Welcome to Planet openSUSE

This is a feed aggregator that collects what openSUSE contributors are writing in their respective blogs.

To have your blog added to this aggregator, please read the instructions.

20 April, 2018


There have been a few openSUSE Tumbleweed snapshots released in the past two weeks that brought some new features and fixes to users.

This blog will go over the past two snapshots.

The last snapshot, 20180416, had several packages updated. The adobe-sourceserifpro-fonts package updated to version 2.000; with the change, the fonts were refined to make the Semibold and Bold heavier. Both dbus-1 and dbus-1-x11 were updated to 1.12.6, which fixed some regreations introduced in version 1.10.18 and 1.11.0. The gtk-vnc 0.7.2 package deprecated the manual python2 binding, which will be deleted in the next release, in favor of GObject introspection. Notifications that caused a crash were fixed in kdeconnect-kde 1.3.0. The 4.16.2 Linux Kernel made ip_tunnel, ipv6, ip6_gre, ip6_tunnel and vti6 better to validate user provided tunnel names. Due to a build system failure, not all 4.16.2 binaries were built correctly; this will be resolved in the 20180417 snapshot, which will be released shortly. Krita 4.0.1 had multiple fixes from its major version upgrade. The visual diff and merge tool meld 3.19.0 added new features like a new per-pane status bar with selectors for syntax highlighting and text encoding. Python Imaging Library python-Pillow 5.1.0 removed the freetype-2.9.patch and YaST had several packages with a version bump.

Snapshot 20180410 had less than a handful of packages updated. The Advanced Linux Sound Architecture package, alsa ,1.1.6 removed unused macros and added support for python3 and alsa-utils 1.1.6 removed some obsolete patches. GNU Compiler Collection 7 enabled a fix for aarch64 and the communication package rzsz had rebase patches with its release candidate in the 0.12.21 version.

The Tumbleweed rating tool is currently trending the past few snapshots as unstable, but the last snapshots rating is posting a false negative due to comments made on the openSUSE Factory Mailing thread about the 4.16.2 Linux Kernel.


Hacking on gnome-class continues apace!

Philippe updated our dependencies.

Alberto made the syntax for per-instance [private structs][private1] more ergonomic, and then made that code nice and compact.

Martin improved our conversion from CamelCase to snake_case for code generation.

Daniel added initial support for GObject properties. This is not finished yet, but the initial parser and code generation is done.

Guillaume turned gir, the binding generator in gtk-rs, from a binary into a library crate. This will let us have all the GObject Introspection information for parent classes at compilation time.

Antoni has been working on a tricky problem. GTK+ structs that have bitfields do not get reconstructed correctly from the GObject Introspection information — Rust does not handle C bitfields yet. This has two implications. First, we lose some of the original struct fields in the generated bindings. Second, the sizes of the generated structs are not the same as the original C structs, so g_type_register_static() complains that one is trying to register an invalid class.

Yesterday we got as far as reading the amd64 and ARM ABI manuals to see what the hell C compilers are supposed to do for laying out structs with bitfields. Most likely, we will have a temporary fix in gir's code generator so that it generates structs with the same layout as the C ones, with padding in place of the space for bitfields. Later we can remove this when rustc gets support for C bitfields.

I've been working on support for GObject interfaces. The basic parsing is done; I'm about to refactor the code generation so I can reuse the parts that fill vtables from classes.

Yesterday we went to the Madrid Rust Meetup, a regular meeting of rustaceans here. Martin talked about WebRender; I talked about refactoring C to port it to Rust, and then Alex talked about Rust's plans for 2018. Fun times.

Sponsored by the GNOME Foundation

Hosted by OpenShine

19 April, 2018


openSUSE loves Let's Encrypt™

Maybe some of you noticed, that our certificate *.opensuse.org on many of services will expire soon (on 2018-04-23).

As we noticed that – as well – we decided to put a bit of work into this topic and we will use Let’s Encrypt certificates for the encrypted services of the openSUSE community.

