January 16, 2021

hackergotchi for Ubuntu developers

Ubuntu developers

Stephen Michael Kellat: Things Are Changing Fast

Following me on Twitter leads to a lack of scintillating insights. If anything you see plenty of retweets. I still miss the old social bookmarking service del.icio.us which is what I end up using Twitter like.

My timeline recently would show that I've been trying to keep up to speed with developments in the attack on the United States Capitol earlier this month. There have been plenty of consequences from that. Right now the various state National Guard elements have contributed enough troops to where there is a rainbow unit in the capital at heavy division strength. There are essentially five heavy brigades of troops to protect the capital. The Ohio National Guard is contributing a wee bit to the overall security situation.

A big push in the domestic media in the United States relative to the attack has focused on social media as an accelerant as well as radicalizing force. The Associated Press has now focused on podcasting as something else that needed to be cracked down on. USA TODAY notes a large cry on the part of both Trump supporters and far-right extremists claiming that censorship is taking place with so many online services pulling back like they have in the past nine days or so.

Technology does not necessarily provide answers to all our social problems. The wrong way to look at the social situation in the United States at the moment is to wonder if there might be a neat machine learning solution or other complicated solution that might be appljied to stop extremist militias from communicating with each other online. We're already seeing that now as we learn that Donald Trump had accounts on social networks that the average person would never have expected such as Twitch and Snapchat.

Isolating people without communications outlets creates pressure. Has nobody seen Star Wars: Episode I – The Phantom Menace? That line about communications disruptions is not a throwaway bit of bad scripting in the movie. People are not going to suddenly stop and change their minds about the world around them if you just take away all the social media users they predominantly follow and restrict their online interactions. That's not normal human behavior let alone what you would see in a horrible B-movie script.

Now is not the time to build the better cognitive mouse trap to bend people to your will. I understand the temptation exists right now for what are seemingly noble reasons. Doing the much harder work of talking to each other, not treating each other like mortal enemies, and acting like human beings acted not all that long ago is what is needed.

If you have idle hands still in need of technical work might I suggest picking up something from the snap requests category on the snapcraft forum and trying your hand at that instead?

16 January, 2021 03:07AM

January 15, 2021

hackergotchi for Grml developers

Grml developers

Michael Prokop: Revisiting 2020

*

Mainly to recall what happened last year and to give thoughts and plan for the upcoming year(s) I’m once again revisiting my previous year (previous editions: 2019, 2018, 2017, 2016, 2015, 2014, 2013 + 2012).

Due to the Coronavirus disease (COVID-19) pandemic, 2020 was special™ for several reasons, but overall I consider myself and my family privileged and am very grateful for that.

In terms of IT events, I planned to attend Grazer Linuxdays and DebConf in Haifa/Israel. Sadly Grazer Linuxdays didn’t take place at all, and DebConf took place online instead (which I didn’t really participate in for several reasons). I took part in the well organized DENOG12 + ATNOG 2020/1 online meetings. I still organize our monthly Security Treff Graz (STG) meetups, and for half of the year, those meetings took place online (which worked OK-ish overall IMO).

Only at the beginning of 2020, I managed to play Badminton (still playing in the highest available training class (in german: “Kader”) at the University of Graz / Universitäts-Sportinstitut, USI). For the rest of the year – except for ~2 weeks in October or so – the sessions couldn’t occur.

Plenty of concerts I planned to attend were cancelled for obvious reasons, including the ones I would have played myself. But I managed to attend Jazz Redoute 2020 – Dom im Berg, Martin Grubinger in Musikverein Graz and Emiliano Sampaio’s Mega Mereneu Project at WIST Moserhofgasse (all before the corona situation kicked in). The concert from Tonč Feinig & RTV Slovenia Big Band occurred under strict regulations in Summer. At the beginning of 2020, I also visited Literaturshow “Roboter mit Senf” at Literaturhaus Graz.

The lack of concerts and rehearsals also severely impacted my playing the drums (including at HTU BigBand Graz), which pretty much didn’t take place. :(

Grml-wise we managed to publish release 2020.06, codename Ausgehfuahangl. Regarding jenkins-debian-glue I tried to clarify its state and received some really lovely feedback.

I consider 2020 as the year where I dropped regular usage of Jabber (so far my accounts still exist, but I’m no longer regularly online and am not sure for how much longer I’ll keep my accounts alive as such).

Business-wise it was our seventh year of business with SynPro Solutions GmbH. No big news but steady and ongoing work with my other business duties Grml Solutions and Grml-Forensic.

As usual, I shared childcare with my wife. Due to the corona situation, my wife got a new working schedule, which shuffled around our schedule a bit on Mondays + Tuesdays. Still, we managed to handle the homeschooling/distance learning quite well. Currently we’re sitting in the third lockdown, and yet another round of homeschooling/distance learning is going on those days (let’s see how long…). I counted 112 actual school days in all of 2020 for our older daughter with only 68 school days since our first lockdown on 16th of March, whereas we had 213(!) press conferences by our Austrian government in 2020. (Further rants about the situation in Austria snipped.)

Book reading-wise I managed to complete 60 books (see “Mein Lesejahr 2020“). Once again, I noticed that what felt like good days for me always included reading books, so I’ll try to keep my reading pace for 2021. I’ll also continue with my hobbies “Buying Books” and “Reading Books”, to get worse at Tsundoku.

Hoping for vaccination and a more normal 2021, Schwuppdiwupp!

15 January, 2021 11:07PM

hackergotchi for Purism PureOS

Purism PureOS

App Spotlight: Dictionary

Among the easily installable and ad-free apps within the PureOS store is Dictionary. This is a simple tool that lets you search through numerous online or local dictionaries and translation sources.

After install, the defaults are perfectly suitable for most users to look up data online:

Offline search:

For those that want to become invisible; you can air gap your Librem 5 from all networks while still using self-hosted services like translation. To install locally hosted dictionary services run the following commands:

sudo apt install dictd 
sudo apt install dict-gcide 
sudo systemctl start dictd
sudo systemctl enable dictd

If you’d like a few extra dictionaries to look up data in:

sudo apt install dict-freedict-eng-*

You’ll also want to point the Dictionary app at your new service:

Becoming a Server:

Not only can the Librem 5 locally host and use Dictionary services, but it can share the service with your network. To do this, edit /etc/dictd/dictd.conf to accept non-local connections.

Lookup what you need to, and keep your data in your control.

Discover the Librem 5

Purism believes building the Librem 5 is just one step on the road to launching a digital rights movement, where we—the-people stand up for our digital rights, where we place the control of your data and your family’s data back where it belongs: in your own hands.

Order now

The post App Spotlight: Dictionary appeared first on Purism.

15 January, 2021 11:01PM by David Hamner

hackergotchi for Volumio

Volumio

Volumio Album of the Week – 2021

New year, more albums…

Let’s start the year as we always do, with great music!

Check below our weekly album recommendations. And if you missed our 2020 album of the week compilation, you can check it out here

Week #1

 Released in 2013, Aleph by GESAFFELSTEIN takes us to the genre of IDM, electro and techno.

Debut album for the French producer Mike Levy aka Gesaffelstein.

The best gift of Mike Levy is certainly the versatility, the epic IDM of Piece of future is a bit the summa of the album that ranges between EDM (Pursuit and Obsession), UK bass rhythms (Out of line and Hellifornia) and industrial ambient (Hate Or Glory) to testify the ability to grasp the creative core of each style.

Not all of Aleph’s explanations are complete (Duel and Hellifornia): reconciling the ambient minimalism of some songs with the dance explosiveness of others is a titanic undertaking, but Levy is a character who could give us surprises in the future.

Electro milestone!

Purchase it on Amazon: Aleph by Gesaffelstein



So, the most important questions, what are your thoughts on it? Is it related to your music preferences?

Tell us in the comments!

Reviews written by DED@Volumio

Do you enjoy Volumio Album of the week? Then you will love Music Letter! Check it out.

The post Volumio Album of the Week – 2021 appeared first on Volumio.

15 January, 2021 05:35PM by Monica Ferreira

hackergotchi for Purism PureOS

Purism PureOS

Librem 14 Update: Shipping Starts in February with Extended Battery

The Librem 14 is our dream laptop and we know many of you are looking forward to getting yours. In our last post we talked about some of the final tweaks we made that resulted in shipping being delayed until January. The bad news is that we won’t be able to start shipping Librem 14s until February, but the good news is that everyone will be getting our (as of yet unannounced) extended battery option by default! Read the rest of the article for details.

Supply Chain Challenges

If you talk to anyone in manufacturing they will tell you that this has been a particularly challenging year for the supply chain. Whether you are talking about toilet paper, N95 masks, rubber gloves, or semiconductors, the global pandemic has made supply chains less reliable, and lead times and shipping times incredibly unpredictable. We already ran into supply chain challenges with the Librem 14 earlier when Intel announced CPU shortages, and most recently when we were preparing the first run of production Librem 14s we hit another issue: we couldn’t get the 3-cell batteries we were planning to use until after Chinese New Year! If you are familiar with manufacturing in China, you know that the entire country essentially shuts down for weeks, so this is far from ideal. However it turns out we could get our 4-cell extended battery in time.

The Librem 14 Extended Battery

When we first designed the Librem 14, it was with a 3-cell battery and second M.2 storage slot. Later on, we evaluated having the option to include a 4-cell extended battery increase the capacity by 33% with the expense of covering up the second M.2 storage slot. Because of that, we decided at the time to make the 3-cell battery the default, and offer the 4-cell extended battery to customers as an after-market optional upgrade.

These recent events have caused us to re-evaluate that plan. We realize most customers will probably never use the second M.2 storage slot of their laptop, but they would appreciate having the extra battery capacity. So we are going to default to the 4-cell extended battery on Librem 14 orders, unless the customer fills both M.2 slots, in which case we will fall back to the 3-cell battery.

For existing orders with both disk slots populated, this would mean your order gets delayed until March when we get 3-cell batteries, but if you don’t want to wait, we will work with you if you want to modify your order (simply contact our support team with your order number). For everyone else, we will start shipping their Librem 14 with the 4-cell extended battery in February.

Thank you so much for your patience while we finish up the Librem 14. Hopefully the surprise upgrade to an extended battery will help take some of the sting off of the extra wait!

The post Librem 14 Update: Shipping Starts in February with Extended Battery appeared first on Purism.

15 January, 2021 05:20PM by Purism

hackergotchi for Ubuntu developers

Ubuntu developers

Alan Pope: Distrowatch is Not a Measure of Popularity

Here’s a fun blog post where I get possibly irrationally annoyed by people who use a web page incorrectly. Let me get this off my chest and then move on to better topics tomorrow. Distrowatch is a popular website among Linux enthusiasts. The main page consists of reverse-chronological news articles of interest to Linux users. Often this consists of new stable and development release announcements, reviews and weekly roundups. In addition, there are boxes surrounding the content highlighting the latest Linux distributions, podcasts, software packages and some advertising.

15 January, 2021 12:00PM

January 14, 2021

Podcast Ubuntu Portugal: Ep 125 – Feijoada acidente

Tornamos histórias enfadonhas em aventuras fantásticas, acontecimentos cinzentos em verdadeiros contos de fadas, ou então falamos só sobre Ubuntu e outras cenas… Aqui fica mais um episódio no vosso podcast preferido.

Já sabem: oiçam, subscrevam e partilhem!

  • https://wiki.ubuntu.com/DiogoConstantino
  • https://wiki.ubuntu.com/Membership/NewMember
  • https://svartrecords.com/product/feijoada-international/
  • https://store.steampowered.com/hwsurvey/Steam-Hardware-Software-Survey-Welcome-to-Steam
  • https://www.humblebundle.com/books/linux-apress-books?partner=PUP
  • https://www.humblebundle.com/books/front-end-web-development-packt-books?partner=PUP
  • http://keychronwireless.refr.cc/tiagocarrondo
  • https://shop.nitrokey.com/shop/product/nk-pro-2-nitrokey-pro-2-3?aff_ref=3
  • https://shop.nitrokey.com/shop?aff_ref=3

Apoios

Podem apoiar o podcast usando os links de afiliados do Humble Bundle, porque ao usarem esses links para fazer uma compra, uma parte do valor que pagam reverte a favor do Podcast Ubuntu Portugal.
E podem obter tudo isso com 15 dólares ou diferentes partes dependendo de pagarem 1, ou 8.
Achamos que isto vale bem mais do que 15 dólares, pelo que se puderem paguem mais um pouco mais visto que têm a opção de pagar o quanto quiserem.

Se estiverem interessados em outros bundles não listados nas notas usem o link https://www.humblebundle.com/?partner=PUP e vão estar também a apoiar-nos.

Atribuição e licenças

Este episódio foi produzido por Diogo Constantino e Tiago Carrondo e editado por Alexandre Carrapiço, o Senhor Podcast.

A música do genérico é: “Won’t see it comin’ (Feat Aequality & N’sorte d’autruche)”, por Alpha Hydrae e está licenciada nos termos da [CC0 1.0 Universal License](https://creativecommons.org/publicdomain/zero/1.0/).

Este episódio e a imagem utilizada estão licenciados nos termos da licença: Attribution-NonCommercial-NoDerivatives 4.0 International (CC BY-NC-ND 4.0), cujo texto integral pode ser lido aqui. Estamos abertos a licenciar para permitir outros tipos de utilização, contactem-nos para validação e autorização.

14 January, 2021 10:45PM

Ubuntu Blog: Productivity corner: editors, editors, editors

Text editors are a curious product. On one hand, they are simple, no-nonsense digital pads for taking notes, without any embellishments or visual styling. On the other, they are powerful code and data toolboxes, allowing for a great deal of flexibility and innovation. Indeed, software developers, Web developers and entrepreneuring nerds worldwide often use text editors for a range of useful tasks and activities. Never have so many owed so much to so few. To that end, we want to introduce you to several powerful text editors in the Snap Store.

Emacs

Emacs is the grandfather of visual text editors. Born in 1976, this editor has seen, witnessed and possibly even helped the birth of the World Wide Web, survived Web 2.0, and still marches on, being continuously developed and improved. Emacs is highly extensible, with more than 10,000 built-in commands, tons of extensions, support for macros, and infinite customization. It has also spawned countless clones (excluding Star Wars), and is integrated with dozens of other applications.

Then, if writing raw text isn’t your thing, there’s an entire ecosystem of added functionality, which includes project planning tools, mail, calendar, news reader, debugging console, extensions manager, and more.

<noscript> <img alt="" src="https://res.cloudinary.com/canonical/image/fetch/f_auto,q_auto,fl_sanitize,c_fill,w_720/https://lh5.googleusercontent.com/E41xknjS-MPCdgyqUQq7KMFuJ9tuFq5uCytZ9l9rlI4EHtMc2dQDJyJNmgZhOCUVYLbnNtxFdpSEHwpE03VwT3qVK-Zhz1teePizCWq4WozwfTV9J_26qSMTUxo5sEiG5skVLXQf" width="720" /> </noscript>

Atom

One could say that Atom is the modern-day equivalent of Emacs. It’s a hackable (read extensible) text editor, with a tabbed interface, sidebar navigation, support for more than fifty file formats (with syntax highlighting), and a high degree of customization, allowing you to tweak and change the look and feel as well as behavior of the text editor to your needs. You can also use extensions, which further enhance the editor’s capabilities.

<noscript> <img alt="" src="https://res.cloudinary.com/canonical/image/fetch/f_auto,q_auto,fl_sanitize,c_fill,w_720/https://lh6.googleusercontent.com/1Etn8QMhKHzTfrIj_rVfWsFTgLjbw5xEcfXKC8-zg4cglh0uigOZ5UQ5BVftklpvzFXz9MlwEJXxNu2LYuBRxZ047qEHOScfQeWqKSIh6ANJAQlsgxghUI4kuEL3NQgbat73gqMk" width="720" /> </noscript>

Notepad++

In the Windows operating system world, Notepad++ is a familiar, popular face. This text editor comes with a great deal of features, including tabs and split screen modes, syntax highlighting for more than 70 languages, auto-completion, auto-save, macros, complex search and replace mechanism that supports regular expressions, and more than 100 plugins, which can be installed and updated using a built-in plugin manager. Technically, Notepad++ is a Windows product, but it is also available as a snap, which offers the WINE platform runtime as part of the bundle for a simple, seamless experience.

<noscript> <img alt="" src="https://res.cloudinary.com/canonical/image/fetch/f_auto,q_auto,fl_sanitize,c_fill,w_720/https://lh4.googleusercontent.com/PtrNmFYlgonA43Huy_uXD_uBmmigIBCj5IKPe46MWTVUvSt9bbg82UX-_csPmVtrT1rIJSZZLMzSGptE46VrRRPeEieelwIU73050DCmCKHpV3MRM2VAqdf23OKUuAjRyxp4tR8v" width="720" /> </noscript>

Notepadqq

If you are not keen on essentially running a Windows binary on your Linux machine, then you can try Notepadqq. It’s a text editor very similar in behavior and capabilities to Notepad++. You get syntax highlighting for more than 100 different languages, code folding, regular expressions, side-by-side view and edit modes, and then some. It advertises itself as an application made by developers for developers, but it should serve you well even if you do not write code for a living.

<noscript> <img alt="" src="https://res.cloudinary.com/canonical/image/fetch/f_auto,q_auto,fl_sanitize,c_fill,w_720/https://lh4.googleusercontent.com/zeHrBMRHhu53HxJUO9dzoAo9dy8t2jeJd4mQDoJw7JRaJqlfzLv5Bsoo7-sadHy1cQ-_uMRCPJhI-BgLvfhLi0-xPEZC0yvvcLOMZM8tliji5n3wQ8aqnaUOFZDmEG4uSovc1Hg3" width="720" /> </noscript>

Sublime Text

The old Linux guard has engaged in vehement debates of vi versus emacs. In the Windows world, you may have heard about Notepad++ versus Sublime Text. However, you can carry on that debate into the Linux world, too, because Sublime Text is a cross-platform solution, and also available as a snap.

This text editor comes loaded with features, including numerous visual themes, auto-save, auto-completion, syntax highlighting, simultaneous editing, integration with various other programs and services (like WordPress or Git), and a Python API. Unlike the other names mentioned in this article, Sublime Text is a payware product. You can evaluate it for free, but if you want to continue using it, you will need a license.

<noscript> <img alt="" src="https://res.cloudinary.com/canonical/image/fetch/f_auto,q_auto,fl_sanitize,c_fill,w_720/https://lh3.googleusercontent.com/u49zO01vd1FnWxiN9UxaP4OL-qyHwx9X6_0j4s4jGa1Y5CcS3zV9Mc7YWM8gfOCouDfe-YOEwpibIkLPjH4uLGis_bC2wi8mwQPsfpSJ09oOoF6H70wOOiwyUBVbQHxuaIuyhAZc" width="720" /> </noscript>

Kate

Part of the considerable bundle of native programs for the KDE/Plasma ecosystem, Kate is a versatile text editor that can not only be used in other desktop environments, it can also be installed and used on other operating systems. The application supports more than 300 languages, windows splitting, sessions, plugins, and built-in support for protocols like HTTP, FTP, SSH, SMB, and WebDAV. There’s also shell integration, scripting, infinite undo/redo, powerful regex functionality, auto-completion, auto-indentation, and then some.

<noscript> <img alt="" src="https://res.cloudinary.com/canonical/image/fetch/f_auto,q_auto,fl_sanitize,c_fill,w_720/https://lh4.googleusercontent.com/RmP0oSHgjSsoqtmHvjiIqWrdRUyyktZ8coEYRkQIsFGHtGi-NXbX05rYsP25dQ3W64tKPDgVe4pvVtb4LxP_1NoytqKibOl6FyQdPj5iuUWW564XIsyPm9hMY7AAUL2-104cz-jZ" width="720" /> </noscript>

Summary

Sometimes, an abundance of choice can be difficult for the consumer. With text editors, it’s quite the opposite. More is more. The wealth and diversity of available products in this space gives tinkerers and developers the ultimate freedom to select just the right tool for the job – and there could be many different tools for different jobs. Hopefully, this article will help you find the text editor that has the best features you need, and allow you to be even more productive in your endeavors. If you have any comments or suggestions, please join our forum for a discussion.

