October 13, 2015

Happy Birthday, OpenOffice.org!
15 years ago the original OpenOffice.org source code was published by Sun Microsystems, on Friday, October 13, 2000, a Full Moon day. The source code that changed the Free Software office suite world and laid the basis for LibreOffice.

www.openoffice.org as scraped by the archive.org WayBack Machine on 2000-10-13
StarOffice Code Released in Largest Open Source Project – Linux Today article from 2000-10-13

October 12, 2015

View your GTK3 app or VM on the Web

Ever wondered how to view gedit in a browser? It’s not a secret anymore, broadway is there for some time. The nice thing is that you can also view VMs (by launching virt-viewer with thebroadway bcakend):

How does it work? On a Fedora 22 Workstation (or any with gtk3) host do:

broadwayd &
    virt-viewer -c qemu:///system the-domain-to-view

And then browse to That’s it. And nothing else: Don’t expect audio or USB to work.

Take a look at broadwayd -h to get an idea baout how to publish this on the web or use certificates.

The 5 states of the modern sysadmin

I think there’s (at least) 5 states you might find yourself in as a sysadmin in these days:

  1. Day to day things that aren’t (yet) automated.
  2. Automating and designing for the future.
  3. Fires and outages
  4. Interruptions
  5. Time to dream

In general you will want to move things from the first bucket to the second as much as you can. Automate all the things that happen often, or (re)design things so you no longer have to do such things day to day. So if you find yourself restarting a webserver every  day, figure out why it needs that and fix that. Or if you have to spend lots of time processing new lists or resetting passwords, make those so they are self service. This might also include reading emails and lists and feeds, if you spend a lot of time here that you don’t get any benefit from, perhaps it’s time to drop some of those?

Of course outages and critical problems are another chunk of time. When things stop working at 2pm or 2am, you start working on bringing things back to normal. Bucket two helps here as well, if you find out things are often causing outages or problems, redesigning them or fixing the underlying problem saves stressfull outage time. It’s important after outages and critical problems to try and have some time from bucket 5 as well. Often just thinking about how the problem happened and spending some time looking at it can give you a idea for a design to use in bucket 2 to fix it once and for all.

Interruptions are another chunk of time. While you might think it “only takes a minute” to ping your sysadmin about something, it  takes a while to get back to the second and final buckets above where (hopefully) you are spending your time. This is why filing tickets or using some other tracker for your non critical things helps a great deal. Then, they can be processed in the first bucket when you have time to do that and also have a nice record of what you need to work on in the second one.

Finally another place that is great for you to have time is a category I call “time to dream”. This is usually unstructured time where you as a sysadmin can ponder on how things are setup, look at logs or machines you don’t usually deal with, read about tools that you might be able to use to make things better, or just a totally new workflow for something.

If you find yourself in a sysadmin job where you spend all or most of your time in buckets 1, 3 and 4 you have a definite problem.

So, all you sysadmins out there: are there other states you find yourself in often that I haven’t mentioned yet?

LibreOffice Conference 2015 Aarhus Talk Slides
To those who want to review, the slides of my talk at the LibreOffice Conference in Aarhus are available as PDF from the conference's assets or from my own materials folder. Most if not all presenters have made the slides of their talks available at the LibreOffice conference site, take a look at the individual program pages.

Evaluate Virtual Machines for SCAP Compliance

Recently I have been working on oscap-vm — a script that allows SCAP evaluation of virtual machines and virtual machine storage images. In a way it is similar to the other OpenSCAP wrapper utilities — oscap-ssh and oscap-docker. It was merged to OpenSCAP and will be part of 1.2.7 release, so let us introduce it.

oscap-vm mounts the storage of a VM and sets the oscap tool to scan it in offline mode. That means that you can scan a virtual machine from the host without installing OpenSCAP on it — you can perform an agent-less SCAP scan. Root rights are not required, if you are permitted to access and change the VM you are permitted to run oscap-vm on it. The virtual machine storage is mounted read-only, there is no risk of damage to the filesystem. Because of this you cannot automatically remediate a VM using this tool. If you want remediation functionality for virtual machines and containers, please tell us.

Both XCCDF and OVAL evaluation are supported. You can use plain XCCDF files, source datastreams or plain OVAL files.
Let’s go over a few use-cases. I am using a virtual machine called rhel7.2 in the following examples.

Evaluate a running VM

$ oscap-vm domain rhel7.2 xccdf eval --profile xccdf_org.ssgproject.content_profile_stig-rhel7-server-upstream /usr/share/xml/scap/ssg/content/ssg-rhel7-ds.xml 
Mounting guestfs domain 'rhel7.2' to '/tmp/tmp.c69yOdlBNZ'...
Title   Encrypt Partitions
Rule    xccdf_org.ssgproject.content_rule_encrypt_partitions
Ident   CCE-27128-8
Result  notchecked


Title   Create Warning Banners for All FTP Users
Rule    xccdf_org.ssgproject.content_rule_ftp_present_banner
Result  pass

Unmounting '/tmp/tmp.c69yOdlBNZ'...

Evaluate a storage image

$ oscap-vm image /var/lib/libvirt/images/rhel7.2.qcow2 xccdf eval --profile xccdf_org.ssgproject.content_profile_stig-rhel7-server-upstream /usr/share/xml/scap/ssg/content/ssg-rhel7-ds.xml 
Mounting guestfs image '/var/lib/libvirt/images/rhel7.2.qcow2' to '/tmp/tmp.PgfWcB0R4g'...
Title   Encrypt Partitions
Rule    xccdf_org.ssgproject.content_rule_encrypt_partitions
Ident   CCE-27128-8
Result  notchecked


Title   Enable SSH Warning Banner
Rule    xccdf_org.ssgproject.content_rule_sshd_enable_warning_banner
Ident   CCE-27314-4
Result  fail

Title   Create Warning Banners for All FTP Users
Rule    xccdf_org.ssgproject.content_rule_ftp_present_banner
Result  pass

Unmounting '/tmp/tmp.PgfWcB0R4g'...

Check VM for CVE vulnerabilities

$ wget http://www.redhat.com/security/data/oval/Red_Hat_Enterprise_Linux_7.xml
$ oscap-vm domain rhel7.2 oval eval Red_Hat_Enterprise_Linux_7.xml 
Mounting guestfs domain 'rhel7.2' to '/tmp/tmp.NbvfmaKHbZ'...
Definition oval:com.redhat.rhsa:def:20151852: false
Definition oval:com.redhat.rhsa:def:20151840: false
Definition oval:com.redhat.rhsa:def:20151834: false
Definition oval:com.redhat.rhsa:def:20151793: false
Definition oval:com.redhat.rhsa:def:20140685: false
Definition oval:com.redhat.rhsa:def:20140684: false
Definition oval:com.redhat.rhsa:def:20140680: false
Definition oval:com.redhat.rhsa:def:20140679: false
Definition oval:com.redhat.rhsa:def:20140678: false
Definition oval:com.redhat.rhsa:def:20140675: false
Evaluation done.
Unmounting '/tmp/tmp.NbvfmaKHbZ'...
RTC Quick Start becoming a book, now in beta

The Real-Time Communications (RTC) Quick Start Guide started off as a web site but has recently undergone bookification.

As of today, I'm calling this a beta release, although RTC is a moving target and even when a 1.0 release is confirmed, the book will continue to evolve.

An important aspect of this work is that the book needs to be freely and conveniently available to maximize participation in Free RTC. (This leads to the question of which free license should I choose?)

The intended audience for this book are people familiar with setting up servers and installing packages, IT managers, system administrators and support staff and product managers.

There are other books that already explain things like how to setup Asterisk. The RTC Quick Start Guide takes a more strategic view. While other books discuss low-level details, like how to write individual entries in the Asterisk extensions.conf file, the RTC Quick Start Guide looks at the high level questions about how to create a network of SIP proxies, XMPP servers and Asterisk boxes and how to modularize configuration and distribute it across these different components so it is easier to manage and support.

Some chapters give very clear solutions, such as DNS setup while other chapters present a discussion of issues that are managed differently in each site, such as user and credential storage.

One of the key themes of the book is the balance between Internet architecture and traditional telephony, with specific recommendations about mixing named user accounts with extension numbers.

Many people have tried SIP or XMPP on Linux in the past and either found themselves overwhelmed by all the options in Asterisk (start with a SIP proxy, it is easier) or struggling with NAT issues (this has improved with the introduction of ICE and TURN, explained in a chapter on optimizing connectivity).

The guide also looks at the next generation of RTC solutions based on WebRTC and gives specific suggestions to people deploying it with JSCommunicator.

Help needed

There are many ways people can help with this effort.

The most important thing is for people to try it out. If you follow the steps in the guide, does it help you reach a working solution? Give feedback on the Free RTC mailing list or raise bug reports against any specific packages if they don't work for you.

The DocBook5 source code of the book is is available on Github and people can submit changes as pull requests. There are various areas where help is needed: improvements to the diagrams, extra diagrams and helping add details to the chapter about phones, apps and softphones.

How could the book be made more useful for specific sectors such as ISPs, hosting providers, the higher education sector or other domains that typically lead in the deployment of new technology?

There is a PDF version of the book for download, it has been created using the default templates and stylesheets. How could the appearance be improved? Should I look at options for having it made available in print?

The book is only available in English at the moment, what is the best strategy for supporting translations and engaging with translators?

Are there specific communities or projects that the book should be aligned with, such as The Linux Documentation Project? (Note: RTC is not just for Linux and people use many of these components on BSD-like platforms, Windows, Mac and Android).

Which is the best license to choose to engage contributors and translators and ensure the long term success of the project?

Another great way to help is to create links to the book from other web sites and documents.

Any questions or feedback on these topics would be very welcome through theFree RTC mailing list.

Star ratings in GNOME Software

A long time ago, GNOME software used to show star ratings as popularity next to the application using the fedora-tagger application. This wasn’t a good idea for several reasons:

  • People can’t agree on a scale. Is an otherwise flawless application with one translation issue 5 stars or 4? Is a useful computational fluid dynamics application that crashes on startup but can be run manually on the command line 1 star or 3 stars?
  • It only worked on Fedora, and there was no real policy on how to share data, or the privacy implications of clicking a star
  • People could “game” the ratings system, for example hardcore KDE users could go through all the GNOME apps and give then one star. We then limited this to only rate applications that you have installed, but it was really a cat and mouse thing.

So, lets go two steps back. What is the star rating trying to convey to the user? When I look at a star rating, I want to see a proportional number of stars to how awesome it is to me. The rest of this blog tries to define awesomeness.

