As you might have guessed from my previous blog posts: I love music. Colleagues, family, and friends often turn to me for suggestions if they want to listen to something new and less mainstream. This blog is about music I listen to, the first part of what will hopefully become a series. I hope you also find something interesting here!

Why did I pick “Pictures at an Exhibition” when I talk about “less mainstream” music in the opening paragraph? Well, everyone knows this piece of music. Or do they? The original music composed by Mussorgsky was a piano suite in 1874, but most people are only aware about one of the orchestrated versions. I can still recall from primary school, when our music teacher played the orchestration by Ravel, and asked us to give a title for each movement.

Ravel was not the only one orchestrating “Pictures at an Exhibition”. For this blog I collected those which I listened to, but if you do a quick search on your favorite music service, I am pretty sure that you will find a lot more. In each case I chose the closing movement: The Great Gate of Kiev.

First let’s listen to the version which comes to the mind of most people when Pictures at an Exhibition is mentioned. It is also the one I listened to first: the orchestration by Ravel from 1922. It was recorded by many orchestras. Here I chose the version which I have at home: played by the Berliner Philharmoniker, conducted by Herbert von Karajan:

TIDAL: https://listen.tidal.com/album/77611281

Next, listen to the original, piano version. It does not seem to be recorded as often as the orchestrated versions. Here I chose randomly, just making sure that it is a good quality recording:

TIDAL: https://tidal.com/browse/video/101487217

The version I learned about next was created by Tomita, a Japanese pioneer of electronic music. I do not remember who gave a copy to me on tape, just that I also got Switched-On Bach by Wendy Carlos at the same time. I was born to a family where Bartók was considered to be too modern. These reworks opened me to contemporary music.

TIDAL: https://listen.tidal.com/album/63190788

During my university years I became an Emerson, Lake & Palmer fan, in part due to their interpretation of Pictures at an Exhibition. It is one of my favorite concert recordings, so I have it both on CD and as high resolution FLAC files from Hdtracks.

TIDAL: https://listen.tidal.com/album/63101464

The last version I want to show you is a concert recording by the Hungarian band, Panta Rhei. As they write below the video: “As our concert on 22/04/2022 approached, we were wondering which piece of music would be a fitting encore to our performance of the Peer Gynt Suite. A few weeks before our concert a war broke out in one of our neighbouring countries. We chose to express our solidarity with the people of Ukraine with our interpretation of Mussorgsky’s “The Great Gate of Kiev”.” I was there at the concert: it was fantastic.

Unfortunately, they are not on TIDAL, but you can find their music on YouTube at https://www.youtube.com/@pantarheiofficial3562 and have a website at http://panta-rhei.hu/

You can learn more about the history of Pictures at an Exhibition at https://en.wikipedia.org/wiki/Pictures_at_an_Exhibition

Dear Tumbleweed users and hackers,

Week 44 is over – and with it, about 83% of the year 2023. What does that mean for Tumbleweed? Not really much, as it just keeps rolling from snapshot to snapshot. And during this week, you have received 6 of those (1026, 1028, 1029, 1030, 1031, and 1101). 1027 had been discarded due to crashes identified in XFCE (xfconf 4.18.2 – which was reverted to 4.18.1 for 1028)

The six delivered snapshots brought you the following updates:

• LLVM 17.0.3
• Qemu 8.1.2
• VLC 3.0.19
• Boost 1.83.0
• systemd: Ship the main configuration files in /usr/lib/; this change will hopefully encourage users to customize the defaults via drop-ins instead of changing the main config files
• Linux kernel 6.5.9
• openSSL 3.1.4
• PHP 8.2.12
• Mozilla Firefox 119.0
• shadow 4.14.2
• strace & linux-glibc-devel 6.6: getting ready for Kernel 6.6
• Poppler 23.10.0

As usual, a new snapshot is already in QA, and more changes are piling up. These things have been staged by now:

• gnome-shell/mutter 45.1
• libxml2 2.11.5 (you remember, we already had that a while back in the list. This time it is happening)
• xfconf 4.18.3
• libvirt 9.9.0
• fwupd 1.9.7
• binutils 2.41: libqt5-qtwebengine runs OOM when linking on i586
• Linux kernel 6.6

Snapshots of openSUSE Tumbleweed this week have been frequent with a fair amount of software packages arriving in each snapshot..