Photo by Max Chen on Unsplash

14 January, 2021 03:21PM

Alan Pope: Breaking my Crowdfunding Hiatus

Just days after blogging about My Crowdfunding Stats, I’ve broken my “no crowdfunding” streak of near 18-months by backing something small, but delightful! Last night a tweet by Tom Brinton crossed my desk. Tom is creating a notebook in which every page is a procedurally generated portable dungeon crawler. The campaign is called “Tiny Paper Dungeons” and it runs until 2nd February 2021. Tom has previously made a project in a similar vein called NUTRI-TRACK.

14 January, 2021 12:00PM

January 13, 2021

Torsten Franz: Find new ways

Sometimes it is time to critically question things and look for new ways. This is what we as the Ubuntu Community Council have initiated with the existing Local Communities (LoCo) project.

The LoCos have been an integral part of the Ubuntu family since almost the beginning of Ubuntu. The aim of the LoCos is that people who are involved with Ubuntu find contact persons and like-minded people in their area, so that they are included in the Ubuntu community and also get help with possible questions or problems with Ubuntu.It is also the aim that these local units fill Ubuntu with life and organise events. In the past years they have been an important institution in building the community around Ubuntu.

Last year, we at the newly elected Community Council wanted to re-staff the international council that oversees this LoCo and called for nominations. Unfortunately, there were not enough candidates so that we could re-staff this council.

We thought about what we could do to bring new momentum to this community issue. We came up with the idea of setting up a committee with members from all continents to see how we can change, improve or even completely change the concept. It is expressly desired that we break out of the existing Ubuntu cosmos and look elsewhere and analyse what good accents others have in their community and how we can perhaps learn something from them. The idea of the Local Communities Research Committee (LCRC) was born, which is supposed to reinvent the LoCos. The whole idea can be found on the Community Hub.

I would be very happy if committed Ubuntu members would like to take on this task and contribute to this LCRC, thus improving Ubuntu and shaping the structures for the future. Actually, there is nothing standing in our way, but of course we have to get going. We accept applications at the mail address community-council at lists.ubuntu.com.

13 January, 2021 09:30PM

hackergotchi for Grml developers

Grml developers

Frank Terbeck: SYSHH#8

In today's episode of songs you should have heard, we'll go with some post-punk. Specifically the classic Joy Division track “Love will tear us apart”. Gorgeous in every way.

13 January, 2021 09:18PM

hackergotchi for Purism PureOS

Purism PureOS

Purism and Linux 5.9 and 5.10

Purism and Linux 5.9 and Linux 5.10

Following up on our report for Linux 5.8 this summarizes the progress on mainline support for the Librem 5 phone and its development kit during the 5.9 and 5.10 development cycles.

Librem 5 updates

One of the most notable additions is a first devicetree description for the phone. This is important to have upstream since it describes how the hardware is wired up. Without that, it’s impossible to boot a mainline kernel. We added descriptions for the various phone revisions themselves (up to the Dogwood board) and also for the MIPI DSI controller of the imx8mq SoC. From this point on, we’ll incrementally add the missing pieces, for example from the display stack, just like we’ve done for the devkit back in Linux 5.2.

Librem 5 LCD panel

Speaking of the display stack: The phone includes a different LCD panel than the devkit and we had to add a driver for it:

Devkit updates

Another milestone we reached (and had promised earlier) is that the devkits’ display now works with mainline Linux directly. All needed drivers are there and the hardware is described accurately in the devicetree upstream. It’s not only nice to be able to use a mainline kernel without (m)any patches, it’s important in order to keep the hardware supported for a long time. The hard parts had been done before and that’s how the final pieces for the display look like:

Audio Codec

The wm8962 audio codec needed a small update to allow userspace to utilize hardware mono downmix for cases where mono output to a single speaker is desired only, like on a mobile phone:

Code review

During these rounds, we contributed 24 Reviewed-by: or Tested-by: tags to patches by other authors. Also, we would like to thank everybody who reviewed our patches and helped us, especially Sam in the DRM layer and Shawn and Krzysztof in the devicetree area. It’s supposed to be fun but we know it not always actually is, so that’s much appreciated.

Sources

Have a look at our Linux tree to see what is currently being worked on and tested (or help if you feel like joining the fun).

Discover the Librem 5

Purism believes building the Librem 5 is just one step on the road to launching a digital rights movement, where we—the-people stand up for our digital rights, where we place the control of your data and your family’s data back where it belongs: in your own hands.

Order now

The post Purism and Linux 5.9 and 5.10 appeared first on Purism.

13 January, 2021 08:32PM by Martin Kepplinger

hackergotchi for Ubuntu developers

Ubuntu developers

Alan Pope: null

I quite like to break things. While I’m not a QA or security professional, I have developed a knack for doing “stupid” things with software which causes it to malfunction. Some developer friends of mine have lamented that they didn’t show me software before they released it. Because I sometimes find annoying bugs immediately after they release. Here’s some fun examples of pushing the boundaries of software, sometimes by doing things a little “out there”, beyond what the developer expected or tested.

13 January, 2021 12:00PM

hackergotchi for AlienVault OSSIM

AlienVault OSSIM

A Global Perspective of the SideWinder APT

AT&T Alien Labs has conducted an investigation on the adversary group publicly known as SideWinder in order to historically document its highly active campaigns and identify a more complete picture of targets, motivations, and objectives. Through our investigation, we have uncovered a collection of activity targeting government and business throughout South Asia and East Asia spanning many years. Our findings are primarily focused on activity since 2017, however the group has been reportedly operating since at least 2012. Alien Labs along with other security researchers have assessed with low to medium confidence that the group is operates in support of India political interests based on targets, campaign timelines, technical characteristics of command and control (C2) infrastructure and malware, association with other known India interest APTs, in addition to past cyber threat intelligence reporting and our private telemetry. SideWinder is a highly active adversary primarily making use of email spear phishing,...

Tom Hegel Posted by:
Tom Hegel

Read full post

       

13 January, 2021 11:00AM

hackergotchi for Ubuntu developers

Ubuntu developers

Ubuntu Blog: Telefonica Brazil selects Canonical’s Charmed OpenStack for industry-leading cloud-based online charging system

<noscript> <img alt="" src="https://res.cloudinary.com/canonical/image/fetch/f_auto,q_auto,fl_sanitize,c_fill,w_720/https://ubuntu.com/wp-content/uploads/1722/Ubuntu-and-Telefonica.png" width="720" /> </noscript>

13th January 2021 – Canonical, the publisher of Ubuntu, today announced that its Charmed OpenStack has been selected by Telefonica Brazil to – in a first for the region – migrate its online charging system (OCS) to its private cloud, Unica Next. The transformation project will see eight private clouds built on Charmed OpenStack, geographically distributed to service Telefonica’s customers in Brazil.

As the country’s biggest mobile operator with 76 MM mobile subscribers, Telefonica uses its OCS to give B2C & B2B customers real-time control and visibility of their precise usage across voice and data calls. 

Instead of selecting a conventional virtualised environment, Telefonica opted for Charmed OpenStack for future scalability on which to build a long term roadmap. With new market trends such as 5G, this migration will give Telefonica the agility to develop new features at scale, staying ahead of customer demand by providing more advanced offerings with a faster time to market.

“Migrating our OCS application to the cloud will give us the base and agility we need in order to consistently offer best-in-class solutions for our customers,” commented Flavio Matiello, Head of PrePaid Platforms & OCS at Telefonica Brazil. “This selection was an obvious choice to enable us to scale our charging capabilities to a future-proofed private cloud platform.”

As the OCS requires close proximity to the network, the clouds will be geographically distributed in Brazil. This architecture will consistently deliver the low latency needed to meet the needs of Telefonica’s wide customer base and was a key factor in the selection of a private cloud infrastructure. 

“Canonical is dedicated to enabling customers to drive new innovations and we’re pleased to have collaborated with Telefonica Brazil on its OCS migration,” said Nicholas Dimotakis, VP of Field Engineering at Canonical. “This represents a growing trend of telecoms companies moving towards OpenStack, and we’re excited to see what other cloud-based services this could open up across the industry.”

Telefonica’s OCS cloud will be built on Canonical’s Charmed OpenStack, and utilise Canonical’s open source tools to automate the deployment and operations of their infrastructure. Telefonica will benefit from Canonical’s Managed OpenStack offering for the ongoing maintenance and support of operations. The project’s initial phase was successfully rolled out in early August 2020. 

“Canonical has been an important community member in helping make OpenStack among the most widely deployed open infrastructure software for telecom in new markets. We’re proud to see Telefonica Brazil choose OpenStack for its flexibility to support a fast-changing telecom landscape. But more importantly, we’re thrilled to welcome their team to the community, representing a growing user base in Latin America,” said Mark Collier, COO, Open Infrastructure Foundation.  

-ENDS-

About Canonical

Canonical is the publisher of Ubuntu, the OS for most public cloud workloads as well as the emerging categories of smart gateways, self-driving cars and advanced robots. Canonical provides enterprise security, support and services to commercial users of Ubuntu. Established in 2004, Canonical is a privately held company.

13 January, 2021 07:02AM

January 12, 2021

hackergotchi for Purism PureOS

Purism PureOS

Librem 5 Update: Shipping Estimates and CPU Supply Chain

It’s been a busy holiday and New Year’s season at Purism as we continue to ship out Librem 5s to backers each week. We know for those who haven’t received their Librem 5 yet, what they most want to know is when their Librem 5 will arrive. In summary, we will be providing shipping estimates within the next week to the backers within the original crowdfunding campaign (orders through October 2017), but not all backers yet, based on our confidence in the estimates. The rest of this post will explain what is going into our shipping estimates, and why we can’t yet provide shipping estimates to every backer.

When we published the shipping FAQ we explained some of the factors in the shipping calculation:

That calculation depends not only on their place in line, but also on our knowing our average and maximum weekly phone throughput in advance, which we don’t expect to know until we are at least a few weeks into the process. We expect to have a good idea on these projections by the end of the year, however.

Now we are happy to say that we not only have a good idea on our shipping throughput, we actually exceeded our expectations for how many we could ship! So hopefully by the end of this week, or possibly the beginning of next week, we will be contacting a large group of backers who we feel we can provide a reliable shipping estimate. Note that this will be a separate email from the emails we already send out each week to confirm shipping information to the next group of backers who are ready to receive their Librem 5.

The Road to Shipping Parity

Back when we published the shipping FAQ, we expected that by this point we would be able to provide every backer with an accurate shipping estimate and be able to predict when we would hit shipping parity–the moment when all of the backlog has cleared and a new order would be fulfilled in our standard 10-business-day window. Once you know how many Librem 5s you can ship in a week, it seems like it would be a relatively straightforward calculation to apply that to a person’s place in line and estimate a shipping date.

Making Librem 5 Just In Time

In our case the calculation is a little more complicated due to the fact that we employ a “Just In Time” manufacturing process for the Librem 5s, which is pretty common in the industry. We estimate our shipping throughput and make slightly more Librem 5s than we think we can ship in a period of time. The next manufacturing run of Librem 5s then arrives around the time we complete shipping out the previous run. This has a few benefits, but the main benefit is if we were to identify a hardware problem in the existing Librem 5 manufacturing process (whether a systemic flaw, or a flaw in a particular manufacturing run) it impacts a smaller number of Librem 5s and can be fixed for future batches.

So when making these shipping estimates, we not only factor in our shipping throughput, but also the size of future manufacturing runs, which we now are increasing based on the fact we’ve exceeded our initial estimates. We can then calculate which run a particular order would be in, when we will make that next set of Librem 5s, and be able to estimate when a particular Librem 5 will ship. We also factor in and plan for events like Chinese New Year, which cause essentially everything in China to shut down for a few weeks.

CPU Supply Chain

One downside to using Just In Time manufacturing is that you must factor in all of the different lead times for all the different individual components that go into the Librem 5. While some components have relatively short lead times, others sometimes have lead times extending out multiple months. You have to factor all of this in to ensure that everything is ordered in advance so that it arrives just when you need it.

If you talk to anyone in manufacturing they will tell you that this has been a particularly challenging year for the supply chain. Whether you are talking about toilet paper, N95 masks, rubber gloves, or semiconductors, the global pandemic has made supply chains less reliable, and lead times and shipping times incredibly unpredictable. It’s left everyone in the industry scrambling from source A to B to C down to Z sometimes to find inventory. It even added a delay a few months back to our Librem 14 timeline due to Intel having trouble fulfilling all of their CPU orders.

Our customers have told us they want ever more information on what happens behind the scenes of making a phone like the Librem 5, so in the interest of transparency we are sharing what we’ve been hearing from our own suppliers. The iMX-8 processor we use in our Librem 5 is also popular in the automotive industry, and currently NXP has been hit with a global semiconductor shortage due to a dramatic increase in demand from auto makers.

This shortage has increased the lead times for CPU orders, which is of course a critical component in the Librem 5. As we started getting word about this shortage we were proactive in sourcing and purchasing all the CPUs we can, and continue to do so, while also factoring these increased lead times into future orders.

What Does This Mean For Me?

What does this mean for you? Based on our efforts thus far there’s a good chance it will not affect your shipping time as we continue to track down new CPU supplies and plan for future manufacturing runs. So far it hasn’t caused a delay.

However we wanted to let everyone know about this potential issue far in advance, because it will impact how many people get shipping estimates. We only want to send shipping estimates when we know for sure we have the CPUs to fulfill them, so this week instead of sending estimates to everyone like we had planned, we are only sending estimates out up to the point we have CPUs that will arrive just in time. This happens to coincide with all the orders placed through October 2017–the end of our original crowdfunding campaign.

As we secure more CPU supply, and feel confident about the supply chain for future manufacturing runs we will send out additional shipping estimates. Hopefully soon we will be able to account for the whole backlog and can calculate when we hit shipping parity.

Certification Update

We’ve also gotten some questions about the various hardware certifications for the Librem 5 including Respect Your Freedom (RYF), FCC and CE. While we designed the Librem 5 to qualify for each of these certifications, we had to wait to start the certification processes until we had the final mass-produced “Evergreen” Librem 5 since changes in the hardware would require re-certification.

Each of these certification processes are under way. While the transmitters in the Librem 5 (the removable cellular modem and WiFi card) already have FCC and CE certification, we are seeking certification for device as a whole. We are still in the middle of these time-consuming certification processes and will post an update to our site when there is any news on any of these fronts.

Thank You

We want you to have your Librem 5 as soon as possible and appreciate everyone’s patience as we continue to process orders and get through our backlog. It’s everyone’s support through this monumental process that has made the Librem 5 a reality.

The post Librem 5 Update: Shipping Estimates and CPU Supply Chain appeared first on Purism.

12 January, 2021 10:29PM by Purism

hackergotchi for Ubuntu developers

Ubuntu developers

Ubuntu Blog: PostgreSQL: The PgMiner botnet attacks & Postgres database security

<noscript> <img alt="" src="https://res.cloudinary.com/canonical/image/fetch/f_auto,q_auto,fl_sanitize,c_fill,w_720/https://ubuntu.com/wp-content/uploads/3f95/postgres_blog.png" width="720" /> </noscript>

Assuring the security of PostgreSQL and all open source database systems is critical as many learned with the PgMiner botnet attacks in December 2020. Having an understanding of, and visibility into, how these attacks happen and following standard best practices is the best way to make sure that your data is not at risk.

This blog details the latest security issue with PostgreSQL, how to fix/prevent these attacks and how to ensure security of your PostgreSQL database instances.

Overview and prevention of the PgMiner botnet attacks

Attacks like the PgMiner botnet attack essentially scrape across the Internet looking for misconfigured PostgreSQL servers. This process involves scanning blocks of IP addresses, identifying Postgres servers and then attempting to brute force attack the authentication on those servers. 

The good news for Ubuntu users, is that Ubuntu Server has a secure experience with Postgres out of the box, which is well-documented in Getting Started with PostgreSQL in the Ubuntu Server Guide

A Postgres user on Ubuntu systems does not have a password by default, preventing attackers from accessing the system account via SSH. Only users who already have superuser access to the system can su postgres to authenticate as the system user. From there, a unique password can be created for connecting to the Postgres service. 

By default, these connections are not exposed to the outside network. As outlined in the server guide, the postgresql.conf file would need to be edited by the user to allow the service to listen on a network interface available outside the host. 

The Postgres service on Ubuntu is designed to limit connections via the pg_hba.conf file, enabling a security best practice: In order to permit a client access to authenticate to the Postgres server, the account, database and IP address of the client must be allowed in the pg_hba.conf file. 

It is recommended that users keep the permitted clients as explicit and narrow in their definition as possible, and to:

  1. Only allow permissions to the particular databases each specific user should have access to
  2. Only allow those users to connect from an allowed list of network addresses

Open source database security

With PostgreSQL’s install base increasing by 52 percent in 2020, and with open source database adoption increasing year on year, securing the technology that stores company and customer data is critical. Access controls and authentication measures are key concerns when managing the security of databases, but as with any software, unidentified and unpatched vulnerabilities should also be a key concern. If vulnerabilities go undetected and updates are not implemented, insecure applications and systems could lead to unauthorised access, leakage and corruption of data

When assessing your database security, consider where gaps in security may be most prevalent. For example, with an increase in multi-cloud use, security best practices may not yet be applied in the public cloud, or vulnerability remediation delayed due to lack of visibility and accountability across an organisation.

CVE patching for PostgreSQL on AWS, Azure

Vulnerability patching for open source databases and applications like PostgreSQL running in public clouds is a key concern for security and infrastructure teams. Ubuntu’s open source security extends to systems and applications on AWS and Azure through a comprehensive, secure and compliant image – Ubuntu Pro.

Ubuntu Pro is a premium Ubuntu OS image that allows enterprises to benefit from extended maintenance, broader security coverage and critical compliance features by simply selecting and running an image on a public cloud— with no contract required. 

Key features of Ubuntu Pro include:

  • 10 years of stability,  with extended security maintenance and CVE patching backported to the existing version of the application
  • Security coverage for hundreds of open source applications like PostgreSQL, Apache Kafka, NGINX, MongoDB and Redis.
  • Kernel Livepatch, which allows for continuous security patching and higher uptime and availability by allowing kernel security updates to be applied without a reboot
  • Customised FIPS and Common Criteria EAL-compliant components for use in environments under compliance regimes such as FedRAMP, PCI, HIPAA and ISO
  • Optional up to 24/7 phone support

Get started with Ubuntu Pro on AWS ›

Get started with Ubuntu Pro on Azure ›


24/7 PostgreSQL support

With IT teams using diverse technologies across different platforms, becoming an expert on each piece of the puzzle is not likely or scalable. Additionally, 40% of respondents in a 2019 Percona survey cited ‘Lack of support’ as a top concern with open source data management. Depending on team capacity and an organisation’s reliance on a technology, additional support services may be needed to give teams access to open source database experts. 

Canonical provides 24/7, enterprise-grade support for PostgreSQL through Ubuntu Advantage for Applications. Ubuntu Advantage is a single, per-node package of the most comprehensive enterprise security and support for open source infrastructure and applications, with managed service offerings available.

Full-stack application support includes PostgreSQL and other open source database technologies, like MySQL, Redis and ElasticSearch, with response time guaranteed through subscription SLAs. See which applications are covered, and contact us with any questions you may have.

Contact us to get started

Offloading PostgreSQL security and operations

Open source is ubiquitous in applications, and more than 80 percent of all cyberattacks specifically target applications. Application attacks are both harder to detect and more difficult to contain compared to network attacks. Hackers take the easiest path when determining exploits and target applications with the best attack surface opportunities. 

More and more enterprises are realising that managing their PostgreSQL databases and overall open source estate will entail significant investments of time, resources and budget, impacting both developer productivity and the overall software development lifecycle. Cyberattacks such as PgMiner botnet are a stark reminder of the need for active security monitoring and timely issue resolution by application-management and security teams. 2020 Open Source Security and Risk Analysis report from Synopsis highlights that 99% of analysed enterprise application codebases contain open source software. Given the large number of open source applications and databases in enterprises, it is difficult to have dedicated teams for each open source application with relevant experience to manage them and keep them secure. 

Enterprises now have the option of offloading the complexity of managing open source applications like PostgreSQL to managed service providers such as Canonical. Canonical’s engineers ensure that open source databases and apps remain secure and performant at all times with active monitoring and full life-cycle management. 

