstance)??????



???????????



??

???????????????????????????????????????????????????????????????"?????Ubuntu Touch??"???????????????


 ?????????  ???????????????????  ??????????

Read more
facundo


Se nos está terminando Julio, así que ya debería tener casi todo el segundo semestre medio planificado... sino después se me empiezan a pisar las cosas y tengo que cancelar eventos, etc.

La segunda mitad del año es normalmente la más cargada de eventos tanto de Python como de otros ámbitos... y a mi no se me ocurrió mejor idea que ponerme un curso que me ocupa todos los sábados de Agosto y Septiembre: un curso introductorio de Locución y Técnicas Vocales, en ETER.

Lo primero que se me pisa es el 9 de Agosto mismo, un sprint organizado por Lipe (está buscando laburar con cosas de torrent, pero yo creo que voy a ir a hacer Encuentro o CDPedia). Obviamente voy a ir a la tarde, no creo que haya problema.

Lo segundo que se me pisa (y me complica la vida) es el PyDay en Luján, el 20 de septiembre. Acá la tengo más complicada, porque encima de que salgo del curso a las 13, me tengo que ir hasta Luján. Igual, voy seguro, porque lo más probable es que de alguna charla (propuse dos repetidas y una nueva, sobre consejos de debugging).

Ya en Noviembre (con lo cual el curso no molesta) está la PyCon, en Rafaela, el viernes 14 y sábado 15, aunque lo más probable es que vaya el día anterior, para viajar tranquilo, ayudarlos a terminar todo, etc.

El 26 de septiembre, viernes, a la noche, tengo un curso en La Plata, donde doy Introducción a Python en un Postgrado de Informática para Científicos, como en la mayoría de los últimos años.

Los últimos días de Septiembre y los primeros de Octubre, aunque no hay nada puntual, me los voy a tratar de dejar liberados, porque está el cumpleaños de Felu. Seguramente haremos algo menos para adultos, más para compañeros de jardín y eso, pero no sabemos todavía exactamente qué, y siempre es un montón de trabajo :p

En fin... un segundo semestre bailado. Encima estoy bastante ocupado en general, especialmente en el laburo porque en estos meses ya sale a la calle el teléfono de Ubuntu, y también porque finalmente estamos hablando seriamente de hacer la asociación civil de Python Argentina (tenemos una lista separada para charlar de eso) y aunque ahora los abogados están de feria, después seguro voy a tener algunas reuniones, trámites para hacer, etc.

Read more
Robie Basak

Meeting Actions

None

U Development

The discussion about “U Development” started at 16:00.

  • Feature freeze is August 21. Note Debian Import Freeze is coming up
    • as well.
  • The mysql /var/lib/mysql discussion is proceeding, but it seems
    • unlikely that this will happen by feature freeze now. Nevertheless, we expect to land 5.6 in main in the same manner as 5.5 is currently on schedule.
  • http://status.ubuntu.com/ubuntu-u/group/topic-u-server.html – please

    • remember to keep your blueprints updated with work item progress and re-plan milestones if things slip.

Server & Cloud Bugs (caribou)

The discussion about “Server & Cloud Bugs (caribou)” started at 16:03.

  • No updates

Weekly Updates & Questions for the QA Team (psivaa)

The discussion about “Weekly Updates & Questions for the QA Team (psivaa)” started at 16:05.

  • No updates

Weekly Updates & Questions for the Kernel Team (smb, sforshee)

The discussion about “Weekly Updates & Questions for the Kernel Team (smb, sforshee)” started at 16:05.

  • James Page reports that iscsitarget 12.04 DKMS updates for HWE
    • kernels are ready and uploaded to trusty-proposed awaiting SRU team review (bug 1262712)
  • The KSM on NUMA + KVM bug (1346917) is making great progress, driven
    • by Chris Arges. Brad Figg reports that an upload to trusty-proposed is imminent, and it should land on August 8th (the day after 12.04.5). 12.04.5 (for the HWE kernel) won’t include the update, but one will be available for it the next day.
  • For kernel SRU cadence updates, see

Ubuntu Server Team Events

The discussion about “Ubuntu Server Team Events” started at 16:17.

  • rbasak noted that the Canonical Server Team have been sprinting in
    • #ubuntu-server on Fridays to complete merges, including mentoring and sponsoring, and that all are welcome to join them.

