Welcome to Planet openSUSE

This is a feed aggregator that collects what openSUSE contributors are writing in their respective blogs.

To have your blog added to this aggregator, please read the instructions.


Tuesday
15 October, 2019


face



Mardi 15 octobre 2019, Plasma 5.17 est sorti!

Plasma 5.17 est la version où le bureau anticipe vos besoins. Night Color, le système d'étalonnage des couleurs qui détend vos yeux lorsque le soleil se couche, a atterri pour X11. Votre bureau Plasma reconnaît également le moment où vous faites une présentation et arrête les messages qui apparaissent au


face

Agir efficacement pendant le cybermoi/s S’informer sur le Cybermoi/s Les réseaux sociaux : #cybermois #ECSM2019 La page hub de l’événement : www.ssi.gouv.fr/cybermois/ Les sites Internet et réseaux sociaux des acteurs de la sécurité du numérique : www.ssi.gouv.fr/agence/cybersecurite/cybermois-2019/campagne-2019/ Tout au long du mois d’octobre est organisé en Europe et en France notamment l’évènement Cybermoi/s : il […]

The post Le #Cybermoi/s – La #Cybersécurité pour Tous – Non #Rouen ne brule pas ! RDV le 26 Octobre, 2019. appeared first on Network Users Institute - Cybersécurité, Intégration de Linux & Logiciels Libres à Rouen, Normandie..


face

UNITE is the partner and user conference of One Identity, the company behind syslog-ng. This time the conference took place in Phoenix, Arizona where I talked to a number of American business customers and partners about syslog-ng. They were really enthusiastic about syslog-ng and emphasized two major reasons why they use syslog-ng or plan to introduce it to their infrastructure: syslog-ng allows them to reduce the log data volume and greatly simplify their infrastructure by introducing a separate log management layer.

Reduce

Log messages are very important both for the operation and security of a company. This is why you do not just simply store them, but feed the log messages to SIEM and other log analysis systems that create reports and actionable alerts from your messages.

Applications can produce tremendous amount of log data. This is a problem for SIEM and other log analysis systems for two major reasons:

  • hardware costs, as the more data you have the more storage place and processing power you need to analyze the data

  • licensing costs, as most analysis platforms are priced on data volume

You can easily reduce message volume by parsing and filtering your log messages and only forwarding the logs for analysis which are really necessary. Many people started to use syslog-ng just for this use case, as it is really easy to create complex filters using syslog-ng.

This is why I was surprised to learn about another approach: sending all log messages, but not whole messages, only the necessary parts. This needs a bit of extra work, as you need to figure out which part of the log message is used by your log analysis application. But once you are ready with your research, you can easily halve the log messages, or in some special cases even reduce the message volume by 90%.

Some examples are:

  • Reading the name-value pairs from the systemd journal, but forwarding only selected name-value pairs.

  • Parsing HTTP access logs and forwarding only those columns which are actually analyzed by your software.

The syslog-ng application has powerful parsers to segment the log messages to name-value pairs, after which you can use templates and template functions of syslog-ng for such selective log delivery.

If your log analysis infrastructure is already in place, it is still worth to make the switch to syslog-ng and reduce your log volume using these techniques. You can use the current log analysis infrastructure for a lot longer time without having to expand it with further storage and processing power.

Simplify

Most SIEM and log analysis solutions come with their own client applications to collect log messages. So, why bother installing a separate application from yet another vendor to collect your log messages? Installing syslog-ng as a separate log management layer does not actually complicate your infrastructure, but rather simplifies it:

  • No vendor lock-in: replacing your SIEM is pain free and quick, as you do not have to replace all the agents as well

  • Operations, security and different teams of the company


Sunday
13 October, 2019


face

Der openSUSE.Asia Summit ist eine der großen Veranstaltungen für die openSUSE-Community (d.h. sowohl Beitragende als auch Benutzer) in Asien. Diejenigen, die normalerweise online kommunizieren, können sich aus der ganzen Welt treffen, sich persönlich unterhalten und Spaß haben. Mitglieder der Community teilen ihr aktuelles Wissen, ihre Erfahrungen und lernen FLOSS-Technologien rund um openSUSE. Das openSUSE.Asia Summit 2019 fand vom 5. Oktober bis 6. Oktober 2019 am Information Technology Department, Faculty of Engineering, Udayana University, auf Bali statt.

