Dear Lazyweb,

is there a simple way to block some users who login with SSH to read /proc/<pid>/cmdline of processes they don't own? Or better yet: don't see these pids at all?

I know that there are PID namespaces, but they seem to require a special PID 1. Seems hard to get for a simple SSH login. (I wouldn't mind changing a user's shell. But brittle shell startup scripts wouldn't cut it.) systemd-nspawn wants to boot a full Linux distribution in a container and even then I'd be unsure how to wire it up so that it cannot be skipped. I wouldn't mind a read-only bind mount of the outermost Linux installation into a chroot environment, as long as the parent SSH process can get the user jailed into it securely. (No need for someone to be root in the chroot.)

I know that there are RBAC frameworks, but they're cumbersome to use. I don't need file labelling or path-based access control, as I do trust the Linux file permissions for this. I think SMACK wouldn't help here, AppArmor isn't really useable in Debian testing and TOMOYO is a tad crazy to use with its domain transitions through process invocations.

I bet that grsecurity would have something for me up its sleeve. But it's not in a Debian kernel. Even though I know how to compile my own kernel I'd only do that if everything else fails.

Thanks in advance for your help.

The awesome Jason Gerard DeRose interviewed Mark Shuttleworth at the Ubuntu Developer Summit (Quantal Quetzal edition) in Oakland California on Friday.

Our mascot Quincy (the most famous Quetzal) invites you to click the video below and watch Mark talk about software instrumentation, developer ultrabooks, high density ARM servers, and his favourite part of UDS-Q.

Thanks for putting this together, Jason. And extra points for not even flinching a bit when Quincy dropped in. ;)

--

Reminder: UDS-Q has ended and now I am free to fly! Chirp!

Introduction

The NIH Utility Library (libnih) is a small, efficient and most importantly safe library of general purpose routines. It was written by Keybuk so you can be assured that it is extremely elegant, well-designed, well-tested (includes 2863 tests currently!) and well-written. NIH is used by Upstart, the event-based init daemon which is used by:

• Ubuntu Desktop
• Ubuntu Server
• Ubuntu Cloud
• RedHats RHEL 6
• Chromium OS (and Chrome OS)

That's a lot of deployments of Upstart and NIH around the world!! (And we're not even including mobile device operating systems in that list).

But why not just use glib I hear you ask? Well, glib is a very large library whereas NIH is small and designed for low-level daemons and systems which may be resource-constrained. Also, lets not forget that NIH, like Upstart, comes with a very comprehensive test suite so bugs are rare.

Other reasons to use NIH:

• It handles garbage collection for you
  
  That's right, you don't need to free memory manually.
  
  
• It uses an Object-Oriented-like Design... in C!
  
  This is extremely powerful and elegant. It's also quite easy to use once you understand the way the API works.

Let's start with some basics...

Garbage Collection

/* WARNING! Contains bugs! */
int
main (int argc, char *argv[])
{
    nih_local char *string;

    if (argc > 1) {
        string = nih_strdup (NULL, "hello, world");
        nih_message ("string is set to '%s'", string);
    }
}

This code nominally is trying to display a message if the user runs this application with one or more command-line arguments specified. However, there are a couple of problems with it:

• No check is performed on the memory allocated by nih_strdup().
• If no command-line argument is specified, chances are this program will crash.

The first issue is easy to spot and easy to remedy, but what about this crash? Well, nih_local variables are garbage collected automatically when they go out of scope. The string variable will therefore be garbage collected when it goes out of scope, which is when main() exits. However, since string was never initialized, it will be pointing to a random location in memory such that when the program exits, the runtime will attempt to free that random memory address. That will probably result in a SIGSEGV caused by dereferencing an illegal pointer value. The fix is easy and you should chant this mantra whenever you use nih_local variables:


Here's a corrected version:

/* Correct version */
int
main (int argc, char *argv[])
{
    /* XXX: *ALWAYS* set nih_local variables to NULL */ 
    nih_local char *string = NULL;

    if ( argc > 1) {
        string = nih_strdup (NULL, "hello, world");
        if (string) 
            nih_message ("string is set to '%s'", string);
        else {
            nih_error ("failed to allocate space for string");
            exit (EXIT_FAILURE);
        }
    }
}

However, there is an even better way to code that check to ensure nih_strdup() succeeded:

/* Improved version */ 
int
main (int argc, char *argv[])
{
    /* XXX: *ALWAYS* set nih_local variables to NULL */ 
    nih_local char *string = NULL;

    if ( argc > 1) {
        string = NIH_MUST (nih_strdup (NULL, "hello, world"));
        nih_message ("string is set to '%s'", string);
    }
}

So now, if the user specifies a command-line option, the program will print "hello, world" and automatically free the variable string. If the user does not specify a command-line option, no garbage collection will be performed since the string variable will never be associated with allocated memory.

Note that the code is simpler and easier to understand as a result. Note too that we're now using NIH_MUST(). This is a macro which will call the block you pass to it ('nih_strdup (NULL, "hello, world")' in this case) repeatedly until it succeeds. You should exercise caution using NIH_MUST()though since if there is a high likelihood of the allocation never succeeding, the code will spin forever at this point. There is similar call "NIH_SHOULD()" that will call the block passed to it repeatedly until either the result is TRUE, or an error other than ENOMEM is raised.

Parent-Pointer

Let's take a closer look at that call to nih_strdup. The system version of strdup takes a single argument (the string to copy), so why does nih_strdup take two arguments?

nih_strdup (NULL, "hello, world");

Well that first NULL parameter is the parent pointer. Most NIH functions take a parent pointer as their first argument. Lets see these pointers in action before explaining the detail...

#include <nih/macros.h>
#include <nih/logging.h>
#include <nih/string.h>
#include <nih/alloc.h>

int
main(int argc, char *argv[])
{
    typedef struct foo {
        char *str1;
        char *str2;
    } Foo;

    nih_local Foo *foo = NIH_MUST (nih_new (NULL, Foo));

    foo->str1 = NIH_MUST (nih_strdup (foo, "first string"));
    foo->str2 = NIH_MUST (nih_strdup (foo, "second string"));

    nih_message ("foo->str1='%s'", foo->str1); 
    nih_message ("foo->str2='%s'", foo->str2); 

    exit(EXIT_SUCCESS);
}

Here we see our first complete NIH program. There are a couple of important points to note:

• The call to nih_new() is like malloc()except it too takes a parent pointer. Since the foo object we're creating doesn't have a parent, we set the pointer to NULL.
• Note that there is no call to free the memory allocated by nih_new()because since we're using nih_local, the object and all its children will be freed automatically when the block (in this example the main() function) ends. This is incredibly powerful: we've made 3 memory allocations in the example (one call to nih_new() and two calls to nih_strdup()), and all that memory will be automatically garbage collected for us because NIH knows to free the foo object when it goes out of scope, but it also knows that the str1 and str2 elements also need to be freed (since we told nih_strdup() their parent is the foo object we previously created).

Lists

typedef struct nih_list {
    struct nih_list *prev, *next;  
} NihList;

Lists are designed to be contained within other objects like this:

typedef struct bar {
    NihList   entry;
    char     *str;
} Bar;

So you don't create a "list of Bar objects", you create a list of list objects which provide access to their containing types.

Note that the list element is the first in the Bar structure. This allows a list pointer to be dereferenced to its containing type trivially.

Let's look at an example of list usage by implementing echo(1):

#include <nih/macros.h>
#include <nih/logging.h>
#include <nih/string.h>
#include <nih/alloc.h>

typedef struct bar {
    NihList  entry;
    char    *str;
} Bar;

int
main(int argc, char *argv[])
{
    int i;
    NihList *args;

    args = NIH_MUST (nih_list_new (NULL));

    /* store all arguments in a list */
    for (i = 1; i < argc; ++i) {
        Bar *bar = NIH_MUST (nih_new (args, Bar));

        nih_list_init (&bar->entry);

        bar->str = NIH_MUST (nih_strdup (bar, argv[i]));

        nih_list_add (args, &bar->entry);
    }

    i = 1;

    /* display all arguments by iterating over list */
    NIH_LIST_FOREACH (args, iter) {
        Bar *bar = (Bar *)iter;

        nih_message ("argument %d='%s'", i, bar->str);

        ++i;
    }

    nih_free (args);

    return (0);
}

The new features introduced here are the calls to nih_list_init() to initialise a list, and nih_list_add(), which adds the second argument to the list specified by the first argument. Additionally, we have that rather funky NIH_LIST_FOREACH() macro which allows for easy (and fast!) list traversal. In this example we are not using nih_local so what happens when nih_free() is called? Well, all entries in the args list are freed, but before each is freed, the str string within each entry is freed. Then the list itself is freed. Neat huh?

To build our version of echo:

gcc -std=gnu99 -Wall -pedantic echo.c -o echo $(pkg-config --cflags --libs libnih)

Now let's run it:

$ ./echo a b c "hello world" "foo bar" wibble "the end"
argument 1='a'
argument 2='b'
argument 3='c'
argument 4='hello world'
argument 5='foo bar'
argument 6='wibble'
argument 7='the end'
$ 

We've really only scratched the surface of NIHs abilities in this post. Here are some of the other facilities it provides:

• hashes
• binary trees
• string arrays
• file watches
• I/O handling
• signal handling
• timers
• reference handling
• error/exception handling
• main loop handling
• command-line option and usage handling
• child process handling
• config file handling
• logging facilities
• test facilities

References

• The libnih project page on launchpad
  

I was reading the first book of The Losers, where in issue/chapter 2 Jensen is stealing some information from a hard drive in an insurance firm office:



and suddenly I notice...



bash, emacs, and bsd!
I have to admit a had a little nerdgasm.