As part of the AppStream generation process we explode various parts of the distro binary package and try to build metadata by merging various sources together, for example AppData, desktop files and icons. As part of this we also have access to the finished binary and libraries, and so can also run tools on them to get a metric of awesomeness. So far, the metrics of awesomeness (here-on known as “kudos”) are:

  • AppMenu — has an application menu in line with the GNOME 3 HIG
  • HiDpiIcon — installs a 128×128 or larger application icon
  • HighContrast — installs hicontrast icons for visually impaired users
  • ModernToolkit — uses a modern toolkit like Gtk-3 or QT-5
  • Notifications — registers desktop notifications
  • SearchProvider — provides a search provider for GNOME Shell or KDE Plasma
  • UserDocs — provides user documentation

These attempt to define how tightly the application is integrated with the platform, which is usually a pretty good metric of awesomeness. Of course, some applications like Blender are an island in terms of integration, but of course are awesome. We still need new ideas for this, so ideas are very much welcome.

There are some other “run-time” kudos used as well. These are not encoded by the builder as they require some user information or are too specific to GNOME Software. These include:

  • FeaturedRecommended — One of the GNOME Software design team chose to feature this
  • HasKeywords — there are keywords in the desktop file used for searching
  • HasScreenshots — more than one screenshot is supplied
  • MyLanguage — has a populated translation in my locale, or a locale fallback
  • PerfectScreenshots — screenshots are perfectly sized, in 16:9 aspect
  • Popular — lots of people have downloaded this (only available on Fedora)
  • RecentRelease — there been an upstream release in the last year

When added together, the number of stars will correspond roughtly to the number of kudos the application has.

You can verify the kudos your application is getting by doing something like:

killall gnome-software
gnome-software --verbose

and then navigating to the details for an application you’ll see on the console:

 id-kind:         desktop
 state:           available
 id:              blender.desktop
 kudo:            recent-release
 kudo:            featured-recommended
 kudo:            has-screenshots
 kudo:            popular
 kudo-percentage: 60

Comments (as always) are welcome, as are new ideas on how to test for awesomeness.

LIF 2015

For the last couple of years I didn't manage to attend myself the Linux Install Fest traditionally organized by ROSEdu at Politehnica University of Bucharest, which is a shame, since there is a lot of cool stuff going on. But such is life, there are so many things to do and so little time left...

However, I learned a bit from watching the graphs from the official website and the pretty pictures published by the local Ubuntu community.

I couldn't stop myself from playing a bit with the charts data and make my own one. Just don't read too much into it, I don't think it shows personal preferences or such (if you DO have a personal preference, you probably don't need an install fest):

lif 2015

Anyway, I just wanted to say: good work ROSEdu!

Varnish-4.1.0 released, packages for fedora and epel

Varnish-4.1.0 was recently released, and as usual, I have patched and wrapped up packages for fedora and epel. As 4.1.0 is not api/abi compatible with varnish-4.0, packages for stable releases of epel and fedora are not updated. Varnish-4.1.x will be available in a stable Fedora at latest from f24, though the package recompiles fine on anything from el5 to f23 as well.

Prebuilt packages for epel5, epel6, and epel7 are available here: http://users.linpro.no/ingvar/varnish/4.1.0/.

If you are a fedora contributor, please test the f23 package. The package should install directly on el7 and all supported fedoras, including f23. Then report feedback and add karma points. With a little luck, varnish-4.1 will go into fedora 23 before it freezes.


Varnish Cache is a powerful and feature rich front side web cache. It is also very fast, and that is, fast as in powered by The Dark Side of the Force. On steroids. And it is Free Software.

Redpill Linpro is the market leader for professional Open Source and Free Software solutions in the Nordics, though we have customers from all over. For professional managed services, all the way from small web apps, to massive IPv4/IPv6 multi data center media hosting, and everything through container solutions, in-house, cloud, and data center, contact us at www.redpill-linpro.com.

Boston GNOME Summit update

The Boston GNOME summit this year is a small, focused hackfest.


The first day was filled with discussions and planning, with one of the central topics being how to make gnome-builder, xdg-app and gnome-continuous play well together. You can find notes and conclusions from this discussion here.


In the afternoon, Christian Hergert gave us an extensive demo of gnome-builder, with led to lots of discussion around future plans.

The second day was entirely devoted to hacking. Everybody got something done:

  • Cosimo added support for operating with elevated privileges to gvfs.  Here is a screencast showing this in action:
    <video class="wp-video-shortcode" controls="controls" height="267" id="video-1475-1" preload="metadata" width="474"><source src="https://blogs.gnome.org/mclasen/files/2015/10/Screencast-from-10-11-2015-05_09_42-PM.webm?_=1" type="video/webm">https://blogs.gnome.org/mclasen/files/2015/10/Screencast-from-10-11-2015-05_09_42-PM.webm</video>

    The code for this is already in gvfs git.

  • Owen debugged and fixed various issues with gnome-builder under Wayland: mispositioned code completion popups and window stacking problems with the project chooser.
  • Christian asked everybody in the room what missing features kept them from using gnome-builder, and implemented several of the answers he got. One example is better indentation support in both emacs and vi modes.
  • Giovanni added support to the gnome-continuous build machinery to produce xdg-app bundles, and used it to produce an xdg-app for gnome-weather.
  • Myself, I took the shortcuts overlay implementation from gnome-builder and adapted it for GTK+.
    Shortctus overlay
    This code can be found in gtk+ git.

Thanks to everybody who participated so far. The Summit will continue tomorrow with more discussion and hopefully more productive hacking.

I’d also like to thank  Walter Bender and the MIT for hosting us, and Red Hat for sponsoring our breakfasts.

Leaving HackerEarth

It’s very hard to write but I am leaving HackerEarth.

2013 and internship

My college days were coming to an end with placements all around. I was sure to work in a startup. One fine day, I saw a job posting on hasjob on 12th December 2012 that boldly said “HackerEarth is buidling its initial team - Python/Django enthusiast needed”. The idea made me apply to HackerEarth and after a few rounds of email with Sachin and Vivek. I landed up in a remote intern position.

My first task at HackerEarth as an intern was to implement Auth/Profile system for Codetable. Damn! My first task itself was a daunting task. There was so many permutaiton of things to take care of private digest, public digest, read-only mode, read-write mode, authenticated user, anonymous user. 10 days into the internship the auth system was finally working. Finaly, the code was deployed and the feeling was amazing.

Four months into the internship, I got a full time position at HackerEarth. I joined the team in their Bangalore office in July 2013.

Working at HackerEarth

The office I joined was at Bangalore Alpha Labs, Koramangala. In the span of two years, I worked on a couple of things. I worked on the Recruiter Panel, Plagiarism Engine, Profile pages, Challenges pages, HackerEarth Shorterner and for the past one year I have been working on HackerEarth Sprints.

HackerEarth has scaled at a very rapid rate and the engineering team at HackerEarth to learn at a more faster pace to keep things going. At HackerEarth, as a full-stack engineer I got to know the deep knowledge of what it takes to keep a website running at such a huge scale.

Life at HackerEarth

Supercalifragilisticexpialidocious! I never felt here that I was out of college. Food fests, hardware hacking, TT, packs of Redbulls, movie and gaming nights and flexible timings. Anything that had to keep a developer going we had it all.

What’s next?

I have been using Fedora since the initial days of my college. An year, I was contributing to Fedora. I have been working on Fedora Infrastructure projects after regular office hours and weekends. I have been also involved in evangelizing Fedora too.

But now I will be joining the Fedora Engineering Team working on Fedora as a part of my day job. Looking forward to scale more mountains and see what rocks life throws at me at my new role at Fedora.

October 11, 2015

Activities from Mon, 05 Oct 2015 to Sun, 11 Oct 2015


Activities Amount Diff to previous week
Badges awarded 535 -43.98%
Builds 15581 +23.78%
Copr build completed 4173 -51.36%
Copr build started 4187 -51.30%
Edit on the wiki 494 +19.32%
FAS user created 128 +40.66%
Meeting completed 22 -12.00%
Meeting started 22 -12.00%
New packages 26 -85.31%
Posts on the planet 62 +05.08%
Retired packages 0 NA
Updates to stable 481 -22.67%
Updates to testing 625 +25.50%

Top contributors of the week

Activites Contributors
Badges awarded asleqia (7), andyli (6), denisotugo (6)
Builds pbrobinson (6250), karsten (4695), sharkcz (1452)
Copr build completed avsej (548), nalimilan (280), decathorpe (255)
Copr build started avsej (549), nalimilan (280), decathorpe (255)
Edit on the wiki jmracek (110), duffy (40), asleqia (33)
Meeting completed dgilmore (4), nirik (4), sgallagh (4)
Meeting started randomuser (2), sgallagh (2), stickster (2)
New packages  
Posts on the planet admin (11), zsun (10), icon (8)
Retired packages  
Updates to stable remi (29), siwinski (26), rdieter (20)
Updates to testing siwinski (39), remi (38), rdieter (19)
Instala Jdownloader 2 en Fedora


¿Qué es Jdownloader?

Es un gestor de descargas de código abierto, escrito en Java, que permite la descarga automática de archivos de sitios de alojamiento inmediato como Mediafire, Rapidshare, MEGA, entre otros. Los enlaces de descargas especificados por el usuario son separados en paquetes para permitir pausar y continuar las descargas individualmente. Opcionalmente, los archivos en formato RAR son extraídos automáticamente después de la descarga.

Datos del Software 


Este proceso de instalación colocara nuestro Jdownloader 2 en la carpeta personal del usuario  que se este ocupando en mi caso es /home/sr_kraken

Descarga por terminal para 32 o 64 Bits 

Abrimos una terminal y tecleamos lo siguiente:

$ wget http://installer.jdownloader.org/JD2Setup_x86.sh -O jd2.sh
#Para sistemas operativos de 32 bits

$ wget http://installer.jdownloader.org/JD2Setup_x64.sh -O jd2.sh
#Para sistemas operativos de 64 bits

Asignación de permisos de ejecución al instalador

$ chmod +x jd2.sh
#Para asignar permisos de ejecución

Ejecución del paquete

$ ./jd2.sh
#Para arrancar el instalador gráfico 

Inicio de instalación gráfica

Elegir el idioma del instalador, en este caso sera en ingles


Presionamos OK para aplicar el cambio


El sistema de instalación nos da la bienvenida presionamos Next para continuar


En esta ventana se nos dará información sobre la licencia que emplea nuestra aplicación, que en este caso es GPL  presionamos Next para continuar.