This is just a short notice / announcement for all of you, that we are working on this topic at the moment. We will announce, together with the deployment of the new certificate, the regarding hashes and maybe some further information on our way of implementing things.

Just to give you a small number of services which will be affected, maybe you use one of the following list:

(This is a mixed list of services maintained by openSUSE Heroes and/or several SUSE teams for the openSUSE community – the certificate exchange will affect those services.)

  • build.opensuse.org
  • api.opensuse.org
  • openqa.opensuse.org
  • static.opensuse.org
  • ci.opensuse.org
  • svn.opensuse.org
  • software.opensuse.org
  • $LANG.opensuse.org for the several wiki instances
  • download.opensuse.org
  • keyserver.opensuse.org
  • …and many, many more :) – thanks to everybody in the openSUSE Heroes team for maintaining the zoo of services ;)

Thanks to the FLOSS & openSUSE community, we have full support of Let’s Encrypt certificates already on board our distribution.

As there are so many options to choose, we decided for the following tool to use Let’s Encrypt certificates:

  • dehydrated – as client with ACME v2 support – https://software.opensuse.org/package/dehydrated
    • with custom hook scripts, that will provide the wildcard-certificates to our proxy-infrastructure

Thanks to everybody involved in this task for getting the migration done.

Fun fact, as you might have noticed before, news.opensuse.org is not part of the openSUSE Heroes infrastructure (yet) and already got a new certificate from DigiCert.

Michael Meeks: 2018-04-19 Thursday.

12:54 UTCmember

  • Mail chew; hunted the house for a spare disk, and was encouraged to use Clonezilla via a great image from Taiwan. Call with sales & marketing team. Lunch.
  • BT Phoned up to say I'd run up a $100 phone bill calling India yesterday and could they do something about that; surreal.
  • Thrilled to see the team get Collabora Online 3.2 released:

    Collabora Online 3.2 including data validity

    A number of great new features for our customers & partners, including data-validity - so you can limit the options in a drop-down for a cell - so that they make sense (to Patriot watchers anyway), as well as basic things like Insert -> chart something not present in Word Online (for example).
  • Pondered why Windows 10 fails to boot in curious ways when its disk is copied to another disk without the disk label being made to match; any why it then proceeds on a length series of fruitless, attempted repairs.


The ballots for Elections to fill the three seats on the openSUSE Board are open until April 27.

The voting began April 15 and openSUSE Members are able to vote for the following candidates:

Gertjan Lettink ( Knurpht )

Simon Lees

Ana Martinez

Gerry Makaro ( Fraser_Bell )

Aaron Luna

openSUSE Members should have received an email from the openSUSE Election Officials with a link and Election Fingerprint to cast their ballot on April 15.

The platform gives three steps for voting like selecting the candidates, reviewing and confirming the voter’s choices for the board and the final step of submitting the encrypted ballot.

Those three candidates that are elected to the position will serve a 24-month term.

Visit the openSUSE wiki to understand more about the voting process.


Time Applications

I am not a big fan of smart Phones and tablets but I do like some of the convenient, appliance-like features of a few applications. I do find that I go for my phone for the stopwatch and timer features but sometimes, I just don’t have my phone on me and need that darn stopwatch or countdown timer. I had forgotten that I used to use such things back in my Mandrake / Mandriva Linux days, before, I had a smart phone.

The two applications, Kronometer and KAlarm are in the main repository of openSUSE Leap (v15) and Tumbleweed. I also appreciate that these applications have stuck with the traditional KDE naming convention and begin with a “K”. It makes my Komputer happy.


Search in the YaST Tool or on software.opensuse.org for these bits of software to click-install or you can use my favorite method, the terminal!

sudo zypper install kalarm kronometer

They are small applications so installation won’t take long.


This is a stopwatch application with lap feature similar as you may have used on other devices but adds the feature to enter notes next to each line, sort by lap times, or even by the Notes column.

Kronometer-01You can save this data and “name” the current session for use or review later. To do so select Save As… and you are given a prompt to name the Session.


This will store your data as a JSON file in your home directory:


File > Open… will give you a list of all your previously saved sessions.


