Language Selection

English French German Italian Portuguese Spanish

Debian

Debian: Bullseye Security, Debian XMPP Team and Raphaël Hertzog's Work

Filed under
Debian
  • What to expect in Debian 11 Bullseye for nftables/iptables

    Debian 11 codename Bullseye is already in the works. Is interesting to make decision early in the development cycle to give people time to accommodate and integrate accordingly, and this post brings you the latest update on the plans for Netfilter software in Debian 11 Bullseye. Mind that Bullseye is expected to be released somewhere in 2021, so still plenty of time ahead.

    The situation with the release of Debian 10 Buster is that iptables was using by default the -nft backend and one must explicitly select -legacy in the alternatives system in case of any problem. That was intended to help people migrate from iptables to nftables. Now the question is what to do next.

  • Debian 11 To Further Deprecate IPTables In Favor Of Nftables Plus Promoting Firewalld

    With Debian 11 "Bullseye" the plan is to drop the "important" priority on the iptables package while promoting nftables to important. That change of priority effectively makes NFTables set to be installed by default for Debian 11 while dropping IPTables from the default package set. IPTables though is still expected to be found within the Debian 11 archive but not installed by default.

  • Debian XMPP Team: New Dino in Debian

    Dino (dino-im in Debian), the modern and beautiful chat client for the desktop, has some nice, new features.

    [...]

    Note, that users of Dino on Debian 10 (buster) should upgrade to version 0.0.git20181129-1+deb10u1, because of a number of security issues, that have been found (CVE-2019-16235, CVE-2019-16236, CVE-2019-16237).

  • Freexian’s report about Debian Long Term Support, September 2019

    Like each month, here comes a report about
    the work of paid contributors
    to Debian LTS.

Debian and Ubuntu Patch Critical Sudo Security Vulnerability, Update Now

Filed under
Security
Debian
Ubuntu

Discovered by Joe Vennix, the security vulnerability (CVE-2019-14287) could be exploited by an attacker to execute arbitrary commands as the root user (system administrator) because sudo incorrectly handled certain user IDs when it was configured to allow users to run commands as an arbitrary user through the ALL keyword in a Runas specification.

"Joe Vennix discovered that sudo, a program designed to provide limited super user privileges to specific users, when configured to allow a user to run commands as an arbitrary user via the ALL keyword in a Runas specification, allows to run commands as root by specifying the user ID- -1 or 4294967295," reads Debian's security advisory.

Read more

State of Calibre in Debian

Filed under
Debian

To counter some recent FUD spread about Calibre in general and Calibre in Debian in particular, here a concise explanation of the current state.

Many might have read my previous post on Calibre as a moratorium, but that was not my intention. Development of Calibre in Debian is continuing, despite the current stall.

Since it seems to be unclear what the current blockers are, there are two orthogonal problems regarding recent Calibre in Debian: One is the update to version 4 and the switch to qtwebengine, one is the purge of Python 2 from Debian.

Read more

Debian and Ubuntu Leftovers

Filed under
Debian
Ubuntu
  • Ritesh Raj Sarraf: Bpfcc New Release

    bpfcc version 0.11.0 has been uploaded to Debian Unstable and should be accessible in the repositories by now. After the 0.8.0 release, this has been the next one uploaded to Debian.

  • Utkarsh Gupta: Joining Debian LTS!

    Back during the good days of DebConf19, I finally got a chance to meet Holger! As amazing and inspiring a person he is, it was an absolute pleasure meeting him and also, I got a chance to talk about Debian LTS in more detail.

    [...]

    I had almost no idea what to do next, so the next month I stayed silent, observing the workflow as people kept committing and announcing updates.
    And finally in September, I started triaging and fixing the CVEs for Jessie and Stretch (mostly the former).
    Thanks to Abhijith who explained the basics of what DLA is and how do we go about fixing bugs and then announcing them.
    With that, I could fix a couple of CVEs and thanks to Holger (again) for reviewing and sponsoring the uploads! Big Grin

  • Ubucon Europe 2019 in local media

    News from the new Ubuntu distribution, the exploration of the several platforms and many “how to”, rule the 4-days agenda where the open source and open technologies are in the air.

    The Olga Cadaval Cultural centre in Sintra, is the main stage of a busy agenda filled with several talks and more technical sessions, but at Ubucon Europe there’s also room for networking and cultural visits, a curious fusion between spaces full of history, like the Pena Palace or the Quinta da Regaleira, and one of the youngest “players” in the world of software.