Open Discussion

The discussion about “Open Discussion” started at 16:18.

  • James Page reported that there are plans to SRU docker 1.0.x to
    • 14.04 in bug 1338768. The proposed uploaded is in a PPA and awaiting review from the SRU team. Testers are encouraged to try it out.

Agree on next meeting date and time

Next meeting will be on Tuesday, August 4th at 16:00 UTC in #ubuntu-meeting. Note that this was stated incorrectly in the meeting itself. The chair will be Liam Young.

Read more
Joseph Salisbury

Meeting Minutes

IRC Log of the meeting.

Meeting minutes.

Agenda

20140729 Meeting Agenda


Release Metrics and Incoming Bugs

Release metrics and incoming bug data can be reviewed at the following link:

http://people.canonical.com/~kernel/reports/kt-meeting.txt


Status: Utopic Development Kernel

The Utopic kernel has been rebased to v3.16-rc7 and uploaded to the
archive, ie. linux-3.13.0-6.11. Please test and let us know your
results. I also want to mention 14.04.1 released last Thursday
July 24 and 12.04.5 is scheduled to release next Thurs Aug 7.
—–
Important upcoming dates:
Thurs Aug 07 – 12.04.5 (~1 week away)
Thurs Aug 21 – Utopic Feature Freeze (~3 weeks away)


Status: CVE’s

The current CVE status can be reviewed at the following link:

http://people.canonical.com/~kernel/cve/pkg/ALL-linux.html


Status: Stable, Security, and Bugfix Kernel Updates – Trusty/Saucy/Precise/Lucid

Status for the main kernels, until today (Jul. 22):

  • Lucid – Released
  • Precise – Released
  • Saucy – Released
  • Trusty – Released

    Current opened tracking bugs details:

  • http://people.canonical.com/~kernel/reports/kernel-sru-workflow.html

    For SRUs, SRU report is a good source of information:

  • http://people.canonical.com/~kernel/reports/sru-report.html

    Schedule:

    14.04.1 cycle: 29-Jun through 07-Aug
    ====================================================================
    27-Jun Last day for kernel commits for this cycle
    29-Jun – 05-Jul Kernel prep week.
    06-Jul – 12-Jul Bug verification & Regression testing.
    13-Jul – 19-Jul Regression testing & Release to -updates.
    20-Jul – 24-Jul Release prep
    24-Jul 14.04.1 Release [1]
    07-Aug 12.04.5 Release [2]

    cycle: 08-Aug through 29-Aug
    ====================================================================
    08-Aug Last day for kernel commits for this cycle
    10-Aug – 16-Aug Kernel prep week.
    17-Aug – 23-Aug Bug verification & Regression testing.
    24-Aug – 29-Aug Regression testing & Release to -updates.

    [1] This will be the very last kernels for lts-backport-quantal, lts-backport-raring,
    and lts-backport-saucy.

    [2] This will be the lts-backport-trusty kernel as the default in the precise point
    release iso.


Open Discussion or Questions? Raise your hand to be recognized

No open discussions.

Read more
??1016111425

??????????

??????

    ???????????????????http://blog.sina.com.cn/u/1016111425

    ????????????????????????????????????????????????????????????????????

    ????????????????????????????????????????????????????????????????

 

?????

    ???????????MSN SPACES???????????????????????

    ???????????????????????????????????????????????????????????????

????????????????

    ??????????????????

    ??????????????

    ??????????????????????????????????

 

?????????????????????????????????

                                                                                                                                                                      ????


 ?????????  ???????????????????  ??????????

Read more
Michael Hall

When you contribute something as a member of a community, who are you actually giving it to? The simple answer of course is “the community” or “the project”, but those aren’t very specific.  On the one hand you have a nebulous group of people, most of which you probably don’t even know about, and on the other you’ve got some cold, lifeless code repository or collection of web pages. When you contribute, who is that you really care about, who do you really want to see and use what you’ve made?

In my last post I talked about the importance of recognition, how it’s what contributors get in exchange for their contribution, and how human recognition is the kind that matters most. But which humans do our contributors want to be recognized by? Are you one of them and, if so, are you giving it effectively?

Owners

The owner of a project has a distinct privilege in a community, they are ultimately the source of all recognition in that community.  Early contributions made to a project get recognized directly by the founder. Later contributions may only get recognized by one of those first contributors, but the value of their recognition comes from the recognition they received as the first contributors.  As the project grows, more generations of contributors come in, with recognition coming from the previous generations, though the relative value of it diminishes as you get further from the owner.