En esta ventana nos muestra la ubicación en donde nuestra aplicación quedara instalada “puede utilizar la ubicación que mas le agrade siempre y cuando tenga permisos en la misma utilizando el botón Browser”  al terminar presionamos Next para continuar



Esta ventana nos pregunta si queremos crear un acceso directo en nuestro escritorio podemos habilitar o deshabilitar esta opción desde la casilla de verificación al terminar presionamos el botón Next para continuar.

web_cp_205050_091015 web_cp_205114_091015

Empezara un proceso  e instalación mismo que debemos esperar a que termine y posteriormente tendremos la siguiente ventana.


Esta ventana nos pregunta si queremos realizar una donación para el proyecto Jdownloader, para continuar podemos utilizar el botón Skip para continuar.


Esta ventana no sindica que a finalizado la instalación, nos da la opción de iniciar  o no iniciar la aplicación por medio de un recuadro de verificación al presionar el botón Finish 


Al iniciar nuestra aplicación por primera vez, se realiza una carga de complemento y se descargan algunas actualizaciones

web_cp_210240_091015 web_cp_210321_091015

Al terminar el proceso de actualización podremos utilizar nuestra aplicación y empezar a descargar enlaces.


Recomiendo designar cual sera nuestra carpeta de descargas o conocer su ubicación, para futuras referencias.

Nos desplazamos hasta la barra de menús, presionamos la opción Ajustes.


Dentro de Ajustes seleccionamos la Opciones. 


Se desplegara la siguiente ventana en donde podemos realizar una serie de configuraciones entre elles designar la ubicación de nuestra carpeta de descargas.


Para agregar nuestro Jdownloader 2 al menú de aplicaciones

Esta opción es para todos aquellos que tengan problemas con que la aplicación no aparezca dentro de su lista de aplicaciones. Recuerden que este es un ejemplo de el archivo de configuración deben hacer los cambios según su instalación y la ubicación de la aplicación.

Abrimos una terminal y tecleamos lo siguiente:

$ cd /usr/share/applications
#Para desplazarnos a una ubicación determinada 
$ su -c "vi jdownloader2.desktop"
#Nos permite crear un archivo de texto especifico utilizando vi "puedes utilizar tu editor de texto de confianza" con permisos root 
#requiere contraseña de root 
#En el interior del archivo debemos escribir lo siguiente: 

[Desktop Entry]
Name=JDownloader 2
Exec=/bin/sh "/home/sr_kraken/jd2/JDownloader2"
Comment= Gestor de Descargas Jdownloader 2





wikipedia  de Jdownloader | Pagina web oficial  | Pagina de Descarga

New GPG Key
Please find attached [http://whatthefuck.computer/new-key.txt] my new GPG key as well as general identity information.

October 09, 2015

<figure> <figcaption>src: https://upload.wikimedia.org/wikipedia/commons/thumb/9/9f/Vimlogo.svg/240px-Vimlogo.svg.png</figcaption> </figure>

Everyonceinawhile, you realize you've been brute forcing your way around some tool that you use every day. Too often, for me, that tool ends up being vim...

While I was mass editing the transcripts I used to create the FSF30 wordclouds, I realized I was doing too much manual movery to get to the next misspelled word. In a moment of clarity, I was like "hey, I bet vim has a way to properly do this!" And of course it did!


]s = move cursor to next misspelled word
[s = move cursor to previous misspelled word


The word 'harry' is a proper word, and the word 'potter' is a proper word, but if they are right next to eachother, likely you are not talking about someone persistently accosting a claysmith...

Luckily, vim will let you visually select the words together 'v2e', and then type 'zw' to mark the duo as a "wrong" word. You can then add the correctly capitalized duo of "Harry Potter" to your local dictionary by typing 'v2ezg'.

This will make "harry the potter" not show any misspellings, but "harry potter" will come up as misspelled, and when you spellcheck it, will give the proper caps.

Joli video par le MTQ.
Joli video par le MTQ.
New in Geoclue: Location sharing & convenience library
Apart from many fixes, Geoclue recently gained some new features as well.

Sharing location from phones

If you read planet GNOME, you must have seen my GSoC student, Ankit already posting about this. Basically his work enabled Geoclue to search for, and make use of any NMEA providers on the local network. The second part of this project, involved implementation of such a service for Android devices. I'm pleased that he managed to get the project working in time and even went the extra mile to fix issues with his code, after GSoC.

This is useful since GPS-based location from android is almost always going to be more accurate than WiFi-based one (assuming neighbouring WiFi networks are covered by Mozilla Location Service). This is especially useful for desktop machines since they typically do not have even WiFi hardware on them and have until now been limited to GeoIP, which at best gives city-level accurate location.

This feature was included in release 2.3.0 and you can download the Android app from here.

 Conveniece library

Almost since the beginning of Geoclue2 project, many people complained that using the new API is far from easy and simple, as it should be. While we have good reasons to keep D-Bus API as it is now, the fact that a lot of time passed since I got around to doing anything about this, meant that it was best if D-Bus API was not changed, Geoclue being a system service.

So this week, I took up the task of implementing a client-side library, that not only exposes gdbus-codegen generated API to communicate with the service but also added a convenience helper API to make things very simple. Basically, you just have to call a few functions now if you simply want to get a location fix quickly and don't care much about accuracy nor interested in subsequent location updates.

I only pushed the changes today to git master so if you have any input, now would be the best time to speak up. I wouldn't want to change API after release.
FSF's Nerdy 30
<figure> <figcaption>src: https://openclipart.org/image/300px/svg_to_png/87319/stiGNUcius.png</figcaption> </figure>
Fedora OpenID issues resolved

Fedora OpenID issues resolved

It is very likely that you have seen the issues we had with logging in to Fedora Infrastructure services, or other websites that use Fedora OpenID to authenticate you.

The issue presented itself during login, where as soon as you hit the Login button to submit your username and password, it would spin and wait for sometimes minutes, and retrying the entire process from start would “magically” work most of the time.

I am very excited to tell you that we have found the root cause of this issue, and it has now been resolved.

If you still have problems with Fedora OpenID, either this issue or any other, please file a Fedora Infra ticket at Fedora Infra trac, or ping me on IRC (puiterwijk on FreeNode).

What happened

First, a very little bit of background: in Fedora Infrastructure, we have multiple reverse proxies (at the time of writing 10), which are used to actually request our websites. So when you request any of the Fedora Infra services, your request ends up at any of those 10 reverse proxies, which then passes the request on through our internal network.

Now, Ipsilon authorizes your username and password with the Fedora Account System. But for accessing that, it also uses our reverse proxies.

Now, we have two of these proxies in our main datacenter where all of our servers are hosted. However, since we had no special case for the servers there, it could be that Ipsilon would try to access FAS to verify your user through a proxy all the way over in Europe, which is at the very least suboptimal.

Another part of the issue was that we have two proxies that are on donated machines wich are a little underpowered, and as such could not carry the load that was thrown at them.

So the fix that we have applied is to add a special case for our servers in the main datacenter to always use the two reverse proxies that are local to that datacenter. This means that to verify your username, the request will stay within the datacenter and not cross the big pool of water at least twice.

Easy fix, but it had been slightly tricky to find the cause.

N.B.: The reason this was not a problem before Ipsilon was because we had exactly this special case in when we were using FedOAuth, but I had forgot to transfer it during the migration to Ipsilon.

Batch of new updates [#2/2015]

Packages list which i have recently updated on Fedora:

  • ProDy 1.6.1 (based on Python2) is released on Fedora 22/23 and EPEL6. This package is not compiled yet with Python3 because of missing dependencies on Fedora, neither packaged on EPEL7. However, i have rebuilt extra ProDy packages on a Copr project: ProDy-EPEL6.
  • Available a new rewrited Engauge-digitizer (Engauge6) that updates the older Engauge-digitizer 5; packaged for Fedora 21/22/23 but not for EPEL6/7 because of a missing needed package again (log4cpp).


  • IceCat-38.3.0 has been recently pushed on updates-testing; it updates the older IceCat-31.8.0 in Fedora 21/22/23.

Filed under: Bug Fix, English, EPEL, FedoraPlanet, IceCat, Packaging, ProDy, RHEL, RPM, Sistema
USB Per Port Power Switching

Increasing numbers of single board computers are powered by USB ports using a cable like this:


Wouldn’t it be cool if you could plug these into a USB hub and have the hub individually power up and down the computers? Like a cheap APC power management board.

It turns out you can — with difficulty. The USB standard defines Per-Port Power Switching (PPPS) but unfortunately almost no hub in existence actually supports it. To save a few cents on the BOM, the manufacturers generally leave out the extra power transistors needed to make it work. One guy has modified his USB hub to add the extra part and full marks to him but that’s a lot of effort.

There is one hub which actually supports this: The D-Link DUB-H7, but only the first version (the silver/grey case). In the second version (black case), D-Link too realized their “mistake” and saved on the extra bits.

Armed with this knowledge, I bought one of these from the US (shipping cost 3x the cost of the hub itself).

And it works! Well, for a while.


I used the C hub-ctrl program from this page, and the instructions from here.

# lsusb
Bus 003 Device 005: ID 2001:f103 D-Link Corp. DUB-H7 7-port USB 2.0 hub

Switch off port 7 (right-most port):

# ./hub-ctrl -b 3 -d 5 -P 4 -p 0

Switch on port 7:

# ./hub-ctrl -b 3 -d 5 -P 4 -p 1

The ports are not numbered in the same sequence as the ports on the hub itself. I found by experimentation that the ports correspond as follows. I don’t know if it’ll be the same on every model:

Port hub-ctrl option
1 (left) -P 5
2 -P 6
3 -P 1
4 -P 2
5 -P 7
6 -P 3
7 (right) -P 4

The bigger problem is the hub is fairly unreliable. Switching ports on or off too frequently seems to result in the hub crashing, which appears to only be recoverable by powering the hub off for several seconds.

So I’m not quite there.

Fedora at LinuxCon Europe 2015

This week, another edition of LinuxCon Europe took place in Dublin and as always Fedora was there. The Linux Foundation confirmed our booth quite late, just two weeks before the event, so we didn’t have a lot of time for preparation. On the other hand, we got the stand and three passes for free which was big help because the conference is otherwise very expensive (the standard pass was ~$1000). And I’d like to thank the Linux Foundation for the support.