Among some of the packages to update this week were Vim, libsoup, libzypp, strace and more.

A cool 13 packages arrived in snapshot 20231101. An update of dracut was among those that arrived. The initial ramdisk tool addresses issues related to PKCS11, dracut’s version handling, Bash compatibility, network device naming and more. An update of gnome-text-editor 45.1 improves proper entity tags for comparing documents after a “Save As” operation. The package also fixes row styling in preferences and addresses a memory leak issue with GtkNativeDialog. An update of hxtools 20231101 makes changes such as adding compression .zst suffix support for the qtar tool to eliminate unnecessary lines in spec files. An update of poppler 23.10.0 makes several core improvements like updating type 3 fonts for Cairo 1.18’s Application Programming Interface and fixes a crash issue with malformed files. The build system enhancements make certain dependencies soft-mandatory and adds support for more gpg releases. Updates of yast2-trans, selinux-policy 20231030, gpgme 1.23.1 and more arrived in the snapshot.

The Halloween snapshot wasn’t too scary with a large amount of Common Vulnerabilities and Exposures being crushed in snapshot 20231031. With the 10 updated software packages, Mozilla Firefox 119.0 addresses a significant amount of CVEs. Solving CVE-2023-5721 was significant as the fix prevents a click-jacking attack, which could trick users into unintentionally interacting with browser prompts and dialogs by improving the activation delay. The release includes fixes for cross-origin size and header leakage, cookie character issues and takes care of 10 other CVEs. The browser also requires Mozilla Network Security Services (Mozilla NSS) 3.94 for its functionality, which arrived in snapshot 20231029. Plasma users should know that KDE integration has been reactivated with updated patches for improved compatibility. The gnu-unifont-fonts 15.1.04 update includes larger supersets of Plane 2 and Plane 3 glyphs in both the default and Japanese versions of the font. Notable changes in the ncurses 6.4.20231021 in the update include the use of oldxterm+sm+1006 in virtual terminal emulator-2014, default configuration changes for “opaque” and “widec” options, and the package has some minor cleanup of the compiler and manpage warnings. The command-line tool qpdf updates to version 11.6.3 and includes tweaks to improve handling of files between 2 GB and 4 GB in size. The tool also has a fix for a data loss bug that could discard characters after escaped octal strings with fewer than three digits. The bug was introduced in qpdf between versions 10.6.3 and 11.0.0. The 6.6 version of the diagnostic, debugging and instructional userspace package strace introduces a new --kill-on-exit option, which sets PTRACE_O_EXITKILL to all tracee processes and prevents them from running after the tracer exits. This option is automatically activated when using -seccomp-bpf without the -p/--attach option. There were also several new syscall decodings and constant updates have been implemented in this release. Thunar 4.18.8 improves the file manager to allow it to guess the correct display to use and fixies critical issues related to unset GNOME Input/Output (GIO) attributes. Shadow 4.14.2 and a few other packages updated in the snapshot.

The 20231030 snapshot introduces support for GL_EXT_texture_shadow_lod and GL_NV_displacement_micromap extensions with the glslang 13.1.1 update. The package also adds a new --no-link option and removes a previously merged patch related toCMake and resource limits. The hiredis 1.2.0 package, which is a C library that provides a minimalistic and easy-to-use client for the Redis database, includes the addition of various features for the sdevent adapter, the ability to specify the keepalive interval and a RedisModule adapter. The package also provides a helper for setting the TCP_USER_TIMEOUT socket option and includes bug fixes for improved stability and functionality. The vulkan-loader 1.3.268.0 update introduces the addition of the VK_LOADER_LAYERS_ALLOW environment variable and includes support for the Debug extension in the test layer; the changes enhance the Vulkan loader’s functionality for managing layers and extensions in Vulkan applications. The vulkan-tools 1.3.268.0 was the last package to update in the snapshot and enhances the capabilities of the Vulkan tools for graphics and compute applications.