Leaders

After the project owner, the next most important source of recognition is a project’s leaders. Leaders are people who gain authority and responsibility in a project, they can affect the direction of a project through decisions in addition to direct contributions. Many of those early contributors naturally become leaders in the project but many will not, and many others who come later will rise to this position as well. In both cases, it’s their ability to affect the direction of a project that gives their recognition added value, not their distance from the owner. Before a community can grown beyond a very small size it must produce leaders, either through a formal or informal process, otherwise the availability of recognition will suffer.

Legends

Leadership isn’t for everybody, and many of the early contributors who don’t become one still remain with the project, and end of making very significant contributions to it and the community over time.  Whenever you make contributions, and get recognition for them, you start to build up a reputation for yourself.  The more and better contributions you make, the more your reputation grows.  Some people have accumulated such a large reputation that even though they are not leaders, their recognition is still sought after more than most. Not all communities will have one of these contributors, and they are more likely in communities where heads-down work is valued more than very public work.

Mentors

When any of us gets started with a community for the first time, we usually end of finding one or two people who help us learn the ropes.  These people help us find the resources we need, teach us what those resources don’t, and are instrumental in helping us make the leap from user to contributor. Very often these people aren’t the project owners or leaders.  Very often they have very little reputation themselves in the overall project. But because they take the time to help the new contributor, and because theirs is very likely to be the first, the recognition they give is disproportionately more valuable to that contributor than it otherwise would be.

Every member of a community can provide recognition, and every one should, but if you find yourself in one of the roles above it is even more important for you to be doing so. These roles are responsible both for setting the example, and keeping a proper flow, or recognition in a community. And without that flow or recognition, you will find that your flow of contributions will also dry up.

Read more
Benjamin Keyser

Bringing Fluid Motion to Browsing

In the previous Blog Post, we looked at how we use the Recency principle to redesign the experience around bookmarks, tabs and history.
In this blog post, we look at how the new Ubuntu Browser makes the UI fade to the background in favour of the content. The design focuses on physical impulse familiarity – “muscle memory” – by marrying simple gestures to the two key browser tasks, making the experience feel as fluid and simple as flipping through a magazine.

 

Creating a new tab

For all new browsers, the approach to the URI Top Bar that enables searching as well as manual address entry has made the “new tab” function more central to the experience than ever. In addition, evidence suggests that opening a new tab is the third of the most frequently used action in browser. To facilitate this, we made opening a new tab effortless and even (we think) a bit fun.
By pulling down anywhere on the current page, you activate a sprint loaded “new tab” feature that appears under the address bar of the page. Keep dragging far enough, and you’ll see a new blank page coming into view. If you release at this stage, a new tab will load ready with the address bar and keyboard open as well as an easy way to get to your bookmarks. But, if you change your mind, just drag the current page back up or release early and your current page comes back.

http://youtu.be/zaJkNRvZWgw

 

Get to your open tabs and recently visited sites

Pulling the current page downward can create a new blank tab, and conversely dragging the bottom edge upward shows you already open tabs ordered by recency that echoes the right edge “open apps” view.

If you keep on dragging upward without releasing, you can dig even further into the past with your most recently visited pages grouped by site in a “history” list. By grouping under the site domain name, it’s easier to find what you’re looking for without thumbing through hundreds of individual page URLs. However, if you want all the detail, tap an item in the list to see your complete history.

Blog Post - Browser #2 (1)
It’s not easy to improve upon such a well-worn application as the browser, it’s true. We’re hopeful that by adding new fluidity to creating, opening and switching between tabs, our users will find that this browsing experience is simpler to use, especially with one hand, and feels more seamless and fluid than ever.

 

 

Read more
Jussi Pakkanen

A use case that pops up every now and then is to have a self-contained object that needs to be accessed from multiple threads. The problem appears when the object, as part of its usual things calls its own methods. This leads to tricky locking operations, a need to use a recursive mutex or something else that is nonoptimal.

Another common approach is to use the pimpl idiom, which hides the contents of an object inside a hidden private object. There are ample details on the internet, but the basic setup of a pimpl’d class is the following. First of all we have the class header:

class Foo {
public:
    Foo();
    void func1();
    void func2();

private:
    class Private;
    std::unique_ptr<Private> p;
};

Then in the implementation file you have first the defintiion of the private class.

class Foo::Private {
public:
    Private();
    void func1() { ... };
    void func2() { ... };

private:
   void privateFunc() { ... };
   int x;
};

Followed by the definition of the main class.