Highlight-Videos Tag 1 und 2

YouTube Video

YouTube Video

Weitere Videos mit Vorträgen und Workshops sind auf YouTube verfügbar.


face

The openSUSE.Asia Summit is one of the big events for the openSUSE community (i.e. both contributors and users) in Asia. Those who normally communicate online can meet from all over the world, talk in person and have fun. Members of the community share their current knowledge, experience and learn FLOSS technologies around openSUSE. The openSUSE.Asia Summit 2019 took place from October 5 to October 6, 2019 at the Information Technology Department, Faculty of Engineering, Udayana University, Bali.

Highlight-Videos Day 1 and 2

YouTube Video

YouTube Video

Further videos with lectures and workshops are available on YouTube.


face

Plasma 5.17 Beta

La version bêta de Plasma 5.17 a été publiée avec de nombreuses nouvelles fonctionnalités et améliorations telles que la mise à l’échelle fractionnelle par écran sur Wayland, une nouvelle interface utilisateur pour la configuration des autorisations des périphériques Thunderbolt et des statistiques réseau dans KSysGuard. Ce dernier nécessite plus de privilèges que d’habitude pour une application utilisateur. C’est pourquoi l’équipe

Saturday
12 October, 2019


face

Maintenant que vous avez eu l’occasion de consulter notre message sur les options de chiffrement avancées (en particulier si vous êtes un utilisateur de s390), il est temps de vérifier ce qui s’est passé lors du dernier sprint de développement YaST, qui s’est achevé lundi dernier.
Comme d’habitude, nous avons travaillé sur un large éventail de sujets, notamment:

  • Amélioration de la prise en charge des systèmes de fichiers multi-périphériques dans le partitionneur expert.
  • Résolution des problèmes de réseau,

Friday
11 October, 2019


face

openSUSE Tumbleweed es una distribución “Rolling Release” de actualización contínua. Aquí puedes estar al tanto de las últimas novedades.

Tumbleweed

openSUSE Tumbleweed es la versión “rolling release” o de actualización continua de la distribución de GNU/Linux openSUSE.

Hagamos un repaso a las novedades que han llegado hasta los repositorios estas semanas.

El anuncio original lo puedes leer en el blog de Dominique Leuenberger, publicado bajo licencia CC-by-sa, en este enlace:

Las ISO’s son instalables, pero si ya estás disfrutando de openSUSE Tumbleweed en tu equipo, simplemente deberás actualizarlo mediante este comando aunque desde hace poco un simple zypper dup hace ya todo el trabajo.

Como viene siendo costumbre, desde el pasado viernes se han publicado 4 nuevas “snapshots” (1003, 1004, 1007 y 1009). 3 más han sido testeadas pero fueron descartadas en los test openQA.

Los cambios más notables en estas “snapshots” han sido, entre otros muchos:

  • poppler 0.81.0
  • Linux kernel 5.3.2 y 5.3.4
  • systemd 243
  • open-vm-tools 11.0
  • qemu 4.1.0

Y como siempre, muchas más cosas están en la recámara y pronto llegarán a los repositorios. Por ejemplo:

  • GStreamer 1.16.1
  • KDE Plasma 5.17.0: la versión alfa está testeándose
  • GNOME 3.34.1
  • Linux kernel 5.3.5
  • Kubernetes 1.16
  • createrepo_c 0.15
  • Mesa 19.2
  • openssl 1.1.1d

Si quieres estar a la última con software actualizado y probado utiliza openSUSE Tumbleweed la opción rolling release de la distribución de GNU/Linux openSUSE.

Mantente actualizado y ya sabes: Have a lot of fun!!

