We hope everyone has had a great start to the year and fun holiday season. Here are the best links shared by the design team during the last month of 2016:
Hoy volví en el auto, a casa. Escuchando mucha música. Pasó este tema, y me di cuenta que es lo que siento con respecto al 2016.
Bronca cuando ríen satisfechos
al haber comprado sus derechos
Bronca cuando se hacen moralistas
y entran a correr a los artistas
Bronca cuando a plena luz del día
sacan a pasear su hipocresía
Bronca de la brava, de la mía
bronca que se puede recitar
Para los que toman lo que es nuestro
con el guante de disimular
Para el que maneja los piolines
de la marioneta universal
Para el que ha marcado las barajas
y recibe siempre la mejor
Con el as de espadas nos domina
y con el de bastos entra a dar y dar y...
¡Marcha! Un, dos...
No puedo ver tanta mentira organizada
Con voz ronca mi bronca, mi bronca
Bronca porque matan con descaro
pero nunca nada queda claro
Bronca porque roba el asaltante
pero también roba el comerciante
Bronca porque está prohibido todo
hasta lo que haré de cualquier modo
Bronca porque no se paga fianza
si nos encarcelan la esperanza
Los que mandan tienen este mundo
repodrido y dividido en dos
Culpa de su afán de conquistarse
por la fuerza o por la explotación
Bronca pues entonces cuando quieren
que me corte el pelo sin razón,
Es mejor tener el pelo libre
que la libertad con fijador
¡Marcha! No puedo ver
Tanto desastre organizado
sin responder con voz ronca
mi bronca mi bronca
Bronca sin fusiles y sin bombas
Bronca con los dos dedos en V
Bronca que también es esperanza
Marcha de la bronca y de la fe
The kernel contains tens of thousands of statements that may print various errors, warnings and debug/information messages to the kernel log. Unsurprisingly, as the kernel grows in size, so does the quantity of these messages. I've been scraping the kernel source for various kernel printk style statements and macros and scanning these for various typos and spelling mistakes and to make this easier I hacked up kernelscan (a quick and dirty parser) that helps me find literal strings from the kernel for spell checking.
Using kernelscan, I've gathered some statistics for the number of kernel print statements for various kernel releases:
En estas últimas semanas terminé de poner a punto un proyectito que había empezado durante el año. Aunque le faltan algunos detalles, ya es funcional y útil.
Se llama Recordium. Es una aplicación sencillita que ayuda al vos-fuera-de-tu-compu a recordarle cosas a tu futuro vos-en-la-compu.
La idea es que ejecutás Recordium en tu computadora, y se pone ahí como un iconito pequeñito.
Después, en cualquier momento, estando en la calle, cortando el pasto, en la cola de la panadería, etc, cuando te acordás de algo que tenés que hacer, le mandás un texto o audio de Telegram a tu Bot de Recordium.
Cuando volvés a tu computadora (donde tomás las acciones correspondientes sobre eso que te habías acordado), el iconito de Recordium va a estar iluminado, te va a decir que tenés un mensaje nuevo (o más), y ahí podés leer/escuchar lo que te habías acordado en otro momento.
¿Se podría hacer algo similar utilizando herramientas más complejas? Sí. ¿O algún servicio de Google? También, pero no quiero meterle más yo a Google. Igual, lo más importante de Recordium es que me sirvió de proyecto juguete para (al mismo tiempo que lograba una funcionalidad que yo quería) tener algo hecho en Python 3 y PyQt 5.
This has been a unique year for me, and I wanted to quickly lay out what I’ve accomplished and where I think I’m going for the coming year. This is now officially a tradition at three posts (see: 2014 and 2015).
These are the goals I set for myself at the start of the year and how I met or missed them:
Major changes in my life, career, and the world at large have made 2016 a memorable year for me. I highly encourage you to reflect on the year you’ve had and think about what you can do to make 2017 great. Happy new year!Read more
For a while now I have been actively maintaining the sosreport debian package. I am also helping out making it available on Ubuntu.
I also have had multiple requests to make sosreport more easily usable in a Juju environment. I have finally been able to author a charm for the sosreport which will render its usage simpler with Juju.