    For 4 days, the international Ubuntu Community gathers in Sintra for an event open to everyone, where the open source principles and open technology are dominating. The Ubucon Europe Conference begun Thursday, October 10th, and extends until Sunday, October 13th, keeping an open doors policy to everyone who wants to

    Afterall, what is the importance of Ubucon? The number of participants, which should be around 150, doesn’t tell the whole story of what you can learn during these days, as the SAPO TEK had the opportunity to check this morning.

    Organised by the Ubuntu Portugal Community, with the National Association for Open Software, the Ubuntu Europe Federation and the Sintra Municipality, the conference brings to Portugal some of the biggest open source specialists and shows that Ubuntu is indeed alive, even if not yet known by most people, and still far from the “world domain” aspired by some.

EasyOS Buster-series version 2.1.6 released

Filed under
GNU
Linux
Debian

There are some bug fixes, but the big news is the incorporation of the 'nm-applet' GUI tray applet, for network management. The source is patched so as to integrate with EasyOS. In particular, it can be popped-up by clicking on the "connect" icon on the desktop -- after booting 2.1.6, try it!
Networkmanager is now better integrated, so that the user can switch between the older network management systems, such as SNS and PupDial. The Connection Wizard is still available by right-clicking on the "connect" icon, or in the Setup menu.

Read more

Sparky 5.9

Filed under
GNU
Linux
Debian

SparkyLinux 5.9 “Nibiru” is out. This is a quarterly update of live/install media of the stable line, which is based on Debian 10 “Buster”.

The base system has been upgraded from Debian stable repos as of October 4, 2019.
It works on the Linux kernel 4.19.67 LTS.
As usually, new iso/img images provide small bug fixes and improvements as well.

Sparky project page and Sparky forums got new skins; no big changes about the colors but they are much mobile devices friendly now.

Read more

Resurrecting Ancient Operating Systems on Debian, Raspberry Pi, and Docker

Filed under
OS
Linux
Debian

I wrote recently about my son playing Zork on a serial terminal hooked up to a PDP-11, and how I eventually bought a vt420 (ok, some vt420s and vt510s, I couldn’t stop at one) and hooked it up to a Raspberry Pi.

This led me down another path: there is a whole set of hardware and software that I’ve never used. For some, it fell out of favor before I could read (and for others, before I was even born).

The thing is – so many of these old systems have a legacy that we live in today. So much so, in fact, that we are now seeing articles about how modern CPUs are fast PDP-11 emulators in a sense. The PDP-11, and its close association with early Unix, lives on in the sense that its design influenced microprocessors and operating systems to this day. The DEC vt100 terminal is, nowadays, known far better as that thing that is emulated, but it was, in fact, a physical thing. Some goes back into even mistier times; Emacs, for instance, grew out of the MIT ITS project but was later ported to TOPS-20 before being associated with Unix. vi grew up in 2BSD, and according to wikipedia, was so large it could barely fit in the memory of a PDP-11/70. Also in 2BSD, a buggy version of Zork appeared — so buggy, in fact, that the save game option was broken. All of this happened in the late 70s.

Read more

Debian: Reports From Thorsten Alteholz and Molly de Blanc, Project of Joey Hess

Filed under
Debian
  • Molly de Blanc: Free software activities (September 2019)

    September marked the end of summer and the end of my summer travel. Paid and non-paid activities focused on catching up with things I fell behind on while traveling. Towards the middle of September, the world of FOSS blew up, and then blew up again, and then blew up again.

  • Thorsten Alteholz: My Debian Activities in September 2019

    This month I accepted 246 packages and rejected 28. The overall number of packages that got accepted was 303.

  • Joey Hess: Project 62 Valencia Floor Lamp review

    From Target, this brass finish floor lamp evokes 60's modernism, updated for the mid-Anthropocene with a touch plate switch.

    The integrated microcontroller consumes a mere 2.2 watts while the lamp is turned off, in order to allow you to turn the lamp on with a stylish flick. With a 5 watt LED bulb (sold separately), the lamp will total a mere 7.2 watts while on, making it extremely energy efficient. While off, the lamp consumes a mere 19 kilowatt-hours per year.

Debian Edu FAI

Filed under
Debian

Over the past month I worked on re-scripting the installation process of a Debian Edu system (minimal installation profile and workstation installation profile for now) by utilizing FAI [1].