With Canonical’s fully managed PostgreSQL service, engineers will keep Postgres and open source apps secure and updated with real-time issue resolution and patching wherever they run – on Kubernetes, in the public or private cloud.

Get in touch for a PostgreSQL deployment assessment

12 January, 2021 07:54PM

Alan Pope: Digital Hoarding: Ubuntu Mirror

I have a bunch of Ubuntu machines on my local network at home. They all periodically need to check for updates then download & install them. Rather than have them all reach out to the official mirrors externally to my network, I decided to run my own mirror internally. This post is just a set of notes for anyone else who might be looking to do something similar. I also do a lot of software building, and re-building, which pulls all kinds of random libraries, compilers and other packages from the archive.

12 January, 2021 12:00PM

January 11, 2021

The Fridge: Ubuntu Weekly Newsletter Issue 665

Welcome to the Ubuntu Weekly Newsletter, Issue 665 for the week of January 3 – 9, 2021. The full version of this issue is available here.

In this issue we cover:

The Ubuntu Weekly Newsletter is brought to you by:

  • Krytarik Raido
  • Bashing-om
  • Chris Guiver
  • Wild Man
  • And many others

If you have a story idea for the Weekly Newsletter, join the Ubuntu News Team mailing list and submit it. Ideas can also be added to the wiki!

Except where otherwise noted, this issue of the Ubuntu Weekly Newsletter is licensed under a Creative Commons Attribution ShareAlike 3.0 License

11 January, 2021 11:53PM

Sebastian Schauenburg: Translators, please do not translate everything

TL;DR

I'm grateful for translations by translators. But translating everything causes icons to break. Ubuntu MATE 20.04 has several broken icons and most of them are fixed in Ubuntu MATE 20.10 already.

Advice: Please do NOT translate the 'Icon' text, just leave that translation blank (""). Copy/pasting the English text will cause superfluous lines in .desktop files and might cause additional work later (if the original name is updated, you will need to copy and paste that string again). So getting a 100% translation score, might even be non-optimal.

Ubuntu MATE 20.04.1 with broken icons

You probably know the feeling of being the IT guy for your family (in this specific case, my mother-in-law). Her Linux laptop needed to be upgraded to the latest LTS, so I did that for her.

Back when she got the laptop, I installed a non-LTS release. That was required, otherwise her brand spanking new hardware, wouldn't have worked correctly.

I tried using the GUI to upgrade the system, but that didn't work. Usually I live in the terminal, so I quickly went to my comfort zone. I noticed the repositories were not available anymore, of course, this was not an LTS. That meant also that 'do-release-upgrade' did not work. Fortunately I was around when that tool did not exist yet, so I knew to manually modify apt sources files and run apt-get manually. The upgrade was a success of course. But, what is that, why am missing icons here? I also run Ubuntu MATE on some of my other systems and the icons never broke before. The upgrade seemed to have been flawless, but still something went wrong? No, that couldn't be... and it wasn't.

Switching her desktop to English, instead of Dutch (Nederlands), "fixed" the icons. That is strange, but is providing the user of the laptop with a workaround. Luckily my mother-in-law is proficient in English, but prefers Dutch. And there are enough people (I know some of them) who can not read/write/speak English and are dependant on translations. So I thought I'd go fix the issue (or at least, so I thought).

screenshots

Ubuntu 20.04: ubuntu mate 20.04

Ubuntu 20.10: ubuntu mate 20.10

The .desktop file

Checking the .desktop file (I'm going to use /usr/share/applications/mate-screensaver-preferences.desktop here as an example), I noticed the following lines:

# Translators: Do NOT translate or transliterate this text (this is an icon file name)!
Icon[ca]=preferences-desktop-screensaver
Icon[cs]=preferences-desktop-screensaver
Icon[da]=preferences-desktop-screensaver
Icon[es]=preferences-desktop-screensaver
Icon[gl]=preferences-desktop-screensaver
Icon[it]=preferences-desktop-screensaver
Icon[lt]=preferences-desktop-screensaver
Icon[ms]=preferences-desktop-screensaver
Icon[nb]=preferences-desktop-screensaver
Icon[nl]=voorkeuren-bureaublad-schermbeveiliging
Icon[uk]=preferences-desktop-screensaver
Icon[zh_TW]=preferences-desktop-screensaver
Icon=preferences-desktop-screensaver

Hmmm, apparently several translations exist (which generally have been kept identical to original English text).

Note: if a localized translation exists, that will be used. If no localized translation exists, the original English one will be used.

Let me have a look at their source code on their github. It contains several .po files, which contain the translations. So it's only a matter of cloning the repository and submitting a pull request... wrong. I already made the repository fork, when I noticed the commit log. It shows that the translations are being synced from Transifex.

P.S. I should've checked the ubuntu-mate website first, since they have an entire section about translations.

Transifex

Transifex seems to be a proprietary system for doing translations, but I need to go there to fix this issue, so let's get this fixed. Apparently I need to 'join' the team to even see the strings and translations and also to fix them. Would be nice if guest access (read only) would be enabled, because then I could at least check if I will be bothering the correct team. And once you sent a request to join, there is no way to track it, or see the team members etc. (unless you are part of that team perhaps). But nevermind, let's continue.

Clicking the 'Join team' button, I made the assumption that I would automagically be joined to that team. Somehow that did not happen immediately (e.g. it requires human intervention). And I thought this was just going to be quick 'go in, fix it, leave' thing...

Current status

My translator membership was declined, which I don't mind actually, since I don't want to become a full-fledged translator (I just want to fix this specific bug). A helpful translator (with access) checked it out and is working on it.

Joining all teams for each item/language is a quite a hassle (and once declined, sending them all the messages to ask them for fixes etc.), so I'm "only" going to scratch my own itch here. But it seems prudent to give all translators a headsup about this, so they might fix it in their translations (if applicable), hence this blog post.

If anyone could eventually get the updated translations into Ubuntu 20.04, that would be much appreciated ;-)

Advice: Please do NOT translate the 'Icon' text, just leave that translation blank (""). Copy/pasting the English text will cause superfluous lines in .desktop files and might cause additional work later (if the original name is updated, you will need to copy and paste that string again). So getting a 100% translation score, might even not-optimal.

11 January, 2021 07:00PM

Alan Pope: Digital Hoarding: Gaming Edition

Another in a series of “I have identified a problem here!”. I appear have quite a few video games. More than I can probably play in my time left on Earth. Let’s set aside all the retro games I have for a moment, and consider only the ones that run on my primary computer, a PC. To be clear, I’m only talking about ‘native’ games. Aside: I hate the word ‘native’ in this context, because what’s native?

11 January, 2021 12:00PM

hackergotchi for VyOS

VyOS

2020 recap and 2021 Q1 plan

Happy new year everyone!
The year 2020 has been a productive year for VyOS. We are happy to see new contributors join and work with us; happy to see customers go with VyOS when they need an affordable, flexible, and open solution for increased networking needs; happy to see VyOS gather momentum. Here’s a brief recap of the past year, and a bit of recent plans.

For a detailed discussion of the development in 2020 and plans for 2021, we've setup an online event that will be held in Zoom, this Sunday, at 16:00 (4pm) UTC. Everyone is invited to join!

11 January, 2021 10:18AM by Daniil Baturin (daniil@sentrium.io)

January 10, 2021

hackergotchi for Ubuntu developers

Ubuntu developers

Stuart Langridge: OpenUK Honours

So, I was awarded a medal.

OpenUK, who are a non-profit organisation supporting open source software, hardware, and data, and are run by Amanda Brock, have published the honours list for 2021 of what they call “100 top influencers across the UK’s open technology communities”. One of them is me, which is rather nice. One’s not supposed to blow one’s own trumpet at a time like this, but to borrow a line from Edmund Blackadder it’s nice to let people know that you have a trumpet.

There are a bunch of names on this list that I suspect anyone in a position to read this might recognise. Andrew Wafaa at ARM, Neil McGovern of GNOME, Ben Everard the journalist and Chris Lamb the DPL and Jonathan Riddell at KDE. Jeni Tennison and Jimmy Wales and Simon Wardley. There are people I’ve worked with or spoken alongside or had a pint with or all of those things — Mark Shuttleworth, Rob McQueen, Simon Phipps, Michael Meeks. And those I know as friends, which makes them doubly worthy: Alan Pope, Laura Czajkowski, Dave Walker, Joe Ressington, Martin Wimpress. And down near the bottom of the alphabetical list, there’s me, slotted in between Terence Eden and Sir Tim Berners-Lee. I’ll take that position and those neighbours, thank you very much, that’s lovely.

I like working on open source things. It’s been a strange quarter-of-a-century, and my views have changed a lot in that time, but I’m typing this right now on an open source desktop and you’re probably viewing it in an open source web rendering engine. Earlier this very week Alan Pope suggested an app idea to me and two days later we’d made Hushboard. It’s a trivial app, but the process of having made it is sorta emblematic in my head — I really like that we can go from idea to published Ubuntu app in a couple of days, and it’s all open-source while I’m doing it. I like that I got to go and have a curry with Colin Watson a little while ago, the bloke who introduced me to and inspired me with free software all those years ago, and he’s still doing it and inspiring me and I’m still doing it too. I crossed over some sort of Rubicon relatively recently where I’ve been doing open source for more of my life than I haven’t been doing it. I like that as well.

There are a lot of problems with the open source community. I spoke about divisiveness over “distros” in Linux a while back. It’s still not clear how to make open source software financially sustainable for developers of it. The open source development community is distinctly unwelcoming at best and actively harassing and toxic at worst to a lot of people who don’t look like me, because they don’t look like me. There’s way too much of a culture of opposing popularity because it is popularity and we don’t know how to not be underdogs who reflexively bite at the cool kids. Startups take venture capital and make a billion dollars when the bottom 90% of their stack is open source that they didn’t write, and then give none of it back. Products built with open source, especially on the web, assume (to use Bruce Lawson’s excellent phrasing) that you’re on the Wealthy Western Web. The list goes on and on and on and these are only the first few things on it. To the extent that I have any influence as one of the one hundred top influencers in open source in the UK, those are the sort of things I’d like to see change. I don’t know whether having a medal helps with that, but last year, 2020, was an extremely tough year for almost everyone. 2021 has started even worse: we’ve still got a pandemic, the fascism has gone from ten to eleven, and none of the problems I mentioned are close to being fixed. But I’m on a list with Tim Berners-Lee, so I feel a little bit warmer than I did. Thank you for that, OpenUK. I’ll try to share the warmth with others.

Yr hmbl crspndnt, wearing his medal

10 January, 2021 03:30PM

hackergotchi for SparkyLinux

SparkyLinux

DeepL-Linux

There is a new application available for Sparkers: DeepL-Linux

What is DeepL-Linux?

DeepL integration for Linux. Select text in any application and simply press Ctrl+C and another shortcut to translate it. The client for deepl in Linux uses webview.

Installation (Sparky 5 & 6, amd64 & i386):

sudo apt update
sudo apt install deepl-linux

Add system shortcut:
* add this command:
/opt/deepl/loader.sh
And set this command with a shortcut, for example: Ctrl-Alt-D

Use it:
Select text in any application, press Ctrl+c to copy selected content into clipboard, then press the shortcut you just defined for loader.sh

DeepL-Linux

Author: kumakichi
License: ?
Web: github.com/kumakichi/Deepl-linux

 

10 January, 2021 02:36PM by pavroo

hackergotchi for Ubuntu developers

Ubuntu developers

Alan Pope: My Crowdfunding Stats

While writing my Ouya post the other day, I was reminded of the various projects I’ve backed on crowdfunding sites over the years. Between May 2012 and August 2019 I helped fund 68 separate projects. Most for “beer money” (around a tenner) through “toy money” (up to fifty quid) up to “need to have a think about this money” (a hundred quid or so). The vast majority have been successful, and I’ve received my backer reward in a timely fashion.

10 January, 2021 12:00PM

January 09, 2021

hackergotchi for Qlustar

Qlustar

Happy new year with Qlustar 12

The Qlustar team wishes you all the best for the new year and is pleased to announce the immediate availability of Qlustar 12.0.0 for download. It updates Qlustar's core platform to current Ubuntu 20.04 LTS. The CentOS edge platforms remain based on 7.9 (with integrated OpenHPC 1.3.9) and 8.3 (OpenHPC 2).

The highlight of this release is the move to LDAP as the user and group name service, replacing the NIS setup used earlier. A fully configured LDAP instance is created at installation time. Net-boot nodes may directly authenticate users against this instance or use conveniently synced flat passwd/group files when scalability is critical.

QluMan has a new optional component to manage the Qlustar LDAP instance. It consists of a User and Group Management interface, as well as a powerful tool to import users/groups from passwd-like flat files.

The second major new QluMan feature is the ability for easy and clean integration of external LDAP or Active Directory services with the new Nameservice Providers and Nameservice Configs dialogs.

Finally, the QluMan GUI has been ported to the current QT 5 toolkit. This was a huge 'under the hood' effort that ensures the long-term maintainability of QluMan and also improves its stability.

Highlights among the various major component updates include Kernel 5.4.x, Slurm 20.02.x, CUDA 11.0, ZFS 0.8.5 and BeeGFS 7.2. Please read the release notes for more details.

09 January, 2021 05:47PM by root

hackergotchi for Ubuntu developers

Ubuntu developers

The Fridge: Call for Nomination: Local Communities Research Committee

The Community Council has concluded that we need a new evaluation of the Ubuntu Local Communities project itself and this should be done by a Local Communities Research Committee.

You can read the thoughts behind this call and what we are looking for on the Community Hub:
https://discourse.ubuntu.com/t/local-communities-research-committee/20186

If you think you can and want to make a contribution to Ubuntu here, please send your nomination to community-council at lists.ubuntu.com.

Nominations are now open and will close on Saturday, January 23, 2021 at 23:59 UTC. After that, the Community Council will review the submissions and appoint the Local Communities Research Committee.

Originally posted to the loco-contacts mailing list on Fri Jan 8 20:55:02 UTC 2021 by Torsten Franz

09 January, 2021 05:27PM

Alan Pope: Two Displays & Two Computers

In my messy office I have a main desk I work at. I have two portait displays on a hefty, but inexpensive BONTEC Dual Monitor Stand (affiliate link), clamped to the back, to lift the monitors up off the desk. The monitors are 3-year-old, low-end 24” ASUS VS248HR (affiliate link) “Gaming Monitor’s” 🤣. I recently bought a Raspberry Pi 400 which also sits on my desk for quick-release arm64-action! The problem I have had with other Pi’s is the spiders web of cables needed, and additional keyboard.

09 January, 2021 12:00PM

January 08, 2021

hackergotchi for Tails

Tails

Our plans for 2021

In 2021, we want to focus on improving some of the very core features of Tails, especially for censorship circumvention.

To support our work in 2021, take a minute now to donate and fight surveillance and censorship!

Censorship circumvention

We want to completely redesign how to start Tor and configure Tor bridges.

This will make it easier for people in countries where accessing Tor is blocked to circumvent censorship. According to data from the Tor project, the top 5 countries by users of Tor bridges are Russia, Iran, the US, Belarus, and China.

Persistent Storage

We want to improve the interface of the Persistent Storage settings.

Improving the Persistent Storage was your top priority when we surveyed our users in July. We want to start by improving the usability of its core features and rewriting this 9-year-old Perl application into Python GTK+. This will make it possible to improve it faster in the future.

We also want to make it possible to persist Tor bridges.

Security and maintenance

To improve the security of all applications in Tails, we want to migrate to Wayland. Wayland is a new display system for Linux that better controls how each application interacts with the rest of the system.

For example, Wayland will fix how the Unsafe Browser can be used to deanonymize you.

We will also release Tails 5.0, based on Debian 11 (Bullseye) at the end of 2021. It will bring new versions of most of the software included in Tails.

Help us fight surveillance and censorship

All our work is made possible by donations from people like you. We particularly appreciate monthly and yearly donations, even the smallest ones. Because they help us plan our work, they are the most valuable for the sustainability of Tails.

To support our work in 2021, take a minute now to donate and fight surveillance and censorship!

08 January, 2021 06:00PM

Tails report for December, 2020

In memoriam of Karsten Loesing

We join the Tor project in mourning Karsten Loesing. Our sincere condolences to Karsten's family and colleagues.

Those of us who were lucky enough to cross Karsten's path remember him as a very kind, thoughtful, and smart person.

Rest in peace, Karsten.

Releases

The following changes were introduced in Tails 4.15:

  • Add support for the Ledger hardware wallets in Electrum. (#15353)

  • Remove the Unifont font. (!263)

  • Fix Additional Software by updating the APT key for deb.torproject.org. (#18042)

  • Fix changing the administration password stored in the Persistent Storage. (#18018)

  • Fix opening the Persistent Storage of another Tails USB stick in the Files browser. (#18050)

  • Restore automatically a GnuPG public keyring from its backup when it gets corrupt. (#17807)

🎉 New core developer 🎂

Today, we celebrate the arrival in our Foundations Team of a new member: boyska. His skills and experience in operating systems, software development, and collective projects will:

  • Accelerate development of new features, user experience improvements, and bug fixes.

  • Make our day-to-day maintenance work more sustainable.

    This work has no visible impact most of the time, except that Tails is still alive after more than a decade, and here to stay!

  • Decrease our reliance on a tiny number of key persons.

    This is one important step we're taking, among others, towards making Tails a healthier project.

I'm boyska, a fellow who always loved computers. When I realized the profound social implications of technology, I tried to make my part: that's how I got involved with free software, security and hacking in general. A post-it note in my brain remembers me that computing should be fun, not scary.

Additionally, we would like to thank:

  • the thousands of people whose donation allowed us to fund this new position

    Please consider donating today to fight surveillance and censorship.

  • the dozens of people who applied to this job offer

    It's been truly heart-warming to see so many great applicants interested in working with us.

Welcome, boyska! :)

Code

  • We implemented a mechanism for adding a "Don't Show Again" button to some notifications. We'll try it out in Tails 4.15 for the warning displayed when starting Tails in a virtual machine; then we'll iterate from there.

  • We finished porting our Python code to Python 3. Yeah!

  • We made plans for rewriting Persistent Storage in Python, making it compatible with Wayland, and redesigning its UX from scratch.

Documentation and website

User experience

  • Started analyzing the search queries on our website, following a methodology by Susan Farrell. (#11649)

  • Started preparing the redesign of the Persistent Storage that we'll work on in January. (#15572)

  • Investigated what it would take to stop distributing ISO images:

    • #18047: Users unintentionally install ISO to USB instead of the .img
    • #18054: Distribute USB images by default for all virtual machines
    • #18055: Stop distributing ISO images
  • Added some depth to the buttons on our website. (#15111)

Funding

Grants

  • Our proposal to the UXFund to work on a replacement for Tor Launcher was approved buy scaled down by 20%.

Donations

  • Received 57.8k€ from 88 donations at CCT since the beginning of the campaign.

    It's 70% more donations, that's the important part, and 599% more money thanks to a 50k€ donation from some crypto trading company, that's the big cherry on top of the cake!

  • Blogged about our achievements in 2020.

Sponsors

  • Renamed "partners" as "sponsors" after DeepOnion listed Tails as their partner on their website.

    The word "partners" implies reciprocity and a deeper relationship, while the word "sponsor" doesn't and is more accurate, honest, and common.

  • Got invited to the Lifetime Raffle of ProtonMail.

Outreach

Past events

  • Tails and Tor were presented (among other tools) to journalism students at Sciences Po Rennes (Rennes, France) as part of their digital safety lessons.