2015-10-05 10.39.38

Giannis and Jon at Fedora booth

Because we had little time for preparation, our booth was only basic: we had standard swag (Fedora logo stickers, Fedora product stickers, badges, case badges, pens), a stand-up banner, and a laptop showcasing Fedora Workstation 23. Unlike last year, the stand didn’t have the best location, but we still got a reasonable number of visitors. Here are some of my notes from the event:
  • One guy from Fujitsu Finland told us they were using Fedora on mission-critical servers and it turned out to be working fine. They’ve got the latest and greatest, they can adapt to changes earlier (he specifically mentioned systemd), and upgrading from one version of Fedora to another is much easier than to upgrade from one version of RHEL/CentOS to another.
  • A developer from Intel told us that their whole Linux development team was using Fedora. They also ran Fedora on their booth (another booth that ran Fedora was some UEFI organization). I was looking for someone from Intel who has something to do with the Intel video driver development because Retrace Server is full of false positives from the driver, but Intel was mostly represented by embedded Linux team.
  • Some developers asked what laptops we could recommend to run Fedora on because there is no compatibility database. I recommended ThinkPads because I think they still have the best Linux support and they’re still the most popular laptops among Linux developers.
  • Quite a few people asked us why we have two booths at the conference. That was because there was also a booth of Red Hat. A lot of people apparently think that Red Hat and Fedora Project are the same things. Having a separate booth sends a strong message that Fedora is not Red Hat-only thing and it’s, in fact, the most independent among the Red Hat-backed community projects.
  • Even at LinuxCon there are people who have no awareness of Fedora, so paciently kept explaining what Fedora is about and what has to offer. Building awareness in the enterprise ecosystem is IMHO one of the main benefits of being at LinuxCon.
  • It was a bit saddening to see so many Macbooks at LinuxCon. I saw more of them this year than any other year before. Even people from the Linux Foundation were promoting their Linux certifications from Macbooks with OS X.
  • Many visitors asked about the new Fedora products (Workstation, Server, Cloud). Evergreen question was why we have Fedora Server if there is already CentOS. A lot of people apparently associates Workstation with something for developers and serious work only and ask if we have something for end users. Yes, our core target audience are developers, but Fedora is still very much useful for other end users, too. Maybe we should say that more clearly and loundly in our marketing messaging.
2015-10-06 14.10.57

Fedora running at Intel booth

At the end, I’d like to thank the Fedora Project for sponsoring my travel and lodging and Jon Archer and Giannis Konstantinidis for staffing the booth with me.

this comic does assume our previous comic, "how to always avoid small talk forever", has somehow...

Dinosaur Comics originally shared:

this comic does assume our previous comic, "how to always avoid small talk forever", has somehow failed you
Configuring OpenStack to use jumbo frames (MTU 9000)

Controller nodes

Disable puppet :

# systemctl stop puppet
# systemctl disable puppet

Place a given controller into standby mode :

# pcs cluster standby $(hostname)

Update the MTU for all physical NICs being used by either provider or tenant networks :

# echo MTU=9000 >> /etc/sysconfig/network-scripts/ifcfg-eth0

Update the various Neutron related configuration files :

Note that if tenant networks are being used then we need to allow for the overhead of VXLAN and GRE.

# echo “dhcp-option-force=26,8900” > /etc/neutron/dnsmasq-neutron.conf
# openstack-config –set /etc/neutron/dhcp_agent.ini DEFAULT dnsmasq_config_file /etc/neutron/dnsmasq-neutron.conf
# openstack-config –set /etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini agent veth_mtu 8900
# openstack-config –set /etc/neutron/l3_agent.ini DEFAULT network_device_mtu 9000
# openstack-config –set /etc/nova/nova.conf DEFAULT network_device_mtu 9000

Reboot to ensure everything persists.

# reboot

Unstandby the node and repeat on the remaining controllers :

# pcs cluster unstandby $(hostname)

Compute nodes

Disable puppet :

# systemctl stop puppet
# systemctl disable puppet

Update the MTU for all physical NICs being used by either provider or tenant networks :

# echo MTU=9000 >> /etc/sysconfig/network-scripts/ifcfg-eth0

Update the OVS plugin configuration file :

# openstack-config –set /etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini agent veth_mtu 8900
# openstack-config –set /etc/nova/nova.conf DEFAULT network_device_mtu 9000

Reboot to ensure everything persists.

# reboot

Source: https://access.redhat.com/solutions/1417133

Day 1 of PyCon India 2015

Day one is the first day of main event. I was late to wake up, but somehow managed to reach the venue around 8:30am. Had a quick breakfast, and then moved into the Red Hat booth. Sankarshan, Alfred, Soni were already there. I don’t know the exact reason, but the booth managed to grab the attention of all the people in the venue. It was over crowded :) While the students were much more interested in stickers, and other goodies, many came forward to ask about internship options, and future job opportunities. Alfred did an excellent job in explaining the details to the participants. The crowd was in booth even though the keynote of day one had started. I missed most of keynote as many people kept coming in the booth, and they had various questions.

At 11:30AM, we had our annual Dgplug meetup on the staircase of the venue. It is already known as “dgplug staircase meeting”.We are a virtual group for the most part of the year, but PyCon is the time when we try to meet and discuss various things face to face. Though this year many new members were busy volunteering, so they missed the meeting. We mostly discussed about the summer training, what went wrong, how can we improve etc. Here are two tweets about the same from others.

I had only one talk in my mind (other than the keynotes) which I wanted to attend. It was “Pretty printing in Python” by Shakthi Kannan, a talk about a 3D printer made from the parts available in India, and his experiments with it in both software, hardware level. It was an excellent talk.

During lunch time Anwesha and Py (my daughter) came in. This was Py’s first conference. She really enjoyed it, happily roamed around with Sankarshan, and Chandan for a long time. Here is a family photo in the Red Hat booth.

Rest of the second half I spent mostly talking with the people in and around the booth. “What do you think about working in Red Hat and upstream projects? What is the difference you feel than working for any other big names?” this question led to an interesting discussion with few SymPy developers. I hope I managed to explain my viewpoints to them properly. That answer anyway should get it’s own blog post :)

This year we also had a childcare facility in the event, and it was amazing. So many kids were inside through out the both days of the event. The parents were extremely happy about the facility. Thank you organisers for making this available to the participants with kids.

October 08, 2015

GLPI version 0.90

GLPI (Free IT and asset management software) version 0.90 is available. RPM are available in remi-test repository for Fedora ≥ 18 and Enterprise Linux ≥ 5

As all plugins projets have not yet released a stable version, so version 0.85 stay available in remi repository.

Available in the repository:

  • glpi-0.90-1
  • glpi-behavior-0.90-1
  • glpi-fusioninventory-
  • glpi-ocsinventoryng-1.2.0-1
  • glpi-reports-1.9.0-1
  • glpi-webservices-1.6.0-1

Attention Warning: for security reason, the installation wizard is only allowed from the server where GLPI is installed. See the configuration file (/etc/httpd/conf.d/glpi.conf) to temporarily allow more clients.

You are welcome to try this version, in a dedicated test environment, give your feedback and post your questions and bugs on:

RPM and this page will be updated regularly until moved to stable (follow this entry).

Track the night sky with Stellarium on Fedora

Ever looked up at the night sky and tried to identify specific celestial bodies out of the millions you can see? Stellarium is an awesome open source planetarium application available in Fedora to help you identify and track objects in the night sky. Basically, it simulates the night sky and provides labels and other tools to help you know what you are actually looking at.

Finding items in the night sky

Stellarium labels the objects in the night sky that are of interest, and provides directional labels as well to help identify the objects in the sky. There are also options to show labels for deep-sky objects and exoplanets.


 Identifying constellations

Stellarium also draws lines between and labels the multiple stars that make up the constellations, and also has a mode that overlays constellation artwork over the simulated sky.


View the night sky from anywhere

You can also set the location to anywhere on Earth (or Mars, or many other bodies) where you want to simulate the night sky



Stellarium can also do a lot more, like view how Supernovae looked from earth at previous points in history, show meteor showers, identify and track satellites around earth like the International Space Station, and also follow specific bodies through the sky. Also, if you have a compatible telescope, you can use stellarium to control the positioning of your telescope.

Stellarium is available in the Official Fedora Repositories, so you can install via the Software application on Fedora Workstation, or via the command line with the command:

sudo dnf install stellarium


dchen’s apache-maven is updated to 3.3.3 for el7 and el6

The repo is located at:


To install this for from yum:

cd /etc/yum.repos.d; sudo wget https://repos.fedorapeople.org/dchen/apache-maven/epel-apache-maven.repo

Fedora 23 Cinnamon Spin -Test Day ( QA )

Hola comunidad, 

Hoy es el día de testeo del spin Cinnamon así que si usas este entorno y quieres ayudarnos en QA te invito a que des una vuelta por la wiki del día de pruebas. La he traducido para que tengan lo necesario para poder ayudar en el testo. pero de todas maneras aquí dejaré los pasos para realizar las pruebas.



  • Tener instalador Fedora 23 con Cinnamon, en caso de querer agregar este entorno ejecuta lo sgte:

sudo dnf install @cinnamon-desktop

  • Descargar la imagen diaría de Fedora 23 Cinnamon y probar desde el Live
  • Tener tu cuenta en FAS (Fedora Account System)
  • Tiempo y ganas de ayudar :)

Además he traducido la wiki del testcase del navegador ya que esta es una de las pruebas a realizar, así tendrán una idea algo mas clara.


Caso de prueba del navegador

  • Corriendo Fedora 23 Cinnamon, abran el navegador de la manera que quieran, vía panel o terminal.
  • Ingresen al FAS https://admin.fedoraproject.org/accounts/ e inicien su sesión.
  • Intenten descargar cualquier archivo desde internet, por defecto el directorio debería de ser “Downloads” o “Descargas” Dependiendo del idioma.

Aplicando los resultados a la wiki del día de prueba

=== Pruebas Básicas ===

! User
! [[QA:Testcase_desktop_browser|Navegador]]
! [[QA:Testcase_desktop_terminal|Terminal]]
! [[QA:Testcase_desktop_update_graphical|Actualización]]
! [[QA:Testcase_desktop_login|Inicio de Sesión]]
! [[QA:Testcase_audio_basic|Audio]]
! [[QA:Testcase_desktop_panel_basic|Panel]]
! [[QA:Testcase_desktop_automount|Montaje Automático]]
! References
| [[User:SampleUser|Sample User]]
| {{result|none}}
| {{result|pass}}
| {{result|warn}} <ref>Test pass, but also encountered {{bz|54321}}</ref>
| {{result|fail}} <ref>{{bz|12345}}</ref>
| {{result|none}}
| {{result|none}}
| {{result|none}}
| <references/>

La primera sección corresponde a los casos de pruebas, ahí no editen nada. La segunda parte es la que tienen que editar y agregar al final del html y justo antes de “|}”.

