This post is very unlikely for you. It’s for future me.

The little magic box that is the Dirtywave M8 tracker is pretty well supported in Linux. It works great as an audio device (input and output), it does usb midi and you can also use its remote display using laamaa’s m8c which now also does audio monitoring.

M8c isn’t an app, so it’s a bit of a hassle to build it and use it from within a toolbx. Regular Linux distro chore. In addition, to update its firmware, which Timothy pushes very frequently and brings amazing new functionality, requires adding udev rules to have the device writable by a user. Which is what this post is about. I have no clue what I’m doing, but having this config in /etc/udef/rules.d/50-myusb.rules (first is the regular device for m8c and the latter is the second stage of the firmware update using tytools):

SUBSYSTEMS=="usb", ATTRS{idVendor}=="16c0", ATTRS{idProduct}=="048a", GROUP="users", MODE="0666"
KERNEL=="hidraw*", ATTRS{idVendor}=="16c0", GROUP="users", MODE="0666"

Enjoy my last track, Sines of our fathers if you don’t care of any of the above ;)

This post explains the process of installing NVIDIA Tesla T4 drivers on openSUSE images specifically designed for Amazon EC2 G4 Instances.

First remove nouveau module kernel.

rmmod nouveau

Download the NVidia driver and run it.

wget https://us.download.nvidia.com/tesla/515.105.01/NVIDIA-Linux-x86_64-515.105.01.run
sudo sh NVIDIA-Linux-x86_64-515.105.01.run

Done. Use the force!

Jakiś czas temu czytałem wyciek informacji od jednego z pracowników MS, że Bill Gates zaproponował: albo zabronimy wam korzystać z oprogramowania konkurencji, albo zabierzemy darmowe piwa.Wspomnę tylko, że picie piwa może upodlić. W ten sposób, chyba w 15-17 wieku, szlachta starała się ubezwłasnowolnić chłopów pańszczyźnianych. Mieli nadmiar alkoholu, więc wmuszano go w chłopów, by Ci byli bardziej posłuszni. Skutki były opłakane. Nawet księża zarzucali chłopom, że to „psy, nie ludzie, pozbawieni uczuć, dla których liczy się tylko wódka”.Wiadomo – profesjonalista IT (nie inżynier projektujący mosty czy silniki, nie grafik komputerowy, tylko rasowy profesjonalista IT) potrzebuje często skorzystać z programów nie wydanych tylko pod Windows, jak narzędzi GNU. Ci inżynierowie i graficy wchodzą potem na internet i się kłócą, jaki to Windows nie jest najlepszy, bo jest najpopularniejszy, a pod niego tylko jest AutoCard i Photoshop, chociaż innych CAD-ów i programów do grafiki rastrowej, ani systemów operacyjnych na uczy nie widzieli. To jest błędne myślenie, bo:

1. Nie koniecznie to najlepsze staje się od razu najpopularniejsze (patrz IE i Firefox)

2. Skoro skutek w implikacji jest spełniony, to niekoniecznie przyczyna musi być, bo dróg do celu często jest wiele, a my nie jesteśmy w stanie wziąć wszystkich zmiennych

W takim razie, profesjonaliści IT, często sięgają po inne systemy, czy to MacOS, czy to Linuksy. Z różnych przyczyn, bo np. szef dostarczył laptopa z preinstalowanym Windowsem, musieli korzystać z półśrodków, jak np. MSYS, CYGWIN czy MINGW, albo maszyna wirtualna z Linuksem.