By the way, I totally recommend this book. Consistently fun over the top action within an interesting caper story.

I’m home from UDS-Q in lovely Oakland, California! Okay, I actually got home about four days ago, but I’m slow with these things. As always, it was an interesting week with lots of interesting people. I’ll try to cram it into this post…

The Ubuntu Ecosystem (with a bonus secret session)

I attended a strange session on Monday, called The Ubuntu Ecosystem Part 1 (of 2). We don’t know who scheduled it, or why, or what we were meant to talk about, but it had an alluring title and the room was packed with people. Eventually, Jono stepped in to lead the session and it actually turned into a really nice chat about how Ubuntu is doing as a platform for developers outside the project itself. The session was removed from the schedule, but I think the session’s notes are interesting anyway. It was a good lead-in: app developers were a big topic for the whole week.

There was another session on Tuesday morning: App Developer external outreach. This one was quite interesting. Many different points of view emerged. When we talk about app developers, we tend to be preaching to the choir: we’re often grabbing people who already happen to be making, or interested in making, Linux desktop apps in general. I think Stuart Langridge said it best here: if there is a Linux desktop app that is incompatible with Ubuntu, it’s because they don’t like us. He also challenged the people in the room to name a single Linux app that doesn’t run on Ubuntu already. (I think Stuart is brilliant, by the way). I know there are a few, but what’s in the way is more packaging mumbo jumbo than the software itself, so there are really many branches to this. Getting things compatible, and getting things packaged and in Software Centre, are really two or three different discussions.

Another bit of strangeness is we really don’t seem to be sure what we mean by “app developer.” Do web apps count? Games? For this discussion, at least, “app developer” seemed to be anyone who makes software, but I wonder if we should be careful saying what kinds of “apps” we are interested in.

So, most of the session was brainstorming where we can go to talk to developers who haven’t thought about building for Ubuntu, and how to get them on our side. There is a lot of software (especially games) that is almost platform independent, and in some cases making that software run on Ubuntu is as simple as the developer choosing to support Ubuntu. There were some interesting ideas about writing articles for magazines and media sites, defining target audiences (demographics?), and making a solid business case for people who like those kinds of things.

At one of the app developer sessions, somebody mentioned it would be nice if there was an Ubuntu presence at places like game development conferences, and there wasn’t much interest. The big one is that Canonical doesn’t really have the resources for it. I wish there were. In terms of third party developers making and supporting stuff for Ubuntu, I think there is one place where we can say this is really going well at the moment: indie games. No, this doesn’t involve using Qt or GTK or lenses or any of our fancy notification APIs, or even packaging (most of the time). But there are thousands and thousands of people who have paid for, downloaded and played Linux versions of games from sources like the Humble Bundle, likely using Ubuntu, and many indie developers are seriously looking to build their games for Linux so they can reach that audience. That is a heck of an opportunity and I think it needs to be recognized, cherished and nurtured or it will go away as quickly as it came.

Making life easy for app developers

So, continuing along that trend, we also had a productive session called Upstream App Developer Documentation. This is something I have been really glad to see over at developer.ubuntu.com, and it was nice to learn we are on the same page here: great progress, but there is still work to be done!

One thing the site needs is content, so if you’re lovely and talented, think about submitting a tutorial for the Resources section. It would definitely be appreciated.

We talked about making it a little clearer that the site is dynamic, so people might be encouraged to approach it a little differently. We also discussed shiny ways to present API docs. The site has a good start there — particularly with its selection of a target Ubuntu version — but it is so far a little limited in scope and not as shiny as it could be. Alberto Ruiz is working on a neat Django documentation site called GDN, so ideally we can fit these things together.

Installer slideshows

I missed a chunk of Monday — including my own session — because I was trying to sleep off a headache. So, we did the ubiquity-slideshow session, Installer Slideshow checkup and planning, on Tuesday! There weren’t a lot of people there, but I think we had an interesting chat, and it continued nicely in the hallway session later on. It was nice to meet some people who work on installer slideshows for different Ubuntu flavours, and we arrived on a few things to work on for Ubuntu 12.10.

I’m going to make a real start allowing translators to localize screenshots. This is a tough problem because of the tight schedule close to release, so it won’t be finished for 12.10, but I want to have something. Actually creating translated screenshots is part of the puzzle, and that will be similar to what the documentation team does but with some little decorations. Chances are I will be writing about it in the future, and it will involve some magical scripts by Jeremy Bicha as well as some funny manual work to make things look pretty. That bit is kind of entertaining anyway.

The next puzzle is actually getting those localized screenshots to users. They can’t live on the install CD because there just is not enough space (and even if there was, we’d be adding a lot of files that don’t do anything). In the future they might live on a web service, but for 12.10 I’m looking at localized ISOs. There was a great session about that: Localized ISO community growth, Quantal plans. This is an amazing project where loco teams build their own Ubuntu install CDs (like the Italian CD), completely ready to go with a translation of their choice, with extra goodies like custom Firefox bookmarks and Rhythmbox radio stations. I will be playing with slideshow customization in the ISO builder so translated screenshots can be added to language-specific install CDs.

Updates, sound themes and stuff

On Monday morning, there was a session titled Sound Theme, which was mostly a quick update about Ubuntu’s new, upcoming sound theme. I think that project is in good hands. It wasn’t finished last cycle because it’s actually a pretty big piece of work: this isn’t just the startup sound. Having seen how much work is going into this, I really look forward to where it goes.

This cycle, I will be working a little bit with Michael Terry to implement the Software Updates specification. My goal is to get updates presented in a tree list where packages are collapsed beneath their respective applications. So, an update for Firefox will be presented with a single list item that says “Firefox Web Browser” along with a pretty icon, instead of a list of scary package names. This is going to be exciting! I’ll keep you posted, probably with the odd Twitter update.

As always, I have decided to actually use IRC. I do this every UDS. Hold me to it, okay? I actually set Empathy to connect to Freenode along with my other accounts this time, so it’s progress! (Yeah, I know, Empathy isn’t very good at IRC, but this way it will blend nicely with the background).

Oh, while I’m talking about random things, I’d just like to add a thanks for the t-shirts at this UDS! I love the design, and they’re super comfortable, too. So, whoever was in charge of that, you’re brilliant.

Fun!

 

And my favourite plenaries

Dave Walker’s MAAS demo gave me a powerful urge to buy eight computers and a lot of network cables just to play with that stuff, even though I have no use for it at all. It’s an impressive demo.

The lightning talks! I don’t know where or if a video is posted, but there was a fun lightning talk full of trivia about the infrastructure behind UDS. Metres of network cable, distance travelled by our heroic technicians, amount of data downloaded and uploaded, the wifi setup — that sort of thing. I hope it gets posted somewhere.

Ubuntu at Google with Thomas Bushnell. All about how Google is doing with Ubuntu deployed as a desktop operating system for thousands of employees. It’s always interesting to learn about Ubuntu desktops being used in big operations, especially when the resulting software can still be recognized as Ubuntu — which, in this case, it sounds like it is.

Electronic Arts with Richard Hillman, EA’s chief creative director. I think some people are disappointed that EA hasn’t gone and announced SimCity 5 for Ubuntu or something (okay, that would be pretty great), but I was perfectly happy to learn it’s a cautious, ongoing investigation instead of someone deciding to throw an expensive product at Ubuntu and hoping it sticks. This way, it could really work well in the long term — and there is room to sort out any problems along the way. After all, Ubuntu isn’t perfect yet. The Q&A after this talk is really informative, and it connects with the sessions we had about app developer outreach. It’s worth a watch!

Uh…

Thanks for the fantastic event, everyone! As usual I learned a lot, met some cool people, felt very humbled, and am writing way too much stuff in one blog post. As usual, I should have made daily posts like all the cool people do. Oh well. See you next year! Quantal Quetzal (that’s pronounced ketzal) will be glorious.

It’s always nice to know you can get help via all sorts of ways, especially via text browsers. This would have been amazingingly useful to me back when I only had one PC and I was still learning things, but it’s nice to know sites like this exist still for the real emergencies.

column80 is basically a text-browser (read Lynx) way to search and use Stack Exchanges. Which means, we have a nice text-friendly version of Ask Ubuntu:

Pair this up with pastebinit and maybe being stuck in a terminal on some godforsaken server in some abandoned building might not be so bad. :)

I suspect this might be useful for people who prefer to browse in a more 1980’s view as well. Enjoy!

With the release of MythTV 0.25 users now have the ability to opt-in and submit their hardware profile (see smolt). We've been reviewing that data and have decided to make our first change based on it. Today we are proud to announce that the default download link for the 12.04 ISO has been changed to 64-bit! Mythbuntu is the first of the official Ubuntu flavors to make the 64-bit ISO the default download. While this isn't a monumental change we believe it is an important one due to the data submitted by our users.

The submitted data shows that half (the difference is less than 20 people currently) are running the 64-bit version versus the 32-bit version. What is a more interesting statistic is that two-thirds of the users running the 32-bit version have 64-bit capable hardware. Combining that information with the users that are running 64-bit means there is 5 times more 64-bit than 32-bit hardware running MythTV 0.25.