Como ven el template es sencillo y consiste en su nombre de usuario seguido de su nombre real, luego el resultado para cada prueba y la referencia al bug que  esté o no reportado. Al final del wiki agregé mis casos de prueba para que vean un ejemplo y puedan implementar los suyos. 

| [[User:asleqia|Carlos Morel-Riquelme]]
| {{result|pass}}
| {{result|pass}}
| {{result|pass}}
| {{result|none}}
| {{result|pass}}
| {{result|pass}}
| {{result|pass}}
| <references/>

A grandes rasgos es eso, no olviden que toda la ayuda es importante y cualquier dudas el canal  #fedora-test-day estará disponible para las consultas. Estaré ahí durante la tarde ayudando, sino mi mail en caso de consultas.


Espero esto sea útil a la comunidad y al software libre. :)

It's Time to End the War On Stupid People

I never knew Sarah Sharp personally, but I was aware of her.

On one hand, it's hard to say how; I've never had particular interest in the USB stack, or much at all outside of the core kernel, and even there I've never managed to actually contribute beyond a couple of cosmetic patches.

On the other hand, it's little mystery at all: Sarah was the first female kernel contributor I'd ever heard of, and the only one I can readily name now. It's an uncomfortable answer, because when someone breaks into a space that doesn't often include their gender or background, we feel we avoid culpability by being nonchalant. No exclusion here, nosiree. Didn't even notice you were a woman. It's comforting and dishonest; when someone breaks a boundary of cultural exclusion, regardless of how your reaction may later be judged, the fact is you notice.

Although apparently nobody noticed when Sarah quietly disappeared over the past year, finally coming out to cite now-familiar complaints about the toxic and hostile atmosphere on LKML and in the kernel community in general.

In an ignorant youth that I'd rather was further away than it is, I remember liking the atmosphere on LKML. Mentioning being in the kernel community seemed to have the same effect on the right kind of crowd as saying you were from Brooklyn did in the early 90s. The threads of LKML were mean streets that would chew you up and spit you out if you weren't tough enough to handle it. But I was, of course. I was tough, you betcha, and only real tough guys have what it takes to stand up for code the way it should be written.

It's not hard to see the appeal, for a certain sort of ego, but there's something deeper. "Nerd" communities gravitate toward this form again and again. Other open source forums, video game communities, 4chan, the marks are similar no matter how distant the topics get. And why? What is it about geeky types that produces this sort of structure?

What is the war on stupid people?

Being cursed with doting parents, I got called a "genius" from a very young age, well on in to my adult years. I had my share of unusual feats, and I liked computers which were proper "genius" things to like, and at some point I took an IQ test and a very impressive number was produced. "Genius" it was then.

Of course, the older I get, the less I'm convinced there really is any such thing. Getting anything meaningful out of as gloriously defective a thing as a human brain, no matter what condition it may be in, is a skill and an art, not a product of ordainment into a pantheon of great thinkers. So I stopped thinking of myself as a genius.

But before I did, I remember thinking everyone else was stupid.

Perhaps it's too much praise, or some failure to notice the dissonance in thinking you're better than everyone else and then also expecting them all to keep up, but I'm hardly the only sufferer of the condition. To a certain sort of mind, stupidity is the chief moral and cultural demon in the modern world. When you have the answer to everything, it suddenly becomes clear that the only thing between the world and paradise is all of those people who just won't fucking listen no matter how many times I explain the most obvious thing God damn them!

It is human nature to define our enemies, and soon the abstract and ill-defined idea of "stupid" begins to take on concrete and fantastically fictional features. It becomes intentional; every futile political debate, every badly indented piece of forgotten code, every near-mishap on the freeway, all engineered by some malevolent demographic of those who wish to fuck everything up for everyone.

And so protectorates are established. Bastions to hold back the encroaching stupid masses. The mean streets of LKML, where yes you will be lambasted and degraded and torn apart daily, but you're ok with it because you're tough. You're a real tough guy who can take this sort of thing because you're not one of them. It is all necessary to protect you from them. And if you can't, well maybe you're one of them after all and you should leave, traitor.

As the airport screenings protect you from Muslims and the mass incarcerations protect you from drugs, so this sort of personal violation protects you from idiocy.

I'm prone to hyperbole, on this blog especially, but I have also witnessed a contributor in #fedora openly proclaim that someone seeking help in the channel was being deliberately incompetent for the purpose of causing him frustration. On multiple separate occasions. If one ever wanted to destroy the field of economics entirely, one need only come up with a single example of a person dedicating time and effort to such a perfectly and absolutely unproductive task. What can we call the belief that such people exist and are out to get you other than psychotic paranoia?

And so, I ask, what is it to be stupid, really? Are some slower to process information or discover novel solutions to problems? Certainly, and some run less quickly than others. If we leave behind our childish desperation to invert the high school hierarchy, I can scarcely find much reason to value one much over the other. A person who is "stupid" in this way does me no harm whatsoever. Is irrationality and succumbing to bias a better definition? Doubtful. These are real and dangerous problems, but irrationality is not so intrinsic as we claim of "stupidity." Rationality is a procedure, the "skill and art" I mentioned earlier. It can and has been described as a step-by-step process, and it requires only minimal mental power to execute. What it requires a great deal more of is self-discipline. I hardly think the behaviors we describe here demonstrate much of that.

So let's bring an end to it. Call of the war on stupid people. Respect others as a matter of policy. I promise you the kernel will be fine. All of us will be. Most of us better.

Cinnamon Test Day tomorrow (2015-10-08)

It’s time for the final Test Day of the Fedora 23 cycle: tomorrow, Thursday 2015-10-08, is Cinnamon Test Day. A nice simple one: we’ll be testing out the Cinnamon desktop on Fedora 23, particularly the new live spin, and making sure everything works well and looks right. If you’re a Cinnamon fan, interested in it, or just a keen tester with a bit of spare time, please come out and help!

The Cinnamon spin maintainer Dan Book (grinnz) will be around and I’ll try to drop in from time to time too.

As always for Test Days, the live action is in #fedora-test-day on Freenode IRC. If you don’t know how to use IRC, you can read these instructions, or just use WebIRC.

October 07, 2015

FUDCon APAC 2015 – a Memoir


This post has been long overdue. In fact a post here has been long overdue. Much has happened since the last time I wrote here. There are new DNS patches to be merged, the Docker & DNSSEC resolver interconnect, kernel & Qemu issues I’ve been analysing, Fedora Security Team(FST), huh..each would need a separate post. Anyway, it’s good to be back here.

It was this time last year that we began to have lunch table discussions about hosting FUDCon in India. The last time we did was in 2011. A lot had changed since 2011; Old-timers had moved on, new ones had joined hands, many of them with a distant view of the open source, Fedora and FUDCon. But what was still same was the excitement to participate and to host FUDCon. What started as a fond activity for me, had quite a thrilling climax wherein I ended up calling the India’s Ambassador to China in Beijing. :)

We began with scouting for a venue, as the bidding process required us to have confirmed venue & budget arrangements in place. Though FUDCon is a get-together for Fedora contributors, we wanted local community to benefit from this gathering. So a college or university campus was our preferred choice for the venue. All of the campuses we visited were more than welcoming; In fact they wanted us to setup ongoing programs for their students and teachers alike. My observation is, people are convinced of the power of Open Source principles and methodology, but they have no idea about how to participate and take advantage of it. After much deliberations we settled on the MIT College of Engineering for our venue and the bid was proposed.

Shortly after the bid was accepted, I left the city of Pune – the ground zero of FUDCon APAC 2015. And thus began the spell of weekly calls, meetings and updates. As soon as the bid was accepted, we sent out a call for volunteers. We broadly defined the tasks(travel, talks selection & scheduling, marketing, video recording, catering, FUDPub et. al.) and volunteers assumed their responsibilities. I picked to help the delegates with their travel requirements, amongst various other things. When I moved out, I half expected to have diminishing responsibilities towards FUDCon. But in retrospect, it’s intriguing how actively I was involved. I think the first step towards active participation in open source communities is to connect, to join the call, say hello and listen. In my case it was conference calls, but one could just as easily connect over email/IRC/twitter/hangout, either means of communication.

Through these weekly calls and meetings we assessed overall progress on each task, discussed and devised alternative solutions for issues, listened to individual inputs, argued and fought over it, pulled each-other’s legs and had fun all the way. Of course a huge team of volunteers were working relentlessly on ground zero to ensure that all the needed pieces(banners, recording gear, transport, accommodation, vendor billing,…) are put together at the right time. Before I knew, five months had passed and I was on my way to attend ‘FUDCon APAC 2015’. :) Excited to meet old friends, colleagues, and everybody that I’d been communicating with for the past few months. Meanwhile it had almost slipped my mind that I was to present a talk about – Local DNSSEC resolver: F23 Feature.

At FUDCon surroundings were brimming with a familiar energy. It started right at the hotel as delegates arrived from around the world. The peculiar excitement in the hotel lobby when delegates bump into each other is uniquely rewarding. On day one, I was to attend the registration desk and distribute swags. After the first half of doing that, I moved about different sessions catching glimpses at each. Day two was little easier, there was no mad rush of day one. I hitched a ride with a friend to the venue, found a corner in the speaker’s lounge and resorted to prepare for my talk. As the day concluded, it was time for the super electric FUDPub. :) Day three was of workshops, I jumped through couple of sessions and talks and was back again at the front desk to work with the volunteers as they were preparing to wrap-up. Three days went by so fast, before I knew, it was time for the concluding keynote and the vote of thanks. As the delegates bid their good byes, they made plans to catch-up again at the next conference. :)

FUDCon APAC 2015 album:
  -> https://www.flickr.com/photos/pjps/albums/72157659591987932

RMR: Rick's Rant - Two Weeks 'til the Election
Setting Up Storage to make docker-storage-setup work
Overview (Source)

Docker needs storage to store containers and container images. The default storage option for Docker on Red Hat Enterprise Linux Atomic Host is an LVM thin pool while the default option on other variants of Red Hat Enterprise Linux is thin pool on loopback devices which is not recommended for production systems. The docker-storage-setup service can assist you in setting up an LVM thin pool. When docker starts, it automatically starts docker-storage-setup.
By default, docker-storage-setup tries to find free space in the volume group backing the root volume and tries to setup a thin pool. If there is no free space in the volume group, docker-storage-setup will fail to set up an LVM thin pool and will fall back to using loopback devices.