Nie wiem, czy eksperyment z pracownikami się powiódł. Po pierwsze, ostatnio MS dodał do umów na swoje usługi chmurowe zapis, zabraniający korzystania z produktów konkurencji (konkurencyjnych chmur), więc może się powiódł? Z drugiej strony, wydano WSL, więc może MS się ugiął? Nie wiem.

https://d8f0ee23883c99fd4cad175c95273eac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

W każdym razie, to jest to kolejny dowód na to, że korporacje pokroju MS, traktują swoich konsumentów, jak swoją własność. To samo mówi kobieta, gdy facet się nią nie zajmuje i odcina ją od otoczenia – wiem! Ale coś jest na rzeczy, bo wyobraźcie sobie przyszłość, gdy instalując jakikolwiek produkt MS, pozbywamy się prawa do korzystania z produktów konkurencji. MS nie wydał aplikacji do czegoś? Pozostaje napisać ją samemu, a potem oddać za darmo MS prawa autorskie, wraz z kodem, itd. Potem MS pozwoli nam korzystać z niej przez miesiąc za darmo, a potem opłata 2,5 USD dziennie.

Coś takiego jednak dzieje się od dłuższego czasu, np. poprzez DRM, gdzie MS ogranicza swoich konsumentów i całą resztę, by zachować pozycję rynkową. To traktowanie swoich konsumentów, jak swoją własność. Kupiłeś film we Francji i poleciałeś do USA, do cioci? Nie odtworzysz go, bo ma zabezpieczenia regionalne! Spróbujesz ominąć? Poniesiesz konsekwencje! Podobną historię miał Amerykański Prezydent z Prezydentem Francji. Ten drugi „kupił” pierwszemu kolekcję Amerykańskich filmów. Jakie było zdziwienie, gdy filmy pod Windowsem, nie działały. To pokazuje, że Politycy nie rozumieją świata, jaki nam (wraz z korporacjami) urządzili, a co normalnie normalny człowiek. Normalnemu człowiekowi żal czasu na przeczytanie umowy, którą podpisuje, np. licencji, bo licencji stworzono tylko po to, by karać złych piratów.

W licencji World of Goo z CD-Action był zapis, że będę bronić dystrybutora i producenta tej gry przed sądem każdej instancji. Wiem, że taki zapis nie jest wiążący na całym świecie. Jednak pewnie w jakimś kraju jest, skoro go tam umieścili, bo przecież nie po to, by okłamać konsumenta. Konsument i tak tego nie przeczyta! Wyobraźmy sobie sytuację, że firma ma długi, wierzyciele żądają zwrotu. Firma wysyła mnie do innego kraju, np. Niemiec, USA, bym bronił ją przed sądem. Mam teraz kłamać sąd, że firma na pewno spłaci długi z odsetkami, ale dopiero za dwadzieścia lat? Nie ważne, co bym zrobił, to złamałbym zasady. Ale czy kogokolwiek obecnie obchodzą zasady, skoro ludzie dają się tak traktować, a sami nie czytają tego, co podpisują? Jeżeli wszystko pójdzie dobrze, to wraz z postępem czasu i dobrej woli wielu korporacji, staniemy się niewolnikami producentów rzeczy, z których chcemy korzystać. Już teraz ludzie są nieświadomi, jak siebie dają oszukiwać.

Inną sprawą jest jednostronność podpisywanych umów, co w Polskim prawie (chyba) jest nielegalne. W wielu licencjach jest napisane, że producent może zmienić treść umowy w każdym momencie. Ja miałem tyle szczęścia, że np. Stellaris korzysta z Launchera, więc wyświetlił mi się komunikat, że zmieniła się licencja, zasady korzystania z usług internetowych, a także polityka prywatności. Miałem przez to okazję się z tym zapoznać, ale zajęło mi to parę godzin, zanim mogłem uruchomić grę. W dodatku, to treść części dokumentów, byłą po Angielsku. Co jednak z sytuacją, gdy launchera nie ma? Mam, korzystając z zamkniętego programu, odświeżać co sekundę stronę, na której może pojawić się nowa umowa, co uniemożliwi mi przełączenie na okno programu?