My goal on this is to get the Debian Edu FAI config space into Debian bulleye (as package: debian-edu-fai) and provide an easy setup method for the FAI installation server on an existing Debian Edu site.

Read more

Also from Mike Gabriel: My Work on Debian LTS/ELTS (September 2019)

Debian Reports/Posts From Mike Gabriel, Ben Hutchings, Abhijith PA and Norbert Preining

Filed under
Debian
  • Mike Gabriel: Install ActivInspire Smart Board Software on Debian 10

    From one of my customers, I received the request to figure out an installation pathway for ActivInspire, the Promethean smart board software suite. ActivInspire is offered as DEB builds for Ubuntu 18.04. On a Debian 10 (aka buster) system the installation requires some hack-around (utilizing packages from Debian jessie LTS).

  • Ben Hutchings: Debian LTS work, September 2019

    I prepared and, after review, released Linux 3.16.74, including various security and other fixes. I then rebased the Debian package onto that. I uploaded that with a small number of other fixes and issued DLA-1930-1.

    I backported the latest security update for Linux 4.9 from stretch to jessie and issued DLA-1940-1 for that.

  • Abhijith PA: Debian packaging session

    Last week I conducted a workshop on Debian packaging at MES College of Engineering, Kuttipuram in accordance with Frisbee 19, yearly conference by IEEE cell of this college. Thanks to Anupa from ICFOSS who contacted and arranged me to take this session. I was accompanied by Subin and Abhijith from FOSSers. The time span was from 9:30 AM to 04:30 PM. Since it was a big time slot we took from the Free software evangelism –> GNU/Linux –> Debian –> how contributing to community projects can help your career.

  • Norbert Preining: 10 years in Japan

    After loosing my job at JAIST, and six months of unemployment, a lucky coincidence gifted me with a great job at an IT company in Tokyo, that allows me to work remotely from my home. I am incredibly thankful to everyone there who helped made this happen. It is a complete new world for me. After 25 years in academics being thrown into a Japanese company (all Japanese, I am the only foreigner), with business meetings, client support, etc was something unexpected for me. Maybe I count it as one of the big achievements that I manage to function properly in this kind of environment.

    I still try to keep up my research work, publishing articles every year, and as far as possible attending conferences. My OSS activities haven’t changed a lot, and I try to keep up with the projects for which I am responsible.

    What the future brings is even less unclear: Now that we have to think about the education of our daughter, moving is getting more and more a point of discussion. I really detest Japanese education system, in particular junior high school which I consider a childhood and personality killer. OTOH, we have settled into a very nice place here in Ishikawa, and at my age moving is getting more and more burdensome, not to speak of another job change. So I feel torn between returning to Europe, or remaining here in Japan. Let us see what the future brings.

Syndicate content

More in Tux Machines

Configuring Automatic Login and Lock Screen on Ubuntu 19.10

Whether it’s Linux or Windows, Ubuntu, or Fedora, I am not an ‘automatic’ type of guy. That is to say, and I don’t want my login automated, nor do I want my updates automatically installed. This preference directly results from over thirty years in Information Technology, prudence, habit, and experience. Plus, it’s just plain smart security sense. However, I further realize that as Linux users get younger and younger, I am increasingly in the minority in this sense. While I strongly disagree with automatic logins and updates, I can understand the desire for it. So, with that understanding, let’s go about the business of instituting automated logins in Ubuntu. We will also take the time to address the Ubuntu Lock Screen setting. Configuring automatic Ubuntu software updates is much more in-depth. We will discuss this in a separate dedicated article at a later date. Read more

Programming: Python, LLVM and Erlang

  • Sending Emails in Python — Tutorial with Code Examples

    What do you need to send an email with Python? Some basic programming and web knowledge along with the elementary Python skills. I assume you’ve already had a web app built with this language and now you need to extend its functionality with notifications or other emails sending. [...] Sending multiple emails to different recipients and making them personal is the special thing about emails in Python. To add several more recipients, you can just type their addresses in separated by a comma, add Cc and Bcc. But if you work with a bulk email sending, Python will save you with loops. One of the options is to create a database in a CSV format (we assume it is saved to the same folder as your Python script). We often see our names in transactional or even promotional examples. Here is how we can make it with Python.

