Home Home
Sign up | Login

Deprecation notice: openSUSE Lizards user blog platform is deprecated, and will remain read only for the time being. Learn more...

GSoC Idea: Build Service Plasma Widget Suite

March 24th, 2011 by

I’m blatantly abusing GSoC for a project that I would like to see in openSUSE but that I’ve never had time to work on. But really it’s a worthwhile thing to have: a set of Plasma widgets that users and developers can add to their workspace to make it easy to see what’s going on in OBS in the projects that matter to them. If you want to work on a fun project with cutting edge technologies such as Qt, QML, Plasma then head on over to the GSoC 2011 Ideas Page.

GSOC Idea: Improve Clic Filesystem

March 24th, 2011 by

I really look for the perfect gsoc student: someone who has a brilliant idea, noone else thought of how to improve linux in general or openSUSE in specific and just needs my guidance.

But for those that need some ideas, my best bet is really to rewrite clicfs to make it even better. Right now clicfs is a FUSE filesystem hosting a loop image. So a page read goes from ext4->loop->fuse->clicfs->CD->clicfs->fuse->loop->ext4.
If it lived in the kernel, it could offer a block device you mount your ext4 on, leaving aside loop and fuse:


modprobe clicfs packfile=/read-only/openSUSE-kde.i586 cowfile=/read-write/.COWfile cowlog=/dev/ttyS0
mount /dev/clicfs/0 /mnt
chroot /mnt /bin/init

Great idea, no? For someone who wants to become famous, it would be the perfect target!

Distro Competition Sessions needed?

March 23rd, 2011 by

In my last blog I was mentioning the “Distribution Wettstreit” which translates in “distribution competition” held on the Chemnitzer Linuxtage event. The idea of that session is to have distros lined up on stage and give them a task and see how each of them is able to solve it and compare that. I participated for openSUSE but the session left some question marks for me. Here are my thoughts how the idea could be improved.

As far as I know it happened the second time in Chemnitz, were Debian, Fedora, Mandriva, Pardus, Ubuntu and openSUSE were on stage. The tasks we got were every day problems, such as playing a flash movie or how to display a html 5 page. openSUSE was lucky with a one week old release, so wonder why we can handle HTML5 directly and others who released earlier can not?

Apples and Oranges

Apples and Oranges

I have to say that I do not like this kind of session too much. It is great to compare distributions, and also to do it kind of interactively and live. But even given that all involved know that its not about finding a winner and a looser, in this format there are too many parameters that influence the whole thing: First, the release date. Younger distros tend to be better than older ones. Second, it highly depends on the person who sits in front of the machine and explains what he does to solve the problem. One must be able to solve the task technically, and than she/he must be able to talk about it appealingly.

Different distros target at different user groups, and you quickly compare apples with oranges. I think it should be realized as a benefit that we’re different, and that does not necessarily need to end up in a competition everywhere. Moreover, we should appreciate if people remain playful and try distros as they like instead of trying to nail them to one forever.

Maybe next time we can rather have a “The combined power of the Linux variety” -session [working title] instead? In that we could try to work out the differences between the distros and which user groups could benefit from them. I mean, the variety in the FOSS community is the great advantage that we have over other systems and we should express it. And our similarities which we certainly have should also be brought on the table. To whom do we really compete? I guess we should be compared against commercial systems which tend to lock the user in with huge consequences or have security-, innovation- and other issues. Why not line up on stage and show the audience how we together beat these system with free software in various ways for the good of the user?

Yes, playing flash movies is a every users problem, and I know the “I don’t care, it simply needs to work!”-attitude lots of users do have. We as free software distributions had and have to find ways to deal with it, and we all have our solutions. But whats really important is not to present new users that we even though in general can not work with Flash, we found a workaround.

The more important message is why its dark in some corners of FOSS world, how that can be improved and who is able to change that. I think it would be awesome if that could be taken more into account the next time we have the opportunity to speak to such an audience as distributions together.

osc plugin – changes

March 23rd, 2011 by

OSC is a powerful tool for packaging experts, exposing all the latest and greats features of the Build Service. It’s written on python and easy in studying and using. However there are situations when its functionality is not enough; sometimes we need something special. In this case to us will help plug-in mechanism, which in osc is realised very simply.
Plugin can use all of the features, which already implemented osc, as well as provide an output in a convenient format for you. For example, if I want to check changes in kdelibs4 between openSUSE:11.3 and openSUSE:11.4, I can do something like this:

> osc rdiff openSUSE:11.3 kdelibs4 openSUSE:Factory kdelibs4

After that I will receive a detailed output about all changes. Yes, that’s great… but not always it’s convenient. For example, in this case output will contain more than 2000 strings, and I need time to find, say, a *.changes file if I want quickly to understand that has been changed. In case if I want to transfer output to processing to another program (as often happens in practice), I have to shape this data. Unfortunately osc is not as intelligent and can’t show changes from one file (from *.changes, for example) only…