Foo::Foo() : p(new Private) {
}

void Foo::func1() {
    p->func1();
}

void Foo::func2() {
    p->func2();
}

That is, Foo only calls the implementation bits in Foo::Private.

The main idea to realize is that Foo::Private can never call functions of Foo. Thus if we can isolate the locking bits inside Foo, the functionality inside Foo::Private becomes automatically thread safe. The way to accomplish this is simple. First you add a (public) std::mutex m to Foo::Private. Then you just change the functions of Foo to look like this:

void Foo::func1() {
    std::lock_guard<std::mutex> guard(p->m);
    p->func1()
}

void Foo::func2() {
    std::lock_guard<std::mutex> guard(p->m);
    p->func2();
}

This accomplishes many things nicely:

  • Lock guards make locks impossible to leak, no matter what happens
  • Foo::Private can pretend that it is single-threaded which usually makes implementation a lot easier

The main drawback of this approach is that the locking is coarse, which may be a problem when squeezing out ultimate performance. But usually you don’t need that.

Read more
pitti

I have used LaTeX and latex-beamer for pretty much my entire life of document and presentation production, i. e. since about my 9th school grade. I’ve always found the LaTeX syntax a bit clumsy, but with good enough editor shortcuts to insert e. g. \begin{itemize} \item...\end{itemize} with just two keystrokes, it has been good enough for me.

A few months ago a friend of mine pointed out pandoc to me, which is just simply awesome. It can convert between a million document formats, but most importantly take Markdown and spit out LaTeX, or directly PDF (through an intermediate step of building a LaTeX document and calling pdftex). It also has a template for beamer. Documents now look soo much more readable and are easier to write! And you can always directly write LaTeX commands without any fuss, so that you can use markdown for the structure/headings/enumerations/etc., and LaTeX for formulax, XYTex and the other goodies. That’s how it should always should have been! ?

So last night I finally sat down and created a vim config for it:

"-- pandoc Markdown+LaTeX -------------------------------------------

function s:MDSettings()
    inoremap <buffer> <Leader>n \note[item]{}<Esc>i
    noremap <buffer> <Leader>b :! pandoc -t beamer % -o %<.pdf<CR><CR>
    noremap <buffer> <Leader>l :! pandoc -t latex % -o %<.pdf<CR>
    noremap <buffer> <Leader>v :! evince %<.pdf 2>&1 >/dev/null &<CR><CR>

    " adjust syntax highlighting for LaTeX parts
    "   inline formulas:
    syntax region Statement oneline matchgroup=Delimiter start="\$" end="\$"
    "   environments:
    syntax region Statement matchgroup=Delimiter start="\\begin{.*}" end="\\end{.*}" contains=Statement
    "   commands:
    syntax region Statement matchgroup=Delimiter start="{" end="}" contains=Statement
endfunction

autocmd BufRead,BufNewFile *.md setfiletype markdown
autocmd FileType markdown :call <SID>MDSettings()

That gives me “good enough” (with some quirks) highlighting without trying to interpret TeX stuff as Markdown, and shortcuts for calling pandoc and evince. Improvements appreciated!

Read more
Dustin Kirkland

Tomorrow, February 19, 2014, I will be giving a presentation to the Capital of Texas chapter of ISSA, which will be the first public presentation of a new security feature that has just landed in Ubuntu Trusty (14.04 LTS) in the last 2 weeks -- doing a better job of seeding the pseudo random number generator in Ubuntu cloud images.  You can view my slides here (PDF), or you can read on below.  Enjoy!


Q: Why should I care about randomness? 

A: Because entropy is important!

  • Choosing hard-to-guess random keys provide the basis for all operating system security and privacy
    • SSL keys
    • SSH keys
    • GPG keys
    • /etc/shadow salts
    • TCP sequence numbers
    • UUIDs
    • dm-crypt keys
    • eCryptfs keys
  • Entropy is how your computer creates hard-to-guess random keys, and that's essential to the security of all of the above

Q: Where does entropy come from?

A: Hardware, typically.