The 20231029 snapshot had a fair amount of packages updates. The glib2 2.78.1 package addresses various bug fixes and improvements. It fixes the file truncation issues with ` g_file_set_contents_full()` , resolves build errors and ensures proper file handling. The package also includes enhancements like preserving microseconds for access/modify times. The open-source HTTP client/server library libsoup 3.4.4 brings improvements in HTTP/2 performance, particularly when there is significant buffering. The package adds support for building the libnghttp2 implementation as a subproject, which enhances the capabilities of the library for handling HTTP requests and responses. The second update of the week for libstorage-ng updates the package to version 4.5.155. This update includes changes like merging a specific GitHub issue and extends the testsuite. The update mozilla-nss 3.94 updates prepares the Tumbleweed release for a later update and improves handling string literals, and other adjustments to improve the library’s functionality and security. The update of php8 8.2.12 addresses issues like memory leaks, type errors, and segfaults in the core components. The update also enhances performance, exception handling and content detection in various PHP modules and functions. The vim 9.0.2078 update includes numerous bug fixes and improvements. The text editor addresses issues related to type aliases, Vim9 support, text change triggers and more. The package enhances security measures, improves file recognition and resolves various document-related issues in the snapshot. Other package updates were also in the snapshot and the xfconf version was downgraded to version 4.18.1, which was upgraded to version 4.18.2 a day earlier in snapshot 20231028.

Snapshot 20231028 updates the Linux Kernel. The 6.5.0 kernel-source version bringing improvements such as Bluetooth enhancements and fixes related to ice, KVM, and x86. Advanced Linux Sound Architecture codecs wcd938x also received updates to address runtime Package Manager imbalances and resource leaks. The libstorage-ng 4.5.154 update enhances error reporting in SystemCmd, adds test cases and makes more use of the new SystemCmd interface, along with other minor enhancements and fixes. An issue with the timer library was resolved with thelibzypp 17.31.23 update. An update of openssl 3.1.4 fixes key and IV resizing issues and improves cryptography performance. The xfconf package for the Xfce desktop environment updates to version 4.18.2 and brings various enhancements that were downgraded in the following snapshot.

The new version of the GNOME desktop was released more than one month ago. It takes some time to arrive to the final user, because distributions should integrate, tests and release the new desktop, and that's not something simple, and it should integrate in the distribution release planning.

So right now, it's possible that there's just a few people with the latest version of the desktop right now, just people with rolling release distros or people using testing versions of mayor distributions.

This is one of the reasons because a lot of gnome-shell extensions aren't updated to work with the latest version of GNOME, even after a few months, because even developers doesn't have the latest version of the desktop and it's not something "easy" to install, without a virtual machine or something like that. Even if the update is just a change in the metadata.json, there should be someone to test the extension, and even someone to request this update, and that will happen once the mayor distributions release a new version.

I'm using Tumbleweed, that's a rolling release and GNOME 45 is here just after the official release, but of course, a lot of extensions are not working, and in the infamous list of non working extensions there where the three that I'm maintaining right now:

• mute-spotify-ads, extension to mute the spotify app when it's playing ads.
• calc, a simple calculator in the alt+F2 input.
• hide-minimized, hide minimized windows from alt+tab and overview.

The correct way

The correct way to maintain and update a gnome-shell extension should be to test and update "before" the official release of GNOME. It should be something easy for me, using Tumbleweed I can just add the GNOME Next repository, install the new desktop when it's in beta stage, and update the extension there.

But that's something that require an active maintainership... And right now what I do is to update the extensions when they are broken for me, so just when I need them, and that's after I get the new desktop and I find some time to update.

I know that's not the correct way and this produces a bad experience for other people using the extensions, but this is the easier thing to do for me. Maybe in the future I can do it correctly, and provide a tested update before the official release, maybe using snapper to be able to go back to stable, without the need of using virtual machines.

Update your extension to GNOME 45

The update to GNOME 45 was a bit more complex than previous ones. This version of the shell and gjs change a lot of things, so the migration it's not just to add a new number to the metadata.json, but requires incompatible changes, so extensions that works for GNOME 45 won't work for previous versions and vice versa.

But the people working in gnome-shell does a great work documenting and there's a really nice guide about how to upgrade your extension.

The most important part is the import section, that now it has a different syntax.