Translations

All the website

  • fr: 79% (5378) strings translated, 7% strings fuzzy
  • es: 48% (3273) strings translated, 6% strings fuzzy
  • it: 28% (1945) strings translated, 9% strings fuzzy
  • de: 27% (1829) strings translated, 14% strings fuzzy
  • fa: 20% (1359) strings translated, 12% strings fuzzy
  • pt: 18% (1266) strings translated, 9% strings fuzzy

Core pages of the website

  • es: 82% (1741) strings translated, 6% strings fuzzy
  • fr: 79% (1676) strings translated, 10% strings fuzzy
  • it: 54% (1151) strings translated, 20% strings fuzzy
  • de: 44% (935) strings translated, 24% strings fuzzy
  • pt: 38% (818) strings translated, 14% strings fuzzy
  • fa: 19% (407) strings translated, 15% strings fuzzy

Core pages of the website for languages not activated on the website yet

  • zh_TW: 21% (451) strings translated, 14% strings fuzzy
  • zh: 10% (218) strings translated, 8% strings fuzzy
  • tr: 7% (155) strings translated, 7% strings fuzzy
  • ca: 7% (153) strings translated, 8% strings fuzzy
  • ru: 7% (152) strings translated, 7% strings fuzzy
  • pl: 7% (150) strings translated, 6% strings fuzzy
  • ar: 7% (146) strings translated, 8% strings fuzzy
  • id: 5% (115) strings translated, 5% strings fuzzy
  • sr_Latn: 4% (93) strings translated, 4% strings fuzzy

Metrics

  • Tails has been started more than 978 192 times this month. This makes 31 554 boots a day on average.

How do we know this?

08 January, 2021 12:34PM

hackergotchi for Ubuntu developers

Ubuntu developers

Alan Pope: A Problem with Notebooks

I cleared a shelf out this week, and rediscovered eight different books, all different shapes and sizes. Some date back seven or eight years, others are more modern. None of them are full, none are recent. Each one contains approximately a dozen pages of notes. I think I have a problem that needs solving, maybe. I love a good notebook. I’m not a book snob though. I know some brands that prolific writers will use above all others.

08 January, 2021 12:00PM

January 07, 2021

Podcast Ubuntu Portugal: Ep 124 – Especial 2021

No primeiro episódio gravado em 2021, fazemos as nossas previsões pessoais para no ano para o Ubuntu, Software Livre e tecnologia um relacionada, e ainda discutimos as previsões apresentadas por ouvintes!

Já sabem: oiçam, subscrevam e partilhem!

  • https://ansol.org/dominio-publico-2021
  • https://www.humblebundle.com/books/linux-apress-books?partner=PUP
  • https://www.humblebundle.com/books/cybersecurity-cryptography-wiley-books?partner=PUP
  • http://keychronwireless.refr.cc/tiagocarrondo
  • https://shop.nitrokey.com/de_DE/shop/product/nk-pro-2-nitrokey-pro-2-3?aff_ref=3
  • https://shop.nitrokey.com/de_DE/shop?aff_ref=3

Apoios

Podem apoiar o podcast usando os links de afiliados do Humble Bundle, porque ao usarem esses links para fazer uma compra, uma parte do valor que pagam reverte a favor do Podcast Ubuntu Portugal.
E podem obter tudo isso com 15 dólares ou diferentes partes dependendo de pagarem 1, ou 8.
Achamos que isto vale bem mais do que 15 dólares, pelo que se puderem paguem mais um pouco mais visto que têm a opção de pagar o quanto quiserem.

Se estiverem interessados em outros bundles não listados nas notas usem o link https://www.humblebundle.com/?partner=PUP e vão estar também a apoiar-nos.

Atribuição e licenças

Este episódio foi produzido por Diogo Constantino e Tiago Carrondo e editado por Alexandre Carrapiço, o Senhor Podcast.

A música do genérico é: “Won’t see it comin’ (Feat Aequality & N’sorte d’autruche)”, por Alpha Hydrae e está licenciada nos termos da [CC0 1.0 Universal License](https://creativecommons.org/publicdomain/zero/1.0/).

Este episódio e a imagem utilizada estão licenciados nos termos da licença: Attribution-NonCommercial-NoDerivatives 4.0 International (CC BY-NC-ND 4.0), cujo texto integral pode ser lido aqui. Estamos abertos a licenciar para permitir outros tipos de utilização, contactem-nos para validação e autorização.

07 January, 2021 10:45PM

hackergotchi for Purism PureOS

Purism PureOS

App Spotlight: Sound Recorder

Sound Recorder is simple to install and a powerful way to record in the studio or on the go:

The app itself is deceptively simple, it offloads all of the audio device setup and selection to the OS layer, which can be managed in settings:

With the brunt of the setup automatically handled by PureOS, you can set up the basics from within the app menu.

Actually using the interface could not be more intuitive. Simply hit record to record, and click a past entry if you want to listen to it.

A Quiet Solution:

Silence is ideal for any recording studio or sound room. The fans in a standard x86 computer can impact the end result if kept too close to the mic. When I first built my sound closet room I cabled long runs of USB and power to prevent having to use a computer near my mic. This sucked as I had to print out my script and I couldn’t check the recording status during the session.

Being able to read the script off a screen and having access to the audio controls drove me and my roommate to build this fanless monstrosity:

This did the trick for years but did suffer from major stability issues which were endlessly frustrating to deal with mid recording. Now with USB-C dock support getting better and better, using the Librem 5 has solved all my recording issues and has now permanently replaced my sound room computer.

Discover the Librem 5

Purism believes building the Librem 5 is just one step on the road to launching a digital rights movement, where we—the-people stand up for our digital rights, where we place the control of your data and your family’s data back where it belongs: in your own hands.

Order now

The post App Spotlight: Sound Recorder appeared first on Purism.

07 January, 2021 09:53PM by David Hamner

Purism and Linux 5.8

Following up on our report for Linux 5.7 this summarizes the progress on mainline support for the Librem 5 phone and its development kit during the 5.8 development cycle. That was already a few months ago. We missed publishing this earlier and the recent development cycle summaries will follow shortly.

Devkit updates

The Librem 5 devkit saw a minor update that will save some power:

arm64: dts: imx8mq-librem5-devkit: Use 0.9V for VDD_GPU arm64: dts: imx8mq-librem5-devkit: Don’t use underscore in node name

USB power management

Runtime power management in the USB stack is quite mature and well supported. We added one piece for the Designware DWC3 hardware IP that has been missing: support for runtime power management when devices are connected and disconnected on an external bus:

usb: dwc3: support continuous runtime PM with dual role

Librem 5 Light and Proximity Sensor

During a phone call, the Librem 5 naturally might be near the user’s ear. We added a new interface to Linux to allow userspace to decide when an object is close to the device and added support for the vcnl4000 proximity sensor:

Documentation: ABI: document IIO in_proximity_nearlevel file iio: vcnl4000: Export near level property for proximity sensor dt-bindings: iio: light: vcnl4000: Add proximity-near-level dt-bindings: iio: Introduce common properties for iio sensors dt-bindings: iio: vcnl4000: convert bindings to YAML format

Librem 5 Display stack

Certainly, our largest addition during this development cycle has been adding support for the NWL MIPI DSI controller. For the devkit, this marks the last piece that has been needed for the mainline kernel to support the full display stack. The Librem 5 phone is one-panel driver away from having the same:

drm/bridge: Add NWL MIPI DSI host controller support dt-bindings: display/bridge: Add binding for NWL mipi dsi host controller

Code review

This round we contributed 6 Reviewed-by: or Tested-by: tags to patches by other authors. Something we can still improve on for upcoming cycles.

Discover the Librem 5

Purism believes building the Librem 5 is just one step on the road to launching a digital rights movement, where we—the-people stand up for our digital rights, where we place the control of your data and your family’s data back where it belongs: in your own hands.

Order now

The post Purism and Linux 5.8 appeared first on Purism.

07 January, 2021 02:37PM by Martin Kepplinger

hackergotchi for Ubuntu developers

Ubuntu developers

Ubuntu Blog: Time to Branch Out

Branches are an under-used but important feature of the Snap Store publishing capabilities. Indeed as I’m writing this post, I’ve never had a need to use the feature, and I’ve been publishing snaps for four and a half years. Let’s fix that!

Start with acorns

The rationale for branches is simple. Each snap in the Snap Store has a default track called ‘latest’ in which there are four channels named ‘stable’, ‘beta’, ‘candidate’ and ‘edge’. These are all typical buckets in which snaps are published for an extended period, perhaps months or maybe even years. Branches on the other hand are short-lived silos for publishing snaps. 

As a developer you may have a published application which has bugs users experience but you cannot reproduce. A temporary branch can be used to hold a test build of the application you’re working on to solve a bug.

If you’re tracking and fixing multiple bugs in parallel, each can have their own separate branch under the same snap name in the Snap Store. Branches are ‘hidden’, so unless someone guesses the name of it, users aren’t going to stumble upon potentially broken bug-fix builds of your application. 

Branches only live for 30 days, after which they’re deleted, and any user with the snap will be moved to the latest track for the channel. So a user who tested the branch latest/stable/fix-bug-12 and didn’t switch to another channel within 30 days, will be moved to the latest/stable channel on their next refresh.

Germinate

Let’s take an example. A user filed an issue on the Atom snap under the snapcrafters GitHub and provided a pull request. We can grab the pull request, build the snap with their fixes, test and publish to the store in a branch so they can try it out.

This could be automated with tools like GitHub Actions, but in lieu of that setup, let’s explain it with the manual steps.

$ git clone https://github.com/aminya/atom-2.git
$ cd atom-2
$ git checkout -b aminya-libstdc++6 master
$ git pull https://github.com/aminya/atom-2.git libstdc++6
$ snapcraft --use-lxd

Building atom
Building launcher
Staging atom
Staging launcher
Priming atom
Priming launcher
Snapping
Snapped atom_1.53.0_amd64.snap

Install the application locally to make sure we didn’t completely break it.

$ snap install atom_1.53.0_amd64.snap --dangerous

Upload to the Snap Store and release it to a branch. I selected the latest track as it’s the only track this snap uses. Other snaps may use different tracks for each supported release (e.g. node) or have separate tracks for stable and insider builds (e.g. Skype). We’re fixing the stable release, so I’m using a branch off the stable channel.

$ snapcraft upload atom*.snap --release=latest/stable/fix-65
Preparing to upload 'atom_1.53.0_amd64.snap'.
After uploading, the resulting snap revision will be released to 'latest/stable/fix-65' when it passes the Snap Store review.
Install the review-tools from the Snap Store for enhanced checks before uploading this snap.
Pushing 'atom_1.53.0_amd64.snap' [============================] 100%
released
Revision 269 of 'atom' created.
Track Arch Channel Version Revision Expires at
latest amd64 stable 1.53.0 265
candidate ↑ ↑
beta ↑ ↑
edge 1.53.0 268
stable/fix-65 1.53.0 269 2021-02-05T10:34:51Z

We can already see the branch exists under the latest track, stable branch, but we may want to confirm this – especially if the upload happened in GitHub Actions, a CI or other remote system where we can’t easily see the above output.

$ snapcraft status atom
Track Arch Channel Version Revision Expires at
latest amd64 stable 1.53.0 265
candidate ↑ ↑
beta ↑ ↑
edge 1.53.0 268
stable/fix-65 1.53.0 269 2021-02-05T10:34:51Z

Note, as mentioned earlier, only we as publishers can see the new branch. If a non-publisher looked at the channel map they wouldn’t see it. Non-publishers don’t have access to the snapcraft status command for this snap, and snap info just doesn’t show branches.

$ snap info atom 

channels:
latest/stable: 1.53.0 2020-11-10 (265) 242MB classic
latest/candidate: ↑
latest/beta: ↑
latest/edge: 1.53.0 2020-12-09 (268) 224MB classic
installed: 1.53.0 (x2) 224MB classic

I’m still currently tracking the build I “side loaded” onto my machine, which you can see with the “x” prefixed revision on the last line. We can refresh to the branch hosted in the store. Note that we can optionally omit the ‘latest’ track name, because it’s the default (and only) track. This also allows us to test the instructions we can provide to the author of the pull request.

$ snap refresh atom --amend --channel stable/fix-65
atom (stable/fix-65) 1.53.0 from Snapcrafters refreshed

Note: The --amend option is only required for us because we’re switching from a locally installed revision to one from the store. Users who only installed from the store won’t need that.

Now we have the fix published, we can let the contributor know via a comment on the pull request. Something like this will do nicely:

“Thanks very much for the pull request. I don’t have the ability to reproduce the issue right now. I have published a build of the snap incorporating your fix in a branch. Please could you install the build on a clean system, or if you have the snap already installed, refresh to this branch, and test it?

snap install atom –channel stable/fix-65
or:
snap refresh atom –channel stable/fix-65

If you’re happy with the fix, I’ll land this PR.
Thanks again!”

Once the user replies that this fixes their issue, we can land the PR and roll this into the next stable release. If it doesn’t, well, that’s more software engineering on the to-do list!

Get planting

Of course it’s not just bug fixes which can use branches. Perhaps you have a new feature to soft-launch in the application, or design changes you’d like to experiment with. Having a short-lived branch which is only known by a limited set of testers can be advantageous.

Branches are one of those features that sets the Snap Store apart from some other distribution methods for Linux. It’s not something most publishers will use, but once you know it’s there, it can be quite handy with only a small learning curve.

Join us over on the snapcraft forums if you’d like to discuss this or other features of snapcraft.

Photo by Colin Watts on Unsplash

07 January, 2021 01:42PM

Alan Pope: Hush Keyboards with Hushboard

Yesterday while surfing the ASCII highways of IRC (yes, IRC) a URL linking to a MacOS application scrolled by my screen. Unclack is a small MacOS utility which silences the microphone of the user when they’re typing. The purpose is to prevent the noise of typing being passed through to other participants when on a Zoom / Skype / Jitsi call. Neat. They don’t make a Linux version, and I couldn’t see anything similar, so I did what I usually do in this instance, throw the idea towards my friendly local coder, Stuart Langridge.

07 January, 2021 12:00PM

hackergotchi for AlienVault OSSIM

AlienVault OSSIM

Malware using new Ezuri memory loader

This blog was written by Ofer Caspi and Fernando Martinez of AT&T Alien Labs Multiple threat actors have recently started using a Go language (Golang) tool to act as a packer and avoid Antivirus detection. Additionally, the Ezuri memory loader tool acts as a malware loader and executes its payload in memory, without writing the file to disk. While this technique is known and commonly used by Windows malware, it is less popular in Linux environments. The loader decrypts the malicious malware and executes it using memfd create (as described in this blog in 2018). When creating a process, the system returns a file descriptor to an anonymous file in '/proc/PID/fd/' which is visible only in the filesystem. Figure 1 shows a code snippet from the loader, containing the information it uses in order to decrypt the payload using the AES algorithm. Figure 1. Loader code snippet via Alien...

Ofer Caspi Posted by:
Ofer Caspi

Read full post

       

07 January, 2021 11:00AM

January 06, 2021

hackergotchi for Elive

Elive

Elive 3.8.18 beta released

The Elive Team is proud to announce the release of the beta version 3.8.18

This new version includes:

  • Debian 10.7 base updated
  • Touchpad feature added to disable the bottom area movements in clickpads
  • AppImage downloaded applications directly supported now
  • Mac computers with bootsplash included, improved keyboard support, fix for the installer searching for EFI partitions
  • SIS graphic cards supported (Sillicon Integrated Systems 771/671), like for the Fujitsu ESPRIMO Mobile V5515 laptop
  • Installer: faster installation, improved languages support and their
  • Check more in the Elive Linux website.

    06 January, 2021 11:27PM by Thanatermesis

    hackergotchi for Ubuntu developers

    Ubuntu developers

    Alan Pope: My GNOME Tweaks

    One of the neat things about GNOME Shell is that it’s pretty tweakable - to some degree - to customise it to a user’s preferences. I know some people use GNOME Shell stock experience. I don’t. I have previously written about some of my must-have extensions and add-ons. This supplements that with what I do to further tweak my (currently) Ubuntu 20.10 system to my liking. Note: These are the settings I configure on my computer that I use all day every day.

    06 January, 2021 12:00PM

    hackergotchi for Grml developers

    Grml developers

    Frank Terbeck: New Programming Languages with Racket

    There was a talk at Remote Chaos by Michael Sperber about using syntax-parse, which is Racket's most advanced system to express syntactic extensions, that is one of the important cogs for implementing new programming languages on top of Racket. Anything that promotes awesome Scheme technology is cool with me. ;)

    06 January, 2021 11:00AM

    hackergotchi for Ubuntu developers

    Ubuntu developers

    Ubuntu Blog: OpenStack for telcos by Canonical

    <noscript> <img alt="" src="https://res.cloudinary.com/canonical/image/fetch/f_auto,q_auto,fl_sanitize,c_fill,w_720/https://ubuntu.com/wp-content/uploads/2ec5/Title-Cards.png" width="720" /> </noscript>

    Watch video version

    What are the benefits of OpenStack for telcos today?

    OpenStack has been around for a good while now, and many of us associate it with the period of IT technology’s initial transition from individual appliance implementation on hardware, to cloud compute and virtualisation. And yet in 2020 we cannot skip this topic when talking telco infrastructure.

    So how is OpenStack still pertinent to telco organisations, and what in broad terms is new and exciting or worth discussing today about OpenStack?

    Simply put, OpenStack remains at the heart of the telco infrastructure, as it is still the primary building block across an entire stack, consisting – for example – of MAAS for bare metal provisioning, Kubernetes for container orchestration, and Juju for operators. When thinking about an infrastructure like this, there’s still a need today for a software that’s managing distributed compute network and storage resources, exposing them as a single pool that’s available for the end users. And we see OpenStack constantly gaining momentum in that space.

    What is Charmed OpenStack?

    Canonical is a proud member of the OpenStack Foundation and a maintainer of the OpenStack Charms project, an official project hosted by the OpenStack Foundation, which builds one of the available distributions of OpenStack – Charmed OpenStack.

    Through Charmed OpenStack, our aim is to provide an OpenStack distribution that’s deployable, maintainable and upgradable economically. We achieve all of that by putting full automation around OpenStack deployments and exposed deployment operations.

    What is often the case with most tools available on the market, is that they help with the initial OpenStack set up but then once the cloud is built, once it’s handed over to the customer, the customer is left alone with the daily maintenance of the cloud. And OpenStack is a complex system. There are a lot of services contained in it that have to be configured, carefully interconnected so that they work together as a single instance as a cloud and actually provide the value they promise to the end user. That’s why the amount of time organisations have to spend on learning all of that and getting up to speed with OpenStack used to be a bottleneck in OpenStack’s adoption for many organisations.

    Canonical’s goal is to strip off those layers of complexity so that what’s really left to handle by the user is a model of the OpenStack. In other words, users interact not just with the cloud itself, but with this model. This becomes possible through charms, which provide so-called ‘model driven deployments and operations’ of OpenStack.

    What this means is that Charmed OpenStack can offer services such as smooth upgrades to new OpenStack versions, which is one of the key differentiators compared to what other OpenStack platforms are doing – like Red Hat, for example. It also allows organisations (given that the entire model is represented in the form of YAML file,) to integrate with various infrastructures, code solutions and CICD platforms as well.

    See how Charmed OpenStack compares to Red Hat’s OpenStack

    Download whitepaper ›

    The benefits of Charmed OpenStack for telcos

    1. Networking speed

    Charmed OpenStack answers all of the requirements coming from the telco sector, and one of them is fast networking.

    Firstly, we should note that 100 Gbps networking with OVS hardware offloading is now becoming our reference architecture for NFVi implementation. But Charmed OpenStack also provides all of the other performance extensions that are important for telcos; such as SR-IOV, DPDK, CPU pinning, NUMA, and also numerous passthrough technologies like PCI passthrough and GPU passthrough.

    2. Security and performance

    Another point to address is the importance of security and performance for telcos. Charmed OpenStack provides up to 10 years of security updates under the Extended Security Maintenance program available for Canonical customers under the Ubuntu Advantage for Infrastructure subscription. Data encryption on the fly through TLS everywhere, and at rest, through building safe mechanisms.

    Additionally, it offers extensive hardening for both the underlying Ubuntu operating system and OpenStack services; containerized control plane, with each individual OpenStack control service running in a separate LXE container and featuring full isolation and high security through AppArmor profiles. And finally, a Kernel Livepatch service which makes it possible to update the kernel of the underlying Ubuntu operating system without the need to reboot the hypervisors or the nodes where the OpenStack control services are running, if not using a hyperconverged architecture.

    Charmed OpenStack is compliant with numerous standards, such as CIS or DISA, FIPS for crypto modules and other certification bodies.