Double click on the number of one of the lines and you can bring up a previous session and continue using it. I don’t know how useful that would be but it’s nice to know it’s available.

What is pretty dang cool is that it can export into CSV format. CSV in an open format readable by LibreOffice or any other spreadsheet application where you can make pretty graphs or pie charts and so forth. In order to export the data, to CSV you have to Select File > Export Laps As… and put it someplace you will remember.

To test it out, I opened the File in LibreOffice and the title you used for Save As… doesn’t exist in the exported data. Something else to note, if you put a comma in the “Notes” field, the CSV import will put whatever was placed after that comma into another cell… hence the name, Comma Separated Values.


Over all, this is a great, basic application and very useful when needing to time something, many somethings or to collect data on a study you are conducting.


KAlarm is a personal alarm message, command and email scheduler built for the KDE Plasma environment. This can be useful in many ways and can also be integrated into the calendaring application, Korganizer. It has more features than you will probably need so I will just

18 April, 2018

Michael Meeks: 2018-04-18 Wednesday.

21:00 UTCmember

  • Sync call with Miklos, mail chew; poked at some socket code. Still sad that there is no good C event-loop, and as such no async structure that a nice DNS APIs could fit into; ho hum. Of course there is getdns but it in turn has several dependencies.
  • Customer call much of the afternoon. Pleased to see the free Samsung SSD imaging tool do a great job of moving a Windows install to a new disk.


The release of openSUSE Leap 15 is scheduled to be release during the first day of this year’s openSUSE Conference in Prague, Czech Republic on May 25.

The package submission deadline for non-bug fix package updates is April 24 as Leap enters the release candidate phase. The scheduled release for Leap 15 is May 25 at 12:00 UTC.

Leap has been using a rolling development model for building Leap 15 beta versions. Bug fixes and new packages have been released via snapshots to users testing the beta versions. The snapshots for the test version will stop and maintenance and security updates for Leap 15’s release will begin next month. Linux professionals and anyone looking to use Leap 15 are encouraged to test the beta versions as there is still snapshots being released and announced on the openSUSE Factory Mailing List. A list of items to test is available here.

The openSUSE project is pleased to announce that with Leap 15 Live images will again be available. Both KDE and GNOME can be tested without having to change your current system.

openSUSE Leap 15 shares a common core with SUSE Linux Enterprise (SLE) 15 sources and has thousands of community packages on top to meet the needs of professional and semi-professional users and their workloads.

The Kubic Project contributed a system role selection available with the release that offers two types of server roles; the classic server role and a Transactional Server role, which uses transactional updates and a Read-Only Root Filesystem. The release at the openSUSE Conference will give the openSUSE community and Free Open Source Software projects an opportunity to discuss plans for the openSUSE Leap 15 release, which will receive maintenance updates for at least three years.


I'm in Madrid since Monday, at the third GNOME+Rust hackfest! The OpenShine folks are kindly letting us use their offices, on the seventh floor of a building by the Cuatro Caminos roundabout.

I am very, very thankful that this time everyone seems to be working on developing gnome-class. It's a difficult project for me, and more brainpower is definitely welcome — all the indirection, type conversion, GObject obscurity, and procedural macro shenanigans definitely take a toll on oneself.

Gnome-class internals

Gnome-class internals on the whiteboard

I explained how gnome-class works to the rest of the hackfest attendees. I've been writing a document on gnome-class's internals, so the whiteboard was a whirlwind tour through it.

Error messages from the compiler

Antoni Boucher, the author of relm (a Rust crate to write GTK+ asynchronous widgets with an Elm-like model), explained to me how relm manages to present good error messages from the Rust compiler, when the user's code has mistakes. Right now this is in a very bad state in gnome-class: user errors within the invocation of the procedural macro get shown by the compiler as errors at the macro call, so you don't get line number information that is meaningful.

For a large part of the day we tried to refactor bits of gnome-class to do something similar. It is very slightly better now, but this really requires me to sit down calmly, at home, and to fully understand how relm does it and what changes are needed in the syn parser crate to make it easy to present good errors.