What does this mean for new users? Clicking the download link on the download page will start downloading the 64-bit version of the ISO. For users that still need the 32-bit version of the ISO they can download it by expanding the "Advanced Options" link on the download page.

At the recent Ubuntu Developer Summit, I managed to convince a few people (after assurances that there would be no permanent damage) to plug a USB stick into their machines so we could watch Xorg crash and wedge their console. What was this evil thing, you ask? It was an AVR microprocessor connected to USB, acting as a USB HID Keyboard, with the product name set to “%n”.

Recently a Chrome OS developer discovered that renaming his Bluetooth Keyboard to “%n” would crash Xorg. The flaw was in the logging stack, triggering glibc to abort the process due to format string protections. At first glance, it looks like this isn’t a big deal since one would have to have already done a Bluetooth pairing with the keyboard, but it would be a problem for any input device, not just Bluetooth. I wanted to see this in action for a “normal” (USB) keyboard.

I borrowed a “Maximus” USB AVR from a friend, and then ultimately bought a Minimus. It will let you put anything you want on the USB bus.

I added a rule for it to udev:

SUBSYSTEM=="usb", ACTION=="add", ATTR{idVendor}=="03eb", ATTR{idProduct}=="*", GROUP="plugdev"

installed the AVR tools:

sudo apt-get install dfu-programmer gcc-avr avr-libc

and pulled down the excellent LUFA USB tree:

git clone git://github.com/abcminiuser/lufa-lib.git

After applying a patch to the LUFA USB keyboard demo, I had my handy USB-AVR-as-Keyboard stick ready to crash Xorg:

-       .VendorID               = 0x03EB,
-       .ProductID              = 0x2042,
+       .VendorID               = 0x045e,
+       .ProductID              = 0x000b,
...
-       .UnicodeString          = L"LUFA Keyboard Demo"
+       .UnicodeString          = L"Keyboard (%n%n%n%n)"

In fact, it was so successfully that after I got the code right and programmed it, Xorg immediately crashed on my development machine. :)

make dfu

After a reboot, I switched it back to programming mode by pressing and holding the “H” button, press/releasing the “R” button, and releasing “H”.

The fix to Xorg is winding its way through upstream, and should land in your distros soon. In the meantime, you can disable your external USB ports, as Marc Deslauriers demonstrated for me:

echo "0" > /sys/bus/usb/devices/usb1/authorized
echo "0" > /sys/bus/usb/devices/usb1/authorized_default

Be careful of shared internal/external ports, and having two buses on one port, etc.

© 2012, Kees Cook. This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 License.

We have uploaded a new Quantal linux kernel. The most notable changes are as follows:

* Updated overlayfs patch set
* Updated patch to prevent upgrading a non-PAE CPU

The full changelog can be seen at:

https://launchpad.net/ubuntu/+source/linux/3.4.0-2.6

UPDATE: Here’s the link to the actual interview on youtube – http://youtu.be/5WiZA-b_XNg (There’s also some useful reference links in the notes there)

Later tonight, around 8pm EST/5pmPST/0000UTC I’ll be interviewing Deepak Saxena, Tech Lead for the Kernel Team at Linaro and Vicky Janicki, Program Director for Member Services at Linaro about the training sessions which will be offered to attendees during the Q2.12 Linaro Connect event being held at the Gold Coast Hotel in Hong Kong from 28 May through 1 June, 2012.  This interview will be live and both streamed and recorded using Google + Hangouts on Air.

We’ll be discussing the following ‘Into Training’ sessions, which are currently scheduled to take place on Monday 28 June 2012. More about the schedule can be found on the Linaro Connect schedule page.

Upstreaming 101 -In this training session Deepak, will cover the basic “Whys” and “Hows” of upstreaming. In the “Why” section, will quickly go over the reasons that working with upstream is beneficial and in the “How” section will discuss both code design choices and also low level commands used to generate upstream ready patches.

Introduction to Git – Matt Waddel, FAE and Support Engineer at Linaro, will teach attendees about Git-the distributed version control system used by developers to manage the Linux kernel. Matt will walk attendees though the basics of using Git find it in this session.

Introduction to the ARM SoC tree – In this session, Arnd Bergmann, the ARM SoC tree maintainer, gives attendees and overview of the ARM SoC Tree.

Introduction to Device Tree – In this session, Thomas Abraham, of the Linaro Kernel Working Group, will provide an overview of creating Device Tree bindings for new and existing platforms and SoCs.

Introduction to PinMux/Pin Control – For this session, Linus Walleij, Kernel Engineer at Linaro, will discuss how to develop a driver and give an over view of the API.

So if you want to hear more about what attendees can look forward to during these sessions, which we will try to stream live via hangouts on air during the Connect event,  but which will be recorded and made available on the Connect Website after the event, then you can view the interview via my Google+ Page or my Youtube Channel starting tonight, Wednesday, May 16, 2012 at 8pm EST/5PM PST/0000 UTC.

As many of you know, Jono Bacon, along with other people, has been developing a system called Ubuntu Accomplishments, which is very cool, indeed. You earn trophies for doing different things in the community, or locally. The system even has its own daemon!

But, the problem is: We need accomplishments writers! Although writing one seems very complicated, it’s much easier than it seems. For me, it took less than 45 minutes, including a step-by-step class on how to use bzr to upload and propose for merging by Rafal Cieślak. Then, if you’re just writing it, it would be around 15-20 minutes. I started working on a “Gain an Ubuntu Member Cloak” accomplishment. Here’s what I did:

1. Write the script. When writing the script, if the accomplishment needs to be verified by checking if you’re a LP team member, you can just grab one of the scripts and modify it writing the correct team name (these are on the scripts folder, in the trunk branch). In my case, I used the motu.py script, and replaced motu bu ubuntu-irc-cloaks. Save your script with a name (name.py).
2. Write the accomplishment file. You should use one of the accomplishments that is already created, modifying it with the correct information again (these are in the accomplishments folder, in the trunk branch again). Just fill in the correct information, and you’ve done it. Remember that, as it’ll be our official accomplishments program, it should be a squeakly clean and great documentation. Save this file with the name name.accomplishment.
3. Write the test file. One more time, you can just grab this from the test files. In this you should specify two emails. The success email, is to give the tester a positive result, it means that it should be the email of an user that has already accomplished what needed, and so on with the fail email. You should save it with the name <name> (with no <>).
4. Once you’ve done that, you should upload it to a personal branch, and ask for review.

After all this process, my accomplishment got into the collection, check it out!

Remember that all your files should be named under the same name. As you can see, this is not so difficult. I hope many of you get into this fun and helpful process. You can check http://wiki.ubuntu.com/Accomplishments/Creating/Guidelines for the guidelines. If you need any further help, just go to #ubuntu-accomplishments in freenode. Thanks to all of you who have already contributed, and to all of those who will contribute to us!

 

Today at some time around 3am UTC, the one millionth (1,000,000th) bug was filed in Launchpad:

https://bugs.launchpad.net/edubuntu/+bug/1000000 (congrats Stéphane Graber!)

This is a huge milestone for everyone that uses and contributes to Launchpad and serves as a great witness to all the achievements, trials and challenges we’ve faced over the past 7 years. Today’s post is made up of contributions from some of the people who’ve worked with Launchpad and on developing Launchpad itself, right from the very start, up until fairly recently, like myself.

We’d love to hear your thoughts and experiences too, so please add a comment at the end if you have a story to share.

Francis Lacoste – Launchpad Manager
“Launchpad is vast. The significant milestones reached could be quite varied. But to me, the most important ones are the ones that enabled a community to use Launchpad for new activities. Thus, the first milestone was in the very earliest days, when the Ubuntu community switched from Bugzilla to Launchpad for tracking Ubuntu bugs!

“Other important milestones were when bzr and Launchpad code hosting were fast enough to host the huge Launchpad source tree itself (back in 2007). Then in 2008, when Launchpad started using Launchpad for code reviews! Other significant milestones were when MySQL joined Launchpad and bzr also in 2008. This opened the door for other big communities to join Launchpad: drizzle and then OpenStack. Finally, more recent milestones of this sort were when we introduced source package branches and Ubuntu started importing all of their packages in bzr: https://code.launchpad.net/ubuntu

“Last year, we introduced derived distributions which is now being used to synchronize with Debian development versions.”

Matthew Revell – Launchpad Product Manager
“There’s so much in Launchpad that it’s almost impossible to settle on a particular highlight. However, PPAs stick out as something of a game-changer. Someone once said that the cool thing about apt isn’t so much apt, but actually the software archive behind it. I love that I can trust the Ubuntu archive to give me what I need in a reliable form.

“However, PPAs have helped bring greater  diversity to Ubuntu by allowing anyone to build and publish their own packages in their own apt repository. With the addition of private PPAs and package branches, we have probably the best combination of centralised repos and software from elsewhere that I’ve seen in any operating system.”

Dave Walker (Daviey) – Engineering Manager, Ubuntu Server Infrastructure
“The real shining star is Launchpad bugs, the features and flexibility has really enabled the server team to deliver a quality product.  It’s rich API allows ease of mashups, and easy task prioritisation.”

Graham Binns – Software Engineer, Launchpad
“Probably the most significant moment for me over the time I’ve worked on Launchpad was its open-sourcing. Suddenly, this big beast that we’d worked on for years was open to outside contributions, and that was and still is incredibly exciting to me.”