    3. SDN and storage

    Canonical provides a variety of SDN options for telco customers. We promote open source technologies as default ones, which are used in our implementation. So OVS and Open Visual Network as a kind of extension to OVS, providing a fully functional open source SDN platform on the top of OVS. But we also support leading SDNs coming from big players in the networking market in general; Cisco and Juniper. And we cooperate with other vendors as well, to make sure that we provide the best possible services for both SDN and storage.

    4. Stability of the underlying platform

    Charmed OpenStack comes with a predictable release cadence and upgrade path. It is released every six months, very shortly after the upstream OpenStack release. Every two years Canonical issues an LTS version of OpenStack, long term supported, that comes along with the LTS version of Ubuntu. And for each of those LTS releases, we provide five years of security updates and an additional five years of security patches. So telcos can choose whether they want to upgrade on a regular basis, or whether they want to stay with their LTS if they’re not really considering an upgrade

    Discover how BT leverages Canonical technology to enable next generation 5G Cloud Core

    Read the case study ›

    06 January, 2021 09:37AM

    Ubuntu Blog: OpenStack for telcos by Canonical

    <noscript> <img alt="" src="https://res.cloudinary.com/canonical/image/fetch/f_auto,q_auto,fl_sanitize,c_fill,w_720/https://ubuntu.com/wp-content/uploads/2ec5/Title-Cards.png" width="720" /> </noscript>

    Watch video version

    What are the benefits of OpenStack for telcos today?

    OpenStack has been around for a good while now, and many of us associate it with the period of IT technology’s initial transition from individual appliance implementation on hardware, to cloud compute and virtualisation. And yet in 2020 we cannot skip this topic when talking telco infrastructure.

    So how is OpenStack still pertinent to telco organisations, and what in broad terms is new and exciting or worth discussing today about OpenStack?

    Simply put, OpenStack remains at the heart of the telco infrastructure, as it is still the primary building block across an entire stack, consisting – for example – of MAAS for bare metal provisioning, Kubernetes for container orchestration, and Juju for operators. When thinking about an infrastructure like this, there’s still a need today for a software that’s managing distributed compute network and storage resources, exposing them as a single pool that’s available for the end users. And we see OpenStack constantly gaining momentum in that space.

    What is Charmed OpenStack?

    Canonical is a proud member of the OpenStack Foundation and a maintainer of the OpenStack Charms project, an official project hosted by the OpenStack Foundation, which builds one of the available distributions of OpenStack – Charmed OpenStack.

    Through Charmed OpenStack, our aim is to provide an OpenStack distribution that’s deployable, maintainable and upgradable economically. We achieve all of that by putting full automation around OpenStack deployments and exposed deployment operations.

    What is often the case with most tools available on the market, is that they help with the initial OpenStack set up but then once the cloud is built, once it’s handed over to the customer, the customer is left alone with the daily maintenance of the cloud. And OpenStack is a complex system. There are a lot of services contained in it that have to be configured, carefully interconnected so that they work together as a single instance as a cloud and actually provide the value they promise to the end user. That’s why the amount of time organisations have to spend on learning all of that and getting up to speed with OpenStack used to be a bottleneck in OpenStack’s adoption for many organisations.

    Canonical’s goal is to strip off those layers of complexity so that what’s really left to handle by the user is a model of the OpenStack. In other words, users interact not just with the cloud itself, but with this model. This becomes possible through charms, which provide so-called ‘model driven deployments and operations’ of OpenStack.

    What this means is that Charmed OpenStack can offer services such as smooth upgrades to new OpenStack versions, which is one of the key differentiators compared to what other OpenStack platforms are doing – like Red Hat, for example. It also allows organisations (given that the entire model is represented in the form of YAML file,) to integrate with various infrastructures, code solutions and CICD platforms as well.

    See how Charmed OpenStack compares to Red Hat’s OpenStack

    Download whitepaper ›

    The benefits of Charmed OpenStack for telcos

    1. Networking speed

    Charmed OpenStack answers all of the requirements coming from the telco sector, and one of them is fast networking.

    Firstly, we should note that 100 Gbps networking with OVS hardware offloading is now becoming our reference architecture for NFVi implementation. But Charmed OpenStack also provides all of the other performance extensions that are important for telcos; such as SR-IOV, DPDK, CPU pinning, NUMA, and also numerous passthrough technologies like PCI passthrough and GPU passthrough.

    2. Security and performance

    Another point to address is the importance of security and performance for telcos. Charmed OpenStack provides up to 10 years of security updates under the Extended Security Maintenance program available for Canonical customers under the Ubuntu Advantage for Infrastructure subscription. Data encryption on the fly through TLS everywhere, and at rest, through building safe mechanisms.

    Additionally, it offers extensive hardening for both the underlying Ubuntu operating system and OpenStack services; containerized control plane, with each individual OpenStack control service running in a separate LXE container and featuring full isolation and high security through AppArmor profiles. And finally, a Kernel Livepatch service which makes it possible to update the kernel of the underlying Ubuntu operating system without the need to reboot the hypervisors or the nodes where the OpenStack control services are running, if not using a hyperconverged architecture.

    Charmed OpenStack is compliant with numerous standards, such as CIS or DISA, FIPS for crypto modules and other certification bodies.

    3. SDN and storage

    Canonical provides a variety of SDN options for telco customers. We promote open source technologies as default ones, which are used in our implementation. So OVS and Open Visual Network as a kind of extension to OVS, providing a fully functional open source SDN platform on the top of OVS. But we also support leading SDNs coming from big players in the networking market in general; Cisco and Juniper. And we cooperate with other vendors as well, to make sure that we provide the best possible services for both SDN and storage.

    4. Stability of the underlying platform

    Charmed OpenStack comes with a predictable release cadence and upgrade path. It is released every six months, very shortly after the upstream OpenStack release. Every two years Canonical issues an LTS version of OpenStack, long term supported, that comes along with the LTS version of Ubuntu. And for each of those LTS releases, we provide five years of security updates and an additional five years of security patches. So telcos can choose whether they want to upgrade on a regular basis, or whether they want to stay with their LTS if they’re not really considering an upgrade

    Discover how BT leverages Canonical technology to enable next generation 5G Cloud Core

    Read the case study ›

    06 January, 2021 09:37AM

    hackergotchi for Grml developers

    Grml developers

    Michael Prokop: Mein Lesejahr 2020

    In 2020 habe ich in meinen Bookdumps versucht, kurze Reviews zu den von mir gelesenen Büchern zu geben (wobei sich das auf Belletristik- und Sachbücher beschränkt, also keine Fachbücher bzw. IT-Bücher). Dazu erschienen 2020 folgende Bookdumps:

    Die Reviews helfen mir beim Erinnern an die gelesenen Bücher sowie beim Austausch mit Lesekollegen. Das Schreiben war streckenweise doch zeitaufwendiger als erwartet, speziell wenn man sich nicht sofort Notizen oder Eindrücke beim Lesen der Bücher macht oder sich gerade in einem Lese-Marathon befindet und die Bücherreviews nicht direkt im Anschluss ans Fertiglesen schreibt. Streckenweise ist es auch anstrengend, sich zu jedem Buch eine Meinung machen zu “müssen”, bzw. mit diesem Wissen im Hinterkopf zu lesen. Ob und wie ich das Format also für 2021 beibehalten werde, lasse ich für mich erstmal noch offen.

    In Summe habe ich in 2020 60 Bücher mit einem Umfang von 16.065 Seiten gelesen, was einem Durchschnitt von knapp 44 Seiten pro Tag entspricht. Ich habe versucht, eine gute Balance zwischen Autorinnen und Autoren finde, was mir mit 29 gelesenen Büchern von Männern, 28 Büchern von Frauen und 3 Büchern von Mann + Frau diesmal gut gelungen ist.

    Die 60 Buchtitel auf einen Blick (mehr Details gibt es in den oben erwähnten Bookdumps):

    • Factfulness, von Hans Rosling mit Anna Rosling Rönnlund und Ola Rosling
    • Das flüssige Land, von Raphaela Edelbauer
    • Wolfssteig, von David Bröderbauer
    • Der Neubauer, von Cordula Simon
    • Der Hammer, von Dirk Stermann
    • Untenrum frei, von Margarete Stokowski
    • Heute hat die Welt Geburtstag, von Flake
    • Sex Story – eine Kulturgeschichte in Bildern, von Philippe Brenot und Laetitia Coryn
    • Tot geschwiegen – Warum es der Staat Mördern so leicht macht, von Thomas Treschner
    • Als ich jung war, von Norbert Gstrein
    • Darm mit Charme: Alles über ein unterschätztes Organ, von Giulia Enders
    • Herzklappen von Johnson & Johnson, von Valerie Fritsch
    • Miroloi, von Karen Köhler
    • Ein Zimmer für sich allein, von Virginia Woolf
    • Zum Weinen schön, zum Lachen bitter, von André Heller
    • Die steinerne Matratze, von Margaret Atwood
    • Wann wird es endlich so, wie es nie war, von Joachim Meyerhoff
    • Wer braucht Superhelden, von Lisz Hirn
    • Was sollen die Leute denken, von Jess Jochimsen
    • Ich fühl’s nicht, von Liv Strömquist
    • Über Nationalismus, von Georg Orwell
    • Das Tagebuch der Anne Frank, von Anne Frank
    • Binge Living – Callcenter-Monologe, von Stefanie Sargnagel
    • Ich, von Elton John
    • Die Bagage, von Monika Helfer
    • Der Mythos des Sisyphos, von Albert Camus
    • Der Freund, von Sigrid Nunez
    • Ich bin Legende, von Richard Matheson
    • Gewaltfreie Kommunikation mit Kindern, von Luna Becker
    • 1918 – die Welt im Fieber, von Laura Spinney
    • Mitternacht in Tschernobyl, von Adam Higginbotham
    • Inside Türkis, von Klaus Knittelfelder
    • Zum Werk von Roger Willemsen – Der leidenschaftliche Zeitgenosse, von Insa Wilke (Herausgeberin)
    • Die Straße, von Ann Petry
    • Ich an meiner Seite, von Birgit Birnbacher
    • Abenteuer der deutschen Grammatik, von Yoko Tawada
    • Lernen S’ Geschichte, Herr Reporter!, von Ulrich Brunner
    • Handbuch für Zeitreisende, von Kathrin Passig + Aleks Scholz
    • Geistergeschichte, von Laura Freudenthaler
    • Das Gewicht der Welt: Ein Journal (November 1975 – März 1977), von Peter Handke
    • Zwei Herren am Strand, von Michael Köhlmeier
    • Der letzte Satz, von Robert Seethaler
    • Die Parade, von Dave Eggers
    • Klartext Impfen, von Thomas Schmitz + Sven Siebert
    • Die Möglichkeit einer Insel, von Michel Houellebecq
    • The great Nowotzki, von Thomas Pletzinger
    • Das wundersame in der Unwirtlichkeit, von Marlene Streeruwitz
    • Ach, diese Lücke, diese entsetzliche Lücke, von Joachim Meyerhoff
    • Die Intelligenz der Maschinen, von Martin Ford
    • Künstliche Intelligenz, von Manuela Lenzen
    • Die Zweisamkeit der Einzelgänger, von Joachim Meyerhoff
    • Lebenswerk, von Alice Schwarzer
    • Der Ohrenzeuge – Fünfzig Charaktere, von Elias Canetti
    • Darf ich dir das Sie anbieten?, von Katharina Hacker
    • Invent & Wander, von Jeffrey P. Bezos
    • Frausein, von Mely Kiyak
    • Alles kein Zufall, von Elke Heidenreich
    • Die Richterin, von Lydia Mischkulnig
    • Unrast, von Olga Tokarczuk
    • Nichts als die Wahrheit, von Michael Köhlmeier

    Was waren meine Lieblingsbücher 2020? Es waren einige sehr gute und schöne Bücher dabei, was mir aber besonders im Gedächtnis geblieben ist:

    Und die mehrteilige Buchserie von Joachim Meyerhoff kann ich empfehlen, wenn man sich einfach gut unterhalten möchte (siehe Bookdump 1/2019, Bookdump 2/2020 und Bookdump 5/2020).

    Mein Bücherregal für 2021 ist bereits gut gefüllt, wer aber noch Empfehlungen hat, ich freue mich sehr über Kommentare hier im Blog oder via Mail (bookdump at michael-prokop.at)!

    06 January, 2021 07:42AM

    hackergotchi for Ubuntu developers

    Ubuntu developers

    Ubuntu Blog: Improving CLI output with jq

    Welcome back to our series on MAAS CLI operations. In our previous post, we learned how to acquire and deploy machines using the MAAS CLI. It was also evident that the JSON output from the allocate and deploy commands was very lengthy for even one machine — so you can imagine how large a list of 10 or 12 machines might be. Traditional JSON output is both consistent and comprehensive, but sometimes hard for humans to process.

    Enter jq, a command-line tool dedicated to filtering and formatting JSON output, so that you can more easily summarize data. For instance, consider a small MAAS install with 12 virtual machines. Six of these machines are lxd VMs, and six are libvirt VMs. If we were to enter the MAAS CLI command to list all those machines:

    maas admin machines read

    the listing would be many pages long, and likely very time-consuming to pick through. On the other hand, with the jq command, a couple of other Ubuntu CLI commands, and just a little bit of finesse:

    maas admin machines read | jq -r '(["HOSTNAME","SYSID",
    "POWER","STATUS","OWNER", "TAGS", "POOL","VLAN","FABRIC",
    "SUBNET"] | (., map(length*"-"))),(.[] | [.hostname, .system_id, 
    .power_state, .status_name, .owner // "-",.tag_names[0] // "-", 
    .pool.name,.boot_interface.vlan.name,.boot_interface.vlan.fabric,
    .boot_interface.links[0].subnet.name]) | @tsv' | column -t

    we can produce an useful and compact machine listing that serves 99% of the routine information needs of most users:

    HOSTNAME      SYSID   POWER  STATUS     OWNER  TAGS                 POOL     VLAN      FABRIC    SUBNET
    -------- ----- ----- ------ ----- ---- ---- ---- ------ ------
    lxd-vm-1 r8d6yp off Deployed admin pod-console-logging default untagged fabric-1 10.124.141.0/24
    lxd-vm-2 tfftrx off Allocated admin pod-console-logging default untagged fabric-1 10.124.141.0/24
    lxd-vm-3 grwpwc off Ready - pod-console-logging default untagged fabric-1 10.124.141.0/24
    lxd-vm-4 6s8dt4 off Deployed admin pod-console-logging default untagged fabric-1 10.124.141.0/24
    lxd-vm-5 pyebgm off Allocated admin pod-console-logging default untagged fabric-1 10.124.141.0/24
    lxd-vm-6 ebnww6 off New - pod-console-logging default untagged fabric-1
    libvirt-vm-1 m7ffsg off Ready - pod-console-logging default untagged fabric-1 10.124.141.0/24
    libvirt-vm-2 kpawad off Ready - pod-console-logging default untagged fabric-1 10.124.141.0/24
    libvirt-vm-3 r44hr6 error Ready - pod-console-logging default untagged fabric-1 10.124.141.0/24
    libvirt-vm-4 s3sdkw off Ready - pod-console-logging default untagged fabric-1 10.124.141.0/24
    libvirt-vm-5 48dg8m off Ready - pod-console-logging default untagged fabric-1 10.124.141.0/24
    libvirt-vm-6 bacx77 on Deployed admin pod-console-logging default untagged fabric-1 10.124.141.0/24

    Here we have a clean text table listing the machine hostnames, along with the system IDs, power states, machines statuses, tags, pools, and networking information. These parameters represent only a small fraction of the available JSON output, of course. Let’s break this command down, piece by piece, and see how it works.

    Basic jq usage

    First, we’ll just pull the hostnames from these machines, with no qualifiers or formatting rules, like this:

    maas admin machines read | jq '(.[] | [.hostname])'

    This command returns output that looks something like this:

     [
    "lxd-vm-1"
    ]
    [
    "lxd-vm-2"
    ]
    [
    "lxd-vm-3"
    ]
    [
    "lxd-vm-4"
    ]
    [
    "lxd-vm-5"
    ]
    [
    "lxd-vm-6"
    ]
    [
    "libvirt-vm-1"
    ]
    [
    "libvirt-vm-2"
    ]
    [
    "libvirt-vm-3"
    ]
    [
    "libvirt-vm-4"
    ]
    [
    "libvirt-vm-5"
    ]
    [
    "libvirt-vm-6"
    ]

    Note a couple of things about this command:

    maas admin machines read | jq '(.[] | [.hostname])'

    First, the jq instructions are enclosed in single quotes. As such, they can span lines if necessary, without any line continuations (\), like this:

    maas admin machines read | jq '(.[]
    | [.hostname])'

    Second, notice the structure of the jq instructions. The .[] tells jq that it’s decoding an array of data sets — in this case, an array of machine data sets — and that it should iterate through each of the outer data sets (each machine) individually. The pipe symbol (|) completes the “for each” construct, so this command basically says, “for each set of machine data you get, pull out (and return) the value associated with the JSON key hostname. The return value reflects this structure:

    [
    "libvirt-vm-5"
    ]
    [
    "libvirt-vm-6"
    ]

    The outer square brackets represent the boundaries of each machine’s data set, and the value in quotes corresponds to the value of the key hostname in successive machine data sets. It can get a little complicated sometimes, but that’s basically the way to parse JSON with jq.

    For practice let’s try pulling the value of the key that holds machine status, again with no qualifiers or special formatting:

    maas admin machines read | jq '(.[] | [.hostname, .status_name])'

    This command essentially tells jq to do the same thing as last time, but also collect the value of the key “status_name” for each machine. The results looks something like this:

    [
      "lxd-vm-1",
      "Deployed"
    ]
    [
      "lxd-vm-2",
      "Allocated"
    ]
    [
      "lxd-vm-3",
      "Ready"
    ]
    [
      "lxd-vm-4",
      "Deployed"
    ]
    [
      "lxd-vm-5",
      "Allocated"
    ]
    [
      "lxd-vm-6",
      "New"
    ]
    [
      "libvirt-vm-1",
      "Ready"
    ]
    [
      "libvirt-vm-2",
      "Ready"
    ]
    [
      "libvirt-vm-3",
      "Ready"
    ]
    [
      "libvirt-vm-4",
      "Ready"
    ]
    [
      "libvirt-vm-5",
      "Ready"
    ]
    [
      "libvirt-vm-6",
      "Deployed"
    ]

    So much for printing the values of JSON keys. There are still some nuances (arrays, nested keys, …), but this is the lion’s share of the syntax. Let’s divert for a minute and look at how to format the output in a more human-readable way.

    Improved formatting

    Most of the Ubuntu text-processing commands use tabs as field delimiters, which is an trait inherited from grandfather UNIX. Currently, output is clean, but relatively hard to format into lines. Luckily jq has a filter for this: the “tab-separated values” filter, known as @tsv. This filter transforms the output records into individual lines with values separated by tabs.