As you already know, sosreport is a tool that will collect information about your running environment. In the context of a Juju deployment, what we are after is the running environments of the units providing the services. So in order for the sosreport charm to be useful, it needs to be deployed on an existing unit.
The charm has two actions :
You would use the collect action to create the sosreport tarball of the unit where it is being run and cleanup to remove those tarballs once you are done.
Each action has optional parameters attached to it :
|homedir||Home directory where sosreport files will be copied to (common to both collect & cleanup actions)|
|options||Command line options to be passed to sosreport (collect only)|
|minfree||Minimum of free diskspace to run sosreport expressed in percent,Megabytes or Gigabytes. Valid suffixes are % M or G (collect only)|
Suppose that you are encountering problems with the mysql service being used by your MediaWiki service (yes, I know, yet one more MediaWiki example). You would have an environment similar to the following (Juju 2.0) :
$ juju status Model Controller Cloud/Region Version default MyLocalController localhost/localhost 2.0.0 App Version Status Scale Charm Store Rev OS Notes mediawiki unknown 1 mediawiki jujucharms 5 ubuntu mysql error 1 mysql jujucharms 55 ubuntu Unit Workload Agent Machine Public address Ports Message mediawiki/0* unknown idle 1 10.0.4.48 mysql/0* error idle 2 10.0.4.140 hook failed: "start" Machine State DNS Inst id Series AZ 1 started 10.0.4.48 juju-53ced1-1 trusty 2 started 10.0.4.140 juju-53ced1-2 trusty Relation Provides Consumes Type cluster mysql mysql peer
Here the mysql start hook failed to start for some reason that we want to investigate. One solution is to ssh to the unit and try to find out. You may be asked by a support representative to provide the data for remote analysis. This is where sosreport becomes useful.
The sosreport charm will be helpful in going to collect the information of the unit where the mysql service runs. In our example, the service runs on unit #2 so this is where the sosreport charm needs to be deployed. So in our example we would do :
$ juju deploy cs:~sosreport-charmers/sosreport --to=2
Once the charm is done deploying, you will have the following juju status :
$ juju status Model Controller Cloud/Region Version default MyLocalController localhost/localhost 2.0.0 App Version Status Scale Charm Store Rev OS Notes mediawiki unknown 1 mediawiki jujucharms 5 ubuntu mysql error 1 mysql jujucharms 55 ubuntu sosreport active 1 sosreport jujucharms 1 ubuntu Unit Workload Agent Machine Public address Ports Message mediawiki/0* unknown idle 1 10.0.4.48 mysql/0* error idle 2 10.0.4.140 hook failed: "start" sosreport/1* active idle 2 10.0.4.140 sosreport is installed Machine State DNS Inst id Series AZ 1 started 10.0.4.48 juju-53ced1-1 trusty 2 started 10.0.4.140 juju-53ced1-2 trusty Relation Provides Consumes Type cluster mysql mysql peer
In order to collect the sosreport tarball, you will issue an action to the sosreport service, telling it to collect the data :
$ juju run-action sosreport/1 collect Action queued with id: 95d405b3-9b78-468b-840f-d24df5751351
To verify the progression of the action you can use the show-action-status command :
$ juju show-action-status 95d405b3-9b78-468b-840f-d24df5751351 actions: - id: 95d405b3-9b78-468b-840f-d24df5751351 status: running unit: sosreport/1
After completion, the action will show as completed :
$ juju show-action-status 95d405b3-9b78-468b-840f-d24df5751351 actions: - id: 95d405b3-9b78-468b-840f-d24df5751351 status: completed unit: sosreport/1
Using the show-action-output, you can see the result of the collect action :
$ juju show-action-output 95d405b3-9b78-468b-840f-d24df5751351 results: outcome: success result-map: message: sosreport-juju-53ced1-2-20161221163645.tar.xz and sosreport-juju-53ced1-2-20161221163645.tar.xz.md5 available in /home/ubuntu status: completed timing: completed: 2016-12-21 16:37:06 +0000 UTC enqueued: 2016-12-21 16:36:40 +0000 UTC started: 2016-12-21 16:36:45 +0000 UTC
If we look at the mysql/0 unit $HOME directory, we will see that the tarball is indeed present :
$ juju ssh mysql/0 "ls -l" total 26149 -rw------- 1 root root 26687372 Dec 21 16:36 sosreport-juju-53ced1-2-20161221163645.tar.xz -rw-r--r-- 1 root root 33 Dec 21 16:37 sosreport-juju-53ced1-2-20161221163645.tar.xz.md5 Connection to 10.0.4.140 closed.