Enlaces de interés

Geeko_ascii

——————————–


face

Dear Tumbleweed users and hackers,

Just like the previous week, we have again released 4 snapshots since last Friday (1003, 1004, 1007 and 1009). 3 more have been tested but have been discarded by openQA; two of them only due to OBS being ‘too fast’ and random failures marking a snapshot as failed; likely they would have been ok. Snapshot 1010, on the other hand, was declined by openQA as the yast software management was not usable due to an ABI break. This has since been fixed and snapshot 1011 is expected to be releasable again (currently building).

So, what did those 4 snapshots bring? Looking at the changelogs, I can see those noteworthy changes:

  • poppler 0.81.0
  • Linux kernel 5.3.2 & 5.3.4
  • systemd 243
  • open-vm-tools 11.0
  • qemu 4.1.0

Things being worked on and that are currently staged:

  • GStreamer 1.16.1
  • KDE Plasma 5.17.0: current alphas are staged and being tested
  • GNOME 3.34.1
  • Linux kernel 5.3.5
  • Kubernetes 1.16
  • createrepo_c 0.15: the new version is very strict on ‘broken’ changelogs with control chars < 32. It will refuse to build snapshots/metadata for every package it detects. You might have received submit requests to address such issues: please accept them
  • Mesa 19.2
  • openssl 1.1.1d: breaks nodejs8, nodejs10 and python3

face

My 6th noodling might be my longest noodling yet. It started out a bit light but then after reading I just got a bit too excited. If you want to skip to the end where I do a little self-deprecation and ignore the meat of it, that is very understandable.

The 6th Noodling can be obtained here

Linux Symphony

I took my kids to the symphony this past Sunday. It was hugely beneficial to have the kids experience a symphonic performance. It made for a pretty decent lesson about the benefits of working together. When the orchestral members were warming up before they begin the performance there is a cacophony of sounds and although individually, the instruments sound nice, together it sounds like a mess. When the performance started and the conductor did his conducting, keeping everyone on pace and on the “same sheet of music” as it were, you could listen and imagine the story of events in the mind’s eye. Everything from serious and intense melodies to whimsical light hearted tones. Although my kids could only manage to sit through an hour of the performance, there were lots of lessons to be extracted about the benefits of working together.

How this can be applied to the Linux community is as such. When we work together, in harmony with one another, we can make for some amazing results. Whether it is the latest Ubuntu MATE, the newest release of Plasma or helping someone through a tech question, by working together in a kind and respectful tone we can achieve great things. I am of the belief that all Linux is good Linux and by making any one aspect better, we make it all better, regardless of the flavor of Linux or desktop you choose.

Let’s make some beautiful music

Dell Latitude E6440 Caddy Drive Bay

My primary machine that I am using I didn’t choose lightly, I wanted a lot of flexibility in a fairly small package. Since I like to test things in VM, I wanted to have the option of a third hard drive. What I discovered is that it doesn’t seem to matter how much storage I have available, I seem to fill it up. I am starting to think that maybe I have a problem.

I do clean out my drives from time to time but I find that the more space I have, the sloppier I am about cleaning up the cruft. I am preparing to build a system with a heck of a lot more storage and after making my hard drive purchases, I realized, I may have purchased too small of drives. If this is the case, I think I have a strategy to compensate for this.

I did create a YouTube video of the ease of using the drive bay for additional storage as I knew it would be a short thing and provide me an opportunity to edit something together. A consequence of the additional drive


face

Dans un message publié sur les listes de diffusion du projet openSUSE, Marcus Meissner, de l'équipe de maintenance SUSE et openSUSE, a annoncé la fin de support d'openSUSE Leap 15.0. En voici une traduction:


Le 30 novembre 2019, openSUSE Leap 15.0 atteindra la fin de sa période de support après une durée de vie d'un an et demi (cette version est parue en mai 2018).

En conséquence, openSUSE Leap 15.0 ne bénéficiera plus de mises à jour de maintenance ou de sécurité après cette date.
Il est donc fortement recommandé aux utilisateurs de procéder à la mise à jour vers la version actuelle, à savoir openSUSE Leap 15.1.