    Adding @tsv to the mix:

    maas admin machines read | jq '(.[] | [.hostname, .status_name]) | @tsv'

    we get something like this:

    "lxd-vm-1\tDeployed"
    "lxd-vm-2\tAllocated"
    "lxd-vm-3\tReady"
    "lxd-vm-4\tDeployed"
    "lxd-vm-5\tAllocated"
    "lxd-vm-6\tNew"
    "libvirt-vm-1\tReady"
    "libvirt-vm-2\tReady"
    "libvirt-vm-3\tReady"
    "libvirt-vm-4\tReady"
    "libvirt-vm-5\tReady"
    "libvirt-vm-6\tDeployed"

    That’s a step in the right direction, but it’s still pretty far from human-readable output. If only there were some way to get rid of the quotes and just do the tab, instead of representing it as a regex character. In fact, the jq “raw” output option (-r) takes care of this:

    maas admin machines read | jq -r '(.[] | [.hostname, .status_name]) | @tsv'

    Feeding the raw output into our three-filter set gives us a more readable result:

    lxd-vm-1	Deployed
    lxd-vm-2	Allocated
    lxd-vm-3	Ready
    lxd-vm-4	Deployed
    lxd-vm-5	Allocated
    lxd-vm-6	New
    libvirt-vm-1	Ready
    libvirt-vm-2	Ready
    libvirt-vm-3	Ready
    libvirt-vm-4	Ready
    libvirt-vm-5	Ready
    libvirt-vm-6	Deployed

    This is tabulated, but the number of spaces between the columns is a little big, and, if there’s an unusually long value in one of the fields, it may throw the tabulation off for that line. Something could have been added to jq for that, but there is no need, since Ubuntu already has the column utility. Piping the output of the command so far to column -t (-t for “tabs”) will normalize the tab spacing to the data and ensure that each column is exactly long enough for the longest value in that column:

    maas admin machines read | jq -r '(.[] | [.hostname, .status_name]) | @tsv' \
    | column -t

    This command result is very similar to the previous output, though you’ll notice that the field spacing is neatly optimized to the data itself:

    lxd-vm-1      Deployed
    lxd-vm-2      Allocated
    lxd-vm-3      Ready
    lxd-vm-4      Deployed
    lxd-vm-5      Allocated
    lxd-vm-6      New
    libvirt-vm-1  Ready
    libvirt-vm-2  Ready
    libvirt-vm-3  Ready
    libvirt-vm-4  Ready
    libvirt-vm-5  Ready
    libvirt-vm-6  Deployed

    Making real tables

    So far, so good, but this still isn’t a presentable data table. First of all, there are no headings. These can be added by passing a literal row to jq, like this:

    maas admin machines read | jq -r '(["HOSTNAME","STATUS"]), (.[] | [.hostname, 
    .status_name]) | @tsv' | column -t

    You’ll note that there are two expressions in parenthesis (representing individual lines or rows). The first just contains the two column headings, while the second contains the “for each” construct that pulls the hostname and status out of the JSON. In essence, the first expression evaluates to just one row, since there’s nothing to tell it to iterate. The second expression evaluates to one row per machine, since that’s the level of data we’re reading. Here’s what we get from this command:

    HOSTNAME      STATUS
    lxd-vm-1      Deployed
    lxd-vm-2      Allocated
    lxd-vm-3      Ready
    lxd-vm-4      Deployed
    lxd-vm-5      Allocated
    lxd-vm-6      New
    libvirt-vm-1  Ready
    libvirt-vm-2  Ready
    libvirt-vm-3  Ready
    libvirt-vm-4  Ready
    libvirt-vm-5  Ready
    libvirt-vm-6  Deployed

    Nice, but it needs a horizontal rule, like a line of dashes, to separate the headings from the data. We can do this by essentially turning the one header row into two, using some jq macros to generate dashes lines of appropriate length:

    maas admin machines read | jq -r '(["HOSTNAME","STATUS"] | 
    (.,map(length*"-"))), (.[] | [.hostname, .status_name]) | @tsv' | column -t

    The expression | (.,) tells jq to convert the foregoing header row into two rows: the first contains the two headers, as in the previous row, and the second contains the result of a couple of macros (map and length). We won’t detail those here, but the use of this construct produces the following output:

    HOSTNAME      STATUS
    --------      ------
    lxd-vm-1      Deployed
    lxd-vm-2      Allocated
    lxd-vm-3      Ready
    lxd-vm-4      Deployed
    lxd-vm-5      Allocated
    lxd-vm-6      New
    libvirt-vm-1  Ready
    libvirt-vm-2  Ready
    libvirt-vm-3  Ready
    libvirt-vm-4  Ready
    libvirt-vm-5  Ready
    libvirt-vm-6  Deployed

    Extending the list

    Let’s add a couple more fields, owner (which is sometimes blank), and system_id (which is never blank), to the output:

    maas admin machines read | jq -r '(["HOSTNAME","STATUS", "OWNER", "SYSTEM-ID"] 
    | (.,map(length*"-"))), (.[] | [.hostname, .status_name,.owner,.system_id]) 
    | @tsv' | column -t

    This gives us the following result:

    HOSTNAME      STATUS     OWNER   SYSTEM-ID
    --------      ------     -----   ---------
    lxd-vm-1      Deployed   admin   r8d6yp
    lxd-vm-2      Allocated  admin   tfftrx
    lxd-vm-3      Ready      grwpwc  
    lxd-vm-4      Deployed   admin   6s8dt4
    lxd-vm-5      Allocated  admin   pyebgm
    lxd-vm-6      New        ebnww6  
    libvirt-vm-1  Ready      m7ffsg  
    libvirt-vm-2  Ready      kpawad  
    libvirt-vm-3  Ready      r44hr6  
    libvirt-vm-4  Ready      s3sdkw  
    libvirt-vm-5  Ready      48dg8m  
    libvirt-vm-6  Deployed   admin   bacx77

    You’ll notice right away there’s a problem with the columns. Remember that only machines in the “Allocated” or “Deployed” state are owned by anyone, since that’s what allocate/acquire means. The lines for the deployed and allocated machines lay out correctly, but the lines for the unowned machines are incorrectly formatted. We can fix this by using the jq “alternate value” construct (a // "b"), which can be loosely read, “if not a, then b.” We add it to the owner key like this:

    maas admin machines read | jq -r '(["HOSTNAME","STATUS", "OWNER", "SYSTEM-ID"] 
    | (.,map(length*"-"))), (.[] | [.hostname, .status_name,.owner // "-",.system_id]) 
    | @tsv' | column -t

    Then the results line up nicely, based on the longest value in each key column:

    HOSTNAME      STATUS     OWNER  SYSTEM-ID
    --------      ------     -----  ---------
    lxd-vm-1      Deployed   admin  r8d6yp
    lxd-vm-2      Allocated  admin  tfftrx
    lxd-vm-3      Ready      -      grwpwc
    lxd-vm-4      Deployed   admin  6s8dt4
    lxd-vm-5      Allocated  admin  pyebgm
    lxd-vm-6      New        -      ebnww6
    libvirt-vm-1  Ready      -      m7ffsg
    libvirt-vm-2  Ready      -      kpawad
    libvirt-vm-3  Ready      -      r44hr6
    libvirt-vm-4  Ready      -      s3sdkw
    libvirt-vm-5  Ready      -      48dg8m
    libvirt-vm-6  Deployed   admin  bacx77

    Nested arrays

    Machines have a nested array (of indeterminate length) for machine tags. In JSON terms, instead of having a single key-value pair at the top level, like this:

    "hostname": "libvirt-vm-6",

    tags are represented by nested arrays, like this:

            "tag_names": [
                "pod-console-logging",
                "virtual"
            ],

    Incorporating a random number of tags per machine into a neat table is beyond the scope of this particular post, but we can show the first tag in the table rows:

    maas admin machines read | jq -r '(["HOSTNAME","STATUS", "OWNER", "SYSTEM-ID",
    "FIRST TAG"] | (.,map(length*"-"))), (.[] | [.hostname, .status_name,
    .owner // "-",.system_id,.tag_names[0] // "-"]) | @tsv' | column -t

    Where we would use .json-key-name for a non-nested value, we need only use .json-key-name[0] to refer to the first element of the nested array. Doing this produces the following result:

    HOSTNAME      STATUS     OWNER  SYSTEM-ID  FIRST                TAG
    --------      ------     -----  ---------  ---------            
    lxd-vm-1      Deployed   admin  r8d6yp     pod-console-logging  
    lxd-vm-2      Allocated  admin  tfftrx     pod-console-logging  
    lxd-vm-3      Ready      -      grwpwc     pod-console-logging  
    lxd-vm-4      Deployed   admin  6s8dt4     pod-console-logging  
    lxd-vm-5      Allocated  admin  pyebgm     pod-console-logging  
    lxd-vm-6      New        -      ebnww6     pod-console-logging  
    libvirt-vm-1  Ready      -      m7ffsg     pod-console-logging  
    libvirt-vm-2  Ready      -      kpawad     pod-console-logging  
    libvirt-vm-3  Ready      -      r44hr6     pod-console-logging  
    libvirt-vm-4  Ready      -      s3sdkw     pod-console-logging  
    libvirt-vm-5  Ready      -      48dg8m     pod-console-logging  
    libvirt-vm-6  Deployed   admin  bacx77     pod-console-logging  

    That’s almost right, but notice that the heading separates on spaces between words. Let’s try a better way, with an underscore:

    maas admin machines read | jq -r '(["HOSTNAME","STATUS", "OWNER", "SYSTEM-ID",
    "FIRST_TAG"] | (.,map(length*"-"))), (.[] | [.hostname, .status_name,
    .owner // "-",.system_id,.tag_names[0] // "-"]) | @tsv' | column -t

    This version of the command produces the expected output:

    HOSTNAME      STATUS     OWNER  SYSTEM-ID  FIRST_TAG
    --------      ------     -----  ---------  ---------
    lxd-vm-1      Deployed   admin  r8d6yp     pod-console-logging
    lxd-vm-2      Allocated  admin  tfftrx     pod-console-logging
    lxd-vm-3      Ready      -      grwpwc     pod-console-logging
    lxd-vm-4      Deployed   admin  6s8dt4     pod-console-logging
    lxd-vm-5      Allocated  admin  pyebgm     pod-console-logging
    lxd-vm-6      New        -      ebnww6     pod-console-logging
    libvirt-vm-1  Ready      -      m7ffsg     pod-console-logging
    libvirt-vm-2  Ready      -      kpawad     pod-console-logging
    libvirt-vm-3  Ready      -      r44hr6     pod-console-logging
    libvirt-vm-4  Ready      -      s3sdkw     pod-console-logging
    libvirt-vm-5  Ready      -      48dg8m     pod-console-logging
    libvirt-vm-6  Deployed   admin  bacx77     pod-console-logging

    Nested keys

    These aren’t all the routine key-value pairs we want in the table, though. It would also be nice to print the pool to which each machine is assigned. Just asking for .pool as a single key-value pair:

    maas admin machines read | jq -r '(["HOSTNAME","STATUS", "OWNER", "SYSTEM-ID",
    "FIRST_TAG","POOL"] | (.,map(length*"-"))), (.[] | [.hostname, .status_name,
    .owner // "-",.system_id,.tag_names[0] // "-", .pool]) | @tsv' | column -t

    produces an error:

    jq: error (at <stdin>:5639): object ({"name":"de...) is not valid in a csv row

    Looking at the JSON output, we see that .pool is a nested key, not a key-value pair:

            "pool": {
                "name": "default",
                "description": "Default pool",
                "id": 0,
                "resource_uri": "/MAAS/api/2.0/resourcepool/0/"
            },

    What we really want is the pool name, so we need to add one level of indirection to that particular key to reach the actual key-value pair, like this:

    maas admin machines read | jq -r '(["HOSTNAME","STATUS", "OWNER", "SYSTEM-ID",
    "FIRST_TAG","POOL"] | (.,map(length*"-"))), (.[] | [.hostname, .status_name,
    .owner // "-",.system_id,.tag_names[0] // "-", .pool.name]) | @tsv' | column -t

    which gives us what we want:

    HOSTNAME      STATUS     OWNER  SYSTEM-ID  FIRST_TAG            POOL
    --------      ------     -----  ---------  ---------            ----
    lxd-vm-1      Deployed   admin  r8d6yp     pod-console-logging  default
    lxd-vm-2      Allocated  admin  tfftrx     pod-console-logging  default
    lxd-vm-3      Ready      -      grwpwc     pod-console-logging  default
    lxd-vm-4      Deployed   admin  6s8dt4     pod-console-logging  default
    lxd-vm-5      Allocated  admin  pyebgm     pod-console-logging  default
    lxd-vm-6      New        -      ebnww6     pod-console-logging  default
    libvirt-vm-1  Ready      -      m7ffsg     pod-console-logging  default
    libvirt-vm-2  Ready      -      kpawad     pod-console-logging  default
    libvirt-vm-3  Ready      -      r44hr6     pod-console-logging  default
    libvirt-vm-4  Ready      -      s3sdkw     pod-console-logging  default
    libvirt-vm-5  Ready      -      48dg8m     pod-console-logging  default
    libvirt-vm-6  Deployed   admin  bacx77     pod-console-logging  default

    It’s also useful to list the VLAN and fabric names in the output table. Looking at the JSON again, these values present like this:

    "boot_interface": {
                "vlan": {
                    "vid": 0,
                    "mtu": 1500,
                    "dhcp_on": true,
                    "external_dhcp": null,
                    "relay_vlan": null,
                    "secondary_rack": null,
                    "name": "untagged",
                    "id": 5001,
                    "fabric_id": 1,
                    "space": "undefined",
                    "fabric": "fabric-1",
                    "primary_rack": "wnmkpn",
                    "resource_uri": "/MAAS/api/2.0/vlans/5001/"
                },

    This means they are doubly-nested. No problem; just use double indirection (two levels of . separators) to retrieve them:

    maas admin machines read | jq -r '(["HOSTNAME","SYSID","POWER","STATUS","OWNER", 
    "TAGS", "POOL", "VLAN","FABRIC"] | (., map(length*"-"))), (.[] | [.hostname, 
    .system_id, .power_state, .status_name, .owner // "-", .tag_names[0] // "-", 
    .pool.name, .boot_interface.vlan.name, .boot_interface.vlan.fabric]) 
    | @tsv' | column -t

    The modified command yields the desired results:

    HOSTNAME      SYSID   POWER  STATUS     OWNER  TAGS                 POOL     VLAN      FABRIC
    --------      -----   -----  ------     -----  ----                 ----     ----      ------
    lxd-vm-1      r8d6yp  off    Deployed   admin  pod-console-logging  default  untagged  fabric-1
    lxd-vm-2      tfftrx  off    Allocated  admin  pod-console-logging  default  untagged  fabric-1
    lxd-vm-3      grwpwc  off    Ready      -      pod-console-logging  default  untagged  fabric-1
    lxd-vm-4      6s8dt4  off    Deployed   admin  pod-console-logging  default  untagged  fabric-1
    lxd-vm-5      pyebgm  off    Allocated  admin  pod-console-logging  default  untagged  fabric-1
    lxd-vm-6      ebnww6  off    New        -      pod-console-logging  default  untagged  fabric-1
    libvirt-vm-1  m7ffsg  off    Ready      -      pod-console-logging  default  untagged  fabric-1
    libvirt-vm-2  kpawad  off    Ready      -      pod-console-logging  default  untagged  fabric-1
    libvirt-vm-3  r44hr6  error  Ready      -      pod-console-logging  default  untagged  fabric-1
    libvirt-vm-4  s3sdkw  off    Ready      -      pod-console-logging  default  untagged  fabric-1
    libvirt-vm-5  48dg8m  off    Ready      -      pod-console-logging  default  untagged  fabric-1
    libvirt-vm-6  bacx77  on     Deployed   admin  pod-console-logging  default  untagged  fabric-1

    There’s just one more (deeply nested) value we want to retrieve, and that’s the fully-qualified subnet address in CIDR form. That’s a little trickier, because it’s buried in JSON like this:

           "boot_interface": {
                "vlan": {
                    "vid": 0,
                    "mtu": 1500,
                    "dhcp_on": true,
    		...
    		"resource_uri": "/MAAS/api/2.0/vlans/5001/"
                },
                "parents": [],
                "product": null,
    	    ...
    	    "link_connected": true,
                "type": "physical",
                "links": [
                    {
                        "id": 79,
                        "mode": "auto",
                        "ip_address": "10.124.141.4",
                        "subnet": {
                            "name": "10.124.141.0/24",

    So the value we want is in the nested key boot_interface, in a nested array links[], which contains the doubly-nested key subnet.name. We can finish our basic CLI machine list — the one we started with — by adding this complex formulation to the command:

    maas admin machines read | jq -r '(["HOSTNAME","SYSID","POWER","STATUS",
    "OWNER", "TAGS", "POOL", "VLAN","FABRIC","SUBNET"] | (., map(length*"-"))),
    (.[] | [.hostname, .system_id, .power_state, .status_name, .owner // "-", 
    .tag_names[0] // "-", .pool.name,
    .boot_interface.vlan.name, .boot_interface.vlan.fabric,
    .boot_interface.links[0].subnet.name]) | @tsv' | column -t

    Sure enough, this command gives us the same table we had at the beginning of this post:

    HOSTNAME      SYSID   POWER  STATUS     OWNER  TAGS                 POOL     VLAN      FABRIC    SUBNET
    --------      -----   -----  ------     -----  ----                 ----     ----      ------    ------
    lxd-vm-1      r8d6yp  off    Deployed   admin  pod-console-logging  default  untagged  fabric-1  10.124.141.0/24
    lxd-vm-2      tfftrx  off    Allocated  admin  pod-console-logging  default  untagged  fabric-1  10.124.141.0/24
    lxd-vm-3      grwpwc  off    Ready      -      pod-console-logging  default  untagged  fabric-1  10.124.141.0/24
    lxd-vm-4      6s8dt4  off    Deployed   admin  pod-console-logging  default  untagged  fabric-1  10.124.141.0/24
    lxd-vm-5      pyebgm  off    Allocated  admin  pod-console-logging  default  untagged  fabric-1  10.124.141.0/24
    lxd-vm-6      ebnww6  off    New        -      pod-console-logging  default  untagged  fabric-1  
    libvirt-vm-1  m7ffsg  off    Ready      -      pod-console-logging  default  untagged  fabric-1  10.124.141.0/24
    libvirt-vm-2  kpawad  off    Ready      -      pod-console-logging  default  untagged  fabric-1  10.124.141.0/24
    libvirt-vm-3  r44hr6  error  Ready      -      pod-console-logging  default  untagged  fabric-1  10.124.141.0/24
    libvirt-vm-4  s3sdkw  off    Ready      -      pod-console-logging  default  untagged  fabric-1  10.124.141.0/24
    libvirt-vm-5  48dg8m  off    Ready      -      pod-console-logging  default  untagged  fabric-1  10.124.141.0/24
    libvirt-vm-6  bacx77  on     Deployed   admin  pod-console-logging  default  untagged  fabric-1  10.124.141.0/24

    Chaining Ubuntu CLI commands

    Although the machine list above looks fairly neat, it’s actually not sorted by hostname, exactly. To accomplish this, we’d need to add a couple of Ubuntu CLI commands to the mix. Sorting on hostname means we want to sort on field 1 of the current command’s output. We can try just feeding that to sort like this:

    maas admin machines read | jq -r '(["HOSTNAME","SYSID","POWER","STATUS", "OWNER", 
    "TAGS", "POOL", "VLAN","FABRIC","SUBNET"] | (., map(length*"-"))), (.[] | 
    [.hostname, .system_id, .power_state, .status_name, .owner // "-", 
    .tag_names[0] // "-", .pool.name, .boot_interface.vlan.name, 
    .boot_interface.vlan.fabric, .boot_interface.links[0].subnet.name]) 
    | @tsv' | column -t | sort -k 1

    This command does indeed sort by hostname:

    --------      -----   -----  ------     -----  ----                 ----     ----      ------    ------
    HOSTNAME      SYSID   POWER  STATUS     OWNER  TAGS                 POOL     VLAN      FABRIC    SUBNET
    libvirt-vm-1  m7ffsg  off    Ready      -      pod-console-logging  default  untagged  fabric-1  10.124.141.0/24
    libvirt-vm-2  kpawad  off    Ready      -      pod-console-logging  default  untagged  fabric-1  10.124.141.0/24
    libvirt-vm-3  r44hr6  error  Ready      -      pod-console-logging  default  untagged  fabric-1  10.124.141.0/24
    libvirt-vm-4  s3sdkw  off    Ready      -      pod-console-logging  default  untagged  fabric-1  10.124.141.0/24
    libvirt-vm-5  48dg8m  off    Ready      -      pod-console-logging  default  untagged  fabric-1  10.124.141.0/24
    libvirt-vm-6  bacx77  on     Deployed   admin  pod-console-logging  default  untagged  fabric-1  10.124.141.0/24
    lxd-vm-1      r8d6yp  off    Deployed   admin  pod-console-logging  default  untagged  fabric-1  10.124.141.0/24
    lxd-vm-2      tfftrx  off    Allocated  admin  pod-console-logging  default  untagged  fabric-1  10.124.141.0/24
    lxd-vm-3      grwpwc  off    Ready      -      pod-console-logging  default  untagged  fabric-1  10.124.141.0/24
    lxd-vm-4      6s8dt4  off    Deployed   admin  pod-console-logging  default  untagged  fabric-1  10.124.141.0/24
    lxd-vm-5      pyebgm  off    Allocated  admin  pod-console-logging  default  untagged  fabric-1  10.124.141.0/24
    lxd-vm-6      ebnww6  off    New        -      pod-console-logging  default  untagged  fabric-1  

    but is has the unintended side-effect of sorting the header lines into the output. There are probably at least a dozen Ubuntu CLI solutions for this, so we’ll just pick one of the most elegant here, using awk:

    maas admin machines read | jq -r '(["HOSTNAME","SYSID","POWER","STATUS","OWNER", 
    "TAGS", "POOL", "VLAN","FABRIC","SUBNET"] | (., map(length*"-"))),(.[] | 
    [.hostname, .system_id, .power_state, .status_name, .owner // "-", 
    .tag_names[0] // "-", .pool.name, .boot_interface.vlan.name, 
    .boot_interface.vlan.fabric,.boot_interface.links[0].subnet.name]) 
    | @tsv' | column -t | awk 'NR<3{print $0;next}{print $0| "sort -k 1"}'