One thing to be aware of is that, as with any environment using sosreport, the owner of the tarball and md5 file is root. This is to protect access to the unit’s configuration data contained in the tarball. In order to copy the files from the mysql/0 unit, you would first need to change their ownership :
$ juju ssh mysql/0 "sudo chown ubuntu:ubuntu sos*" Connection to 10.0.4.140 closed. $ juju ssh mysql/0 "ls -l" total 26149 -rw------- 1 ubuntu ubuntu 26687372 Dec 21 16:36 sosreport-juju-53ced1-2-20161221163645.tar.xz -rw-r--r-- 1 ubuntu ubuntu 33 Dec 21 16:37 sosreport-juju-53ced1-2-20161221163645.tar.xz.md5 Connection to 10.0.4.140 closed.
The files can be copied off the unit by using juju scp.
To cleanup the tarballs that have been previously created, use the cleanup action of the charm as outlined here :
$ juju run-action sosreport/1 cleanup Action queued with id: 3df3dcb8-0850-414e-87d5-746a52ef9b53 $ juju show-action-status 3df3dcb8-0850-414e-87d5-746a52ef9b53 actions: - id: 3df3dcb8-0850-414e-87d5-746a52ef9b53 status: completed unit: sosreport/1 $ juju show-action-output 3df3dcb8-0850-414e-87d5-746a52ef9b53 results: outcome: success result-map: message: Directory /home/ubuntu cleaned up status: completed timing: completed: 2016-12-21 16:49:35 +0000 UTC enqueued: 2016-12-21 16:49:30 +0000 UTC started: 2016-12-21 16:49:35 +0000 UTC
Given the same environment with mysql & MediaWiki service deployed, we need to deploy the sosreport charm to the unit where the mysql service is deployed :
$ juju deploy cs:~sosreport-charmers/sosreport --to=2
Once deployed, we have an environment that looks like this :
$ juju status --format=tabular [Environment] UPGRADE-AVAILABLE 1.25.9 [Services] NAME STATUS EXPOSED CHARM mediawiki unknown false cs:trusty/mediawiki-5 mysql unknown false cs:trusty/mysql-55 sosreport active false cs:~sosreport-charmers/trusty/sosreport-2 [Units] ID WORKLOAD-STATE AGENT-STATE VERSION MACHINE PORTS PUBLIC-ADDRESS MESSAGE mediawiki/0 unknown idle 22.214.171.124 1 192.168.122.246 mysql/0 unknown idle 126.96.36.199 2 3306/tcp 192.168.122.6 sosreport/0 active idle 188.8.131.52 2 192.168.122.6 sosreport is installed [Machines] ID STATE VERSION DNS INS-ID SERIES HARDWARE 0 started 184.108.40.206 localhost localhost zesty 1 started 220.127.116.11 192.168.122.246 caribou-local-machine-1 trusty arch=amd64 2 started 18.104.22.168 192.168.122.6 caribou-local-machine-2 trusty arch=amd64
With the previous version of Juju, the syntax for actions is slightly different. To run the collect action we need to issue :
$ juju action do sosreport/0 collect
We then get the status of our action :
$ juju action status 2176fad0-9b9f-4006-88cb-4adbf6ad3da1 actions: - id: 2176fad0-9b9f-4006-88cb-4adbf6ad3da1 status: failed unit: sosreport/0
And to our surprise, the action has failed ! To try to identify why it has failed, we can fetch the result of our action :
$ juju action fetch 2176fad0-9b9f-4006-88cb-4adbf6ad3da1 message: 'Not enough space in /home/ubuntu (minfree: 5% )' results: outcome: failure status: failed timing: completed: 2016-12-22 10:32:15 +0100 CET enqueued: 2016-12-22 10:32:09 +0100 CET started: 2016-12-22 10:32:14 +0100 CET
So there is not enough space in our unit to safely run sosreport. This gives me the opportunity to talk about one of the parameter of the collect action : minfree. But first, we need to look at how much disk space is available.