I think I'll continue this work at home, as there is a lot of source code to understand: the combinator parsers in syn, the error handling scheme in relm, and the peculiarities of gnome-class.

Further work during the hackfest

Other people working on gnome-class are adding support for GObject properties, inheritance from non-Rust classes, and improving the ergonomics of class-private structures.

I think I'll stop working on error messages for now, and focus instead on either supporting GTypeInterfaces, or completing support for type conversions for methods and signals.

Other happenings in Rust

Paolo Borelli has been porting RsvgState to Rust in librsvg. This is the big structure that holds all the CSS state for SVG elements. This is very meticulous work, and I'm thankful that Paolo is paying good attention to it. Soon we will have all the style machinery for librsvg in Rust, which will make it easier to use the selectors crate from Servo instead of libcroco, as the latter is unmaintained.


Food in Madrid

Ah, Spanish food. We have been enjoying cheese, jamón, tortilla, pimientos, oxtail stews, natillas, café con leche...


Thanks to OpenShine for hosting the hackfest, and to the GNOME Foundation for sponsoring my travel. And thanks for Alberto Ruiz for putting me up in his house!

Sponsored by the GNOME Foundation


People of the Builds! Another Sprint is over and here is what the OBS frontend team has achieved in the last two weeks (2018-04-02 to 2018-04-13). Features Another pack of new features have been developed. They are cool! Protect your eyes and have a look. :sunglasses: Live Build Log Tired of scrolling up and down the page to know the status of a live build log? OBS comes to the rescue with this PR #4816...

17 April, 2018

Michael Meeks: 2018-04-17 Tuesday.

21:00 UTCmember

  • Mail chew, patch review, planning.
  • Great to see some nice work by Tomi to get Collabora Online support integrated into JODConverter (increasing security), and to see Miklos's nice writeup around Document Conversion there - several of our customers get support for document conversion use-cases that help to improve LibreOffice.

    Performance of Collabora Online REST API for document conversion

    All those poor souls still struggling with manual management of LibreOffice processes for document conversion can relax & use something sensible instead.


KDE-connect-02I recently stumbled into this cool little feature with KDE Conenct, the ability to use your desktop Linux machine as your keyboard input to your Android device. I tested this on my Samsung Galaxy S5, Moto X and HP TouchPad running Android. Assuming you have given KDE Connect a try, you may or may not have used this feature. If you haven’t tried it, you may want to see how it works for you.

I am not a fan of the touch input on tablets and phones, the input is just too slow and cumbersome, so I tend to use a laptop for just about everything. There are unfortunately a few applications that will only work on mobile devices. I do have a Bluetooth keyboard that I have connected from time to time to more efficiently use the mobile device but I don’t need another keyboard on my desktop that I would use intermittently, at best. Being able to type from my Desktop Linux machine right into my Android powered phone or tablet whenever needed is a welcome feature and far better than using the screen to touch or swipe type.

For instructions on setting up KDE Connect in openSUSE, follow this link or here for everyone else.

On the Linux Desktop side, make sure you have selected Remote keyboard from the Desktop

KDE Connect Settings-01

Screenshot_Samsung_S5_Language_InputFor your Android device(s):

Go into your Settings menu. Search for Language and input > Set up Input Method (Might be under “Default” on some Android devices)

You will then see several options, check KDE Connect Remote Keyboard to activate it as an available keyboard.

The notification drop down on the Android device, There is an option to “Select keyboard”. Assuming that the Android device is working properly, you will be able to select the input keyboard.

The Keyboard switcher is either in the in the notification drop down of which I see on my Samsung Galaxy S5, and my HP TouchPad. On my Moto X, I have an option in the global keys along the bottom to select my Input Keyboard.

Moto X Keyboard SelectorIt appears that my Samsung Galaxy notification on the keyboard doesn’t actually do anything when selected but the HP TouchPad works like one would expect. I find that the Moto X method to be the best demonstration of exposing the keyboard input selection.

Now, back on KDE Plasma (I can’t speak for any other desktop), you can input into the Mobile Device clicking on the KDE Connect icon in the System Tray and enter text next to Remote Keyboard.