    This command gives us the desired output:

    HOSTNAME      SYSID   POWER  STATUS     OWNER  TAGS                 POOL     VLAN      FABRIC    SUBNET
    --------      -----   -----  ------     -----  ----                 ----     ----      ------    ------
    libvirt-vm-1  m7ffsg  off    Ready      -      pod-console-logging  default  untagged  fabric-1  10.124.141.0/24
    libvirt-vm-2  kpawad  off    Ready      -      pod-console-logging  default  untagged  fabric-1  10.124.141.0/24
    libvirt-vm-3  r44hr6  error  Ready      -      pod-console-logging  default  untagged  fabric-1  10.124.141.0/24
    libvirt-vm-4  s3sdkw  off    Ready      -      pod-console-logging  default  untagged  fabric-1  10.124.141.0/24
    libvirt-vm-5  48dg8m  off    Ready      -      pod-console-logging  default  untagged  fabric-1  10.124.141.0/24
    libvirt-vm-6  bacx77  on     Deployed   admin  pod-console-logging  default  untagged  fabric-1  10.124.141.0/24
    lxd-vm-1      r8d6yp  off    Deployed   admin  pod-console-logging  default  untagged  fabric-1  10.124.141.0/24
    lxd-vm-2      tfftrx  off    Allocated  admin  pod-console-logging  default  untagged  fabric-1  10.124.141.0/24
    lxd-vm-3      grwpwc  off    Ready      -      pod-console-logging  default  untagged  fabric-1  10.124.141.0/24
    lxd-vm-4      6s8dt4  off    Deployed   admin  pod-console-logging  default  untagged  fabric-1  10.124.141.0/24
    lxd-vm-5      pyebgm  off    Allocated  admin  pod-console-logging  default  untagged  fabric-1  10.124.141.0/24
    lxd-vm-6      ebnww6  off    New        -      pod-console-logging  default  untagged  fabric-1  

    Note that by changing the numerical “-k” argument to “sort,” you can change which field controls the sort:

    maas admin machines read | jq -r '(["HOSTNAME","SYSID","POWER","STATUS","OWNER", 
    "TAGS", "POOL", "VLAN","FABRIC","SUBNET"] | (., map(length*"-"))),(.[] | 
    [.hostname, .system_id, .power_state, .status_name, .owner // "-", 
    .tag_names[0] // "-", .pool.name, .boot_interface.vlan.name, 
    .boot_interface.vlan.fabric,.boot_interface.links[0].subnet.name]) 
    | @tsv' | column -t | awk 'NR<3{print $0;next}{print $0| "sort -k 4"}'

    This command sorts by machine state, which is the fourth field:

    HOSTNAME      SYSID   POWER  STATUS     OWNER  TAGS                 POOL     VLAN      FABRIC    SUBNET
    --------      -----   -----  ------     -----  ----                 ----     ----      ------    ------
    lxd-vm-2      tfftrx  off    Allocated  admin  pod-console-logging  default  untagged  fabric-1  10.124.141.0/24
    lxd-vm-5      pyebgm  off    Allocated  admin  pod-console-logging  default  untagged  fabric-1  10.124.141.0/24
    libvirt-vm-6  bacx77  on     Deployed   admin  pod-console-logging  default  untagged  fabric-1  10.124.141.0/24
    lxd-vm-1      r8d6yp  off    Deployed   admin  pod-console-logging  default  untagged  fabric-1  10.124.141.0/24
    lxd-vm-4      6s8dt4  off    Deployed   admin  pod-console-logging  default  untagged  fabric-1  10.124.141.0/24
    lxd-vm-6      ebnww6  off    New        -      pod-console-logging  default  untagged  fabric-1  
    libvirt-vm-1  m7ffsg  off    Ready      -      pod-console-logging  default  untagged  fabric-1  10.124.141.0/24
    libvirt-vm-2  kpawad  off    Ready      -      pod-console-logging  default  untagged  fabric-1  10.124.141.0/24
    libvirt-vm-4  s3sdkw  off    Ready      -      pod-console-logging  default  untagged  fabric-1  10.124.141.0/24
    libvirt-vm-5  48dg8m  off    Ready      -      pod-console-logging  default  untagged  fabric-1  10.124.141.0/24
    lxd-vm-3      grwpwc  off    Ready      -      pod-console-logging  default  untagged  fabric-1  10.124.141.0/24
    libvirt-vm-3  r44hr6  error  Ready      -      pod-console-logging  default  untagged  fabric-1  10.124.141.0/24

    Summary

    At this point, it should be clear that jq is a relatively simple, powerful tool for formatting output from the MAAS CLI. You should also remember that, like any Ubuntu CLI command, jq simply outputs text — so anything you can do with text output, you can do with the output from jq. In the next post, we’ll look at some ways to use jq to automatically write CLI scripts to automate various routine MAAS operations.

     

     

     

     

    06 January, 2021 01:02AM

    January 05, 2021

    hackergotchi for Grml developers

    Grml developers

    Michael Prokop: Bookdump 05/2020

    Foto vom Buchregal

    Bücher, die ich in 2020 seit meinem letzten Bookdump gelesen habe:

    • Die Möglichkeit einer Insel, von Michel Houellebecq. Dieses Buch spielt in 443 Seiten mit zwei unterschiedlichen Zeitebenen. Einmal ca. im Jahr ~2000 in der ersten Generation (Daniel1), und einmal rund um das Jahr 4000 in der 24. und 25. Generation des Protagonisten Daniel (Daniel24 bzw. Daniel25). Ein Science-Fiction-Roman rund um Neo-Menschen, Elohimiten, Klonen von Menschen, Glück, Sex, Einsamkeit, Klimakatastrophe und den Umgang mit alten Menschen. Für mich das bisher schwächste Buch das ich von Houellebecq gelesen habe. Mir war es zu schwätzerisch, plattitüdisch-seicht und resignatorisch, ich musste mich leider immer wieder zwingen, es bis zum Ende durchzuhalten.
    • The Great Nowitzki, von Thomas Pletzinger. Pletzinger hat 7 Jahre an der Seite des Basketball-Stars Dirk Nowitzki (Stichwort 41.21.1) verbracht, und das Resultat bekommt man auf 502 Seiten serviert. Für diesen Umfang erfährt man vergleichsweise wenig über Dirk Nowitzki, umso spannender fand ich aber die Ausführungen zu Holger Geschwindner, dem Trainer und Mentor von Nowitzki, mit interessanten Trainingsmethoden und einer ganz eigenen Philosophie. Was auch gut herausgearbeitet wird ist der Ehrgeiz, Wille und Durchhaltevermögen, mit dem Nowitzki seine Karriere bestritten hat, und trotzdem ein bodenständiger Mensch geblieben zu sein scheint. Der Schreibstil hat stellenweise etwas romanartiges, und besonders ab der Hälfte musste ich mich ein wenig durch den (Nicht-)Inhalt plagen. Im letzten Viertel – um in der Sprache des Basketball zu bleiben – nimmt das Spiel wieder an Spannung und Fahrt auf, die Rechtschreib- bzw. Grammatikfehler nehmen gleichzeitig auch zu. Das Buch liest sich aber flüssig und schnell, und man erfährt nebenbei ein wenig zum Kosmos NBA und Basketball.
    • Das wundersame in der Unwirtlichkeit, von Marlene Streeruwitz. Auf 123 Seiten kann man die Vorlesungen, die im Rahmen der Paderborner Gastdozentur für Schriftstellerinnern und Schriftsteller 2017 von Streeruwitz gehalten wurden, nachlesen. In fünf Vorlesungen macht sich Streeruwitz Gedanken zu feministischen und kapitalistischen Themen. Gedanken zur Organspende, Malina von Ingeborg Bachmann, ein Auszug aus ihrem Sci-Fi-Roman „Norma Desmond“, Walt-Disneys “Frozen” und im letzten Teil schließlich wenn Aliens Bücher schreiben. Ein Plädoyer zum Aufruhr.
    • Ach, diese Lücke, diese entsetzliche Lücke, von Joachim Meyerhoff. Der dritte Roman der Buchreihe von Meyerhoff (siehe Review vom ersten Teil sowie Review vom zweiten Teil) erzählt auf 348 Seiten von Meyerhoffs Besuch der Schauspielschule und dem Leben in der Villa seiner Großeltern. Auch dieses Buch macht wieder verlässlich gute Laune und die Seiten flutschen nur so dahin, wunderbar.
    • Die Intelligenz der Maschinen, von Martin Ford. Für dieses Buch hat Martin Ford 23 der renommiertesten ForscherInnen rund um das Thema KI (Künstliche Intelligenz) interviewt.
      Die Fragestellungen und Ausführungen auf 526 Seiten geben einen Einblick in die Geschichte der KI und laden zum Nachdenken und Weiter-recherchieren ein. Es gibt in fast allen Interviews interessante Fakten oder Anregungen, besonders lesenswert fand ich aber die Interviews mit Judea Pearl und Josh Tenenbaum. Lesenswerte Lektüre für all jene, die sich für das Thema KI interessieren. (Das Buch gibt es übrigens im englischsprachigen Original unter dem Titel “Architects of Intelligence: The truth about AI from the people building it” bei Packt Publishing, ein Verlag den ich aber so gut es geht zu umgehen versuche und daher zur deutschsprachigen Ausgabe beim MITP-Verlag gegriffen habe.)
    • Künstliche Intelligenz, von Manuela Lenzen. Auf 252 Seiten gibt es einen gut zu lesenden Überblick zum Thema KI. Dieses Buch – das ich mir von der Stadtbibliothek Graz ausgeborgt habe – erwähnt übrigens auch die SmartCity Graz. Ein schönes Zitat von Frederick Jelinek (Leiter der Abteilung für Sprachverarbeitung und Übersetzung bei IBM) zum Thema Übersetzungsprogramme:

      Jedes Mal, wenn ich einen Linguisten feuere, verbessert sich die Spracherkennung.

      Es bleiben auch Phänome wie Uncanny Valley und die 23 Asilomar-Prinzipien nicht unerwähnt. Ein – besonders auch für Nicht-Techniker – sehr zugängliches Buch, das sich als Einstiegspunkt für weitergehende Recherchen eignet.

    • Die Zweisamkeit der Einzelgänger, von Joachim Meyerhoff. Der vierte Roman der Buchreihe von Meyerhoff, diesmal gibt es 416 unterhaltsame Seiten rund um seinen Besuch der Schauspielschule. Meyerhoff liefert erstklassige Unterhaltung wie ein Schweizer Uhrwerk.
    • Lebenswerk, von Alice Schwarzer. Ich wollte unter anderem verstehen, wo und wie der Konflikt zwischen Margarete Stokowski und Alice Schwarzer einzuordnen ist, und auf diesen 461 Seiten bin ich dem eventuell ein Stück näher gekommen. Besonders die ersten ~300 Seiten fand ich sehr anregend zu lesen, unter anderem war mir nicht bewusst, dass:

      Auch nach 1995 […] Abtreibung in Deutschland eine Straftat und die Schwangere zum Austragen verpflichtet ist.

      Es gibt auch viele Hintergrundinformationen zu bekannten (TV-)Interviews mit Schwarzer. Die letzten ~150 Seiten sind Schlüsseltexte Schwarzers von 1971 bis 2018, die veranschaulichen, wie vorausdenkend und pro­gres­siv Schwarzer dabei in vielen Themenbereichen war und ist. Erhellende Lektüre.

    • Der Ohrenzeuge – Fünfzig Charaktere, von Elias Canetti. Ein gutes ZÖK-Buch (Zähne putzen, Öffis, Klo), in dem Canetti feine Charaktere wie z.B. Tränenwärmer, Geruchschmale, Schadenfrische, Bitterwicklerin, Papiersäufer und den Nimmermuß auf 96 Seiten zum Leben erweckt.
    • Darf ich dir das Sie anbieten?, von Katharina Hacker. Ebenfalls ein feines ZÖK-Buch (Zähne putzen, Öffis, Klo), gibt es auf 112 Seiten anregende Minutenessays. Für Sprachverliebte, die fehlende Seitenzahlen als Feature und nicht als Bug betrachten.
    • Invent & Wander, von Jeffrey P. Bezos. Ein 357 Seiten dickes Buch das es bereits 2020 zu kaufen gab, aber in der deutschen Fassung “1. Auflage 2021” im Copyright-Hinweis anführt. Die 35 Seiten umfassende Einleitung von Walter Isaacson beinhaltet eine gute Zusammenfassung des darauf folgenden Inhalts. Im ersten Teil auf ~250 Seiten sind dabei die Briefe Bezos an die Aktionäre von Amazon zu finden, die wiederholt gleiche Themen aufgreifen und sich daher mit der Zeit immer stärker selbst wiederholen und re­fe­ren­zie­ren. Im Anschluss folgt auf gut 100 Seiten eine Auswahl aus Interviews mit und Reden von Bezos. Man erfährt mehr zur Sichtweise von Bezos auf Themen wie Innovation (Stichwort “It is always day one”), Mitarbeiterauswahl und wie weit Kundenorientiertheit gehen kann. Bisher unbekannt waren mir u.a. das japanische Wort Muda und Amazons “Pay to Quit” (Mitarbeitern wird Geld geboten damit sie kündigen). Entlarvend und passend zum Amazon-Kosmos sind dann aber wiederum Nebensätze wie:

      Wir haben […] die Pausenräume mit Stühlen ausgestattet.

    • Frausein, von Mely Kiyak. Eine fantastische Gesellschaftskritik auf schlanken 127 Seiten, die Themen wie Generationskonflikte, Gastarbeiterfamilien und Vater-Tochter-Beziehungen sehr gelungen in Worte packt. Lesenswert.
    • Alles kein Zufall, von Elke Heidenreich. Diese 273 Seiten aus Fischers Taschenbibliothek ergeben mit maximal 3-Seiten schlanken Geschichten das perfekte ZÖK-Buch (Zähne putzen, Öffis, Klo), das ich immer wieder gerne aus meiner Jackentasche genommen habe.
    • Die Richterin, von Lydia Mischkulnig. Der 289 Seiten umfassende Roman rund um Gabrielle erzählt von ihrem Alltag als Richterin, die über das Leben von AsylwerberInnen entscheidet. Ein schwieriges Thema sehr sensibel und klug verpackt, mit interessanten Fragestellungen rund um Entscheidungen die (über)lebensrelevant sein können. Sprachlich habe ich mich mit dem Stil – der wohl absichtlich an das Verwaltungsrecht bzw. die Judikatur angelehnt ist um authentisch zu wirken – ein wenig schwer getan, und für das Buch schlussendlich mehrere Anläufe gebraucht. Irritierend war zudem die Verwendung des abwertenden Begriffs Asylant (siehe Seite 204), bei dem ich mir nach wie vor nicht sicher bin, ob das wirklich so beabsichtigt war. Insgesamt aber trotzdem ein spannendes Buch, weil es zum Nachdenken über und die Bedeutung von Entscheidungen vielfältig und ohne moralischem Fingerzeigen einlädt.
    • Unrast, von Olga Tokarczuk. Reisephilosophie, Leiserust, Rastlosigkeit und irgendwie dann doch schwer zuordenbare Themen werden sprachlich klug auf 457 Seiten ausgebreitet. Die Titelseite – mit einem sehr gelungenen Cover – wirbt mit “Roman“, tatsächlich aber ist es eine Sammlung von Kurzgeschichten sehr unterschiedlicher Länge. Mit diesem Format habe ich mir nicht unschwer getan, speziell da die Geschichten für mich auch sehr unterschiedlicher Qualität sind. Wäre es nicht so sprachlich gelungen, hätte ich vermutlich schon früher aufgegeben. Sobald man sich aber auf das Format einlässt und in die Stimmung kippt, ergibt das Buch mit seinem unruhigen Stil ein spannendes Buch, das seinem Titel gerecht wird.
    • Nichts als die Wahrheit, von Michael Köhlmeier. Dieses 90 Seiten schlanke Buch ist im Verlag “Edition QVV” erschienen, dem Buchverlag von Quo Vadis Veritas, das als Medienmarke Addendum seit 2017 bekannt war und mit September 2020 leider eingestellt wurde. Daher an dieser Stelle kein direkter Link zum Verlag, sondern JFTR einfach nur die ISBN: 978-3-200-06674-8. Ich habe für mich Köhlmeier als wunderbaren Geschichtenerzähler entdeckt, und Köhlmeier enttäuscht auch hier in diesen 10 Geschichten rund um Lebenslügen und die Wahrheit nicht. Die Geschichten erschienen in den Addendum-Ausgaben in Kolumnen-ähnlicher Form, und waren dadurch vom Umfang her eingeschränkt und man findet den einen oder anderen Rechtschreib- und Grammatikfehler. Durch das Kolumnen-Format entfalten leider auch nicht alle Geschichten ihr volles Potential, wer das Buch aber als AbonnentIn von Addendum zugeschickt bekommen und die Geschichten bisher auch noch nicht in den Addendum-Ausgaben gelesen hat, möge dies nachholen.

    05 January, 2021 09:11PM

    hackergotchi for Ubuntu developers

    Ubuntu developers

    Alan Pope: Ouya was a Success

    On 11th July 2012, the Ouya burst onto the scene via popular crowdfunding site - Kickstarter. It was billed as “A New Kind of Video Game Console” which sold for $99/£99 at launch. It was essentially an Nvidia Tegra 3 based ARM System on Chip crammed into a tiny box which sat under / near your TV and was operated with supplied bluetooth game controllers. They far exceeded the target of $950,000, reaching $8,596,474, setting some high expectations among the backers and interested onlookers.

    05 January, 2021 12:00PM

    January 04, 2021

    hackergotchi for Purism PureOS

    Purism PureOS

    App Showcase: Weather

    Weather apps are one of the few apps people use every day that needs a location to work, but weather apps on most smartphones are notorious for capturing and selling your location data.

    The Librem 5 is designed to protect your privacy, and include a privacy-respecting Weather app. When opened this retrieves weather data from the Norwegian Meteorological Institute, and only them.

    The Norwegian Meteorological Institute has a free and open data policy with the goal of benefiting society, in many ways similar to our ideals at Purism.

    Weather features an hourly overview, as well as a 10-day forecast.

    As you would expect on a privacy device, you can disable automatic location and enter your position by hand.

    Discover the Librem 5

    Purism believes building the Librem 5 is just one step on the road to launching a digital rights movement, where we—the-people stand up for our digital rights, where we place the control of your data and your family’s data back where it belongs: in your own hands.

    Order now

    The post App Showcase: Weather appeared first on Purism.

    04 January, 2021 11:34PM by David Hamner

    hackergotchi for Ubuntu

    Ubuntu

    Ubuntu Weekly Newsletter Issue 664

    Welcome to the Ubuntu Weekly Newsletter, Issue 664 for the week of December 27, 2020 – January 2, 2021. The full version of this issue is available here.

    In this issue we cover:

    The Ubuntu Weekly Newsletter is brought to you by:

    • Krytarik Raido
    • Bashing-om
    • Chris Guiver
    • Wild Man
    • And many others

    If you have a story idea for the Weekly Newsletter, join the Ubuntu News Team mailing list and submit it. Ideas can also be added to the wiki!

    Except where otherwise noted, this issue of the Ubuntu Weekly Newsletter is licensed under a Creative Commons Attribution ShareAlike 3.0 License

    04 January, 2021 09:43PM by wildmanne39

    hackergotchi for Ubuntu developers

    Ubuntu developers

    Colin King: Improving kernel test coverage with stress-ng

    Over the past year there has been focused work on improving the test coverage of the Linux Kernel with stress-ng.  Increased test coverage exercises more kernel code and hence improves the breadth of testing, allowing us to be more confident that more corner cases are being handled correctly.