Hello world

Let’s me show how we can create a very simple osc-plugin. In the derectory /var/lib/osc-plugins/ we create a new file tell_me_something.py with such content:

@cmdln.alias('say')
def do_say_something(self, subcmd, opts, *args):
    if sys.argv[2] == "something":
        print "openSUSE rulezzz"
    else:
        print sys.argv[2]

At start, osc will check this directory and will register all found there plugins. In that case, if in the plugin’s content there are errors, osc will report about it immediately. If now we run

> osc help

we will see in the list our function say_something and the key to start it – say. Let’s test:

> osc say "hello"
hello
> osc say GNU/Linux
GNU/Linux
> osc say something
openSUSE rulezzz
>

As you can see, it’s very easy – just python and nothing else. Let’s go back to the output of the function rdiff(), which we mentioned at the beginning.

show me changes

In output of rdiff() nothing wrong, but I would like to immediately get information about what exactly has been done and, for example, which bugzilla-reports (related to this package) have been closed, etc. All what I need, are in rdiff’s output. It means that all what I have to do is just to shape this output.

In 40 minutes of hacking I got such output:

> osc changes kdelibs4 openSUSE:11.3 openSUSE:11.4
PACKAGE: kdelibs4
BUGZILLA_NOVELL: 668185, 670426, 644236, 596021
BUGZILLA_OTHER: 246652, 170806, 149991, 221989, 252280, 253387, 253294, 193364, 253414
CHANGES:

- work around random error on first startup, bnc#668185,
  kubuntu has a similiar patch applied
- call update-mime-database in pre/post install scripts
- don't show synthetic volume label when none is really available,
  allow kio_sysinfo to fall back to device path (bnc#670426)
- update to KDE Platform 4.6.0
  * Plasma applets can be written in QML
  * Plasma data engines can be written in Javascript
  * Plasma data engines can use generic cache for offline mode
  * udev, udisks, upower replace HAL in Solid
  * For more details, see http://kde.org/announcements/4.6
- add patch from 4.6 branch to fix plasma crash on exit
- Add dependencies on udisks and upower for 11.3 and up for Solid
- update to 4.5.95
  * KDE 4.6 RC2
  * no upstream changelog available.
- update to 4.5.90
  * KDE 4.6 RC1
  * no upstream changelog available.
- For 11.2 and 11.3 only : Will build now with polkit-qt-1
  v 0.99.1, which is an official requirement of KDE 4.6
- update to 4.5.85
  * KDE 4.6 Beta2
  * Final Beta before RC, various fixes from Beta1
  * no upstream changelog available.
- For 11.2 and 11.3 only : Added patch to revert changes that
  requires a higher version of polkit-qt-1
- update to 4.5.80
  * KDE 4.6 Beta1
  * no upstream changelog available.
-  Closing the shell via CTRL+D crashes [bko#246652]
- fix build with gcc 4.6
- tighten qt4 dependencies
- update to 4.5.3
  * see http://kde.org/announcements/changelogs/changelog4_5_2to4_5_3.php for details
- update branch diff for various bugs in 4.5:
  * Crash on configure toolbars (bko#170806)
  * KCookieJar can't read cookies from another port (bko#149991)
  * Fix oversized number input widgets (bko#221989)
  * CSS conformance issue (bko#252280)
  * Fix helper protocols such as mailto: and telnet:
  * Plasma crash on comic applet switch (bko#253387)
  * HTTPS urls in KMail do not open properly in browser (bko#253294)
  * Mailto: links in FireFox started by kmailservice fail (bnc#644236)
  * Crash in directory listings when toggling
    show hidden files flag (bko#193364)
- Upstream patch added for kmail issue (bko#253414)
- update to 4.5.2
  * see http://kde.org/announcements/changelogs/changelog4_5_1to4_5_2.php for details
- build apidocs separately to reduce build time
- BuildRequire utempter-devel
- update to 4.5.1
  * see http://kde.org/announcements/changelogs/changelog4_5_0to4_5_1.php for details
- new package: kdelibs4-apidocs (bnc#596021)
- update to 4.5.0
  * KDE 4.5.0 final (version bump over RC3)
- update to 4.4.95
  * KDE 4.5 RC3 (not announced)
  * critical fixes for 4.5.0 release
- Add libsoprano-devel Require to libkde4-devel
- update to 4.4.93svn1149349
- update to 4.4.5
  * bugfixes over 4.4.4
  * see http://kde.org/announcements/changelogs/changelog4_4_4to4_4_5.php for details

and between 11.4 and factory:

> osc changes kdelibs4 openSUSE:11.4 openSUSE:Factory
PACKAGE: kdelibs4
CHANGES:

- update to 4.6.1
  * Bugfixes over KDE 4.6.0
  *  see http://kde.org/announcements/changelogs/changelog4_6_0to4_6_1.php for details
- remove upstreamed patches

aha… and what’s about vim between 11.2 and 11.3?