  • Binning Data with Pandas qcut and cut

    When dealing with continuous numeric data, it is often helpful to bin the data into multiple buckets for further analysis. There are several different terms for binning including bucketing, discrete binning, discretization or quantization. Pandas supports these approaches using the cut and qcut functions. This article will briefly describe why you may want to bin your data and how to use the pandas functions to convert continuous data to a set of discrete buckets. Like many pandas functions, cut and qcut may seem simple but there is a lot of capability packed into those functions. Even for more experience users, I think you will learn a couple of tricks that will be useful for your own analysis. [...] The concept of breaking continuous values into discrete bins is relatively straightforward to understand and is a useful concept in real world analysis. Fortunately, pandas provides the cut and qcut functions to make this as simple or complex as you need it to be. I hope this article proves useful in understanding these pandas functions. Please feel free to comment below if you have any questions.

  • Analysing music habits with Spotify API and Python

    I’m using Spotify since 2013 as the main source of music, and back at that time the app automatically created a playlist for songs that I liked from artists’ radios. By innertion I’m still using the playlist to save songs that I like. As the playlist became a bit big and a bit old (6 years, huh), I’ve decided to try to analyze it.

  • Python IDEs and Code Editors

    A code editor is a tool that is used to write and edit code. They are usually lightweight and can be great for learning. However, once your program gets larger, you need to test and debug your code, that's where IDEs come in. An IDE (Integrated Development Environment) understand your code much better than a text editor. It usually provides features such as build automation, code linting, testing and debugging. This can significantly speed up your work. The downside is that IDEs can be complicated to use.

  • Announcing Anaconda Distribution 2019.10

    As there were some significant changes in the previous Anaconda Distribution 2019.07 installers, this release focuses on polishing up rough edges in that release and bringing all the packages up to date with the latest available in repo.anaconda.com. This means many key packages are updated including Numpy, Scipy, Scikit-Learn, Matplotlib, Pandas, Jupyter Notebook, and many more. As many of the package updates have addressed Common Vulnerabilities and Exposures (CVEs), it is important to update to the latest. Another key change since the last release is that Apple released macOS version 10.15 – Catalina. Unfortunately, this was a breaking release for previous versions of Anaconda that used the pkg installer. The Anaconda Distribution 2019.10 installers address the issues and should install without trouble on macOS Catalina. If you would rather repair your current Anaconda installation, please check out this blog post for tips.

  • Apple's Numbers and the All-in-One CSV export

    The hierarchical form requires a number of generator functions for Sheet-from-CSV, Table-from-CSV, and Row-from-CSV. Each of these works with a single underlying iterator over the source file and a fairly complex hand-off of state. If we only use the sheet iterator, the tables and rows are skipped. If we use the table within a sheet, the first table name comes from the header that started a sheet; the table names come from distinct headers until the sheet name changes. The table-within-sheet iteration is very tricky. The first table is a simple yield of information gathered by the sheet iterator. Any subsequent tables, however, may be based one one of two conditions: either no rows have been consumed, in which case the table iterator consumes (and ignores) rows; or, all the rows of the table have been consumed and the current row is another "sheet: table" header.

  • Formatting NFL data for doing data science with Python

    No matter what medium of content you consume these days (podcasts, articles, tweets, etc.), you'll probably come across some reference to data. Whether it's to back up a talking point or put a meta-view on how data is everywhere, data and its analysis are in high demand. As a programmer, I've found data science to be more comparable to wizardry than an exact science. I've coveted the ability to get ahold of raw data and glean something useful and concrete from it. What a useful talent!

  • Sony Pushes More AMD Jaguar Optimizations To Upstream LLVM 10 Compiler

    Sony engineers working on the PlayStation compiler toolchain continue upstreaming various improvements to the LLVM source tree for helping the AMD APUs powering their latest game console. Several times now we've pointed out Sony engineers contributing AMD "btver2" improvements to upstream LLVM with the company using LLVM/Clang as their default code compiler and the PlayStation 4 relying on a Jaguar APU.

  • [llvm-dev] GitHub Migration Schedule and Plans
    Hi,
    
    We're less than 2 weeks away from the developer meeting, so I wanted to
    give an update on the GitHub migration and what's (hopefully) going to
    happen during the developer meeting.
    
    Everyone who has added their information to the github-usernames.txt
    file in SVN before today should have received an invite to become a collaborator
    on the llvm-project repository.  If you did not receive an invite and think
    you should have, please contact me off-list.  I will continue to monitor the
    file for new updates and periodically send out new batches of invites.
    