$ juju ssh sosreport/0 "df -h" Warning: Permanently added '192.168.122.6' (ECDSA) to the list of known hosts. Filesystem Size Used Avail Use% Mounted on /dev/mapper/ubuntu--vg-root 222G 200G 11G 95% /
We see that there is at least 11Gb available. While it is below the 5% mark, we can change that by using the minfree parameter. Here is its description :
* minfree : Minimum of free diskspace to run sosreport expressed in percent, Megabytes or Gigabytes. Valid suffixes are % M or G (default 5%)
Since we have 11Gb available, let us set minfree to 5G :
$ juju action do sosreport/0 collect pctfree=5G Action queued with id: b741aa7c-537d-4175-8af9-548b1e0e6f7b
We can now fetch the result of our command, waiting for at most 600 seconds for the result :
$ juju action fetch b741aa7c-537d-4175-8af9-548b1e0e6f7b --wait=100 results: outcome: success result-map: message: sosreport-caribou-local-machine-1-20161222153903.tar.xz and sosreport-caribou-local-machine-1-20161222153903.tar.xz.md5 available in /home/ubuntu status: completed timing: completed: 2016-12-22 15:40:01 +0100 CET enqueued: 2016-12-22 15:38:58 +0100 CET started: 2016-12-22 15:39:03 +0100 CET
As with the previous example, the cleanup of old tarballs is rather simple :
$ juju action do sosreport/0 cleanup Action queued with id: edf199cd-2a79-4605-8f00-40ec37aa25a9 $ juju action fetch edf199cd-2a79-4605-8f00-40ec37aa25a9 --wait=600 results: outcome: success result-map: message: Directory /home/ubuntu cleaned up status: completed timing: completed: 2016-12-22 15:47:14 +0100 CET enqueued: 2016-12-22 15:47:12 +0100 CET started: 2016-12-22 15:47:13 +0100 CET
This charm makes collecting information in a juju enviroment much simpler. Don’t hesitate to test it and please report any bug you may encounter.Read more
There’s a new MirAL release (1.0.0) available in ‘Zesty Zapus’ (Ubuntu 17.04) and the so-called “stable phone overlay” ppa for ‘Xenial Xerus’ (Ubuntu 16.04LTS). MirAL is a project aimed at simplifying the development of Mir servers and particularly providing a stable ABI and sensible default behaviors.
Surprisingly, given the project’s original goal, the ABI is changed. This allowed us to address a couple of minor issues and the timing seemed good as downstreams are faced with Mir-0.25 moving some necessary APIs from libmircommon to the more ABI stable libmircore.
The changes in 1.0.0 are:
Another year passes and once more I have another seasonal obfuscated C program. I was caught short on free time this year to heavily obfuscate the code which is a shame. However, this year I worked a bit harder at animating the output, so hopefully that will make up for lack of obfuscation.
The source is available on github to eyeball. I've had criticism on previous years that it is hard to figure out the structure of my obfuscated code, so this year I made sure that the if statements were easier to see and hence understand the flow of the code.
This year I've snapped up all my seasonal obfuscated C programs and put them into the snap store as the christmas-obfuscated-c snap.
Below is a video of the program running; it is all ASCII art and one can re-size the window while it is running.
Today we had the last Ubuntu Testing Day of the year.
Sergio did a great introduction of snapcraft, and showed some of the new features that will land next week in Ubuntu. And because it was the last day of work for everybody (except Kyle), we threw some beers into the hang out and made it our team end of year party.
You can watch the full recording by clicking the image below.
Snapcraft is one of the few projects that have an exception to land new features into released versions of Ubuntu. So every week we are landing new things in Xenial and Yakkety. This means that we need to constantly test that we are not breaking anything for all the people using stable Ubuntu releases; and it means that we would love to have many more hands helping us with those tests.