Jeżeli nie zaczniemy działać, to będzie jeszcze gorzej. Ktoś musi posprzątać ten bałagan licencyjny, jaki zgotował nam Bill Gates. Skoro przedsiębiorstwa tworzące oprogramowanie, przy próbie przeforsowania zmian w prawie, nagminnie powtarzają, że chcą tylko, by dobro niematerialne, było traktowane na równi z tym materialnym, to niech SPRZEDAJĄ JE, a nie stosują ścieżkę wytyczoną przez Pana Gate-sa.

Sprzedaż programów istniała wcześniej i konsument miał praktycznie nieograniczone prawa do niego. Wpojona w nas, że na wolnym rynku komercyjnym, to konsument jest panem. W przypadku świata IT, konsument jest ścierwem, jego Panem jest producent dobra, z którego zamierza korzystać.

Dziękuję.

Orginalny wpis został opublikowany na: https://www.dobreprogramy.pl/@nintyfan/felieton-microsoft-i-chlopi-panszyzniani,blog,207819

Dear Tumbleweed users and hackers,

This week, Tumbleweed ‘only’ delivered 5 snapshots. Snapshot 0423 was tested in openQA when 0424 finished the building way faster than expected. As usual: nothing was lost and the delay added to get the goodies from 0423 was just a few hours.

The five snapshots (0421, 0422, 0424, 0425, and 0426) brought you these updates:

• ffmpeg 4.4.4 and ffmpeg 5.1.3
• grep 3.10
• libxml 2.10.4
• pam 1.5.2.90
• Mozilla Firefox 112.0.1
• Linux kernel 6.2.12
• GNOME 44.1 (mutter and gnome-shell will follow over the weekend)
• KDE Gear 23.04.0
• Qt 5.15.9
• llvm 16.0.2
• Rust 1.69
• GCC 13RC3

The various package maintainers have submitted the following changes, which are currently being tested in staging areas:

• openSUSE:Factory will change from suse_version == 1599 to suse_version == 1699 (stepping ahead of the ALP code base)
• Mozilla Firefox 112.0.2
• OpenVPN 2.6.3
• Linux kernel 6.3
• Boost 1.82.0
• ICU 73.1: breaks libqt5-qtwebengine
• Wayland 1.22.0: crashes Firefox (https://bugzilla.mozilla.org/show_bug.cgi?id=1826583, fixed for FF 113)
• openSSL 3.1: still broken are nodejs19, perl-Protocol-HTTP2, python-aiohttp, python-tornado6

This week’s openSUSE Tumbleweed had a decent amount of software packages in each snapshot.

The rolling release updated applications for both GNOME and KDE, with several KDE Qt5 Patch Collection packages and command-line utility grep receiving updates.

Just a few packages updated in the latest snapshot, 20230426. The changes in firewalld 1.3.2 were minimal but for testing functions, which two were related to iptables. The 20230425 version was the second update of the week for the selinux-policy package. This package added a policy for wtmpdb, which will provide a more accurate calculation of boot time. Two other packages to update in the snapshot were a 2.4.0 version of 389-ds and 2.0.16.21 version of numactl.

Facebook’s fast compression algorithm package zstd updated to version 1.5.5 in snapshot 20230425. The package fixed a rare corruption bug affecting the high compression mode and it no longer crashes when requested to write into a write-protected directory. An update of glib2 2.76.2 updated Unicode normalization tests from Unicode 15 and the package fixed various build failures with less common setups. An update of container-selinux updated to version 2.211.0. The package allows the daemon to send dbus messages to container type spc_t. User of GNOME received some updated documentation with gnome-user-docs 44.1, which updated translations and improvies help for GNOME. Its image viewer Eye of GNOME also updated to 44.1; this minor version updated translations and fixed a Segfault when switching between animated webp images.