As you type in this dialog, you will see the text immediately display on the connected device. I find it strangle pleasurable to type on my computer to input text on the tablet, or SmartPhone. I spent several minutes sending messages thru Telegram even though I have a Telegram client for Linux Desktop, realizing that was a bit KDE Connect System Tray-Keyboard Inputsilly, I opened the SMS app on my phone to send messages to those

16 April, 2018

Michael Meeks: 2018-04-16 Monday.

21:00 UTCmember

  • Weekend mail fun, poked partners, sync. with Miklos, Andras, created a unit test for thread stranding problem with fork-kit - whereby having threads lurking around at the time of a fork - is a really bad idea.


e6440-WiiU-Pro-Controller.pngI don’t do much serious gaming on Linux but I do like to play the occasional Steam or older games in an emulator. I have historically liked the PS3 controllers in Linux. There is nothing you have to do to get it to work. Plug the dongle in a USB, pop in some batteries and away you go.

The Wii U is now a deprecated gaming console, which makes me much more interested in it. I have had one for a little while but the Gamepad digitizer has been broken for some time. I originally set out to fix the game pad but the issue with some of the buttons not working along with the digitizer, it had me thinking I should just replace the whole thing so I can start using the console. On the hunt for the replacement Gamepad, I also acquired a couple of these Wii U Pro Controllers. I wanted these in order to play this “New Super Mario Wii U” game and compare it against my favorite of the franchise. I think putting “New” in the title is a bit silly because it isn’t new now.

Upon holding the Wii U Pro Controller in my hand, it felts so good… almost perfect for my somewhat long and gangly fingers. I wanted to try out these Wii U pro Controllers on Linux, play some Steam games but fully expecting the process to be a headache; you know, because Nintendo. I made the assumption that I would have to install xwiimote to get it to work but upon reading and some further understanding of all the work some incredibly smart people have done, I only need that for the Wii Remotes. The machine I tested this on is running openSUSE Tumblweed Kernel 4.16.0 and it is my understanding that the wiimote kernel drivers have been in place since 3.1.

Setting up the Wii U Pro Controller

Screenshot_20180402_122527Nintendo chose to use Bluetooth technology in the Wii and Wii U so I started off by Pressed the Sync button on the controller and it showed when selecting Add Device on the KDE Plasma Bluetooth configuration tool. It connected, the lights stopped flashing on the controller with one solid light glowing. I checked the capabilities of the controller, to see that it was usable, in the System Settings > Input Devices > Joystick. It was just as I would expect from any other controller I own.

I opened terminal to see the kernel messages concerning this device by running: dmesg

[86905.904160] wiimote 0005:057E:0330.000B: hidraw1: BLUETOOTH HID v0.01 Gamepad [Nintendo RVL-CNT-01-UC] on 80:00:0b:82:a8:1f
[86905.904169] wiimote 0005:057E:0330.000B: New device registered
[86905.981821] wiimote 0005:057E:0330.000B: detected device: Nintendo Wii U Pro Controller
[86906.011799] wiimote 0005:057E:0330.000B: detected extension: Nintendo Wii U Pro Controller
[86906.011889] input: Nintendo Wii Remote Pro Controller as /devices/pci0000:00/0000:00:1d.0/usb2

15 April, 2018

Michael Meeks: 2018-04-15 Sunday.

21:00 UTCmember

  • All Saints in the morning; H. played piano for a song. Back for pizza lunch plus Charlotte & Grace, took H. back to practice the organ.
  • Home; tea; read stories; out for a drink with Chris in the evening.

14 April, 2018


Next week the combined Ceph and Cloudstack Day will be hosted in London (2018-04-19). The agenda is online, get ready and your ticket to a great event!

I will speak about our Email at Ceph project (librmb). See you all in London!

Michael Meeks: 2018-04-14 Saturday

21:00 UTCmember

  • Drove to Aldeburgh to collect N. and H. - who had both made pretty rings with Bruce. Silver-soldering up settings and bands, and setting a stone in them - good stuff.
  • Out to wander Sizewell beach, back for tea, home.