> osc changes vim openSUSE:11.2 openSUSE:11.3
PACKAGE: vim
BUGZILLA_NOVELL: 598903
CHANGES:

- Add screen control sequences to inputrc (bnc#598903)
- Use the icon from the tarball instead of our custom icon. It
  looks much better.
- Drop gvim.png from the source package.
- build data subpackage as noarch
- updated patches to apply with fuzz=0

Now we can see exactly what was has been done and which bugzilla-reports was fixed/closed. Yes, we have bnc# and bko# reports: reports from bugzilla.novell.com and bugs.kde.org (it cut be also bugs.kernel.org). Second group will be always different (KDE/Gnome/Mozilla/Kernel…).

Source code of plugin is here, and I hope this post will be useful for you if you’ve never written a plugin before.

Chemnitzer Linuxtage 2011

March 23rd, 2011 by

Last weekend I spent on Chemnitzer Linuxtage 2011 which is a popular linux event in Chemnitz, Germany. It was the first time I have been there and was very positively surprised. It is a very well organised event, in a building providing the perfect environment and a large amount of volunteers helping to make the whole weekend enjoyable and relaxed. Thanks for that, it really was fun to meet so many people in this all-inclusive atmosphere :o)

openSUSE had a booth there (thanks Fedora for the picture) and we were lucky enough to have brand new 11.4 promo DVDs there which were handed to interested people. openSUSE 11.4 in general is very well received at most visitors, they were quite happy with our latest release. That is also true for the feelings for openSUSE all over: I heard so much positive feedback about what we do and how we do it, for example the OBS with the collaboration features, the distribution or the activity all over. People recognize our efforts.

I gave a talk about Kraft, as people hinted me that there might be the right audience for the topic of Linux in the small business. The interest was huge, the room was more than full and people seemed to like the way I was approaching the challenge. Unfortunately I had to fight with the notebook/beamer phalanx in the beginning (I apologize for that) so that I had to skip the live demo of Kraft in the end. But still I got a lot of interesting discussions afterwards and got some nice contributions already. Thanks for that.

On saturday noon there was a “Distribution competition” where I was pulled in to show openSUSE. It went ok for all distros taking part and was fun for us presenting 🙂

Booster Michal was giving a workshop about creating packages in the OBS for multiple distributions and a very well received “whats new in 11.4?” talk was given by Sirko in the beginners track.

It was a great event, even though I quite exhausted arrived home late on sunday night. I will be there next year again.

Securing SSH (Secure Shell) from attacker

March 22nd, 2011 by

Secure Shell or SSH is a network protocol that allows exchange of data through secure channels between two network devices.

Particularly widely used on Linux and Unix-based system to access your shell, SSHwas designed as a substitute for Telnet and other insecure remote shells, which sentinformation, especially passwords, in the form of simple text that makes it easy to be intercepted. Encryption used by SSH provides confidentiality and integrity of dataover an insecure network like the Internet.

For the Security Server We From Attacks The attacker who usually Always Use SSHAs a door Early Entry Into System To us, of course, become an admin obligation todispel various Efforts That.

There are several ways which ordinary people do to secure SSH from a variety ofattacks which one of them is by editing the file / etc / ssh / sshd_config.

before doing the configuration in the file / etc / ssh / sshd_config make sure SSH isinstalled on your linux distribution, and for openSUSE that I use it already automatically installed.

#vim /etc/ssh/sshd_config

change options, as below :

LoginGraceTime 2m
PermitRootLogin no
MaxAuthTries 3

LoginGraceTime which option is used to give a time limit of user logins, so please change these options according to your wishes.

PermitRootLogin is no option to allow the root user can login to ssh or not to give yes or no value on the options tersebut.sebaiknya give no value, so that users can not loginas root into your ssh.

MaxAuthTries 3 to give the limit on the number of errors allowed when the user logs in,this is very useful to avoid attackers do brute force on the server anda.dimana usersonly allowed to make a mistake typing the password in accordance with that alreadyset on the options.

If you want only certain users who may log into your ssh add AllowUsers option at the end of the line followed by a distinguished user name in the allowed login.

otherwise, you can install software, denyhost, for your ssh security

NB:do not enable the root user, for ssh login

Similarly, a fairly simple tutorial .. hopefully this can be useful.

Best Regards
Saydul Akram
Email : idulk@opensuse.org

Policy proposal for Factory: Make source of tar balls trackable

March 21st, 2011 by

I like to suggest a general policy for openSUSE:Factory project to document from where a tar ball (or any other file from upstream) is comming from. Why that ? It makes it much easier to review version updates and it guarantees that no one can inject some mal code via a modifed tar ball.