  • Keyboards
  • Mouses
  • Interrupt requests
  • HDD seek timing
  • Network activity
  • Microphones
  • Web cams
  • Touch interfaces
  • WiFi/RF
  • TPM chips
  • RdRand
  • Entropy Keys
  • Pricey IBM crypto cards
  • Expensive RSA cards
  • USB lava lamps
  • Geiger Counters
  • Seismographs
  • Light/temperature sensors
  • And so on

Q: But what about virtual machines, in the cloud, where we have (almost) none of those things?

A: Pseudo random number generators are our only viable alternative.

  • In Linux, /dev/random and /dev/urandom are interfaces to the kernel’s entropy pool
    • Basically, endless streams of pseudo random bytes
  • Some utilities and most programming languages implement their own PRNGs
    • But they usually seed from /dev/random or /dev/urandom
  • Sometimes, virtio-rng is available, for hosts to feed guests entropy
    • But not always

Q: Are Linux PRNGs secure enough?

A: Yes, if they are properly seeded.

  • See random(4)
  • When a Linux system starts up without much operator interaction, the entropy pool may be in a fairly predictable state
  • This reduces the actual amount of noise in the entropy pool below the estimate
  • In order to counteract this effect, it helps to carry a random seed across shutdowns and boots
  • See /etc/init.d/urandom
...
dd if=/dev/urandom of=$SAVEDFILE bs=$POOLBYTES count=1 >/dev/null 2>&1

...

Q: And what exactly is a random seed?

A: Basically, its a small catalyst that primes the PRNG pump.

  • Let’s pretend the digits of Pi are our random number generator
  • The random seed would be a starting point, or “initialization vector”
  • e.g. Pick a number between 1 and 20
    • say, 18
  • Now start reading random numbers

  • Not bad...but if you always pick ‘18’...

XKCD on random numbers

RFC 1149.5 specifies 4 as the standard IEEE-vetted random number.

Q: So my OS generates an initial seed at first boot?

A: Yep, but computers are predictable, especially VMs.

  • Computers are inherently deterministic
    • And thus, bad at generating randomness
  • Real hardware can provide quality entropy
  • But virtual machines are basically clones of one another
    • ie, The Cloud
    • No keyboard or mouse
    • IRQ based hardware is emulated
    • Block devices are virtual and cached by hypervisor
    • RTC is shared
    • The initial random seed is sometimes part of the image, or otherwise chosen from a weak entropy pool

Dilbert on random numbers


http://j.mp/1dHAK4V


Q: Surely you're just being paranoid about this, right?

A: I’m afraid not...

Analysis of the LRNG (2006)

  • Little prior documentation on Linux’s random number generator
  • Random bits are a limited resource
  • Very little entropy in embedded environments
  • OpenWRT was the case study
  • OS start up consists of a sequence of routine, predictable processes
  • Very little demonstrable entropy shortly after boot
  • http://j.mp/McV2gT

Black Hat (2009)

  • iSec Partners designed a simple algorithm to attack cloud instance SSH keys
  • Picked up by Forbes
  • http://j.mp/1hcJMPu

Factorable.net (2012)

  • Minding Your P’s and Q’s: Detection of Widespread Weak Keys in Network Devices
  • Comprehensive, Internet wide scan of public SSH host keys and TLS certificates
  • Insecure or poorly seeded RNGs in widespread use
    • 5.57% of TLS hosts and 9.60% of SSH hosts share public keys in a vulnerable manner
    • They were able to remotely obtain the RSA private keys of 0.50% of TLS hosts and 0.03% of SSH hosts because their public keys shared nontrivial common factors due to poor randomness
    • They were able to remotely obtain the DSA private keys for 1.03% of SSH hosts due to repeated signature non-randomness
  • http://j.mp/1iPATZx

Dual_EC_DRBG Backdoor (2013)

  • Dual Elliptic Curve Deterministic Random Bit Generator
  • Ratified NIST, ANSI, and ISO standard
  • Possible backdoor discovered in 2007
  • Bruce Schneier noted that it was “rather obvious”
  • Documents leaked by Snowden and published in the New York Times in September 2013 confirm that the NSA deliberately subverted the standard
  • http://j.mp/1bJEjrB

Q: Ruh roh...so what can we do about it?

A: For starters, do a better job seeding our PRNGs.