Laura Czajkowski – Launchpad Support Specialist
“I think the best thing I’ve seen in a long time on Launchpad was the set downtime and reduced downtime that happens each day.  This minimises the effect for all projects hosted on launchpad an many people never even notice it down.”

J.C.Sackett – Software Engineer, Launchpad
“When I started on launchpad, the volume of bug data was a source of constant performance problems. Our 1 millionth bug is noteworthy in that we’re handling 1 million bugs better now than we were handling 500,000 then.”

Curtis Hovey – Launchpad Squad Lead
“Launchpad’s recipes rock. They allow projects to automatically publish packages created from the latest commits to their branch. Users can test the latest fixes and features hours after a developer commits the work.”

Diogo Matsubara – QA Engineer
“Personal package archives combined with source package recipes allows any Launchpad user to easily put their software into Ubuntu and this is a pretty unique feature from Launchpad.”

Tom Ellis – Premium Service Engineer
“It’s been great to see Launchpad grow and scale. A key milestone for me was seeing Launchpad move from a system that was not scaling well to one which has been a great example of continuous development and seeing the web UI improve in usability.”

 

 

(Photo by ‘bunchofpants’ on flickr, Creative Commons license)

Hey everyone, I am riding 100 miles (161 km) for Chicago’s 2012 Tour de Cure. My goal this year is to raise $1,500, because last year I was blown out of the water by the generosity of the people at my mom’s work, the KDE community, the cycling community, and a few friends. So, if 300 of you donated the minimum $5, I would make my goal Last year I had a blast doing this ride and completed it in 6.5 hours. My other goal this year is to finish it in under 6 hours.

To donate, you can click on the Support image above, or go to my Tour de Cure page. Scroll down, and on the right hand side you will see “CLICK HERE TO SPONSOR ME”, click it. I appreciate any and all help!

Donate To My Tour de Cure 2012 Ride is a post from Richard A. Johnson's blog.

I’m finally home from UDS, it was good to run into so many friends and colleagues and work on what will become 12.10. Here’s a quick summary of my upcoming cycle.

We will definately have Charm Schools:

And here are all my blueprints:

• https://blueprints.launchpad.net/ubuntu/+spec/servercloud-q-juju-charm-best-practices
• https://blueprints.launchpad.net/ubuntu/+spec/community-q-irc-workshops
• https://blueprints.launchpad.net/ubuntu/+spec/community-q-juju-charm-growth
• https://blueprints.launchpad.net/ubuntu/+spec/community-q-juju-charm-workflow
• https://blueprints.launchpad.net/ubuntu/+spec/community-q-juju-conferences

The TLDR on juju is basically to streamline the review process, we’re going to go just how distro does it, with a sponsorship queue and review days instead of the ad-hoc way we do it now.

The “loose” review process served us fine for 12.04 but needs to grow up a bit; you’ll see typical governance structures added as well. Lots of Charm Schools and training events, both online and at conferences, and we’ll be experimenting more with things like Google Hangouts for tutorials, etc.

I had a CR-48 Chromebook for a while, which has recently fallen in disuse. While I have never being totally convinced about Chrome OS being a polished, well designed, interface that simplifies the “always connected” user journey that Google was envisioning, I liked the concept.

Now I am reading in ArsTechnica that Chrome OS is getting a brand new look, that is … basically.. well, not new. While I am sure there are many technical advantages of a fully hardware accelerated windows managers, my issue is with the [lack of] concept.

Google has spent much energy convincing users that they do not need to have local apps, that they can do everything in the cloud and that the portal to this experience is Chrome. Having an OS which the only application that could possibly run, and at full screen, was the browser was a controversial but bold move. More over, it really hit home the user experience they were targeting.

This new UI seems to be sending the opposite message. It seems to be saying: “OK, we were wrong.. but  maybe if we make Chrome OS look more like windows you will like it better?”. Is that really the message? Well if you give me an app launcher in a desktop, I am bound to ask for local apps. If you give me off-line sync for Google apps, I am bound to ask for local apps.

I fear Google is paving the road to [windows vista] hell with good window manager intentions. I am primary an Ubuntu user, and what I like about it is that every single release over the last few years has continue to build on a design concept. Every new release is closely wrap on a consistent user message. Take as an example the HUD introduced in 12.04: it is new and different, but somehow it feels like it always belonged in Unity.

I am bought into the Ubuntu user experience, and I am excited to see what a new release will bring. If I had bought into the Chrome OS experience, I think I will be asking for a refund.

Anyway, I am looking forward to the new Chrome OS UI being available for the CR-48. Maybe I will change my mind once I get my hands on it.

A couple of photos from the Ubuntu release fest in Tampere yesterday.

People gathering up before presentations

Tieto's Markus Mannio

Again, continuing on how Ubuntu is used at Tieto

A cut to the end of presentations, Trine 2 game licenses from Frozenbyte being raffled. A great game available on Linux.

Tablets running KDE Plasma, and Ubuntu for Android being demoed.

Someone else probably has photos of my generic Ubuntu 12.04 LTS presentation (what's new, what's next), and likewise for the other presentations (Ubuntu for Android, uTouch) held. Those will be available as slides and videos later on, although do note the whole event was in the crypto-language called Finnish.

Thanks to the organizers, sponsors and everyone I met, it was a great event with nice little dinner and wine served at the end!

Summary: If you have performance problems using the JACK Audio-Connection-Kit and the fglrx ATI grpahics card driver, switching to radeon may solve them. Unity 3D and radeon can work, but leftovers of other drivers might get in the way. Also: Proprietary, binary blobs smell bad and Ubuntu’s infrastructure around those drivers is dodgey.

On Ubuntu 11.10, I switched graphics cards and thus drivers from nvidia to fglrx without much of a problem.

I recently upgraded to Ubuntu 12.04 and was quite pleased by how smooth that went and glad for not having to reconfigure and reinstall a bunch of stuff. As with every release so far, some issues might have disappeared, but a very noticable new one arrived: focus-follows mouse combined with auto-raise does no longer work reliably. So far I failed to identify the pattern for the cases where windows are not raised, when they should be.

After a while, I wanted to get back to music production with JACK and Ardour. My system was still configured for JACK to run in realtime mode, but I got many disconnects, often right when Ardour brought up its main window. I found out this only happened with Unity 3D, not with 2D. So it seemed like either one or the combination of Unity 3D and the fglrx driver interfered with realtime mode. A fellow #lad inhabitant knowledgeable about this realtime kernel business suspects that the 3D accleration part of the fglrx driver is not preemptable.

Where does one even report bugs about that proprietary blob? And how would one diagnose what exactly goes wrong?

Now I could use Unity 2D, but I really miss window drop-shadows, dislike the look and different notification animations for the Launcher icons and hate the fact that the Dash doesn’t react to the same shortcut I configured while using the 3D version.

Initially, I thought I would need the fglrx driver for Unity 3D, but still wanted to try switching to radeon. The Additional Drivers dialog claimed that neiter of the 2 ATI options were active, but lsmod told me otherwise. I have some Wacom-related stuff in my xorg.conf, which had to be moved out of the way, to get that thing to work. After a reboot, radeon was in use, but Unity decided to drop back to 2D. The cause: Xlib: extension "GLX" missing on display ":0.0". The solution was purging any trace of fglrx and nividia(!) from my system. Also, for good measure, but I suspect it’s unnecessary: sudo apt-get install —reinstall libgl1-mesa-glx libgl1-mesa-dri xserver-xorg-core; sudo dpkg-reconfigure xserver-xorg.

Now I have a working Unity 3D, using radeon, no disconnects or xruns galore using JACK and Ardour. Only new problem so far: shaky mouse pointer on the login screen.

Filed under: Planet Ubuntu, Ubuntu

After some delay, I am continuing the posting on the third day of the Ubuntu Develop Summit for Quantal Qeutzal in Oakland, California.

Getting Home

In order to maximize my weekend before returning to work, my flight leaves at 06:00 on Saturday.  Apparently I naively expected to take the BART but I have learned that the first BART is at 06:30.

Turns out the answer is a local shuttle service (thanks Elizabeth and Charles) who will pick me up at 03:30.  I might not even go to sleep Friday night :/

QA

I learned about some remarkable things today related to available QA tools which hopefully will reduce the work load on our small team.

During a ubuntu-qa-tools session, I learned about automated ways to download and start a new image in KVM from a single command.  Rock on!

Turns out there are many other tools that will lower the threshold for new testers to easily join and help with testing..  I will certainly be  exploring these tools more. Also, during this session Gema mentioned her Plenary presentation for QA.  I look forward to learning more :)

Improving the testing tools used by Ubuntu Studio is another important aspect for our future.  By automating the basic ISO test we should be able to devote more time to deeper testing.

Learning of the available QA tools, along with the available backports tools, should really have significant impact to Ubuntu Studio starting with this cycle :)

Pictures

Last UDS I only took two pictures, this year I intend to do much, much better.  Hopefully tomorrow I start taking them.

There are a huge number of extremely cool and incredible people at UDS and I really hope to document some of this experience with a Picasa photo album.

finis

As happened last year, midweek seemed to slip out of high gear as I didn't find as many interesting sessions. But I am sure I am an outlier at UDS.

Oh, I know of one interesting session coming up on Friday; it is the a session that I will be leading for the 'Desktop Juju (see JuJu Studio section)' blueprint that was approved and scheduled.