So far I added the source services “download_url” and “tar_scm” to our OBS instance, which downloads the files and stores them as files via a commit. Some people use them already, some others don’t like them because they store the files with _service: prefix.

In last hackweek, I added another way to handle this, which I would like to request as setup and policy for openSUSE:Factory project. You can add a project wide source service, for example the new “download_files” service. That would mean that no needs to add a _service file to the sources anymore. It is enough to add an URL to the spec file Source: tags. The service will automatically download it from there.

But that does mean we still have have _service:download_files:osc-0.1.tar.bz2 file names ? Not when we also add the new “trylocal” parameter and use latest osc versions. This parameter will let act osc to execute the services, but name the files without prefix and commit them together with the other files.

Where is the advantage then ? The server is still validating that this is an identical file. It downloads it again and compares it. In case it is the same file, nothing will happen.

What will happen, when the file differes ? We basically have two options, either we can let the service mark the source as broken or we would store the file with _service: prefix again.

The later mode has the advantage that you can still do version upgrades via slow connections and let the server download the files.

Please find some more details about new possibilities with the source services here.

An example setup for this can be tested via

osc bco home:adrianSuSE:FactoryTest bc

and do for example a version downgrade to 1.05 version to see how it works. Please note that you need the osc from openSUSE:Tools:Unstable project for this.

We can also apply the still suse-internal spec formater and validator scripts via this way later one.

Another advantage of this setup would be the new “update_source” service, which could run in some openSUSE:Factory:AutoUpdate project and tries automatic version upgrades when upstream releases a new version. They could be reviewed and just picked (directly or with additional manual fixes).

Temporary overwrite method for specific task

March 18th, 2011 by

Hi,
today I must solve issue with not well structured code. Problem is that one method return last correct version, but in one specific case it needs to return newest version (even incorrect). There is many calls between top level method which know what needs to call and target method which is called from generic code. Now I need to fix it and code is not well tested and quite sensitive to changes ( this fix is fix of another fix :). So what is the safest way to change it?
I decide that the best solution which doesn’t change almost nothing ( but is suitable just for maintenance update, for trunk I create better solution ) is temporary overwrite of target method to change its behavior. Now how to do it?
There is simple example:

class T
  def test
    puts "test"
  end

  def lest
    puts "lest"
  end

  def m
    test
  end
end


T.new.m
T.send(:define_method,:m_a) { lest }
T.send(:alias_method, :m_old, :m)
T.send(:alias_method, :m, :m_a)
T.new.m
T.send(:alias_method, :m, :m_old)
T.send(:undef_method, :m_a)
T.send(:undef_method, :m_old)
T.new.m

as you can see after modification class is exact same as before ( except if there is method a, but it is possible to handle it via introspection and dynamic choose of method). I don’t need to change whole stack of calls to add parameter or introduce new singleton class which can have flag.
I hope it help someone with his fix of not so well written piece of software.

openSUSE and Kraft on CLT

March 17th, 2011 by

First some news about my KDE project Kraft:

A review was posted on Technewsworld.com with title
Kraft: A No-Nonsense Office Assistant That Gets Straight to Work
. Nice title, and also the bottomline of the whole article. Good to read, however I am wondering why the author tested Kraft version 0.32 instead the current one 0.40 which is out already for ten month. Are there *still* 0.32 packages around in the Ubuntu-World? On the download page on Kraft’s website, there are good Ubuntu packages linked thanks to Rohan Garg.

The only remark in the review was that the list of document types should be editable. It is since 0.40 🙂 Anyway, thanks for considering Kraft for a review.

Chemnitzer Linux-Tage am 19./20.03.2011
On next weekend I will be in Chemnitz on the Chemnitzer Linux Tage. I will give a talk titled Linux im Büro von Kleinunternehmen (Linux in the small enterprise). Beside other interesting things I will present Kraft of course. It will be a talk for people who are new to Linux but try to get their work done with Linux. I am looking forward as I enjoy these solution focused topics. If you are interested, show up and we talk about Kraft. And, yes, a new release of Kraft is also on the way, it can’t take too long any more.

The openSUSE Project will have a booth as well and I probably will be around there for the rest of the time together with friends from the project. We will tell you about our cool project, explain how you can participate and show the brand new openSUSE 11.4 release. It is a nice one. and we think you will like it. I hope to see you there 🙂

First Survey on openSUSE Version naming is open now

March 16th, 2011 by

Following my last blog post on “how to name the distribution release“, I’ve opened up a public survey and look forward to your votes. There is also a good discussion going on on the opensuse-project mailing list.

This is the first iteration. Coolo and myself discussed to use a second survey with the group of winners on connect.opensuse.org.