La prochaine


Thursday
10 October, 2019


Michael Meeks: 2019-10-10 Thursday.

20:19 UTCmember

face
  • Mail chew, projections, planning, patch porting; performance win for idle JSON conversion of sidebars.
  • Intensely frustrated to (minor) update openSUSE 15.1, and discover it jumped thunderbird from 60.8 to 68, breaking all of the extensions needed to be productive - (eg. making it possible to move E-mail between folders without getting RSI from mouse-use), horrible; downgraded with trepidation.
  • TDF is making good progress on a carbon policy, but I was curious as to how writing more efficient software might help here. Crunching some numbers with a 50/50 desktop/laptop mix and a 65% increase from CPU use gives ~10^-5 kg of CO2 per CPU second you're not idle. Multiplying that by the number of LibreOffice users 2x10^8 (pace Sir David MacKay) to get a big number, that's around 2 tons of CO2 saved for every second of CPU busy time that we can save our user-base; go optimizers!

face

Boletín de noticias relacionadas con el software libre publicado por la Free Software Foundation.

¡El boletín de noticias de la FSF está aquí!

La Free Software Foundation (FSF) es una organización creada en Octubre de 1985 por Richard Stallman y otros entusiastas del software libre con el propósito de difundir esta filosofía.

La Fundación para el software libre (FSF) se dedica a eliminar las restricciones sobre la copia, redistribución, entendimiento, y modificación de programas de computadoras. Con este objeto, promociona el desarrollo y uso del software libre en todas las áreas de la computación, pero muy particularmente, ayudando a desarrollar el sistema operativo GNU.

Además de tratar de difundir la filosofía del software libre, y de crear licencias que permitan la difusión de obras y conservando los derechos de autorías, también llevan a cabo diversas campañas de concienciación y para proteger derechos de los usuarios frentes a aquellos que quieren poner restricciones abusivas en cuestiones tecnológicas.

Mensualmente publican un boletín (supporter) con noticias relacionadas con el software libre, sus campañas, o eventos. Una forma de difundir los proyectos, para que la gente conozca los hechos, se haga su propia opinión, y tomen partido si creen que la reivindicación es justa!!

 

Puedes ver todos los números publicados en este enlace: http://www.fsf.org/free-software-supporter/free-software-supporter

¿Te gustaría aportar tu ayuda en la traducción? Lee el siguiente enlace:

Por aquí te traigo un extracto de algunas de las noticias que ha destacado la FSF este mes de octubre de 2019

Richard M. Stallman renuncia

Del 16 de septiembre

El 16 de septiembre de 2019, Richard M. Stallman, fundador y presidente de la Free Software Foundation, renunció como presidente y miembro de su junta directiva. La junta realizará una búsqueda de un nuevo presidente, comenzando de inmediato. Se publicarán más detalles de la búsqueda en fsf.org. Si tiene alguna pregunta, comuníquese con el director ejecutivo de la FSF, John Sullivan, en .

La Fundación GNOME se enfrenta a una demanda de Rothschild Patent Imaging

Del 25 de septiembre por la Fundación GNOME

La Fundación GNOME ha tenido conocimiento de una demanda de Rothschild Patent Imaging, LLC sobre la patente 9.936.086. Rothschild alega que Shotwell, un administrador de fotos personales de software libre, infringe esta patente. Apoyamos a la Fundación GNOME contra este ataque poco ético al software libre.

Una gran base de datos de números de teléfonos de usuarios de Facebook ha aparecido en la red

Del 5 de septiembre por Zack Whittaker

TechCrunch informa que se


face

The openSUSE community concluded its sixth openSUSE.Asia Summit this weekend at the Fakultas Teknik of the Universitas Udayana in Bali, Indonesia. I join as speaker, and remotely committee.

This summit start form 4-6 October 2019. At first day, Friday. We held community meeting at Go Work Park 23 with attend around 18 delegation from country around Asia. The meeting notes has been sent to mailing list by Douglas.