This is the active bug for the Stable Release Update of snapcraft 2.24: bug #1650632
Before I shut down my computer and start my holidays, I would like to thank all the Ubuntu community for one more year, it has been quite a ride. And I would like to thank Sergio, Kyle and Joe in particular. They are the best team a QA Engineer could ask for <3.
See you next year for more testing days.
Ubuntu has a six month cycle for releases. This means that we work for six months updating software, adding new features and making sure that it all works consistently together when it’s integrated into the operating system, and then we release it. Once we make a release, it is considered stable and then we almost exclusively add to that release critical bug fixes and patches for security vulnerabilities. The exceptions are just a few, and are for software that’s important for Ubuntu and that we want to keep up-to-date with the latest features even in stable releases.
These bug fixes, security patches and exceptional new features require a lot of testing, because right after they are published they will reach all the Ubuntu users that are in the stable release. And we want the release to remain stable, never ever introduce a regression that will make those users unhappy.
We call all of them Stable Release Updates, and we test them in the proposed pocket of the Ubuntu archive. This is obviously not enabled by default, so the brave souls that want to help us testing the changes in proposed need to enable it.
Before we go on, I would recommend to test SRUs in a virtual machine. Once you enable proposed following this guide you will get constant and untested updates from many packages, and these updates will break parts of your system every now and then. It’s not likely to be critical, but it can bother you if it happens on the machine you need to do your work, or other stuff. And if somebody makes a mistake, you might need to reinstall the system.
You will also have to find a package that needs testing. Snapcraft is one of the few exceptions allowed to land in a stable release every week. So lets use it as an example. Lets say you want to help us testing the upcoming release of snapcraft in Ubuntu 16.04.
With your machine ready and before enabling proposed, install the version already released of the package you want to test. This way you’ll test later an update to the newer version, just what a normal user would get once the update is approved and lands in the archive. So in a terminal, write:
$ sudo apt update $ sudo apt install snapcraft
Or replace snapcraft with whatever package you are testing. If you are doing it just during the weekend after I am writing this, the released version of snapcraft will be 2.23. You can check it with:
$ dpkg -s snapcraft | grep Version Version: 2.23
Now, to enable proposed, open the Ubuntu Software application, and select Software & Updates from the menu in the top of the window.
From the Software & Updates window, select the Developer Options tab. And check the item that says Pre-released updates.
This will prompt for your password. Enter it, and then click the Close button. You will be asked if you want to reload your sources, so yes, click the Reload button.
Finally try to upgrade. If there is a newer version available in the proposed pocket for the packet you are testing, now you will get it.
$ sudo apt install snapcraft $ dpkg -s snapcraft | grep Version Version: 2.24
Every time there is a proposed update, the package will have corresponding SRU bugs with the tag “verification-needed”. In the case of snapcraft this weekend, this is the bug for the 2.24 proposed update: https://bugs.launchpad.net/ubuntu/+source/snapcraft/+bug/1650632
The SRU bugs will have instructions about how to test that the fix or the new features released are correct. Follow those steps, and if you are confident that they work as expected, change the tag to “verification-done”. If you find that the fix is not correct, change the tag to “verification-failed”. In case of doubt, you can leave a comment in the bug explaining what you tried and what you found.
You can read more about SRUs in the Stable Release Updates wiki page, and also in the wiki page explaining how to perform verifications. This last page includes a section to find packages and bugs that need verification. If you want to help the Ubuntu community, you can just jump in and start verifying some of the pending bugs. It will be highly appreciated.
If you have questions or find a problem, join us in the Ubuntu Rocket Chat.
It’s a bit strange to write this blog post in the same week as Martin Pitt is announcing moving on from Canonical. I remember many moments of Martin’s post very vividly and he was one of the first I ran into on my flight to Sydney for Ubuntu Down Under in 2005.
Fast forward to today: 2016 was a year full of change – my personal life was no exception there. In the last weeks I had to realise more and more that I need a long break from everything. I therefore decided to move on from Canonical, take some time off, wander the world, recharge my batteries, come back and surprise you all with what’s next.
I’m very much leaving on good terms and I could imagine I won’t be too far away (I’d miss all you great people who became good friends way too much). Having been with Canonical for 11 years and 12 years in the Ubuntu community, it has been an incredibly hard decision to take. Still it’s necessary now and it’ll be good open myself up again to new challenges, new ways of working and new sets of problems.