More than 20 KDE Qt5 Patch Collection packages updated in snapshot 20230424, but the update of KDE Gear 23.04.0 was enormous and it brought several new arrivals. Tokodon brings the Mastodon federated social media platform to users’ fingertips. This application lets users read, post, and message and new features are available to see previous messages when replying. It also has the ability to send polls to followers. Youtube is now visible on the desktop thanks to AudioTube. The player had a visual redesign and new icon. Video editor Kdenlive added some new features to select several clips from your tracks and group them together; it will treat the group as one single sequence. There were several other changes, so read the release announcement. An update of shotwell 032.0 added JPEG XL support for GNOME’s photo manager. It also fixes generating video thumbnails if debugging is enabled. An update of GTK4 fixes issues with slow-loading files in the file chooser and fixes a positioning regression. Other fixes to come with the gtk4 4.10.3 release were fixing app crashes related to Wayland and holding Ctrl to select multiple files broken in the filechooser. Several other packages updated in the snapshot including yast2-trans, coreutils 9.3, gnome-remote-desktop 44.1 and more.

GNOME also had updates in snapshot 20230422. An update of both gnome-software and gnome-control-center to version 44.1. The software package had firmware state update fixes and a fix for reference information related to PackageKit apps, while the control-center offered some fixes related to network sharing and connections. The Linux Kernel had an update; kernel-source 6.2.12 brought some access for nvme-pci storage changes and a changed that fixes kernel panic with the Intel Integrated Sensor Hub. The kernel also had some additions for both Lenovo and Acer Aspire machines. Mozilla Firefox updated to 112.0.1 an fixed a bug where cookie dates appear to be set in the far future after an update, which may have caused the cookies to be purged unintentionally. NetworkManager updated to version 1.42.6. The package improves wifi hotspot functionality, setting for the wifi roam policy and fixed the assertion failure related to DHCP renewals. The 9.18.14 update of Domain Name System software bind fixes several bugs that cause naming to crash during catalog zone processing. It also removed several features. Other packages to update in the snapshot were gpgme 1.20.0, libsoup 3.4.1, evolution 3.48.1 and many other packages.

An update of ffmpeg-4 4.4.4 landed in the 20230421 snapshot. The cross-platform video and audio solution dropped a few Common Vulnerability and Exposure patches, fixed some behavior with fractional frame rates and restructured slice coordinated reading. The newer ffmpeg-5 5.1.3 version had similar fixes like dropping a patch for CVE-2022-3964 thanks to an upstream fix. Some audio/visual formats were changed like one to offset and avoid an integer overflow. An update of grep 3.10 arrived in the snapshot and it had some changes to match digits strings, for example Arabic script ٠١٢٣٤٥٦٧٨٩, which is 1 2 3 4 5 6 7 8 9 0 respectively. This snapshot from last Friday also updated packages like ncurses 6.4.20230418, pam 1.5.2.90, selinux-policy 20230420 and several other packages.

This week was a busy week!

Leap 15.5 enters the Release Candidate phase! According to the roadmap users can expect the final release shortly after the openSUSE Conference 2023 on June 7th.

The final release of our immutable HostOS Leap Micro 5.4 is now available. This update brings SELinux in enforcing mode by default as well as tuning. Leap Micro is not a traditional distribution, but rather a lightweight HostOS for running virtual machines and containerized workloads.

The availability of Leap Micro 5.4 automatically marks Leap Micro 5.2 as End of Life. From this point, Leap Micro 5.2 will no longer receive updates.

To remain secure, Leap Micro 5.2 users can either do a fresh deployment, which should be under 5-minutes, or upgrade.

Leap Micro 5.3 users can still remain on the existing release and enjoy updates until the next Leap Micro release is out, which should be in Fall 2023.

Users who would like to receive support and updates for up to 4 years for a given release should consider switching to SLE Micro.

Users can upgrade to Leap Micro 5.4 by running the following command

sudo transactional-update shell

zypper --releasever 5.4 dup

exit

reboot # Enjoy

Please bear in mind that we’re switching to SELinux enforcing by default, therefore you might have an easier life if you do a clean build instead. Especially on slower storage if you’d be subject to relabeling.

Let’s make some practical use of the new Leap Micro 5.4!