Recently I have been talking a little about building quality and precision into Ubuntu Accomplishments. Tonight I put one of the final missing pieces in place and I thought I would share in a little more detail about some of this work. Some of you might find this useful in your own projects.

Before I get started though, I just wanted to encourage you to start playing our software and for those of you that had a crash when using certain languages with the Accomplishments Information viewer, I released a 0.1.2 update earlier that fixes this.

Automated Testing

As we continue to grow the Ubuntu Community Accomplishments collection it is going to be more and more complex to ensure all of the accomplishments are working effectively every day; we are already at 28 accomplishments and growing! What’s more, the community accomplishments scripts work by checking third-party services for data (e.g. Launchpad) to assess if you have accomplished something. These external services may change their APIs, adjust how they work, add/reduce services etc, so we need to know right away when one of our accomplishments no longer works and needs updating.

To do this I wrote a tool called battery. It works by reading in a test that is available for each accomplishment that feeds the accomplishment validation data that should succeed and also data that should not validate. As an example, for the Ubuntu Member accomplishment the data that succeeds is an existing member’s email address (such as my own) and the test for failure is an email address on Launchpad that is not a member. The original script requires the user’s email address to assess this accomplishment, so battery tests simply require the same types of information, with data that can trigger success and failure.

This approach allows us to test for three outcomes:

• That the valid email address returns exit code 0 (the script ran successfully and the user is verified as being an Ubuntu Member).
• That the invalid email address returns exit code 1 (the script ran successfully but the user is not an Ubuntu Member).
• If the script has an internal issues and returns exit code 2.

The way this works is that battery includes a customized version of the general accomplishments.daemon module that we use for the backend service. In the code I override the back-end module and load a custom module. This way the original accomplishment script does not need to be modified; instead of get_extra_information() calling the back-end daemon and gathering the user’s details, the custom module that comes with battery instead has it’s own get_extra_information() that gets returns the test data so battery can run the tests.

Originally battery only output textual results, but this would require us manually running it. As such, last night I added HTML output support. I then enabled battery to run once a day and automatically update the HTML results. You can see the output here.

There are a few important features in this report other than a list of all the accomplishment test results:

• It shows the failures: this provides a simple way for us to dive into the accomplishments and fix issues where they occur.
• It shows which tests, if any, are missing. This gives us a TODO lists for tests that we need to write.

While this was useful, it still required that we would remember to visit the web page to see the results. This could result in days passing without us noticing a failure.

Tonight I fixed this by adding email output support to battery. With it I can pass an email address as a command-line switch and battery will generate an email report of the test run. I also added battery‘s default behavior to only generate an email when there are failures or tests are missing. This prevents it generating results that don’t need action.

With this feature I have set battery to send a daily “Weather Report” to the Ubuntu Accomplishments mailing list; this means that whenever we see a weather report, something needs fixing.

One final, rather nice feature, that I also added was the ability to run battery on one specific accomplishment. This is useful for when we are reviewing contributions of new accomplishments; we ask every contributor to add one of these simple tests, and using battery we can test that the script works for validation success, validation failure, and script failure with a single command. This makes reviewing contributions much easier and faster and improves our test coverage.

Graphing

Something Mark Shuttleworth discussed at UDS was the idea of us building instrumentation into projects to help us identify ways in which we can make better decisions around how we build software. This is something I have also been thinking of for a while, and to kick the tyres on this I wanted to first track popularity and usage of Ubuntu Accomplishments before exploring other ways of learning how people contribute to communities to help us build a better community.

Just before we released version 0.1 of Ubuntu Accomplishments, I created a little script that does a scan of the validation server to generate some statistics about the number of daily new users, the daily number of new trophies issued, and the totals. Importantly, I only count users and trophies, and I am only interest in publishing anonymized data, not exposing someone’s own activity.

To do this my script scans the data and generates a CSV file with the information I am interested in. I then used the rather awesome Google Charts API to take my CSV and generate the Javascript need to display the graph. Here are some examples:

While this is not exactly instrumentation, it got me thinking about the kind of data that could be interesting to explore. As an example, we could arguably explore which types of contributions in our community are of most interest in our users, how effective our documentation and resources are, which processes are working better than others, and also some client side instrumentation that explores how people use Ubuntu Accomplishments and how they find it rewarding and empowering.

Importantly, none of this instrumentation will happen without anyone’s consent; privacy always has to be key, but I think the idea of exploring patterns and interesting views of data could be a fantastic means of building better software and communities.

Ubuntu Hour is a chance to meet up for an hour and chat with other Ubuntu users. The meeting is open to anyone interested whether they use Ubuntu or not, and everyone's welcome with no commitments or RSVPs. It's definitely a good opportunity to bring along friends who are curious about Ubuntu.

Not only is it fun to meet local Ubuntu fans, but we can also be a valuable introduction to Ubuntu for others. Wear that cool Ubuntu or Linux shirt or bring your laptop with the Ubuntu stickers, if you have them. We'll also follow the Ubuntu Code of Conduct while we're there. Easily summarized as "be excellent to each other," it means that we'll be good examples of the wonderful Ubuntu community.

The latest information, including locations and times, is always available at http://www.nhaines.com/ubuntu/hour/

Upcoming dates

• Thursday, May 17, 2012, 6pm - 7pm
• Thursday, May 31, 2012, 6pm - 7pm

Location

Panera Bread (Yelp) (Google Maps) 23592 Rockfield Blvd. Lake Forest, CA 92618

Panera Bread is a casual restaurant that has fresh bread, soups, and sandwiches and free wi-fi access. We're the group with a laptop or two and some Ubuntu logos, so please feel free to come up and say hi.

Congratulations

First off, congratulations to the Launchpad.net team for reaching bug #1000000. They’ve managed to build a huge platform that scales very well. Very few bug trackers live to that milestone and it’s amazing how they have managed to keep it snappy and also keep downtime so low by doing continuous roll-out.

1 000 000 x 67

A million bugs are a lot, but even more mind-blowing: for every bug filed in Launchpad.net, 67 iPads have been sold. Educational institutions everywhere are jumping on the iPad bandwagon, and in the Edubuntu project, we believe that the tools are quickly coming together that allows us to deliver a product that can be truly competitive with the iPad in educational environments.

We’re currently re-designing the Edubuntu website and will soon have a dedicated section to this project, but in the meantime, please join us on the edubuntu-devel mailing list and introduce yourself, or on the #edubuntu IRC channel on Freenode.

As Trever blogged yesterday, the Zeigeist team has been busy with tweaking the DB and the engine. During that process tools and benchmarks have been developed to make the tweaking and testing more interesting. Trever will be blogging about that tomorrow so make sure to check his blog.

Our end goal is  trying to scale the engine to be able to handle a few billion events just as fast as it can handle a few hundred thousand. While we are not there yet we managed to have some pretty nice stable results for the first iteration. A lot of results show more than 100% speed enhancement. In other words a lot of queries from our standard benchmarks now consume more than 50% less time to execute. Here are some graphs of our benchmarks.

Green indicates the 0.9 release

Yellow indicates the new trunk

Most notable performance enhancement is querying Zeitgeist with a specified timeframe (from data x to date y).

 

Same queries with an open timeframe also improved

 

We also have a copy of the Synapse queries benchmarked

The queries here are typical queries used to extract info from Zeitgeist. So right now the team is really happy with the initial results. For Synapse on my local DB (over a year old), all my synapse queries perform under 0.08 seconds. We still can get more out of this. The trick here was improving our indexes and our sql query generator.

Next month we will be going through another iteration.

 

 

We have uploaded a new Quantal linux kernel. The most notable changes are as follows:

* perarch and indep tools builds need separate build directories
* Prevent upgrading a non-PAE CPU

The full changelog can be seen at:

https://launchpad.net/ubuntu/+source/linux/3.4.0-2.5

As many people know I am a fanatic when it comes to web optimization and if my blog is taking more than a second or two to load I’m freaking out because I know how important load times are to end-users and that a few milliseconds could mean loss of a potential reader or new connection.

But more importantly load times also play a major role in how search engines rank you in results because in turn they consider slow loading websites to be of lesser quality to their users and rank accordingly in their algorithms.

I have been a big fan of the folks at NetDNA which offer the service MaxCDN and recently launched CloudCache two services aimed at producing top performance when it comes to serving content on your site. Some of the top sites on the internet rely on the technology that NetDNA offers to make their websites run blazing fast 365 days of the year.

I told my followers I would give something away when I reached 2,500+ people on Google+ and I recently passed this mark as such I am going to giveaway of  Five CloudCache Basic Plans for an entire year totally free courtesy of NetDNA.

 

a Rafflecopter giveaway

Meeting Minutes

IRC Log of the meeting.

Meeting minutes.