It was a great privilege to work with you all and be able to add my humble contribution to this crazy undertaking called Ubuntu. I’m extremely grateful for the great moments with you all, the opportunities to learn, your guidance, the friends I made around the world, the laughs, the discussions, the excellent work we did together. This was a very important time of my life.
In the coming weeks I will be without internet, I haven’t quite decided yet, which part of the world I’m going to go to, but maybe I’ll post a picture or two somewhere. Read more
For the third session of the Ubuntu Testing Days, Kevin Gunn joined us to talk about the Unity8 snap.
This is a thriving project with lots of things to do and bugs to uncover, so it's the perfect candidate for newcomers eager to help Ubuntu.
If you are interested and didn't attend our meeting on Friday, click the image below to watch the recording.
To install Unity 8 in the Ubuntu 16.04 cloned virtual machine that we prepared on the past session, enter the following commands in the terminal:
$ sudo add-apt-repository -u ppa:ci-train-ppa-service/stable-phone-overlay $ sudo apt install unity8-session-snap $ unity8-snap-install $ sudo reboot
After reboot, on the login screen click the Ubuntu icon next to your user name and change the selection to Unity 8.
Kevin and his team have a google doc with the instructions to build and install the snap, and the current status. If you find a bug, you can talk to the developers joining the #ubuntu-touch IRC channel on freenode
While preparing the testing environment on this session we had a crash, and explained how easy it is to send the report to the Ubuntu developers by just clicking the Report problem... button. The reports from all our users are in the error tracker, along with a frequency graph and the links to bug reports where those crashes are being fixed.
We also showed two tricks to make faster and more pleasant the testing session in a virtual machine:
Join us again next Friday at Ubuntu On-Air.
I’ve had the pleasure of working on Ubuntu for 12½ years now, and during that time used up an entire Latin alphabet of release names! (Well, A and C are still free, but we used H and W twice, so on average.. ☺ ) This has for sure been the most exciting time in my life with tons of good memories! Very few highlights:
But all good things must come to an end — after tossing and turning this idea for a long time, I will leave Canonical at the end of the year. One major reason for me leaving is that after that long time I am simply in need for a “reboot”: I’ve piled up so many little and large things that I can hardly spend one day on developing something new without hopelessly falling behind in responding to pings about fixing low-level stuff, debugging weird things, handholding infrastructure, explaining how things (should) work, do urgent archive/SRU/maintenance tasks, and whatnot (“it’s related to boot, it probably has systemd in the name, let’s hand it to pitti”). I’ve repeatedly tried to rid myself of some of those or at least find someone else to share the load with, but it’s too sticky :-/ So I spent the last few weeks with finishing some lose ends and handing over some of my main responsibilities.
Today is my last day at work, which I spend mostly on unsubscribing from package bugs, leaving Launchpad teams, and catching up with emails and bugs, i. e. “clean up my office desk”. From tomorrow on I’ll enjoy some longer EOY holidays, before starting my new job in January.
I got offered to work on Cockpit, on the product itself and its ties into the Linux plumbing stack (storaged/udisks, systemd, and the like). So from next year on I’ll change my Hat to become Red instead of orange. I’m curious to seeing for myself how that other side of the fence looks like!
This won’t be a personal good-bye. I will continue to see a lot of you Ubuntu folks on FOSDEMs, debconfs, Plumber’s, or on IRC. But certainly much less often, and that’s the part that I regret most — many of you have become close friends, and Canonical feels much more like a family than a company. So, thanks to all lof you for being on that journey with me, and of course a special and big Thank You to Mark Shuttleworth for coming up with this great Ubuntu vision and making all of this possible!Read more
El otro día estaba en un bar, durante la PyCon Argentina, la tele decía algo de "Urgente" y no recuerdo qué boludez pasaban como contenido. Yo le comenté a alguien al lado mío de qué mal usados eran esos "urgente" o "importante" en los noticieros o canales de noticias/chismes.