I was experimenting to make docker-storage-setup on a bare-metal because if you have single hard-drive on bare-metal and didn't have any free/unallocated space then docker-storage-setup service will always fail because it will not get required PE (Physical Extend)

[root@dhcp201-188 ~]$ systemctl status docker-storage-setup.service -l
● docker-storage-setup.service - Docker Storage Setup
   Loaded: loaded (/usr/lib/systemd/system/docker-storage-setup.service; disabled; vendor preset: disabled)
   Active: failed (Result: exit-code) since Wed 2015-10-07 02:45:23 EDT; 38s ago
  Process: 1418 ExecStart=/usr/bin/docker-storage-setup (code=exited, status=5)
 Main PID: 1418 (code=exited, status=5)

Oct 07 02:45:23 dhcp201-188.englab.pnq.redhat.com systemd[1]: Starting Docker Storage Setup...
Oct 07 02:45:23 dhcp201-188.englab.pnq.redhat.com docker-storage-setup[1418]: Rounding up size to full physical extent 264.00 MiB
Oct 07 02:45:23 dhcp201-188.englab.pnq.redhat.com docker-storage-setup[1418]: Volume group "fedora_dhcp201-188" has insufficient free space (1 extents): 66 required.
Oct 07 02:45:23 dhcp201-188.englab.pnq.redhat.com systemd[1]: docker-storage-setup.service: main process exited, code=exited, status=5/
Oct 07 02:45:23 dhcp201-188.englab.pnq.redhat.com systemd[1]: Failed to start Docker Storage Setup.

You can check available PE for any physical volume using 'pvdisplay'.

[root@dhcp201-188 ~]$ pvdisplay  -m
  --- Physical volume ---
  PV Name               /dev/sda2
  VG Name               fedora_dhcp201-188
  PV Size               257.76 GiB / not usable 3.00 MiB
  Allocatable           yes
  PE Size               4.00 MiB
  Total PE              65985
  Free PE               1
  Allocated PE          65984

  PV UUID               kQX8gz-ePZe-njYM-b3mQ-owBh-ZZCT-7MBka6
  --- Physical Segments ---
  Physical extent 0 to 51199:
    Logical volume      /dev/fedora_dhcp201-188/root
    Logical extents     0 to 51199
  Physical extent 51200 to 63999:
    Logical volume      /dev/fedora_dhcp201-188/home
    Logical extents     0 to 12799
  Physical extent 64000 to 65983:
    Logical volume      /dev/fedora_dhcp201-188/swap
    Logical extents     0 to 1983
  Physical extent 65984 to 65984:

So I didn't have any free/unallocated space before and we can't create any if we have single hard drive which have boot mounted. I tried using Gparted live to resize my root mounted space but that didn't work out and I ended up reinstalling OS. This time I was much careful and around 200 GB saved for docker-storage-setup which is unallocated till now.

After first boot to your system 'fdisk' will not list your unallocated/free space so I have to use 'parted' to find out details about partitions and  free space.

(parted) print free
Model: ATA WDC WD5000AAKX-6 (scsi)
Disk /dev/sda: 500GB
Sector size (logical/physical): 512B/512B
Partition Table: msdos
Disk Flags:

Number  Start   End     Size    Type     File system  Flags
        32.3kB  1049kB  1016kB           Free Space
 1      1049kB  525MB   524MB   primary  ext4         boot
 2      525MB   277GB   277GB   primary               lvm
        277GB   500GB   223GB            Free Space

Now I have to create a partition using free space so I can create a new volume group to use it with docker-storage-setup.

(parted) mkpart primary ext4 283649 386049
(parted) toggle 3 lvm                                                           
(parted) print                                              
Model: ATA WDC WD5000AAKX-6 (scsi)
Disk /dev/sda: 500GB
Sector size (logical/physical): 512B/512B
Partition Table: msdos
Disk Flags:

Number  Start   End    Size   Type     File system  Flags
 1      1049kB  525MB  524MB  primary  ext4         boot
 2      525MB   277GB  277GB  primary               lvm
 3      284GB   386GB  102GB  primary  ext4         lvm, lba

We can now check with 'fdisk' utility about newly created partition detail also.

 [root@dhcp201-188 ~]$ fdisk  -l
Disk /dev/sda: 465.8 GiB, 500107862016 bytes, 976773168 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0x9f119e31

Device     Boot     Start       End   Sectors   Size Id Type
/dev/sda1  *         2048   1026047   1024000   500M 83 Linux
/dev/sda2         1026048 541581311 540555264 257.8G 8e Linux LVM
/dev/sda3       554002432 754001919 199999488  95.4G 8e Linux LVM

Now if you again check about physical volume and volume group you will find that we still don't have any volume group for '/dev/sda3'.

[root@dhcp201-188 ~]$ pvdisplay -m
  --- Physical volume ---
  PV Name               /dev/sda2
  VG Name               fedora_dhcp201-188
  PV Size               257.76 GiB / not usable 3.00 MiB
  Allocatable           yes
  PE Size               4.00 MiB
  Total PE              65985
  Free PE               1
  Allocated PE          65984
  PV UUID               kQX8gz-ePZe-njYM-b3mQ-owBh-ZZCT-7MBka6
  --- Physical Segments ---
  Physical extent 0 to 51199:
    Logical volume      /dev/fedora_dhcp201-188/root
    Logical extents     0 to 51199
  Physical extent 51200 to 63999:
    Logical volume      /dev/fedora_dhcp201-188/home
    Logical extents     0 to 12799
  Physical extent 64000 to 65983:
    Logical volume      /dev/fedora_dhcp201-188/swap
    Logical extents     0 to 1983
  Physical extent 65984 to 65984:
  "/dev/sda3" is a new physical volume of "95.37 GiB"
  --- NEW Physical volume ---
  PV Name               /dev/sda3
  VG Name              
  PV Size               95.37 GiB
  Allocatable           NO
  PE Size               0  
  Total PE              0
  Free PE               0
  Allocated PE          0
  PV UUID               Ryhj4d-x1al-ZDPn-WTcw-DWlg-8q8f-yrsAHA

We have to create volume group so that it can be used with docker-storage-setup.

root@dhcp201-188 ~]$ vgcreate docker_vol /dev/sda3
 [root@dhcp201-188 ~]$ pvdisplay
  --- Physical volume ---
  PV Name               /dev/sda2
  VG Name               fedora_dhcp201-188
  PV Size               257.76 GiB / not usable 3.00 MiB
  Allocatable           yes
  PE Size               4.00 MiB
  Total PE              65985
  Free PE               1
  Allocated PE          65984
  PV UUID               kQX8gz-ePZe-njYM-b3mQ-owBh-ZZCT-7MBka6
  --- Physical volume ---
  PV Name               /dev/sda3
  VG Name               docker_vol
  PV Size               95.37 GiB / not usable 4.00 MiB
  Allocatable           yes
  PE Size               4.00 MiB
  Total PE              24413
  Free PE               14608
  Allocated PE          9805
  PV UUID               Ryhj4d-x1al-ZDPn-WTcw-DWlg-8q8f-yrsAHA

Now we have volume group which contain enough free PE for docker service uses, as per final step we have to put 'docker_vol' specification to '/etc/sysconfig/docker-storage-setup'

[root@dhcp201-188 ~]$ cat /etc/sysconfig/docker-storage-setup      
# Edit this file to override any configuration options specified in
# /usr/lib/docker-storage-setup/docker-storage-setup.
# For more details refer to "man docker-storage-setup"

Changing Docker Storage Configuration (source)

If you change the storage configuration of Docker, you must also remember to remove the /var/lib/docker directory. This directory contains the metadata for old images, containers and volumes which are not valid for the new configuration. Examples of instances in which you might change the storage configuration include when you switch from using loop devices to LVM thin pool or if you switch from one thin pool to another. In the later case, you should also remove the old thin pool. 

# systemctl stop docker
# Remove old thin pool logical volume (lvremove docker/docker-pool)
# rm -rf /var/lib/docker/
# systemctl start docker

Now you can check docker-storage-setup service and it no longer in failed state.

 [root@dhcp201-188 ~]$ systemctl start docker-storage-setup.service
[root@dhcp201-188 ~]$ systemctl status docker-storage-setup.service -l
● docker-storage-setup.service - Docker Storage Setup
   Loaded: loaded (/usr/lib/systemd/system/docker-storage-setup.service; disabled; vendor preset: disabled)
   Active: inactive (dead) since Wed 2015-10-07 05:53:47 EDT; 1s ago
  Process: 27084 ExecStart=/usr/bin/docker-storage-setup (code=exited, status=0/SUCCESS)
 Main PID: 27084 (code=exited, status=0/SUCCESS)

Oct 07 05:53:46 dhcp201-188.englab.pnq.redhat.com systemd[1]: Starting Docker Storage Setup...
Oct 07 05:53:47 dhcp201-188.englab.pnq.redhat.com docker-storage-setup[27084]: Logical volume "docker-pool" changed.
Oct 07 05:53:47 dhcp201-188.englab.pnq.redhat.com systemd[1]: Started Docker Storage Setup.

Hope it will be helpful, happy hacking !!
How Fedora is translated into over 90 different languages

If you’ve ever wondered how Fedora is translated into your preferred language? The answer is the Fedora L10N team. Translation is done across over 100 individual projects in over 90 languages. Developers of each project upload new strings to the L10n translation platform and teams of translators work together translate and review as many strings as possible before each new Fedora release.

Ever wanted to get involved in the Fedora project but wasn’t sure how?

Joining the L10n team may be for you. If you would like to get involved, the team have put together a guide to get you started.

A New Translation Platform

Until recently, Fedora L10n had been benefiting from a localization platform, Transifex. But after Transifex announced it would be moving to a propriety code base, major concern arose. A core value of Fedora is Freedom, moving to an alternative FLOSS translation platform was supported by the L10n team. A few alternative were available, but the Zanata team quickly provided instances for the team to test. After a month of testing, the team voted in favour of switching to Zanata. This decision was brought to FESCO and also gained the Fedora developers agreement.


Moving to a new platform did mean some L10n members were lost, but this was expected and many were considered to be inactive before the move anyway. Over 390 members are now working on Zanata, many of which have quickly adapted.


It’s been over 6 months since the migration to Zanata and if you have been involved in any part of the process, we’d love your feedback. To assist with this, we have put together a quick survey.

We plan to post the anonymized results to the Zanata blog, Fedora L10n mailing list, and in the comments of this post.

We hope to use the results to better understand the Fedora community’s translation needs and goals, and ensure Zanata is the best tool to fulfil them.

We’d love your feedback.

October 06, 2015

All systems go
New status good: Everything seems to be working. for services: Fedora Wiki, Fedora People, Zodbot IRC bot, The Koji Buildsystem, Darkserver, Tagger, Package Database, Fedora pastebin service, Blockerbugs, Badges, FedoraHosted.org Services, Mirror Manager, Koschei Continuous Integration, Ipsilon, Mirror List, Package maintainers git repositories, Account System, Fedora websites, Documentation website, COPR Build System, Package Updates Manager, Ask Fedora, Fedora Packages App, FreeMedia, Fedora Messaging Bus, Fedora elections, Mailing Lists, Fedora Calendar

shakes fist

Okay, they did think of it 2 years before me -- though I can't imagine how it's not prior-art'ed.