// Before GNOME 45
const Main = imports.ui.main;

// GNOME 45
import * as Main from 'resource:///org/gnome/shell/ui/main.js';

And some changes in the extension class, that now can inherit from existing ones to provide common usage, like preferences window:

import Adw from 'gi://Adw';

import {ExtensionPreferences, gettext as _} from 'resource:///org/gnome/Shell/Extensions/js/extensions/prefs.js';

export default class MyExtensionPreferences extends ExtensionPreferences {
    fillPreferencesWindow(window) {
        window._settings = this.getSettings();

        const page = new Adw.PreferencesPage();

        const group = new Adw.PreferencesGroup({
            title: _('Group Title'),
        });
        page.add(group);

        window.add(page);
    }
}

From journal to .json

In order to convert from your journal log to json, so it is easily parseable, jq offers an option that allows you to run a filter, only until the end of the file:

    Instead of running the filter for each JSON object in the input, read the entire input stream into a large array and
    run the filter just once.

This allows you to save the file directly, ready to be processed by your favorite tools, here’s what I used:

journalctl -u postfix.service --since yesterday -g "denied" --output json | jq -s "." > data/log.json

Enter Perl

Now, because I’ve been using Perl for ${deity} knows how long (I wrote my first Perl script at the end of the 90’s), naturally, is my language of choice for quick things where my knowledge of bash isn’t going to cut it:

First I want to load my file, I’m going to rely on Mojo, specifically Mojo::Collection and Mojo::JSON for this as I’m familiar with both, also, if I wan’t to dig a bit into what’s inside my collections, I can always do:

use Mojo::Util qw(dumper);

say dumper $collection->to_array;

But I digress, back to business

The real stuff

This piece of code filters for me, what it reads from a file (I’m doing $_= path(shift); for convenience)

my $file = Mojo::Collection->new(decode_json($_->slurp))->flatten;

// Filter using Mojo::Collection::grep to have a new collection with the data I'm interested in
my $filtered = $file->grep(sub{ 
        $_->{MESSAGE} =~ /denied/
    });

Now that I have the elements on a single array (of course, if I’m looking at a file over a gigabyte, likely I’d look into putting this inside some sort of database, PostgreSQL for instance, has excellent Json support), it’s time to do something with it:

// get anything that looks like a hostname before, and get the ip address
// example: NOQUEUE: reject: RCPT from ns2.pads.ufrj.br[146.164.48.5]: 554 5.7.1 <relaytest@antispam-ufrj.pads.ufrj.br>:
// I want to have ethe IP in a named group so I can later reference it with `$+{'IP'}`
my $regexp = qr{(.*[a-zA-Z0-9-._]+)\[(?<IP>.*)\]>?:.*};

Ideally (and for the future) I might want to filter in a different way, and capture different things, but you get the idea however today, we only want to know which ip addresses were rejected while testing our changes in our postfix’s configuration

$filtered->each(sub{
        if ($_->{'MESSAGE'} =~ /$regexp/ ){
            say "bash ./unban ".$+{'IP'};
        } else {
            warn "CANNOT GET IP: ".$_->{"MESSAGE"};
        }
    });

I have another script that does the unban, but for now I’m ok with copy&pasting :)

The full script is at foursixnine/stunning-octo-chainsaw pull requests are welcome, and maybe in the future I move this to its own thing, but for now, that’s all folks.

Dear Tumbleweed users and hackers,

Another week fully loaded with Tumbleweed snapshot comes to an end. This week, we have delivered five snapshots (with a new one already in openQA).

The five snapshots (1019, 1020, 1022, 1023, and 1025) brought you those changes:

• KDE Frameworks 5.111.0
• KDE Plasma 5.27.9
• Samba 4.19.2
• SQLite 3.43.2
• Apache 2.4.58
• Linux kernel 6.5.8
• Pipewire 0.3.83
• Virtualbox 7.0.12
• zlib 1.3
• Redis 7.2.2
• Meson 1.2.3

And, as after the snapshot is before the snapshot, the subsequent things are already lined up and getting ready to reach you. The most intriguing things there are:

• Qemu 8.1.2
• VLC 3.0.19
• LLVM 17.0.3
• systemd: Ship the main configuration files in /usr/lib/; this change will hopefully encourage users to customize the defaults via drop-ins, hence removing the risk of conflicts with downstream customization.
• Boost 1.83.0
• Linux kernel 6.5.9
• openSSL 3.1.4
• PHP 8.2.12
• binutils 2.41
• moving to dbus-broker