Backup-02Backing up data is extremely important. That is, assuming you value your data. Many of us have pictures, videos and documents on our computer. The reality is, all machines will fail, everything gets old and stops working, eventually. Most notably, the Hard Disk Drives and Solid State Drives have a limited lifespan before they cease functioning.

Here is some advice to avoid that white-hot sweaty feeling from a black screen when you turn on your computer.

Back up your data!

Beyond hardware failure, there have been a series of recent ransomware attacks against individuals, businesses and government organizations. One particular bit of ransomware is called WannaCry. Presumably because if you are affected you “wanna cry.” It essentially encrypts all your data and leaves a message that tells you you can have your data back if you pay a ransom. This can be avoided entirely by doing regular offline backups.

Backing up your data is something that you will hear frequently but what do you use to back up your data? Drag and drop the contents of your home directory onto an external drive? That will fill up a drive pretty quick, and isn’t sustainable for the long term. You can pay for storage and sync your data up to “the cloud”, but that can get expensive if you have a lot of data. It also runs the risk of being compromised as well as it just replicates the contents of your data. I have been doing an Rsync command in the terminal but unless if I know that I have been compromised, it could overwrite my good data with bad data.

You Only Need Two Things

1st Item | External Hard Drive

WD.pngSeriously, under $60 will get you started.

The tools I recommend to get you started is some sort of high capacity external mass storage drive. Something like 1 TB or better. They are not expensive, especially if you compare the cost of a new drive to the cost of data recovery. Then you need to get the software. There are lots of great tools out there but rather than search forever for the best tool possible, start here and see if it works for you. Move on if needed and try something else but complete that first backup. Whatever drive you choose to use, ensure that is ALL that drive does. You plug it in, do your backup, unplug it and safely store it.

2nd Item | Software

I am not targeting Windows or Mac users but the fact of the matter is, most of the people I know are NOT on Linux (because they haven’t seen the light, yet). So I wanted to just highlight some FREE offline backup utility options to get you down the right path. This is free as in you don’t have to shell out any cash but feel free to contribute voluntarily to the projects.


Back In Time

This is what I use on my machine. It has worked very

13 April, 2018

Michael Meeks: 2018-04-13 Friday

21:00 UTCmember

  • Partner call, mail processing, admin, sync. with Eloy. Lunch, TDF BoD call, sync with Kendy.


I don’t hear much about the current status of Spectre and Meltdown lately and I am not going to pretend that I am an expert on these topics. I will say, it has been marketed very well. Out of curiosity, periodically check the status of the vulnerabilities on my machines. I am running openSUSE Tumbleweed snapshot 20180410 and at the time of writing, with Linux Kernel 4.16.0-1-default.

Since I have trouble remembering the exact command, I tend to just scroll through my bash history to find it so to make my life easier, here it is:

grep . /sys/devices/system/cpu/vulnerabilities/*

This is what my machine says:

/sys/devices/system/cpu/vulnerabilities/meltdown:Mitigation: PTI
/sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: __user pointer sanitization
/sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Full generic retpoline, IBPB, IBRS_FW

If you run this on your Linux machine and don’t get the three lines of Meltdown, spectre_v1 and spectre_v2, your kernel is hugely out of date and is in desperate need of updating.

The reality is, there isn’t likely going to be fully secured fix for Spectre and Meltdown. The output from the patch status uses the word mitigation on purpose. It got me thinking, what does mitigation really mean?

According to Dictionary.com:

the act of mitigating, or lessening the force or intensity of something unpleasant, as wrath, pain, grief, or extreme circumstances.

Lessening the the intensity of something unpleasant… I once thought of computers as something you could truly secure but the reality is, the only secure piece of equipment is one you can’t access at all. Anything that can execute code is going to be vulnerable to some degree and weather it is Linux, Windows or Mac OS they all have their vulnerabilities, Linux just happens to have fewer.