I'll be repeating my "Giant Bags of Mostly Water" Linux Security Summit talk at the Korea Linux...
I'll be repeating my "Giant Bags of Mostly Water" Linux Security Summit talk at the Korea Linux Forum coming up in 3 weeks. Come hang out if you're attending (it's right before this year's Kernel Summit).
There are scheduled downtimes in progress
New status scheduled: scheduled outage for services: Fedora Wiki, Fedora People, Zodbot IRC bot, The Koji Buildsystem, Darkserver, Tagger, Package Database, Fedora pastebin service, Blockerbugs, Badges, FedoraHosted.org Services, Mirror Manager, Koschei Continuous Integration, Ipsilon, Mirror List, Package maintainers git repositories, Account System, Fedora websites, Documentation website, COPR Build System, Package Updates Manager, Ask Fedora, Fedora Packages App, FreeMedia, Fedora Messaging Bus, Fedora elections, Mailing Lists, Fedora Calendar
There are scheduled downtimes in progress
New status scheduled: Everything seems to be working. for services: Fedora Wiki, Fedora People, Zodbot IRC bot, The Koji Buildsystem, Darkserver, Tagger, Package Database, Fedora pastebin service, Blockerbugs, Badges, FedoraHosted.org Services, Mirror Manager, Koschei Continuous Integration, Ipsilon, Mirror List, Package maintainers git repositories, Account System, Fedora websites, Documentation website, COPR Build System, Package Updates Manager, Ask Fedora, Fedora Packages App, FreeMedia, Fedora Messaging Bus, Fedora elections, Mailing Lists, Fedora Calendar
Run a Minecraft server using Spigot

Minecraft is one of the most popular video games in the world today, with over 70 million purchased accounts. After playing single-player for a while, the next step most players look into is multiplayer. There are thousands of servers for Minecraft players to join, and starting your own server isn’t too difficult either. The most popular Minecraft server software is called Spigot.

Spigot is an open-source Java project that lets users run their own Minecraft server and add plugins to extend the possibilities of their server. There are over 100,000 Spigot servers in existence today. This makes Spigot one of the most stable and diverse Minecraft servers available.

Compiling Spigot

To use Spigot, you must use their BuildTools utility to build and compile Spigot from source code. In order to use BuildTools, you’ll need to install Java and git. To do this, open a terminal and run this command:

sudo dnf install java-1.8.0-openjdk git

After the command finishes, you can prepare to compile Spigot. First download the latest version of BuildTools from the Spigot Jenkins and place it into a new directory. Next, open up a terminal and change directories into the directory you placed BuildTools in. To compile Spigot, run the following commands:

git config --global --unset core.autocrlf
java -jar BuildTools.jar

The first command is important, because it ensures line endings are consistent so BuildTools works correctly.

After BuildTools finishes running, a few different JAR files now appear in the directory. These include something like craftbukkit-1.x.x.jar and spigot-1.x.x.jar, where x.x represents the current version of Minecraft. CraftBukkit is the original Minecraft server implementation, but is no longer officially maintained. (The Spigot team releases updates for CraftBukkit.) Spigot is a fork of CraftBukkit with a few performance enhancements under the hood. Therefore, you’ll want to use the Spigot JAR file.

Starting Your Server

Once you have the spigot-1.x.x.jar file ready, it’s time to move onto finally running your server! There are a variety of methods to do this. We’re going to use window manager software called tmux to allow you to run your server without needing to keep a terminal window open.

First, install tmux from the Fedora repositories. Run the following command in a terminal window:

sudo dnf install tmux

There are countless ways to use tmux and do all kinds of awesome things. For relevancy, this guide only covers basic usage. You can learn more about using tmux using this cheatsheet. For our purposes, we’ll create a tmux session, write a basic start-up script, and then run our Spigot server inside of the tmux session. Before we get rolling, you will want to write your start-up script. This can be a one-line file, and should be named something like start-spigot.sh. Its contents should look something like this:

java -Xms1024M -Xmx1024M -jar spigot.jar

After writing this script, place it in the same directory with your Spigot JAR file. Now let’s move onto setting up tmux and running your server. Run the following commands to set up your session:

tmux new -s minecraft
cd /path/to/spigot.jar
chmod +x start.sh

Your Spigot server now starts running and provides more instructions on your screen for setting up your server.

Basic Configuration

There are a few basic configuration tips and guides available for how to best configure your Spigot server to meet your needs. A full configuration guide can be found on the Spigot Wiki. In this article, we will cover some of the basic and most important configuration tips. There are two configuration files we will need to work with: server.properties and spigot.yml.


There a wide number of settings in this file, but we will only cover some of the essential parts:

  • server-ip
    • Default: <empty>
    • When blank, this assumes the localhost. If your machine does not have multiple IP addresses, leaving this blank is acceptable.
  • server-port
    • Default: 25565
    • Specify the TCP port that you want your Spigot server to listen on.
  • enable-query
    • Default: false
    • Set this to true to allow external services to ping your server for information, such as a listing website showing online players and active plugins.
  • query.port
    • Must be manually entered
    • You should set this UDP port to a different number than your server TCP port to prevent anyone on the Internet from easily finding out information about your server, if you do not wish to share it.
  • max-players
    • Default: 10
    • Specify the maximum number of players that can play on your server at the same time.
  • motd
    • Default: A Minecraft Server
    • Change this line to a server name for your Minecraft server that appears on the Multiplayer menu. You can have up to two lines on the menu; to split your MOTD, use the \n escape character.


The spigot.yml file contains default configuration specific to the Spigot server. There are several options that can be changed here. If performance is a concern, you can tweak settings to maximize performance on even the oldest system. A full Spigot configuration guide can be found on their wiki. However, like before, we’ll cover some basic configuration options here.

  • settings > restart-on-crash
    • If your server should ever crash, you can have it automatically restart by calling the start script you created earlier. This is especially useful if you want to run your server long-term. Just ensure your start script is specified in the following line for this setting.
  • world-settings > anti-xray
    • There are plenty of hacks and cheats in Minecraft. One of the most popular is the x-ray hack. This cheat allows players to see through “useless” blocks and immediately find more valuable blocks behind them, such as diamonds and gold. Spigot has its own anti-xray protection built-in to try to counter this.
    • There are two different engine modes: 1 and 2. Mode 1 is a lighter protection that isn’t as effective, but conserves resources. Engine Mode 2 requires more computing power but attempts to obfuscate all non-visible blocks on the fly to block x-ray hacks. Try playing around with the settings to find what works best for you!
  • world-settings > dragon-death-sound-radius
    • This is just one example of the tweaks available in Spigot. You can adjust the range of the dragon death sound for all players on your server. By default, anyone online can hear the sound if a player slays the dragon. This setting allows you to set a radius to limit the range of the death noise.
  • world-settings > arrow-despawn-rate
    • This setting is more of a performance-oriented tweak. If you lower the default rate for arrows to despawn, you can reduce the load on your server to render these items. If players on your server are always shooting bow-and-arrows at each other, this can be a very useful tweak to gain performance.


In addition to the default configuration options, Spigot comes with a rich API that Java developers can use to write their own plugins and modifications for Spigot. If you want to find more plugins, Spigot hosts a wide number of user-submitted plugins on their Resource Manager. Searching for plugins that interest you is a great way to expand the potential of your server, and to make it more interesting for your players. Try playing around with a few different plugins to find what works best for you and your players.

In no time, you’ll be up and running your Spigot server for the world to play on!

Fedora kernel exploded tree part deux: Snakes and assumptions
A while back I wrote about some efforts to move to using an exploded source tree for the Fedora kernel. As that post details, it wasn't the greatest experience. However, I still think an exploded tree has good utility and I didn't want to give up on the idea of it existing. So after scraping our "switch" I decided to (slowly) work on a tool that would create such a tree automatically. In the spirit of release-early and pray nobody dies from reading your terrible code, we now have fedkernel. The readme file in the repo contains a high level overview of how the tool works, so I won't duplicate that here. Instead I thought I would talk about some of the process changes and decisions we made to make this possible.

Git all the things

One of the positive fallouts of the previous efforts was that all of the patches we carried in Fedora were nicely formatted with changelogs and authorship information. Being literally the output of git-format-patch instantly improved the patch quality. When it came time to figure out how to generate the patches from pkg-git to apply to the exploded tree, I really wanted to keep that quality. So I thought about how to accomplish this and then I realized there was no need to reinvent the wheel. The git-am and git-format-patch tools existed and were exactly what I wanted.

After discussing things with the rest of the team, we switched to using git-am to apply patches in the Fedora kernel spec. The mechanics of this are pretty simple: the spec unpacks the tarball (plus any -rcX patches) and uses this as the "base" commit. Stable update patches are applied as a separate commit on top of the base if it is a stable kernel. Then it walks through every patch and applies it with git-am. This essentially enforces our patch format guidelines for us. It does have the somewhat negative side effect of slowing down the %prep section quite a bit, but in practice it hasn't been slow enough to be a pain. (Doing a git add and git commit on the full kernel sources isn't exactly speedy, even on an SSD.)

So after %prep is done, the user is left with a git tree in the working directory that has all the Fedora patches as separate commits. "But wait, isn't the job done then?", you might ask. Well, no. We could call it good enough, but that isn't really what I or other users of an exploded tree were after. I wanted a tree with the full upstream commit history plus our patches. What this produces is just a blob, plus our patches. Not quite there yet but getting closer.


This is where fedkernel comes in. I needed tooling that could take the patches from this franken-tree and apply them to a real exploded git tree. My previous scripts were written in bash, and I could have done this in bash again but I wanted to make it automated and I wanted it to talk to the Fedora infrastructure. This means it was time to learn python again. Fortunately, the upstream python community has great documentation and there are modules for pretty much anything I needed. This makes my "bash keyboard in interactive python session" approach to the language pretty manageable and I was able to make decent progress.

To get the patches out of the prepped sources, I needed to know mainly one thing. What was the actual upstream base for this build? That is easy enough to figure out if you can parse certain macros in kernel.spec. The one part that proved to be somewhat difficult was for git snapshot kernels. We name these -gitY kernels, where X increases until the next -rcX release. E.g. kernel-4.3.0-0.rc3.git1.1, kernel-4.3.0-0.rc3.git2.1, etc. That's great for RPMs, but the only place we actually documented what upstream commit we generated the snapshot from was in an RPM %changelog comment.