This article is a continuation of our previous practical hands-on article, which focuses on ad-free browsing at home with Pi-hole.

In this article, we’ll leverage our existing Pi-hole from the previous article and setup up a home instance of a Nextcloud AIO. Such a solution is appealing especially to users valuing their privacy or just like me looking to bridge Apple and Android devices.

This tutorial should take less than 15 minutes, on top of instructions the from previous hands-on.

Reference setup

My personal use case for Leap Micro is to have as much ad-free browsing as possible, DNS entries for local services, and a Nextcloud instance as a bridge to share pictures and videos in between my wife’s iPhone, kids’ tablet and my Android phone.

My private home setup is a Raspberry Pi 4 8GB with 1TB SDD connected via USB 3.0 to SATA III. I have a mesh via TP Link Deco X20. I do use port mapping from the Deco to expose services to the public via a static public IP. I have a public domain name with a few subdomains pointing to the mentioned public IP.

The public domain name is a prerequisite for the NextCloud AIO.

The Raspberry Pi has a reserved address based on its MAC address to keep stuff simple. If you have a dynamic public address, you can consider some dynamic DNS (DDNS) solutions.

I am personally happily using the described setup on my 8GB Raspberry Pi 4 with Leap Micro 5.3 along with Pi-hole for ad-free browsing and mapping of my Nextcloud instance to a local address.

I would not recommend to this particular hands-on in a VM unless you can deal with the public domain aspect of the tutorial.

The benefit I see in using Leap Micro is that the machine does not require any of my attention. I have automatic updates and self-healing on. The machine automatically reboots into an updated snapshot in the defined maintenance window (set by default) and if there is an issue that requires my attention, then I simply resolve the issue with the Cockpit interface in the web browser.

Leap Micro is an immutable operating system with a read-only root. openSUSE solves this via btrfs snapshots and tools that enable automatic rollback and boot into a previous snapshot in case a system identifies that the boot into a new snapshot has failed.

Existing setup

The user is expected to already have an existing Pi-hole setup running on top of Leap Micro 5.4 and their own public domain as described in the previous article.

Warning: Running Nextcloud AIO requires a public domain. Otherwise, you’ll hit SSL errors unless you use self-signed certificates, such setup would be outside the scope of this article, plus such a solution is not practical.

Making a local DNS entry for the NextCloud

For local access, a user should create a local DNS entry with a local IP address pointing to the intended domain nextcloud.mydomain.org.

Deploying the NextCloud AIO container

Just by following https://github.com/nextcloud/all-in-one I’ve tried to run the AIO image with just podman, however, the solution is very docker centric and you’d have to use podman-docker, which will only be available in the next Leap Micro release.

In my setup, I do have a 1TB disk mounted on the Leap Micro host under /srv/nextcloud.

Feel free to adjust NEXTCLOUD_DATADIR destination to your liking. I personally had an issue with domain validation with my Pi-hole setup so I did use -e SKIP_DOMAIN_VALIDATION=true as per readme instructions.

Directories like /srv and /var are of course writable even on ImmutableOS.

If you’re using port mapping from your home router to expose services to the public, you’ll want to expose and map ports 80, and 8443 and 3478 (talk container) from the router to the Leap Micro host.

# mkdir -p /srv/nextcloud

My fstab entry for the btrfs formatted 1TB WD Blue SSD drive connected to my Raspberry Pi via AXAGON ADSA-1S6 USB to SATA connector.

You can get your UUIID with blkid

# grep nextcloud /etc/fstab

UUID="881ab56d-d577-4d12-8014-f5a76f3febe6" /srv/nextcloud btrfs noatime 0 0

And now let’s deploy the Nextcloud All in One image.

Just note that our deployment will survive reboot(s). I highly recommend skipping the domain validation (part of the example command), especially with described setup.