Y el otro día justo estaba viendo un programa sobre Atahualpa Yupanqui con Felipe (en Encuentro, "El filósofo") y Don Atahualpa se manda la siguiente frase, tan linda y tan a tono, que osé transcribirla acá.
Ahora tenemos la televisión, la radio; ahora nos traen una noticia rápidamente, lo que está pasando en Oriente, lo que está pasando en todo el mundo. Al segundo lo sabemos, al minuto lo sabemos.
Lo que no sabemos es cuantos poetas escribieron un poema, ayer y antes de ayer, y el domingo antes de la tormenta, o el viernes después que anocheció.
Ninguna revista, ningún diario nos dice "En Villa Dolores ha salido un poeta; en Buenos Aires, en Arrecife hay un nuevo poema de Fulano; Fulana ha escrito este hermoso poema, acá va señores", enseñándonos como los argentinos pronuncian la poesía o la literatura a través de sus desvelos, de sus impaciencias, de esa locura divina que los hace afirmarse en su continente.
No tenemos. Tenemos sí la noticia de la guerra que viene, de la que se prepara, del discurso que viene, del que se prepara.
¿Y lo otro?
¿Y lo de adentro?
Your Security breached ….
No security is perfect
Looking for the code? Look no further: https://github.com/larryprice/pingus-snap
In my last post, I demonstrated creating a snap package for an application available in the archive. I left that application unconfined, which is taboo in the long run if we want our system to be secure. In a few steps, we can add the necessary components to confine our
For reference, this is the original
snapcraft.yaml file for creating a
pingus snap, except that we’ve updated the
confinement property to
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27
If you’re feeling bold, you can build and install the snap from here, but be warned that this led me into an ncurses nightmare that I had to forcibly kill. That’s largely because
pingus depends on X11, which is not available out-of-the-box once we’ve confined our snap. If we want to use X11, we’re going to need to connect to it using the snap-land concept of interfaces. Interfaces allow us to access shared resources and connections provided by the system or other snaps. There’s some terminology to grapple with here, but the bottom line is that a “slot” provides an interface which a “plug” connects to. You can see a big list of available interfaces with descriptions on the wiki. Our
pingus app will “plug” into the X11 interface’s “slot”:
1 2 3 4 5 6
You can build and install the new snap with the
--dangerous flag for your local confined snap. After that, you can verify the interface connection with the
snap interfaces command:
1 2 3 4 5 6 7 8 9
Now, when we run
pingus… it works! Well, video works. If you want sound, we’ll also need the
1 2 3 4 5 6 7
Once again: build, install, and run… et voilà! Is it just me, or was that surprisingly painless? Of course, not all applications live such isolated lives. Make note that the x11 interface is supposed to be a transitional interface, meaning that we would rather our app fully transition to Mir or some alternative. To go a step further with this snap, we could create a
snapcraft.yaml to build from source to get the absolute latest version of our app. At this point, we can change our
grade property to
stable and feel good about something that we could push to the store for review.
Any code you see here is free software. Find the project here: https://github.com/larryprice/pingus-snapRead more
Like it says on the Intel IoT developer site, "Without sensors, there's no IoT".
Because I am the maintainer of QtSensors, I like to inquire about people's use of sensors and if they use QtSensors. Over the years, I have heard quite often something like, 'Qt is thought of as a UI framework'. *sigh*
But Qt is more than just a UI framework and it's use is not dependent on widgets or declarative wizardry. It is used in quite a few middleware components without UI elements. One of those middleware frameworks is Sensor Framework.
Sensor framework is a daemon that uses a plugin system written using Qt for reading various sensors such as accelerometer or light sensors. It was originally developed by Nokia for Harmattan and ran on the N9. It was also used in MeeGo and later included in the Mer Project and on Jolla phones and the ill fated tablet. So it has been released onto a few commercial products.
We looked at it when I was working at Nokia on the project that I still cannot name, but we had decided we would come up with our own solution. Looking back, this was the wrong decision, we should have taken the already proven sensor framework and ran with that. Why? Because it existed and works.
I started maintaining it when I was a privateer (contractor) developer for Jolla. No one else had touched it for some time so I grabbed the few not yet merged bug fixes and added support for libhybris/android libhardware adaptors.