Parsing it out of there is possible, but it's a bit cumbersome and it is somewhat error prone. The sha1sum is always recorded, but it isn't guaranteed to be the newest changelog. Other patches and changelogs can be added before the kernel is actually built. Fortunately, we use a script to generate these snapshots. To make it trivial to figure out the sha1sum, I modified the script to record the full commit has to a file called gitrev in pkg-git. Now fedkernel can easily read that file and use it as the base upstream revision to apply patches on top of. Yay for cheating and/or being lazy.

The rest of the code deals with prepping the tree, using the git python module to do manipulations and generate patches, and applying them to the other tree. Python actually made much of this very easy to do and again I'm really glad I used that instead of bash.


So now that we modified a few things in pkg-git to make this easier, the assumptions basically fall out to be:

- Patches in the prepped source can be retrieved via 'git format-patch'
- The upstream base revision is determinable from kernel.spec and the gitrev file.

Pretty simple, right? Yes. Except the code isn't complete by any means and it requires a bit more manual setup. Like having existing pkg-git and linux.git trees that it can modify which contain all the branches and proper remotes set up already. That isn't really a huge issue, but it does mean when f24 is branched and rawhide becomes f25, we'll need to do some updates. Perhaps before then we'll have fixed the code (or some nice person will submit a pull request that does so.)

I've been using the tool to generate exploded trees for the past week or so. It seems to be working well, and I've published them at https://git.kernel.org/cgit/linux/kernel/git/jwboyer/fedora.git/ once again. There is a history gap there as the tree fell into disrepair for a while, but it should be kept current going forward.

Even if the code is terrible and hacky, writing it was a good learning experience. I hope to keep refining it and improving things in the TODO over time. If you want to pitch in, patches are always welcome. You can email them to me, submit a pagure.io pull request, or mail the Fedora kernel list as usual.
logger v2.28
logger is small util to send log messages from command line. It supports (relatively) a new systemd journal as well as classic syslog. The syslog is still de-facto standard for enterprise admins and the latest logger version add support for RFC5424. This RFC introduces "structured-data" and since v2.28 logger is going to support this feature too.

The structured data is parse-able part of the message in format:

[SD-ID[@digits] SD-PARAM="value" SD-PARAM="value" ...]
for exmaple:

<13>1 2015-10-01T14:07:59.168662+02:00 ws kzak - - [timeQuality tzKnown="1" isSynced="1" syncAccuracy="218616"] message
is complete message. The message structured data contains one element with ID "timeQuality". This is standardized element, the custom user defined elements have to use "@digits" suffix in the ID name. It's possible to have arbitrary number of the structured data elements.

And now this functionality is completely exported to logger command line to provide control over the elements, v2.28 is going to introduce two new options, --sd-id to specify structured data element ID and --sd-param to specify one SD-PARAM=value pair, for example:

logger --rfc5424 --sd-id zoo@123 \
--sd-param tiger=\"hungry\" \
--sd-param zebra=\"running\" \
--sd-id manager@123 \
--sd-param onMeeting=\"yes\" \
"this is message"

<13>1 2015-10-01T14:07:59.168662+02:00 ws kzak - - [timeQuality tzKnown="1" isSynced="1" syncAccuracy="218616"][zoo@123 tiger="hungry" zebra="running"][manager@123 onMeeting="yes"] this is message
message with three SD elements: timeQuality build-in element, zoo@123 and manager@123 user defined elements.

Now all you need is smart server side or log indexing tool that understand RFC5424 (e.g. rsyslog).

Sharing in open source and swag

This week I feel like I should share not only what I’ve done, but a lot of things my fellow contributors made, and then go on to a summary of interviews I’ve had with Fedora ambassadors and event organizers.

Fedora way

And to start here is a very nice article about what it means to do things the open source way and what is open source. Some of the best quotes for me:

Users who aren’t programmers also benefit from open source software, because they can use this software for any purpose they wish—not merely the way someone else thinks they should.

Doesn’t “open source” just mean something is free of charge?
No. This is a common misconception about what “open source” implies. Programmers can charge money for the open source software they create or to which they contribute.

This is something that most people don’t realize when they hear words “open source”. And I feel it is important to understand that open source doesn’t include just programming, though it originated in the context of computer software development. But is also about the way of life and what is called the open source way. Which means that to contribute to open source projects you do not have to code! (You might if you want to ;) ). Just remember that it is important to share and sharing is caring.

Specifically for designers: you might consider using the open source programs. It presents an opportunity to be free from proprietary Adobe software, as there exist Inkscape and Gimp, which are frankly pretty amazing. Also Krita for more artistic types ;). I mostly use Inkscape for my work, as it allows you to create vector graphics – logos, icons, posters, etc – and design for web, too! If you want to get started with Inkscape I highly recommend this set of tutorials. When I just started contributing to Fedora, I was a little concerned that these tools might not be enough, but I was totally wrong. Mo is a big open source enthusiast, you might want to read her posts on the tools available.


In the past months I’ve also found some great sources to help me in my work:

  • amazing collections of free images here;
  • cool vector clipart here and contributed a couple images there;
  • great font collection here.

It really makes me sad that not so many designers consider contributing to open source projects, and often said projects end up looking not so great; so I want to share my view on the matter and possibly attract new members the community. I’ve been a design intern at Red Hat for 3 months now, and it’s quite surprising to see how many people have approached me with various design problems. Wish I had time to help all of them!

Going on to the 2nd part of my post, I’m going to give a summary of how my work goals are going.

First of all, I did interviews with some Fedora ambassadors and event organizers to help me determine, which Fedora swag items are the most popular and / or useful. Mostly they didn’t tell me anything special. Tom, Ruth and Josh all said the same thing: the most popular items are

  • t-shirts
  • stickers (specifically, the metallic “powered by fedora” sticker)
  • USB flash-drives.

Siddhesh Poyarekar gave me more info, providing a really detailed list of everything they have produced, also saying that DVDs, buttons and stickers tend to be the most popular. And he gave me some really nice ideas, saying that umbrellas, socks and key-chains were a hit in the context of specific conferences.

Last, but not at all least, Jiří Eischmann gave me a whole presentation. He is a Fedora ambassador for the Czech Republic and is conveniently working right next to me =) With him we focused not only on what is produced, but also on what should be produced and how to advertise Fedora to potential new users. For that specific reason we consider using flyers, stickers, cheat cubes and a special book called “Starting with Fedora”, which is currently in production, I believe.

To sum up here’s a link to a table with links to different Fedora swag files. I wish to organize those into a wiki page or some other place easily accessible by everybody, and give more detailed descriptions. Sparkleshare is a way to go, but it doesn’t allow for labeling files. So maybe Pagure or GutHub would be the best tools…

Nightly development builds using xdg-app

When reporting a bug in some software it is often common that the developer asks you to check if the bug is fixed in the latest development version. This makes a lot of sense from the perspective of a developer that gets a lot of bug reports. However, unless you are very experienced with building software this is prohibitively hard.

This is an area where xdg-app shines, because it allows you to create binary builds of desktop applications that work on any distribution. In order to demonstrate this I set up an automated build system that builds Gimp and Inkscape from the development branch every day and produces a new binary that you can easily install and run:

<figure class="wp-caption aligncenter" id="attachment_488" style="width: 1024px;">screenshot of app icons<figcaption class="wp-caption-text">Launching the apps</figcaption></figure>

To make it easy to use I also created packages of xdg-app for some common distributions.

For more information about how to use these builds, see the nightly builds page.

Going my own way
Reaction to Sarah's post about leaving the kernel community was a mixture of terrible and touching, but it's still one of those things that almost certainly won't end up making any kind of significant difference. Linus has made it pretty clear that he's fine with the way he behaves, and nobody's going to depose him. That's unfortunate, because earlier today I was sitting in a presentation at Linuxcon and remembering how much I love the technical side of kernel development. "Remembering" is a deliberate choice of word - it's been increasingly difficult to remember that, because instead I remember having to deal with interminable arguments over the naming of an interface because Linus has an undying hatred of BSD securelevel, or having my name forever associated with the deepthroating of Microsoft because Linus couldn't be bothered asking questions about the reasoning behind a design before trashing it.

In the end it's a mixture of just being tired of dealing with the crap associated with Linux development and realising that by continuing to put up with it I'm tacitly encouraging its continuation, but I can't be bothered any more. And, thanks to the magic of free software, it turns out that I can avoid putting up with the bullshit in the kernel community and get to work on the things I'm interested in doing. So here's a kernel tree with patches that implement a BSD-style securelevel interface. Over time it'll pick up some of the power management code I'm still working on, and we'll see where it goes from there. But, until there's a significant shift in community norms on LKML, I'll only be there when I'm being paid to be there. And that's improved my mood immeasurably.

(Edited to add a context link for the "deepthroating of Microsoft" reference)

comment count unavailable comments
DNF 1.1.2 and DNF-PLUGINS-CORE 0.1.12 Released

The new release of DNF and DNF-PLUGINS-CORE is coming to Fedora stable repositories. The `–downloadonly` option supported in yum is now available in DNF and repoquery from DNF-PLUGINS-CORE has extended it’s functionality of reverse RPM tag queries (`–what*`) for glob patterns. Aside from that nearly 20 bug fixes have been made in this DNF stack release. For further details look at DNF and DNF plugins release notes.

OpenSUSE images are now supplied in the default virt-builder install

Since virt-builder 1.31.10, Cédric Bosdonnat has added a repository of OpenSUSE images.

Here’s how to install OpenSUSE Leap in about 4 minutes:

$ virt-builder -l
opensuse-13.1            x86_64     openSUSE 13.1
opensuse-13.2            x86_64     openSUSE 13.2
opensuse-42.1            x86_64     openSUSE Leap 42.1
opensuse-tumbleweed      x86_64     openSUSE Tumbleweed

$ virt-builder opensuse-42.1
[   1.2] Downloading: http://download.opensuse.org/repositories/Virtualization:/virt-builder-images/images/openSUSE-Leap-42.1.x86_64-0.0.1-Build1.6.qcow2.xz
######################################################################## 100.0%
[ 133.1] Planning how to build this image
[ 133.1] Uncompressing
[ 142.5] Converting qcow2 to raw
[ 146.4] Opening the new disk
[ 177.3] Setting a random seed
[ 177.3] Setting passwords
virt-builder: Setting random password of root to ***
[ 178.1] Finishing off
                   Output file: opensuse-42.1.img
                   Output size: 6.0G
                 Output format: raw
            Total usable space: 5.8G
                    Free space: 5.0G (85%)

$ virt-install --import --name opensuse \
    --ram 4096 \
    --disk opensuse-42.1.img,format=raw \
    --os-variant opensuse13.1

All systems go
Service 'Ask Fedora' now has status: good: Everything seems to be working.
Minor service disruption
Service 'Ask Fedora' now has status: minor: Askbot getting back