Agenda

20120515 Meeting Agenda

ARM Status

work on a Q/omap4 kernel is ongoing, but apart from that, nothing to report this week

Release Metrics and Incoming Bugs

Release metrics and incoming bug data can be reviewed at the following link:

http://people.canonical.com/~kernel/reports/kt-meeting.txt

Status: Quantal Development Kernel

a few things…
Work items are beginning to populate the blueprints. I’ll start calling
out specific work items in upcoming meetings.
We’ve rebased the Quantal kernel to upstream v3.4-rc7. We uploaded but
ran into a build failure on i386. Test builds are currently underway
and we will re-upload shortly. We also have the quantal kernel building
in precise. We are getting a PPA set up so that testing can commence.
Important upcoming dates:

• Thurs Jun 7 – Alpha 1 (~3 weeks)

Status: CVE’s

Currently we have 82 CVEs on our radar, with 5 new CVEs in the last
three weeks. See the CVE matrix for the current list:

http://people.canonical.com/~kernel/cve/pkg/ALL-linux.html

Overall the backlog has increased slightly slightly this week:

http://people.canonical.com/~kernel/status/cve-metrics.txt

http://people.canonical.com/~kernel/cve/pkg/CVE-linux.txt

This week sees Quantal listed for the first time, and the addition
of the armadaxp kernels for ease of tracking.

Status: Stable, Security, and Bugfix Kernel Updates – Precise/Oneiric/Natty/Lucid/Hardy

Here is the status for the main kernels, until today (May 15):

• Hardy – 2.6.24-31.101 – Testing; Single CVE
• Lucid – 2.6.32-41.89 – Testing; 5 CVEs
• Natty – 2.6.38-15.59 – Nothing this cycle
• Oneiric – 3.0.0-20.34 – Testing; 4 stable upstream releases (approx. 300 commits)
• Precise – 3.2.0-24.38 – Testing; 2 stable upstream releases (approx. 140 commits)

Current opened tracking bugs details:

http://people.canonical.com/~kernel/reports/kernel-sru-workflow.html

For SRUs, SRU report is a good source of information:

http://people.canonical.com/~kernel/reports/sru-report.html

Future stable cadence cycles:

https://wiki.ubuntu.com/QuantalQuetzal/ReleaseInterlock

Open Discussion or Questions? Raise your hand to be recognized

No discussion.

Tim Bell preparing to get his OpenStack on

As previously mentioned, there's a growing momentum around ops-oriented participation in the OpenStack community. DreamHost is deeply invested in DevOps, seeing how that's where we're going to be living in a few months! As Simon Anderson, CEO of DreamHost, recently said:

"When we're running a complex fabric of apps on over 5,000 servers across three data centers, we need a lean and nimble approach to software development and operational implementation. Without a DevOps approach, we wouldn't be able to push code into production as fast or as efficiently as we do, and our customers would not be happy! Today's developers demand up-to-the-hour security and performance updates to Internet infrastructure, so we aim to deliver just that with DevOps."

Though expressed in the context of our work, the import of DevOps that Simon's comment generally highlights is going to be increasingly important for nearly anyone running cloud services. 

In particular, I've been following the work of the intrepid folks at CERN. As such, this post is not about DreamHost; rather, it's a mad tale of OpenStack, DevOps, and averting alien invasion.

"The CERN Agile Infrastructure project aims to develop CERN's computing resources and processes to support the expanding needs of LHC physicists and the CERN organisation."

The first Beta of the upcoming PostgreSQL 9.2 was released yesterday (see announcement). Your humble maintainer has now created packages for you to test. Please give them a whirl, and report any problems/regressions that you may see to the PostgreSQL developers, so that we can have a rock solid 9.2 release.

Remember, with the postgresql-common infrastructure you can use pg_upgradecluster to create a 9.2 cluster from your existing 8.4/9.1 cluster and run them both in parallel without endangering your data.

For Debian the package is currently waiting in the NEW queue, I expect them to go into experimental in a day or two. For Ubuntu 12.04 LTS you can get packages from my usual PostgreSQL backports PPA. Note that you need at least postgresql-common version 0.130, which is available in Debian unstable and the PPA now.

I (or rather, the postgresql-common test suite) found one regression: Upgrades do not keep the current value of sequences, but reset them to their default value. I reported this upstream and will provide updated packages as soon as this is fixed.

I recently installed a DNS sever using Ubuntu 12.04.  The server should serve only my exernal domain, but should use an internal server for it's own name resolution.

Setting dns-nameservers to the correct ip in /etc/network/interfaces did not work on this host (but does on all my non-dns hosts).

After some digging, I found the cause: resolvconf always reverts to nameserver 127.0.0.1 which in turn queries the hosts in dns-nameservers.  Because my host is already a nameserver, 127.0.0.1 points to my bind instance instead of a caching daemon.

The solution I found was to put my entries in /etc/resolvconf/resolv.conf.d/head, this way they end up on top of the resolv.conf file and the real DNS server gets queried first!

The Ubuntu Developer Summit. One week, full of experiences, sessions, plenaries, social events, etc. One week where you find out what is the essence of this community. Last week I’ve had my first UDS. Believe me, this is something that entirely changes your perspective of the community. You get to know how things work, how the process of this cycle will be, and what are the projects. Most important, you get to know the people you will work this during all this entire 6-month cycle. With this post, all I want to say is thanks. Thanks to all the people who were there, making this event as great as they could. Thanks to Marianna, Claire, Claire and Michelle for organizing it, to the track leads for their work managing their tracks, to Chris Johnston and the crew for the great work we did, and to all the people that I don’t mention, but know they were very important for me in this first experience (I do not write the whole list because I would fill up the whole planet homepage). Last but not least, thanks to Mark Shuttleworth for making this awesome summits, that, apart from being a place to get work done, is a week full of emotions, that you will surely never forget.

 

EDIT on 15/May/2012: For the next UDS I go to, I promise I will sing in the karaoke!

At the Ubuntu Developer Summit last week I delivered a plenary on the Tuesday called Accomplishing An Awesome App Developer Platform that tells the story of how the Ubuntu app developer platform enabled me to build the Ubuntu Accomplishments system that I designed with Aq. The presentation walks through the story of how we designed the system, and how everything was available in Ubuntu to create the client, back-end daemon, validation server, and desktop integration. I think it is a good example of how Ubuntu can help app devs to create interesting ideas and apps.

I thought this might be handy to have on YouTube, so I re-recorded it today, and you can see the video below:

Can’t see it? Watch it here!

If you want to create your own application for Ubuntu, be sure to visit developer.ubuntu.com.

Meta Track?

I’m glad you asked! At the Ubuntu Developer Summit, sessions are arranged by track. There are some topics that don’t have official tracks, but you end up seeing the same people in the same kind of sessions and it ends up being a track for all practical intents and purposes. One of these “meta-tracks” that emerged at this UDS was about software packages in Ubuntu. These were discussions related to how packages are organised in Ubuntu, how they’re maintained and synced with Debian, how to get upstream software developers excited about Ubuntu and more.

These were the sessions where I could walk in and be sure to find some combination of Stefano Rivera, Allison Randal, Asheesh Laroia, Evan Broder, Iain Lane, Andrew Starr-Bochiccio, Daniel Holbach, Andrew Mitchell, Micah Gersten, Bhavani Shankar and more in there

These sessions included:

• APT Improvements
• Upstream App Developer Documentation
• App Developer events
• software-center-q-client
• Backports BoF
• Continuing Packaging Guide Improvements
• Refine our SRU process to be more agile while avoiding too many pitfalls
• App Developer external outreach
• software-center-q-server
• Promote and encourage upstream delivery in Ubuntu
• Packaging requirements for Apps in Ubuntu
• LTS backport testing in 12.04
• Phased updates of software packages
• Merging / onto /usr
• Discussions of what should get uploaded to -proposed and when
• Review of the ARB process using MyApps
• Application Review Board
• Debian Health Check
• Developer Membership Board Discussion
• MOTU BOF Session
• Transition the archive to Java 7
• Finish the archive reorg
• Advertise new apps in the Software Center
• working session result of apt-improvements
• MyApps submission experience and expectations for upstreams
• Ubuntu App Developer Site incremental improvements
• Reaching out to future Ubuntu developers
• If a crash is already fixed by an update, prompt to install it

Archive Re-organisation

I’ll jump in with the big and controversial topic. When Ubuntu was founded, Canonical and the Ubuntu community was small and could only support a subset of the Debian archives. This supported subset became known as main. Initially it was less than 1GB large, the rest of what you’d usually find in the Debian main archive became known as Universe, and a group of people, named in jest after a he-man series, became known as the Masters of the Universe (MOTU) team.

Main was maintained mostly by Canonical staff and the universe archive was maintained by Canonical staff and community members. Over time, more and more community members started to maintain packages in main. Flavours such as Edubuntu, Kubuntu and Xubuntu were later allowed to install from universe and it was later enabled by default. In the initial LTS release, only main packages were supported long-term. These days, there are many packages in universe that are supported for the full 5 years on LTS releases. Previously, only packages in main had translations shipped for them. This is also no longer true. The lines between main and universe have become so blurred that having the separation no longer made any sense. Around the last LTS release (10.04), the topic of an archive re-organisation emerged. It was a big discussion, and when the Developer Membership Board was formed the MOTU Council was disbanded (which in my opinion was a bad idea) in part of that and also in anticipation for the archive re-organisation. Some people took that as meaning that MOTU is dead or that it would stop to exist. That is certainly not the case.

Unfortunately, the archive re-organisation became very complicated very quickly. There still needs to be a way for Canonical to identify packages that they officially support if someone wants to throw money at them for supporting it. We can’t have everything translated because the language packs would just grow too big. How would we deal with managing build-dependencies and make sure that people depend on high-quality tools and libraries? Soon after the initial archive re-organisation was started, it stalled. In my opinion this caused lots of confusion and did damage to the Ubuntu project.