  • Securely
  • With high quality, unpredictable data
  • More sources are better
  • As early as possible
  • And certainly before generating
  • SSH host keys
  • SSL certificates
  • Or any other critical system DNA
  • /etc/init.d/urandom “carries” a random seed across reboots, and ensures that the Linux PRNGs are seeded

Q: But how do we ensure that in cloud guests?

A: Run Ubuntu!


Sorry, shameless plug...

Q: And what is Ubuntu's solution?

A: Meet pollinate.

  • pollinate is a new security feature, that seeds the PRNG.
  • Introduced in Ubuntu 14.04 LTS cloud images
  • Upstart job
  • It automatically seeds the Linux PRNG as early as possible, and before SSH keys are generated
  • It’s GPLv3 free software
  • Simple shell script wrapper around curl
  • Fetches random seeds
  • From 1 or more entropy servers in a pool
  • Writes them into /dev/urandom
  • https://launchpad.net/pollinate

Q: What about the back end?

A: Introducing pollen.

  • pollen is an entropy-as-a-service implementation
  • Works over HTTP and/or HTTPS
  • Supports a challenge/response mechanism
  • Provides 512 bit (64 byte) random seeds
  • It’s AGPL free software
  • Implemented in golang
  • Less than 50 lines of code
  • Fast, efficient, scalable
  • Returns the (optional) challenge sha512sum
  • And 64 bytes of entropy
  • https://launchpad.net/pollen

Q: Golang, did you say?  That sounds cool!

A: Indeed. Around 50 lines of code, cool!

pollen.go

Q: Is there a public entropy service available?

A: Hello, entropy.ubuntu.com.

  • Highly available pollen cluster
  • TLS/SSL encryption
  • Multiple physical servers
  • Behind a reverse proxy
  • Deployed and scaled with Juju
  • Multiple sources of hardware entropy
  • High network traffic is always stirring the pot
  • AGPL, so source code always available
  • Supported by Canonical
  • Ubuntu 14.04 LTS cloud instances run pollinate once, at first boot, before generating SSH keys

Q: But what if I don't necessarily trust Canonical?

A: Then use a different entropy service :-)

  • Deploy your own pollen
    • bzr branch lp:pollen
    • sudo apt-get install pollen
    • juju deploy pollen
  • Add your preferred server(s) to your $POOL
    • In /etc/default/pollinate
    • In your cloud-init user data
      • In progress
  • In fact, any URL works if you disable the challenge/response with pollinate -n|--no-challenge

Q: So does this increase the overall entropy on a system?

A: No, no, no, no, no!

  • pollinate seeds your PRNG, securely and properly and as early as possible
  • This improves the quality of all random numbers generated thereafter
  • pollen provides random seeds over HTTP and/or HTTPS connections
  • This information can be fed into your PRNG
  • The Linux kernel maintains a very conservative estimate of the number of bits of entropy available, in /proc/sys/kernel/random/entropy_avail
  • Note that neither pollen nor pollinate directly affect this quantity estimate!!!

Q: Why the challenge/response in the protocol?

A: Think of it like the Heisenberg Uncertainty Principle.

  • The pollinate challenge (via an HTTP POST submission) affects the pollen's PRNG state machine
  • pollinate can verify the response and ensure that the pollen server at least “did some work”
  • From the perspective of the pollen server administrator, all communications are “stirring the pot”
  • Numerous concurrent connections ensure a computationally complex and impossible to reproduce entropy state

Q: What if pollinate gets crappy or compromised or no random seeds?

A: Functionally, it’s no better or worse than it was without pollinate in the mix.

  • In fact, you can `dd if=/dev/zero of=/dev/random` if you like, without harming your entropy quality
    • All writes to the Linux PRNG are whitened with SHA1 and mixed into the entropy pool
    • Of course it doesn’t help, but it doesn’t hurt either
  • Your overall security is back to the same level it was when your cloud or virtual machine booted at an only slightly random initial state
  • Note the permissions on /dev/*random
    • crw-rw-rw- 1 root root 1, 8 Feb 10 15:50 /dev/random
    • crw-rw-rw- 1 root root 1, 9 Feb 10 15:50 /dev/urandom
  • It's a bummer of course, but there's no new compromise

Q: What about SSL compromises, or CA Man-in-the-Middle attacks?

A: We are mitigating that by bundling the public certificates in the client.