Sensor Framework has support for multiple clients with down sampling for different data rates. It uses dbus for control lines (to start and stop, etc) but sends data through a socket. It also has a working backend in QtSensors.
I noticed that Ubuntu's Unity does nothing to respond when I put this into "tablet mode". I have to manually open the virtual keyboard among other things.
So I thought I could use sensorfw on my Dell 2 in 1. It's one of those converged laptop/tablet devices. It has a few sensors - accelerometer, gyroscope, magnetometer, and lid sensors. One problem... sensorfw does not support lid sensors, or a few other sensors that are around today in IoT (which I will add a bit later). Lid "sensor" might be a bit of a misnomer, as they could be switches but I'd like to think it is more like a hal effect sensor that uses magnets. In any case there are event nodes to use.
First one I chose is to add the lid sensor - to detect when this machine is put into tablet mode, so the UI can better deal with it.
I also noticed that this kernel has support for iio sensor interface for the accel and gyro. Sensorfw only supports sysfs, evdev and hybris interfaces, so I also wanted to add support for that.
I worked on adding iio support first. Well... really just wrote a sensor adaptor plugin. My plugin supports accelerometer, gyroscope and magnetometer, which this device seems to have. I will expand this to support other sensors later, as well as clean it up a bit.
Thanks to QtSensors sensor framework backend, I can make a UI app change with the orientation and lid changes. Better yet, I can create a game that uses accelerometer data like a marble maze game. Or I can upload the data to one of those Node.js data visualization web apps.
And since sensor framework is opensource, others can as well.
All Linux distributions are constantly updating the versions of the packages in their archives. That’s what makes them great, lots of people working in a distributed way to let you easily update your software and get the latest features or critical bug fixes.
And you should constatly update your operating system. Otherwise you’ll become an easy target for criminals exploiting known vulnerabilities.
The problem, at least for me, is that I have many many Ubuntu machines in the house and my badwidth is really bad. So keeping all my real machines, virtual machines and various devices up-to-date every day has become a slow problem.
The solution is to cache the downloaded deb packages. So only one machine has to make the downloads from the internet, and they will be kept in my local network to make much faster to get the packages in the other machines.
So let me introduce you to Apt-Cacher NG.
Setting it up is simple. First, choose a machine to run the cacher and store the packages. Ideally, this machine should be running all the time, and should have a good amount of storage space. I’m using my desktop as the cacher; but as soon as I update my router to one that runs Ubuntu, I will make that one the cacher.
On that machine, install apt-cacher-ng:
sudo apt install apt-cacher-ng
And that’s it. The cacher is installed and configured. Now we need the name of this machine to use it on the other ones:
$ hostname calchas
In this example, calchas is the name of the machine I’m using as the cacher. Take note of the name of your machine, and now, in all the other machines:
$ sudo gedit /etc/apt/apt.conf.d/02proxy
That will create a new empty configuration file for apt, and open it to be edited with gedit, the default graphical editor in Ubuntu. In the editor, write this:
replacing calchas with the name of your cacher machine, collected above. The .lan part is really only needed when you are setting it up in a virtual machine and the host is the same as the cacher, but it doesn’t hurt to add it on real machines. That number, 3142, is the network port where the caching service is running, leave it unchanged.
After that, the first time you update a package in your network it will be slow just as before. But all the other machines updating the same package will be very fast. I have to thank apt-cacher-ng for saving me many hours during my updates of the past years.
My team at work has been focused on snaps this year and one thing we’ve tried to do internally is establish a set of best practices for snap packaging software. Toward that end I’ve been working on a little tool I’m calling snaplint to encode those practices and verify that we’re following them.
Right now you can run snaplint against your snapcraft project directory
and it will scan the
prime subdirectory for the following things:
The next things I’m planning on adding are:
I would love to hear suggestions on further improvements.
You can find the source at https://github.com/ssweeny/snaplint
And, of course if you’re running Ubuntu 16.04 or later you can try it on your own machine with:
$ snap install snaplint
$ snaplint path/to/your/project
© 2010 Canonical Ltd. Ubuntu and Canonical are registered trademarks of Canonical Ltd.