Having said that, I’m glad to report that the discussion at this UDS was extremely positive and it seems like the archive re-organisation might actually be completed over the next two releases. Other benefits will include how support meta-data is stored. The tools that currently use the support fields (update-manager, ubuntu-support-status, software-center, etc) will now get the support metadata from an external file, which means that packages in Ubuntu wouldn’t need a diff with Debian’s packages anymore for support meta-data. Also, the archive layout will be simpler and easier to understand. MOTU would probably change from “Masters of the Universe” to “Masters of the Unseeded”. Packages that are seeded are packages that are provided on standard Ubuntu flavours (Ubuntu Core, Ubuntu Desktop, Ubuntu Server, Edubuntu, Kubuntu, Xubuntu, Lubuntu, etc). The rest of the archive that are unseeded would then still be maintained by a newly defined MOTU group.

It’s a big hairy issue and I’ve just touched on some of the areas, but what’s great is that progress is being made again and that people are serious about making it happen. Colin Watson has a work item to take the discussion further on the Ubuntu development mailing list. I’m positive that things will be moving forward on that front for this cycle, even if it ends up taking another cycle to iron out some of the smaller kinks.

Application Review Board

In a previous cycle, Canonical put together a process by which application developers could get their non-free, commercial applications in to the Software Center via authenticated PPA. It seemed unfair to have a process where non-free software could make it into the Ubuntu software center but free software couldn’t, so a process was formed to let apps in the software center via an extras repository. This process is overseen by the Application Review Board. I joined this board right about 6 months ago. We’ve had the usual problems that Ubuntu teams have (because, in reality the ARB is more of a team than a board, the name is a misnomer, I wish less Ubuntu teams had this issue), like lack of time, getting sporadically distracted by other work, but on top of that, we didn’t have our process quite smoothed out yet. The web interface that we used to manage apps had some huge issues (like making apps completely disappear from the interface when requesting feedback from the developer).

For the last weeks, quite a few people have worked hard to help fix the issues in the process and in the web app. There were *many* sessions at this UDS regarding upstream developers, the ARB, the MyApps web interface, etc. At times I thought that there were too many, but it was just right. A lot of issues were discussed, problems were solved, and while I felt like the ARB process was in an alpha stage during the last cycle, I think it’s more like a beta-state process now. I think we’re very close to having a process that’s smooth and easy for both the people that submit these apps, and the people who review them.

Currently the ARB has some backlog that we need to sort through, we’ll probably use that to help improve the process further and make Ubuntu a fun and welcoming platform to develop for.

We also absolutely want people to contribute their software to the right place. If a package belongs in Debian, Ubuntu, a PPA or any other archive instead, we’d like to advise the user properly. I took a work item to put together a flowchart to help people decide where to submit their app, because there’s way to many guides and howtos and someone could read the entire New Maintainers Guide and still won’t know where to submit their app

I know I’m a bit thin on the details on the sessions here, but I’ll do more blog posts on that. I just wanted to provide some background and explain that good progress is made, and that things are greatly improving with the ARB process. In the ARB, many of us are aspiring to becoming Debian Developers so that we can help sponsor packages there when it’s appropriate.

Debian Health Check

The Debian Health Check session as become a regular session at UDS. We had a bunch of DD’s in the room that could comment on the Debian-Ubuntu relationship, but we didn’t have someone who specifically represented Debian. Some of the issues I’ve mentioned previously (like the ARB) were discussed. Also the Ayatana patches from Ubuntu that are hard to get into Debian (which includes Unity).

What is nice is that we have quite a few people who started out with Ubuntu that became Debian Developers. The relationship between Debian and Ubuntu seems quite healthy and it seems that both projects gain great benefit from each other.

MOTU Birds of a Feather

The archive-reorg was discussed, and MOTUs future role was discussed in anticipation of it. There was some discussion about things that have worked well in the last few cycles that should be revitalised. MOTU needs some more announcements of what it’s doing to cause some buzz around its activities. Too few people know what MOTU does and how it does it. Evan Broder and I plan to try some experiments with Facebook ads to see what kind of people/interest they bring in MOTU

The MOTU team is also very eager to get long-term ARB apps into the archive. Having apps in universe would mean less work and restrictions than having them in extras.

As MOTU we’re very committed to it and its goals, but there needs to be some restructuring/updating of the current documentation. It might also need a new vision/mission-statement, etc. This cycle is going to be a revitalisation cycle for MOTU in whatever form it will continue to exist. We hope that many people will get excited about packaging and quality in the Ubuntu archive and help contribute to that

Getting it all down is impossible

I wish I could do a better job at this blog post, but I’m still somewhat suffering from information overload from last week, and if I try to get it perfect and get everything in there then this post will never get finished. If you have questions, feel free to give a poke on #ubuntu-motu on freenode, there’s bound to be someone who could answer questions on any of these topics if you’re willing to hang around a bit. I still haven’t even touched on Backports, APT improvements, SRU streamlining, etc, but you should be able to find most of the information from those sessions in their blueprints. If you’ve made it this far, thanks for reading!

Welcome to the Ubuntu Weekly Newsletter. This is issue #265 for the week May 7 – 13, 2012, and the full version is available here.

In this issue we cover:

• Ubuntu Developer Summit for Quantal
• EA Games and Ubuntu
• Welcome New Members
• Ubuntu Stats
• LoCo News
• Launchpad News
• Ubuntu Cloud News
• Introducing Project Sputnik: Developer laptop
• Pasi Lallinaho: Brainstorm! Contribute!
• Alan Pope: Why not contribute to Ubuntu Manual
• Stuart Langridge: Ubuntu One for Nokia N9
• Jonathan Carter: Edubuntu Preliminary Plans for 12.10
• Summaries from the Ubuntu Developer Summit
• ARM arrives on servers with Calxeda’s Ubuntu demo
• Ubuntu 12.04 Precise Pangolin review
• Project Sputnik: Dell’s Ubuntu-based XPS13 laptop for developers
• Mark Shuttleworth is passionate about Canonical, patents and space
• In The Blogosphere
• In Other News
• Other Articles of Interest
• Featured Podcasts
• Upcoming Meetings and Events
• Updates and Security for 8.04, 10.04, 11.04, 11.10 and 12.04
• And much more!

The issue of The Ubuntu Weekly Newsletter is brought to you by:

• Elizabeth Krumbach
• Jasna Bencic
• Chris Druif
• D. Can Celasun
• mikewhatever
• Matt Rudge
• And many others

If you have a story idea for the Weekly Newsletter, join the Ubuntu News Team mailing list and submit it. Ideas can also be added to the wiki!

Except where otherwise noted, content in this issue is licensed under a Creative Commons Attribution 3.0 License BY SA Creative Commons License

Liberté Linux is a secure, reliable, lightweight and easy to use Gentoo-based LiveUSB/SD/CD Linux distribution with the primary purpose of enabling anyone to communicate safely and covertly in hostile environments. Whether you are a privacy advocate, a dissident, or a sleeper agent, you are equally likely to find Liberté Linux useful as a mission-critical communication aid. Downloads and more

We have uploaded a new Quantal linux kernel. Please note the ABI Bump. The most notable changes are as follows:

* Rebase to v3.4-rc7
* Remove fsam7400 Ubuntu driver (supported upstream)
* Remove onmibook Ubuntu driver (disabled since Oneiric)
* Remove rfkill Ubuntu driver (disabled since Oneiric)
* Remove nx-emu patches (dropped non-pae support)

The full changelog can be seen at:

https://launchpad.net/ubuntu/+source/linux/3.4.0-2.4

I just released a new update for the Ubuntu Community Accomplishments collection. This new release (0.1.1) includes the following new community accomplishments:

• Accomplishments Contributor
• Attend LoCo Team Event
• Bug Squad Member
• Ubuntu Forums Council Member
• Ubuntu Forums Staff Member
• Imported an SSH Key
• Ubuntu Beginners Team Council Member
• Ubuntu Beginners Team Member
• Bug Control Member
• Ubuntu Forums Ubuntu Member
• Launchpad Profile Mugshot is now fixed too.

Thanks to Silver Fox, Michael Hall, Matt Fischer, Rafal Cieslek, Angelo Compagnucci for contributing these additions! It is wonderful to see our community growing!

If you want to contribute accomplishments, be sure to see our guidelines, some suggestions, and how to get started!

If you are already running Ubuntu Accomplishments 0.1, you just need to do the following to get the new set:

sudo apt-get update
sudo apt-get upgrade

If you are running the daemon, kill it first with killall -9 twistd and then load Accomplishments Information from the dash.

If you are new to Ubuntu Accomplishments, be sure you have your Ubuntu One set up and running on your computer, and then follow these installation instructions.

Last week, I finally gave in and bought a new laptop. I wanted something small and lightweight, yet reasonably powerful.

I discounted the MacBook Air on a couple of counts: the increased cost and the potential for extra hassle getting Ubuntu running.

My two choices were the Dell XPS 13 and the Asus Zenbook. The Dell was my first choice: Project Sputnik, the fact Mark has just got one and its size were all in its favour.

The Asus is a good looking machine and has had good reviews. Some dislike the keyboard, but it has been okay for me. However, the Dell feels like it has more momentum amongst the kind of people I work with and the people who make Ubuntu work well on laptops.

After much thought, and a few conversations, a couple of things pushed me away from the Dell: the trackpad isn’t yet well supported in anything other than Windows and it’s a touch more expensive than the Asus.