  • The pollinate package ships the public certificate of entropy.ubuntu.com
    • /etc/pollinate/entropy.ubuntu.com.pem
    • And curl uses this certificate exclusively by default
  • If this really is your concern (and perhaps it should be!)
    • Add more URLs to the $POOL variable in /etc/default/pollinate
    • Put one of those behind your firewall
    • You simply need to ensure that at least one of those is outside of the control of your attackers

Q: What information gets logged by the pollen server?

A: The usual web server debug info.

  • The current timestamp
  • The incoming client IP/port
    • At entropy.ubuntu.com, the client IP/port is actually filtered out by the load balancer
  • The browser user-agent string
  • Basically, the exact same information that Chrome/Firefox/Safari sends
  • You can override if you like in /etc/default/pollinate
  • The challenge/response, and the generated seed are never logged!
Feb 11 20:44:54 x230 2014-02-11T20:44:54-06:00 x230 pollen[28821] Server received challenge from [127.0.0.1:55440, pollinate/4.1-0ubuntu1 curl/7.32.0-1ubuntu1.3 Ubuntu/13.10 GNU/Linux/3.11.0-15-generic/x86_64] at [1392173094634146155]

Feb 11 20:44:54 x230 2014-02-11T20:44:54-06:00 x230 pollen[28821] Server sent response to [127.0.0.1:55440, pollinate/4.1-0ubuntu1 curl/7.32.0-1ubuntu1.3 Ubuntu/13.10 GNU/Linux/3.11.0-15-generic/x86_64] at [1392173094634191843]

Q: Have the code or design been audited?

A: Yes, but more feedback is welcome!

  • All of the source is available
  • Service design and hardware specs are available
  • The Ubuntu Security team has reviewed the design and implementation
  • All feedback has been incorporated
  • At least 3 different Linux security experts outside of Canonical have reviewed the design and/or implementation
    • All feedback has been incorporated

Q: Where can I find more information?

A: Read Up!


Stay safe out there!
:-Dustin

Read more
Michael Hall

It seems a fairly common, straight forward question.  You’ve probably been asked it before. We all have reasons why we hack, why we code, why we write or draw. If you ask somebody this question, you’ll hear things like “scratching an itch” or “making something beautiful” or “learning something new”.  These are all excellent reasons for creating or improving something.  But contributing isn’t just about creating, it’s about giving that creation away. Usually giving it away for free, with no or very few strings attached.  When I ask “Why do you contribute to open source”, I’m asking why you give it away.

takemyworkThis question is harder to answer, and the answers are often far more complex than the ones given for why people simply create something. What makes it worthwhile to spend your time, effort, and often money working on something, and then turn around and give it away? People often have different intentions or goals in mind when the contribute, from benevolent giving to a community they care about to personal pride in knowing that something they did is being used in something important or by somebody important. But when you strip away the details of the situation, these all hinge on one thing: Recognition.

If you read books or articles about community, one consistent theme you will find in almost all of them is the importance of recognizing  the contributions that people make. In fact, if you look at a wide variety of successful communities, you would find that one common thing they all offer in exchange for contribution is recognition. It is the fuel that communities run on.  It’s what connects the contributor to their goal, both selfish and selfless. In fact, with open source, the only way a contribution can actually stolen is by now allowing that recognition to happen.  Even the most permissive licenses require attribution, something that tells everybody who made it.

Now let’s flip that question around:  Why do people contribute to your project? If their contribution hinges on recognition, are you prepared to give it?  I don’t mean your intent, I’ll assume that you want to recognize contributions, I mean do you have the processes and people in place to give it?

We’ve gotten very good about building tools to make contribution easier, faster, and more efficient, often by removing the human bottlenecks from the process.  But human recognition is still what matters most.  Silently merging someone’s patch or branch, even if their name is in the commit log, isn’t the same as thanking them for it yourself or posting about their contribution on social media. Letting them know you appreciate their work is important, letting other people know you appreciate it is even more important.

If you the owner or a leader in a project with a community, you need to be aware of how recognition is flowing out just as much as how contributions are flowing in. Too often communities are successful almost by accident, because the people in them are good at making sure contributions are recognized and that people know it simply because that’s their nature. But it’s just as possible for communities to fail because the personalities involved didn’t have this natural tendency, not because of any lack of appreciation for the contributions, just a quirk of their personality. It doesn’t have to be this way, if we are aware of the importance of recognition in a community we can be deliberate in our approaches to making sure it flows freely in exchange for contributions.

Read more