I appreciate all the work of the Linux kernel team in responding to the recently discovered hardware flaws of these modern CPUs. Whether they are Intel, AMD, or ARM (and others?), more permanent hardware fixes won’t be in place for some time but in any complex system, there will always be bugs. The most responsible thing to do, as a user, is to keep your systems updated, know what you are installing, don’t click on sketchy things and perform offline backups of your data.

Further Reading


12 April, 2018

Michael Meeks: 2018-04-12 Thursday

21:00 UTCmember

  • Mail chew, H. and N. off to learn some jewlery making with Bruce. Commercial call, lunch with smaller babes. ESC call. Pleased to see LibreOffice Writer used as the word-processing workload in the Powerhammer paper.

11 April, 2018


Hosted Weblate provides also free hosting for free software projects. The hosting requests queue has grown too long and waited for more than month, so it's time to process it and include new projects. I hope that gives you have good motivation to spend Christmas break by translating free software.

This time, the newly hosted projects include:

If you want to support this effort, please donate to Weblate, especially recurring donations are welcome to make this service alive. You can do that easily on Liberapay or Bountysource.

Filed under: Debian English SUSE Weblate

Michael Meeks: 2018-04-11 Wednesday

21:00 UTCmember

  • Hospital app't in the morning - West Suffolk: they at least know a difficult case to be referred; good. Filed holiday, mail chew, poked at receipts & expenses.


We were in the middle of rewriting no, refactoring recompiling all of YaST into Visual Basic when we found that it was April 2nd already and had to scratch the entire project. Next year for sure. So you are left with a report of enterprise grade stabilization and we hope that your servers will be very bored running our software.

Installation and Upgrade

Clearer Description of Migration Targets

Life goes through various roads and it is same for SLE life. SLE15 is now split into multiple modules and during the upgrade it can be quite complex to pick the desired upgrade target. We have to react to this issue as customers start complaining that the upgrade overview starts to be hard to understand and we should improve it. So we did it and now you can check the changes on the attached screenshots. We modified the overview label from listing all products to just a summary with the details displayed below as it was before. Be aware that in the future and for some products or extensions/modules more migration targets will be possible.

Old screenshot:

and the new one (for a slightly different system, so it is not an exact match for the previous screenshot):

Importing the SMT Server SSL Certificate at Upgrade

We are still improving and fixing bugs in the migration from the SLE11 or SLE12 products to the new SLE15 line. One issue we fixed this sprint was importing the SSL server certificate from the old system at upgrade.

For registration you can use a local SMT server (Subscription Management Tool) instead of the usual SCC server (SUSE Customer Center).

The SMT servers usually use a self-signed SSL certificate to save some money for buying a real certificate signed by a well-known certificate authority. This self-signed certificate is imported to the system by YaST during the initial registration so the registration process and the repositories from the server can be properly accessed.

But during the offline upgrade to SLE15 the old system is not running, the installer runs from the installation medium. In that case we need to import the SSL certificate from the old system to the installer so it can properly access the registration server and do the upgrade.

The certificate import is quite easy, we just need to be careful as SLE11 uses a different (old) path for storing the imported certificates than in SLE12 or SLE15.

As the result you should be now able not only to upgrade the systems registered against the SCC server but also the systems registered against your local SMT server.

Many System Roles

Various products that we’re able to install have grown so many groups of presets, called System Roles, that they no longer fit on the screen. We applied some dark gray magic to make them fit in a scrollable box, at the expense of losing the keyboard shortcuts, sorry.


Better Message for Multipath (and other) Problems

While scanning the storage hardware, or at

10 April, 2018

Michael Meeks: 2018-04-10 Tuesday

21:00 UTCmember

  • Still no voice, mail, admin; lots of friends over for lunch before Tania's funeral at All-Saints - very sad; a packed church. Back for a customer call.
  • Plugged away at tasks variously; dinner, put babes to bed, worked in the evening.