    There is still some ongoing work to get the buildbots ready and the mailing lists
    ready, but we are optimistic that the work will be done in time.
    
    The team at GitHub has finished implementing the "Require Linear History"
    branch protection that we requested.  The feature is in beta and currently
    enabled in the llvm-project repository.  This means that we will have the
    option to commit directly via git, in addition to using the git-llvm script.
    A patch that updates git-llvm to push to git instead of svn can be found here:
    https://reviews.llvm.org/D67772.  You should be able to test it out on your
    own fork of the llvm-project repository.
    
    The current plan is to begin the final migration steps on the evening (PDT)
    of October 21.  Here is what will happen:
    
    1. Make SVN read-only.
    2. Turn-off the SVN->git update process.
    3. Commit the new git-llvm script directly to github.
    4. Grant all contributors write access to the repository.
    5. Email lists announcing that the migration is complete.
    
    Once the migration is complete, if you run into any issues, please file
    a bug, and mark it as a blocker for the github metabug PR39393.
    
    If you have any questions or think I am missing something, please
    let me know.
    
    Thanks,
    Tom
    
    
  • LLVM Plans To Switch From Its SVN To Git Workflow Next Week

    On 21 October they plan to make LLVM's SVN repository read-only and finish their git-llvm script to bring all the changes into Git, and then allow developers to begin contributing to the LLVM GitHub project as the new official source repository.

  • Excellent Free Books to Learn Erlang

    Erlang is a general-purpose, concurrent, declarative, functional programming language and runtime environment developed by Ericsson, a Swedish multinational provider of communications technology and services. Erlang is dynamically typed and has a pattern matching syntax. The language solves difficult problems inherent in parallel, concurrent environments. It uses sets of parallel supervised processes, not a single sequential process as found in most programming languages. Erlang was created in 1986 at the Ellemtel Telecommunication Systems Laboratories for telecommunication systems. The objective was to build a simple and efficient programming language resilient large-scale concurrent industrial applications. Besides telecommunication systems and applications and other large industrial real-time systems, Erlang is particularly suitable for servers for internet applications, e-commerce, and networked database applications. The versatility of the language is, in part, due to its extensive collection of libraries.

today's howtos

Kubernetes at SUSE and Red Hat

  • Eirinix: Writing Extensions for Eirini

    At the recent Cloud Foundry Summit EU in the Netherlands, Vlad Iovanov and Ettore Di Giacinto of SUSE presented a talk about Eirini — a project that allows the deployment and management of applications on Kubernetes using the Cloud Foundry Platform. They introduced eirinix — a framework that allows developers to extend Eirini. Eirinix is built from the Quarks codebase, which leverages Kubernetes Mutating Webhooks. With the flexibility of Kubernetes and Eirini’s architecture, developers can now build features around Eirini, like Persi support, access to the application via SSH, ASGs via Network Policies and more. In this talk, they explained how this can be done, and how everyone can start contributing to a rich ecosystem of extensions that will improve Eirini and the developer experience of Cloud Foundry.

  • Building an open ML platform with Red Hat OpenShift and Open Data Hub Project

    Unaddressed, these challenges impact the speed, efficiency and productivity of the highly valuable data science teams. This leads to frustration, lack of job satisfaction and ultimately the promise of AI/ML to the business is not redeemed. IT departments are being challenged to address the above. IT has to deliver a cloud-like experience to data scientists. That means a platform that offers freedom of choice, is easy to access, is fast and agile, scales on-demand and is resilient. The use of open source technologies will prevent lockin, and maintain long term strategic leverage over cost. In many ways, a similar dynamic has played out in the world of application development in the past few years that has led to microservices, the hybrid cloud and automation and agile processes. And IT has addressed this with containers, kubernetes and open hybrid cloud. So how does IT address this challenge in the world of AI – by learning from their own experiences in the world of application development and applying to the world of AI/ML. IT addresses the challenge by building an AI platform that is container based, that helps build AI/ML services with agile process that accelerates innovation and is built with the hybrid cloud in mind.

  • Launching OpenShift/Kubernetes Support for Solarflare Cloud Onload

    This is a guest post co-written by Solarflare, a Xilinx company. Miklos Reiter is Software Development Manager at Solarflare and leads the development of Solarflare’s Cloud Onload Operator. Zvonko Kaiser is Team Lead at Red Hat and leads the development of the Node Feature Discovery operator.