# docker run \

--sig-proxy=false \

--name nextcloud-aio-mastercontainer \

--restart always \

--publish 80:80 \

--publish 8080:8080 \

--publish 8443:8443 \

--volume nextcloud_aio_mastercontainer:/mnt/docker-aio-config \

--volume /var/run/docker.sock:/var/run/docker.sock:ro \

-e NEXTCLOUD_DATADIR="/srv/nextcloud" \

-e SKIP_DOMAIN_VALIDATION=true \

nextcloud/all-in-one:latest

And we’re almost done here. Rest is just about following the browser instructions.

You might want to reconsider what add-ons to run based on the available memory of your device, especially if you have less than 4GB of memory. My Rpi has 8GB, so I went with all available add-ons.

And we are done! Have a lot of fun!

Version 4 of syslog-ng works perfectly well in version 3 compatibility mode. However, if you want to use the syslog-ng 4 features, you need to be aware of some significant changes. If you have a simple configuration, like those in Linux distributions, then simply rewriting the version string is most likely enough. However, if you use PatternDB or JSON parsing, any Python code, or an Elasticsearch, or MongoDB destination, you have to be aware of the changes.

From this blog you can learn about type support, how this can affect you, changes in Python support, and some tips how to prepare for the upgrade: https://www.syslog-ng.com/community/b/blog/posts/upgrade-problems-from-syslog-ng-3-to-4

The openSUSE Project is pleased to announce its modern lightweight host operating system Leap Micro 5.4 has reached its Release Candidate phase.

The last beta introduced a new SELinux module for Cockpit. This release has the default setting of SELinux for new installations that have been changed from permissive to enforcing mode, which can be switched to permissive mode or disabled.

Podman updates to version 4.3.1 in this host-OS release. This new version brings in many new features and several improvements like better support for containers in multiple networks, better IPv6 support and improved performance.

There is a warning in the Release Notes that people are advised to read.

“Before testing Podman 4 and the new network stack, you will have to destroy all your current containers, images, and networks,” according to the warning. “You must export/save any import containers or images on a private registry, or make sure that your Dockerfiles are available for rebuilding and scripts/playbooks/states to reapply any settings, regenerate secrets, etc.”

This ultra-reliable, lightweight and immutable operating system has Performance Co-Pilot container integration in Cockpit. The version has new Cockpit modules, but because of the amount of dependencies not all of the Cockpit modules are part of the raw images; some will need to be installed additionally. The installer now includes packages for being able to run in Federal Information Processing Standards mode.

Leap Micro does not offer a graphical user interface or desktop version. Users can use Cockpit to manage their host OS through a web browser.

The new version includes hardware cryptographic acceleration packages for s390x. Kernel live patching is only available for the x86-64 and s390x architectures.

The RC is based on SUSE Linux Enterprise (SLE) Micro 5.4 and is built on top of a SLE 15 Service Pack 4 update.

Users should know that zypper is not used with Leap Micro, but transactional-update is used instead.

Leap Micro can be used for several compute environments like edge, embedded and IoT deployments. Developers and professionals can build and scale systems for use in aerospace, telecommunications, automotive, defense, healthcare, hospitality, manufacturing, database, web server, robotics, blockchain and more.

Users are recommended to view the Release Notes.

Large development teams can add value to their operations by trying Leap Micro and transitioning to SUSE’s SLE Micro for extended maintenance and certification.

To download the ISO image, visit get.opensuse.org.

The latest version (1.10.0) of the ‘oneAPI’ Level-Zero Application Programming Interface (API) is available for OpenSUSE Linux and XYZ platforms. This API offers direct-to-metal interfaces for offloading accelerator devices, and its programming interface can be customised to fit any device requirements. It also supports a wide range of language features, such as function pointers, virtual functions, unified memory, and I/O capabilities.

Add repository and install manually

For standard run the following as root:

zypper addrepo https://download.opensuse.org/repositories/openSUSE:Factory/standard/openSUSE:Factory.repo
zypper refresh
zypper install level-zero

More information : HERE