    The test coverage has been improved in several ways:

    1. testing more system calls; most system calls are being now exercised
    2. adding more ioctl() command tests
    3. exercising system call error handling paths
    4. exercise more system call options and flags
    5. keeping track of new features added to recent kernels and adding stress test cases for these
    6. adding support for new architectures (RISC-V for example)

    Each stress-ng release is run with various stressor options against the latest kernel (built with gcov enabled).  The gcov data is processed with lcov to produce human readable kernel source code containing coverage annotations to help inform where to add more test coverage for the next release cycle of stress-ng. 

    Linux Foundation sponsored Piyush Goyal for 3 months to add test cases that exercise system call test failure paths and I appreciate this help in improving stress-ng. I finally completed this tedious task at the end of 2020 with the release of stress-ng 0.12.00.

    Below is a chart showing how the kernel coverage generated by stress-ng has been increasing since 2015. The amber line shows lines of code exercised and the green line shows kernel functions exercised.

     


    ..one can see that there was a large increase of kernel test coverage in the latter half of 2020 with stress-ng.  In all, 2020 saw ~20% increase on kernel coverage, most of this was driven using the gcov analysis, however, there is more to do.

    What next?  Apart from continuing to add support for new kernel system calls and features I hope to improve the kernel coverage test script to exercise more file systems; it will be interesting to see what kind of bugs get found. I'll also be keeping the stress-ng project page refreshed as this tracks bugs that stress-ng has found in the Linux kernel.

    As it stands, release 0.12.00 was a major milestone for stress-ng as it marks the completion of the major work items to improve kernel test coverage.

    04 January, 2021 04:44PM by Colin Ian King (noreply@blogger.com)

    Alan Pope: Downloading Twitter Data or Not

    Bit of a rant, sorry. I’m trying to download my data from Twitter. I login via the web page, find the place to do this, note its says I’ll get an “archive of your data we think is most important to you”. Uh-huh, you think. Then click the button. It takes a day to build that archive, and you’re not allowed to ask for it again for 30 days. Next day I get a notification so I can download it.

    04 January, 2021 12:00PM

    Full Circle Magazine: Full Circle Weekly News #195


    Ubuntu’s Snap Theming Will See Changes for the Better
    https://ubuntu.com//blog/snaps-and-themes-on-the-path-to-seamless-desktop-integration
    GTK4 Is Available After 4 Years In Development
    https://blog.gtk.org/2020/12/16/gtk-4-0/
    Linux Mint 20.1 Ulyssa Beta Out
    https://blog.linuxmint.com/?p=3989

    Rescuezilla 2.1.2 Out
    https://github.com/rescuezilla/rescuezilla/releases/tag/2.1.2

    Manjaro ARM 20.12 Out
    https://forum.manjaro.org/t/manjaro-arm-20-12-released/43709

    Linux Kernel 5.11 rc1 Out
    https://www.lkml.org/lkml/2020/12/27/180

    Bash 5.1 Out
    https://lists.gnu.org/archive/html/info-gnu/2020-12/msg00003.html

    Darktable 3.4 Out
    https://github.com/darktable-org/darktable/releases/tag/release-3.4.0

    Thunderbird 78.6.0 Out
    https://www.thunderbird.net/en-US/thunderbird/78.6.0/releasenotes/

    LibreOffice 7.0.4 Out
    https://9to5linux.com/libreoffice-7-0-4-office-suite-released-with-more-than-110-bug-fixes

    Kdenlive 20.12 Out
    https://news.itsfoss.com/kdenlive-20-12/

    Anbox Cloud 1.8.2 Out
    https://discourse.ubuntu.com/t/anbox-cloud-1-8-2-has-been-released/19951

    04 January, 2021 11:21AM

    January 03, 2021

    Bryan Quigley: Wrong About Signal

    Another update - it's been 6 months and Signal still does not let you register.

    Updated Riot was renamed to Element. XMPP info added in comment.

    A couple years ago I was a part of a discussion about encrypted messaging.

    • I was in the Signal camp - we needed it to be quick and easy to setup for users to get setup. Using existing phone numbers makes it easy.
    • Others were in the Matrix camp - we need to start from scratch and make it distributed so no one organization is in control. We should definitely not tie it to phone numbers.

    I was wrong.

    Signal has been moving in the direction of adding PINs for some time because they realize the danger of relying on the phone number system. Signal just mandated PINs for everyone as part of that switch. Good for security? I really don't think so. They did it so you could recover some bits of "profile, settings, and who you’ve blocked".

    Before PIN

    If you lose your phone your profile is lost and all message data is lost too. When you get a new phone and install Signal your contacts are alerted that your Safety Number has changed - and should be re-validated.

    >>Where profile data lives1318.60060075387.1499999984981Where profile data livesYour Devices

    After PIN

    If you lost your phone you can use your PIN to recover some parts of your profile and other information. I am unsure if Safety Number still needs to be re-validated or not.

    Your profile (or it's encryption key) is stored on at least 5 servers, but likely more. It's protected by secure value recovery.

    There are many awesome components of this setup and it's clear that Signal wanted to make this as secure as possible. They wanted to make this a distributed setup so they don't even need to tbe only one hosting it. One of the key components is Intel's SGX which has several known attacks. I simply don't see the value in this and it means there is a new avenue of attack.

    >>Where profile data lives1370.275162.94704773529975250.12499999999997371.0529522647003Where profile data livesYour DevicesSignal servers

    PIN Reuse

    By mandating user chosen PINs, my guess is the great majority of users will reuse the PIN that encrypts their phone. Why? PINs are re-used a lot to start, but here is how the PIN deployment went for a lot of Signal users:

    1. Get notification of new message
    2. Click it to open Signal
    3. Get Mandate to set a PIN before you can read the message!

    That's horrible. That means people are in a rush to set a PIN to continue communicating. And now that rushed or reused PIN is stored in the cloud.

    Hard to leave

    They make it easy to get connections upgraded to secure, but their system to unregister when you uninstall has been down Since June 28th at least (tried last on July22nd). Without that, when you uninstall Signal it means:

    • you might be texting someone and they respond back but you never receive the messages because they only go to Signal
    • if someone you know joins Signal their messages will be automatically upgraded to Signal messages which you will never receive

    Conclusion

    In summary, Signal got people to hastily create or reuse PINs for minimal disclosed security benefits. There is a possibility that the push for mandatory cloud based PINS despite all of the pushback is that Signal knows of active attacks that these PINs would protect against. It likely would be related to using phone numbers.

    I'm trying out the Element which uses the open Matrix network. I'm not actively encouraging others to join me, but just exploring the communities that exist there. It's already more featureful and supports more platforms than Signal ever did.

    Maybe I missed something? Feel free to make a PR to add comments

    Comments

    kousu posted

    In the XMPP world, Conversastions has been leading the charge to modernize XMPP, with an index of popular public groups (jabber.network) and a server validator. XMPP is mobile-battery friendly, and supports server-side logs wrapped in strong, multi-device encryption (in contrast to Signal, your keys never leave your devices!). Video calling even works now. It can interact with IRC and Riot (though the Riot bridge is less developed). There is a beautiful Windows client, a beautiful Linux client and a beautiful terminal client, two good Android clients, a beautiful web client which even supports video calling (and two others). It is easy to get an account from one of the many servers indexed here or here, or by looking through libreho.st. You can also set up your own with a little bit of reading. Snikket is building a one-click Slack-like personal-group server, with file-sharing, welcome channels and shared contacts, or you can integrate it with NextCloud. XMPP has solved a lot of problems over its long history, and might just outlast all the centralized services.

    Bryan Reply

    I totally forgot about XMPP, thanks for sharing!

    03 January, 2021 08:18PM

    Alan Pope: Check for Outdated Snaps

    I don’t consider myself a ‘Developer’ but I maintain a bunch of snaps in the Snap Store, and threw together a shell script which I’m sharing here in case it’s useful to other publishers. The goal of the script is to go through each snap and check to see if there’s a newer version of it upstream than currently published in the store. As such it’s not meant for end-users, but for people like me who publish multiple snaps from different places, and want to keep on top of them.

    03 January, 2021 12:00PM

    January 02, 2021

    Will Cooke: Double helping of Pi Hole

    In episode 100 of Late Night Linux I talked a little bit about trying out Pi Hole and AdGuard to replace my home grown ad blocker based on dnsmasq and a massive hosts file.

    I came down in favour of Pi Hole for a couple of reasons but the deciding factor was that Pi Hole felt a bit more open and that it was built on top of dnsmasq which allowed me to reuse config for TFTP which netboots some devices which needed it.

    Now that I’ve been using Pi Hole for a few months I have a much better understanding of its limitations and the big one for me is performance. Not the performance when servicing DNS requests but performance when querying the stats data, when reloading block lists and when enabling and disabling certain lists. I suspect a lot of the problems I was having is down to flaky SD cards.

    I fully expect that for most people this will never be a problem, but for me it was an itch I wanted to scratch, so here’s what I did:

    Through the actually quite generous Amazon Alexa AWS Credits promotion I have free money to spend on AWS services, so I spun up a t2.micro EC2 instance (1 vCPU, 1GB RAM – approx £10 a month) running Ubuntu.

    I installed Pi Hole on that instance along with Wireguard which connects it back to my local network at home. I used this guide from Linode to get Wireguard set up.

    The Pi Hole running in AWS hosts the large block files and is configured with a normal upstream DNS server as its upstream (I’m using Cloudflare).

    Pi Hole running in AWS configured with Cloudflare as its upstream DNS

    I use three Ad block lists:

    Pi Hole running on a t2.micro instance is really speedy. I can reload the block list in a matter of seconds (versus minutes on the Pi) and querying the stats database no longer locks up and crashes Pi Hole’s management engine FTL.

    The Pi Hole running on my LAN is configured to use the above AWS based Pi Hole as its upstream DNS server and also has a couple of additional block lists for YouTube and TikTok.

    This allows me use Pi Hole on a Pi as the DHCP server on my LAN and benefit from the GUI to configure things. I can quickly and easily block YouTube when the kids have done enough and won’t listen to reason and the heavy lifting of bulk ad blocking is done on an AWS EC2 instance. The Pi on the LAN will cache a good amount of DNS and so everything whizzes along quickly.

    Pi Hole on the LAN has a block list of about 3600 hosts, whereas the version running in AWS has over 1.5 million.

    All things considered I’m really happy with Pi Hole and the split-load set up I have now makes it even easier to live with. I would like to see an improved Pi Hole API for enabling and disabling specific Ad lists so that I can make it easier to automate (e.g. unblock YouTube for two hours on a Saturday morning). I think that will come in time. The split-load set up also allows for easy fallback should the AWS machine need maintenance – it would be nice to have a “DNS server of last resort” in Pi Hole to make that automatic. Perhaps it already does, I should investigate.

    Why not just run Pi Hole on a more powerful computer in the first place? That would be too easy.

    If you fancy trying out Pi Hole in the cloud or just playing with Wireguard you can get $100 free credit with Linode with the Late Night Linux referral code: https://linode.com/latenightlinux

    02 January, 2021 05:45PM

    hackergotchi for SparkyLinux

    SparkyLinux

    Sparky news 2020/12

    The 12th monthly Sparky project and donate report of 2020:
    • Linux kernel updated up to version 5.10.4 & 5.11-rc1
    • Sparky 2020.12 of the rolling line released
    • Sparky 2020.12 Special Editions: GameOver, Multimedia & Rescue released
    • added to repos: Pogo audio player, Zettlr markdown editor, Rescuezilla, Cozy audiobook player

    Many thanks to all of you for supporting our open-source projects, specially in this difficult days. Your donations help keeping them alive.

    Don’t forget to send a small tip in January too, please.

    Special thanks go to all of you, for sending extra money to the VPS too.

    As you known, the January is the second and the last month we try to collect extra donations to pay a bill of our VPS. We alredy recived 55% of our need (PLN 1500) in the December 2020, so we still be trying to collect missing 45% in the January. The deadline is on the end of January 2021, so consider an extra, small donation to the VPS, please.

    Happy New 2021 Year!

    Country
    Supporter
    Amount
    Poland
    Andrzej K.
    PLN 15
    Poland
    Andrzej K.
    PLN 20
    Poland
    Krzysztof M.
    PLN 50
    Germany
    Olaf T.
    € 10
    Poland
    Andrzej T.
    PLN 100
    Germany
    Wolfgang L.
    € 24
    Poland
    Krzysztof S.
    PLN 50
    World
    Gernot P.
    $ 10
    World
    Tom C.
    $ 15
    World
    Carlos F.
    $ 15
    World
    Neal B.
    $ 2
    World
    Mitchel V.
    $ 10
    Germany
    Thomas B.
    € 15
    Italy
    Paolo R.
    PLN 446.39
    World
    William S.
    € 60
    World
    Peter M.
    € 25
    World
    Simone M.
    € 10
    Poland
    Andrzej M.
    PLN 5
    Poland
    Andrzej K.
    PLN 50
    Poland
    Krzysztof S.
    PLN 5
    Poland
    Hubert S.
    PLN 200
    Poland
    Andrzej R.
    PLN 30
    Poland
    Marek S.
    PLN 10
    World
    Rudolf L.
    € 10
    Germany
    Alexander F.
    € 10
    World
    Karl A.
    € 1.66
    Sweden
    Bernt A.
    € 50
    France
    Armel R.
    € 40
    Poland
    Tomasz P.
    PLN 50
    France
    Aymeric L.
    € 85
    Poland
    Jacek G.
    PLN 40
    World
    Jaime S.
    € 3
    Poland
    Stanisław G.
    PLN 20
    Poland
    Andrzej P.
    PLN 10
    Poland
    Andrzej P.
    PLN 4.20
    Germany
    Jorg S.
    € 5
    Poland
    Damian G.
    PLN 30
    Poland
    Jerzy R.
    PLN 18
    World
    William T.
    € 20
    Poland
    Bartłomiej P.
    PLN 35
    Poland
    Dariusz M.
    € 10
    World
    Ralf A.
    € 15
    Poland
    Władysław K.
    PLN 20
    Poland
    Jan K.
    PLN 300
    Poland
    Dariusz T.
    PLN 30
    Poland
    Wojciech H.
    PLN 1
    World
    Petr U.
    € 15
    Total:
    90% (+ 55% to VPS)
    € 408.66
    PLN 1539.59
    $ 52

    * Keep in mind that some amounts coming to us will be reduced by commissions for online payment services. Only direct sending donations to our bank account will be credited in full.

    * Miej na uwadze, że kwota, którą przekażesz nam poprzez system płatności on-line zostanie pomniejszona o prowizję dla pośrednika. W całości wpłynie tylko ta, która zostanie przesłana bezpośrednio na nasze konto bankowe.

    02 January, 2021 04:22PM by pavroo

    hackergotchi for Ubuntu developers

    Ubuntu developers

    Alan Pope: Eufy RoboVac 30C Review

    3 months ago I bought a Eufy RoboVac 30C (affiliate link) vaccum cleaner. Now feels like a good time to write a review. Before The Event we had a cleaner at home who came once a week. We no longer have a cleaner and I’m now the only adult in the house, so figured I could do with some help cleaning up. In short, yes, I’d recommend it, if you have similar requirements to me.

    02 January, 2021 12:00PM

    Jonathan Carter: Free Software Activities for 2020-12

    Here’s a list of some Debian packaging work for December 2020.

    2020-12-01: Sponsor package mangohud (0.6.1-1) for Debian unstable (mentors.debian.net request).

    2020-12-01: Sponsor package spyne (2.13.16-1) for Debian unstable (Python team request).

    2020-12-01: Sponsor package python-xlrd (1.2.0-1) for Debian unstable (Python team request).

    2020-12-01: Sponsor package buildbot for Debian unstable (Python team request).

    2020-12-08: Upload package calamares (3.2.35.1-1) to Debian unstable.

    2020-12-09: Upload package btfs (2.23-1) to Debian unstable.

    2020-12-09: Upload package feed2toot (0.15-1) to Debian unstable.

    2020-12-09: Upload package gnome-shell-extension-harddisk-led (23-1) to Debian unstable.

    2020-12-10: Upload package feed2toot (0.16-1) to Debian unstable.

    2020-12-10: Upload package gnome-shell-extension-harddisk-led (24-1) to Debian unstable.

    2020-12-13: Upload package xabacus (8.3.1-1) to Debian unstable.

    2020-12-14: Upload package python-aniso8601 (8.1.0-1) to Debian unstable.

    2020-12-19: Upload package rootskel-gtk (1.42) to Debian unstable.

    2020-12-21: Sponsor package goverlay (0.4.3-1) for Debian unstable (mentors.debian.net request).

    2020-12-21: Sponsor package pastel (0.2.1-1) for Debian unstable (Python team request).

    2020-12-22: Sponsor package python-requests-toolbelt (0.9.1-1) for Debian unstable (Python team request).

    2020-12-22: Upload kpmcore (20.12.0-1) to Debian unstable.

    2020-12-26: Upload package bundlewrap (4.3.0-1) to Debian unstable.

    2020-12-26: Review package python-strictyaml (1.1.1-1) (Needs some more work) (Python team request).

    2020-12-26: Review package buildbot (2.9.3-1) (Needs some more work) (Python team request).

    2020-12-26: Review package python-vttlib (0.9.1+dfsg-1) (Needs some more work) (Python team request).

    2020-12-26: Sponsor package python-formencode (2.0.0-1) for Debian unstable (Python team request).

    2020-12-26: Sponsor package pylev (1.2.0-1) for Debian unstable (Python team request).

    2020-12-26: Review package python-absl (Needs some more work) (Python team request).

    2020-12-26: Sponsor package python-moreorless (0.3.0-2) for Debian unstable (Python team request).

    2020-12-26: Sponsor package peewee (3.14.0+dfsg-1) for Debian unstable (Python team request).

    2020-12-28: Sponsor package pympler (0.9+dfsg1-1) for Debian unstable (Python team request).

    2020-12-28: Sponsor package bidict (0.21.2-1) for Debian unstable (Python team request).

    02 January, 2021 07:19AM

    Stephen Michael Kellat: Start of Year: 2021

    In no particular order:

    • The new year began without a civil emergency locally. After all that has happened lately that is a bit of a relief.

    • The garage studio is developing a bit of a moisture problem. The video cameras that we have for filming online church services don't work well with such high levels of moisture. Efforts are in progress to break down the studio and move it inside the house. Where exactly this will all be set up and how it will function is frankly beyond me at the moment.

    • Editing on the third story continues. The second reader has had a chance to look at it. Apparently the ending is a wee bit abrupt, there are some story gaps, and I apparently left some plot development off-stage. More writing will be done. Some folks out there use dedicated writing programs geared towards authors but I am using Visual Studio Code and the novel package on CTAN as well as the markdown package on CTAN.

    • People forget that the Comprehensive TeX Archive Network has packages covering the use of different types of markup within LaTeX apparently.

    • As much as I would prefer to avoid the matter it looks like I have to consider relocating at some point in 2021. That's something for another time and place, though.

    • I am getting subscription fatigue. I recognize that Substack is apparently the greatest thing since sliced bread nowadays. The cost of a monthly subscription to one newsletter is the same as the cost to get home delivery of USA TODAY. You get a wee bit more content in a weekday newspaper delivered to your front door compared to a niche e-mail newsletter. As to why I canceled my subscription to USA TODAY, that related directly to the failures of the newspaper delivery person rather than any deficiency on the part of the content itself. I prefer newsprint over digital editions anyhow.

    • Have I ever mentioned that Windows Subsystem for Linux is awesome when you're not allowed to install Xubuntu alongside Windows or in lieu of Windows? Working within operational confines does get interesting…

    02 January, 2021 03:37AM

    January 01, 2021

    hackergotchi for ARMBIAN

    ARMBIAN

    hackergotchi for Ubuntu developers

    Ubuntu developers

    Simon Raffeiner: On Hiatus

    There have been no new posts on this blog for the last 20 months, so I am finally putting the site on hiatus.

    The post On Hiatus appeared first on LIEBERBIBER.

    01 January, 2021 12:13PM