So, after a few days with the Asus, here’s a quick run-down:

• It really is very thin, lightweight and looks great.
• The keyboard is okay; not perfect but not terrible.
• The battery life under Ubuntu is mediocre; three or four hours under light usage.
• Wifi range is a joke; seriously poor.
• Despite being advertised as supporting 5GHz wifi, it sees only 2.4GHz networks.
• The trackpad does not switch off when typing; very frustrating in use and, also, I could probably have got the Dell.
• Sound quality is very good.
• The screen resolution is good and, for my purposes, colours and contrast appear to be good.

I’ll report back when I’ve started to tackle some of these issues.

A few weeks ago I went to see this year’s show from Richard Herring, ”What is love, anyway?” at The Lights in Andover. Although Richard didn’t think the show went down very well, I enjoyed it. It was a more thought-provoking and personal show than the previous ones I’ve seen, made all the more poignant as he had just got back from his honeymoon. There were some touching moments in the show, which was devoid of much of his usual bluster. It was a refreshing change for a comedian who specialises in playing myriad different versions of himself.

The following week I got a call from the Theatre Royal in Winchester, saying that there had been a return for Stewart Lee’s show. I had tried to book a few months ago but the show had already sold out, so went on the waiting list. Some poor so-and-so wasn’t able to go, so just one week after watching Richard Herring live I was watching the other half of the erstwhile comedy duo.

I’d not visited this theatre before. It’s an impressive space, not large but very ornate. The show was great, although it’s hard to explain why. Stewart’s style is confrontational and he deliberately divides the audience. The first ten minutes consisted of a stream of uncomfortable put-downs directed at a woman in the front row, who couldn’t work out how to turn her phone off. The material must have been used before but I still can’t work out if the whole thing was a set up.

I bought the Fist of Fun Series 1 DVD set after Richard’s show and he signed it. I remembered to take it to Stewart’s show too. So after seeing Herring and Lee, I can now watch Lee and Herring whenever I want.

This is coming about two weeks later than I would have liked, so the next pre-release is likely to come in two weeks to make up. Similarly, the monthly bugfix release for Muon Suite 1.3 is two weeks late. For that, I’ll likely just skip this month and release 1.3.2 in two weeks, as there haven’t been any serious bugs that need immediate attention. (Thankfully)

Anyways, I am proud to announce the first alpha release for Muon Suite 1.4. The Muon Suite is a set of package management utilities for Debian-based Linux distributions built on KDE technologies. Packages for Kubuntu 12.04 “Precise Pangolin” are available in the QApt Experimental PPA. Here’s what’s new:

Muon Discover

Muon Discover is the experimental new frontend in the Muon Suite. It was written by Aleix Pol Gonzalez as part of his employment at Blue Systems, and it’s pretty nifty. You can read more about it here.The idea is to create a Muon frontend that makes finding new software super-simple, and doing so with a little bit of flair. It’s no secret, that even though the existing Muon Software Center has some “bling” here and there, the interface is somewhat spartan.

Muon Discover will eventually replace the Muon Software Center, but not just yet. Muon Discover is young, and its interface is written entirely in QML. KDE has not issued a set of comprehensive UI guidelines for QML usage on the desktop, and currently Muon Discover is using the Plasma QML components for several of the controls in its interface. While we wait for a set of guidelines, the classic Muon Software Center will remain the default application installer, allowing Muon Discover to mature in the process. The QML Desktop Components (slated for release sometime around Qt 5.1 or 5.2, or so I have heard rumored) and KDE Frameworks 5 will likely be a big part of KDE’s QML standardization, so expect Muon Discover to replace the Muon Software Center in around that time period.

Muon Software Center

With all the buzz around Muon Discover, you may think that nothing has been done with the Muon Software Center. Well, never fear, as there are several cool new features and user experience improvements that have been made for Muon Suite 1.4.

• Thanks to work done by Aleix, the Muon Software Center no longer has to reset the view back to the main page when it reloads the APT cache. This provides for a much smoother experience whilst installing multiple applications.
• A progress view has been added for displaying currently running and pending transaction.

• All Muon frontends now use the KDE proxy, if set. (Before it only used the system proxy and APT proxy settings) Priority goes: KDE proxy, APT proxy, system proxy.
• Additional pages of application reviews can be fetched now.
• A busy throbber has been added to the main page to provide feedback during launch.
• Application views can now be sorted by Name, Rating, Buzz and search relevancy.

• By popular request, non-application packages can be toggled for application views. (Though you’re still probably better off using the Muon Package Manager for package management.)

• Ratings are cached locally so they can be accessed in the absence of an internet connection.

Muon Package Manager

The Muon Package Manager has not been forgotten, either. Highlights for the 1.4 release mainly include tools for better handling Multi-Arch packages on 64-bit systems.

• By default, when a package is available for both the native and foreign CPU architectures, only the native package is shown. Installed packages of any architecture are shown. This means no more duplication of most every single package in the archive polluting the Muon package view.
• A new architecture filter has been added, allowing you to filter packages by their architecture.

• The new Debian package categories “Education” and “Introspection” have been added to Muon’s category filters.
• A package’s archive component is now displayed in the technical details tab. (E.g. universe, main for Ubuntu packages)

Muon Update Manager

• Technical package items in the “System Updates” category are now displayed by their package name, as the description is not always descriptive enough.

Changelogs

Detailed changelogs for LibQApt and Muon can be found here and here, respectively.

A few weeks ago, I pinged my peeps on #twisted asking why the banner for a custom SSH server wasn't rendering properly. After some digging around and some inconsistent results (well, consistently bad results for me), we weren't able to resolve anything, and I had to set the problem aside.

The Symptom
The first thing I had tried was subclassing Manhole from twisted.conch.manhole, overriding (and up-calling) connectionMade, writing the banner to the terminal upon successful connection. This didn't work, so I then tried overriding initializeScreen by subclassing twisted.conch.recvline.RecvLine. Also a no-go. And by "didn't work" here's what I mean:

In both Linux (Ubuntu 12.04 LTS, gnome-terminal) and Mac (OS X 10.6.8, Terminal.app), after a successful login to the Twisted SSH server, the following sequence would occur:

1. an interactive Python prompt was rendered, e.g., ":>>"
2. the banner was getting written to the terminal, and
3. the terminal screen refreshed with the prompt at the top

Discovery!
Some time last week, I put together example Twisted plugins showing what the problem was, and the circumstances under which a banner simply didn't get rendered. The idea was that I would provide some bare-bones test cases that demonstrated where the problem was occurring, post them to IRC or the Twisted mail list, and we could finally get it resolved. 'Cause, ya know, I really want my banners ...

While tweaking the second Twisted plugin example, I finally poked my head into the right method and discovered the issue. Here's what's happening:

• twisted.conch.recvline.RecvLine.connectionMade calls t.c.recvline.RecvLine.initializeScreen
• t.c.recvline.RecvLine.initializeScreen does a terminal.reset, writes the prompt, and then switches to insert mode. But this is a red herring. Since something after initializeScreen is causing the problem, we really need to be asking "who's calling connectionMade?"
• t.c.manhole_ssh.TerminalSession.openShell is what kicks it off when it calls the transportFactory (which is really TerminalSessionTransport)
• openShell takes one parameter, proto -- this is very important :-)
• openShell instantiates TerminalSessionTransport
• TerminalSessionTransport does one more thing after calling the makeConnection method on an insults.ServerProtocol instance (the one I had tried overriding without success), and as such, this is the prime suspect for what was preventing the banner from being properly displayed: it calls  chainedProtocol.terminalProtocol.terminalSize
• chainedProtocol is an insults.ServerProtocol instance, and its terminalProtocol attribute is set when ServerProtocol.connectionMade is called.
• A quick check reveals that terminalProtocol is none other than the proto parameter passed to openShell.

But what is proto? Some debugging (and the fact that of the three terminalSize methods in all of twisted, only one is an actual implementation) reveals that proto is a RecvLine instance. Reading that method uncovers the culprit in our whodunnit:  the first thing the method does is call terminal.eraseDisplay.

Bingo! (And this is what I was referring to above when I said "poked my head" ...)

Since this was called after all of my attempts to display a banner using both connectionMade and initializeScreen, there's no way my efforts would have succeeded.

Here's What You Do
How do you get around this? Easy! Subclass :-)

The class  TerminalSessionTransport in t.c.manhole_ssh is the bad boy that calls terminalSize (which calls eraseDisplay). It's the last thing that TerminalSessionTransport does in its __init__, so if we subclass it, and render our banner at the end of our __init__, we should be golden. And we are :-)

You can see an example of this here.

Not sure if this sort of thing is better off in projects that make use of Twisted, or if it would be worth while to add this feature to Twisted itself. Time (and blog comments) will tell.

Epilogue
As is evident from the screenshot above (and the link), this feature is part of the DreamSSH project. There are a handful of other nifty features/shortcuts that I have implemented in DreamSSH (plus some cool ones that are coming) and I'm using them in projects that need a custom SSH server. I released the first version of DreamSSH last night, and there's a pretty clear README on the github project page.

One of the niftier things I did last night in preparation for the release was to dig into Twisted plugins and override some behaviour there. In order to make sure that the conveniences I had provided for devs with the Makefile were available for anyone who had DreamSSH installed, I added subcommands... but if the service was already running, these would fail. How to work around that (and other Twisted plugin tidbits) are probably best saved for another post, though :-)