Lenovo 110S Transparent Title.pngI have a Chromebook that I have been using for causal browsing and occasional writing but the problem with ChromeOS is that is is so limited and restrictive. I installed Crouton to get a more genuine Linux experience out of it but the performance was a bit lack luster and frankly, the keyboard layout on Chromebooks is terrible. Why Google decided on such a design is beyond me. Delete, Page Up, Page Down, Home and End are nowhere to be found. When the Chroot environment is working, it’s fine but it is an Ubuntu based environment and I didn’t like the limitations that came with it. All this has lead me into the desire to get a simple, low cost but reasonably capable machine of which I would have more control. Since I have perfectly fine working netbooks, albeit a bit long in the tooth, I had no real strong demand for anything new. So, I waited for something to present itself, and it did.

I walked into Best Buy on a whim, I had some time and thought I would just see what they had available. There were several acceptable, low end machines machines between the $150 to $200 range. Specifically, a Dell that was real tempting, as it had better specifications than I really needed for my purposes but had a nice keyboard (for the price). I just wasn’t prepared to spend $200 on something I didn’t NEED. I asked the nice folks there if they had any small Nuk like computers so we walked over to the “Geek Squad” area to the returns cage (the place they keep the bad computers?) where there were a couple out of box laptops. Some where display models of discontinued models that had been re-baselined to be sold. One was marked “$86” and I was VERY interested. I asked the employee if I could just type on it, you know, to see how the thing types, as that is what I plan to do with it… type… things… He said it was against policy to power it on but they had an identical machine behind the counter running Ubuntu on it. It booted up, albeit rather slowly but the screen looked good and if Ubuntu runs on it, openSUSE would certainly run on it. The keyboard wasn’t spectacular but typed well enough to be in my “acceptable” range.

I was sold.

Lenovo 110S Scary Message-transparentScary Windows message

When I got the machine home, I wanted to run Windows 10. You know, see what I had been missing out on. I did a series of updates, started browsing the web with the Edge Browser, played in the control panel and so forth. I also had the opportunity to test out the Microsoft store and install a few things. Unfortunately, nothing I wanted would install. I could also only effectively do one thing at a time and it ran all herky-jerky. It was not an enjoyable experience at all, but what

09 April, 2018

Michael Meeks: 2018-04-09 Monday

21:00 UTCmember

  • Practically no voice; not ideal; swallowing a challenge. E-mail doesn't require a voice-box however.

08 April, 2018

Jason Evans: Container Confession

22:01 UTCmember


Hi, my name is Jason and I use containers in other containers and I’m unhappy that I can’t run even other containers inside of those.

I’m not a big fan of Canonical’s snapd application containers, but they have one application there that I can’t get anywhere else for openSUSE outside of building it all from source and that is LXD. LXD is a hypervisor for Linux Containers a.k.a. LXC. With LXD, I can create full system containers that have much of the same functionality as VMs without the virtualization overhead and unlike Docker application containers, it provides a full environment to work in, not just enough to run one application.

My goal is to use LXD to create very quick and small environments to play with new tools in a safe sandbox. If I screw something up, I can create a new VM in less than 10 seconds or revert it to a previous save state even quicker instead of the time it takes to do the same in Virtualbox or KVM.

One of the things that I would like to do is play with Docker containers in my LXC container that is running in a snapd container. Well, that just doesn’t work. Mostly apparmor is confused and by default, it is doing it’s job.

root@docker-test:~# docker run -it hello-world
Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
ca4f61b1923c: Pull complete
Digest: sha256:97ce6fa4b6cdc0790cda65fe7290b74cfebd9fa0c9b8c38e979330d547d22ce1
Status: Downloaded newer image for hello-world:latest
docker: Error response from daemon: Could not check if docker-default AppArmor profile was loaded: open /sys/kernel/security/apparmor/profiles: permission denied.

So, that’s what I’m playing with today. If I get it to work, I’ll post it here.

Michael Meeks: 2018-04-08 Sunday

21:00 UTCmember

  • Breakfast together at Burger King supposedly the only place open at this time - hmm; interesting engineering going on nearby - parts of a TBM(?) nearby. To the office - for a status update, and more sync with friends.
  • Lengthy flights back, J. picked me up, lovely to be home, but a horrible throat to go with it.

Older blog entries ->