Day 1 Summit, Saturday

The Summit started off with a ceremonial dance, Tari Sekar Jagad and opening remarks from the university’s staff. After that, keynote speaker, Simon Lee and Dr. Axel Braun from the openSUSE Board provided attendees with a status update about the openSUSE Project and then Keynote from Simplify 8 Inc – Attila Pinter.

Before coffee break, we take group photo with all participant and speakers. After that we continue with parallel class. 6 speakers at 6 rooms. After lunch, I join Sunny’s Workshop “We are openSUSE Asia Community”, talk about all things at Asia, How committee prepare for summit and many things. Day 1 closing by choosing who win door prize from sponsor.

And for day 1 we have dinner with all speakers, committee and volunteer at Mak Jo Resto, Jimbaran.

Day 2 Summit, Sunday

Opening by Kukuh Syafaat. He talk about number of statistic about this year conference. And after that play video Highlight openSUSE Asia Summit 2019 – Day 1. Announce the winner logo competitions. Sunny bring mysterious box to Winner and last, handover openSUSE Asia Album from last year committee, Sakana from Taiwan Team to Kukuh, this year team. After that, Keynote from openSUSE, introduced Gerald Pfeifer as the new chairperson for openSUSE. GNOME‘s Executive Director Neil McGovern gave a keynote after that. Before coffee break, we take photo again.

Handover Album

After lunch, I start my workshop “Reliable Deployments with Kubernetes and Istio” at rooms 203B. You can find my material at http://github.com/tuanpembual/bali. Then take photo.

After 2nd coffee break, I join aula swastika, prepare winner for door prize again. At 4 pm, we start Lightning Talk Session with Gong sound. :D. First speaker is Ariez Vachha, then Herpiko, Ish Sookun and Sobha Tyagi. After LT Session, Kukuh take over podium. We play Highlight openSUSE Asia Summit 2019 – Day 2.

After that we call all volunteer to stand front of podium. Thank you very much to volunteer, for help committee prepare and doing summit. See you next year!!

Prepare Summit

Thank you to sponsors who helped to maked the summit a success. SUSE, Simplify8, Radiant Utama Interinsco TBK, MyCoop, PT Boer Technology, Excellent, Bogorwebhost, Linksys, Fans.co.id, Coly Li.

And thanks to openSUSE who sponsor my travel.

Button-filled-colour

Estu~


face

It’s been way too long since the last blog post, so we’ve got quite a lot to report on!

Plasma 5.17 Beta

The Beta version of Plasma 5.17 was released with many new features and improvements such as per-screen fractional scaling on Wayland, a new User Interface (UI) for configuring permissions of Thunderbolt devices and network statistics in KSysGuard. The latter requires some more privileges than usual for a user application, so is currently being looked at by the SUSE security team.

openQA found a few bugs already, like GIMP looking more “colorful” than usual and some applications mixing Kirigami and Qt Widgets breaking some keyboard shortcuts. Both of those were addressed meanwhile and will be fixed in the final release of 5.17.

If you haven’t tested the Plasma 5.17 Beta yet, there’s still some time left! If you come across a problem in the software, please head over to the KDE bug tracker; if instead you find an issue that is openSUSE specific, go over to the openSUSE bugzilla.

To get it on your Leap or Tumbleweed installation, you can read https://en.opensuse.org/SDB:KDE_repositories.

In case you face some severe issues, the automatic snapshotting of the root filesystem using btrfs has your back and you can simply go back to the working state by booting into an older snapshot and doing a rollback.

Argon, an installable live medium that includes Leap 15.1 with the Beta and doesn’t require any manual repository addition, is also available.

openSUSE Leap 15.2

Like it happened for Leap 42.2, 15.2 will also see major version upgrades of many components.

Next to a new version of the Linux kernel, it’s planned to ship with Qt 5.12 LTS, Plasma 5.18 (of course also LTS) and the latest KDE Frameworks and Applications, which we can get in early enough for proper testing to ensure the best user experience possible!

This means that the “Full Wayland” session that landed in Tumbleweed a few weeks ago will also be available in Leap 15.2 and support per-screen fractional scaling.

As the target versions of Applications, Frameworks and Plasma aren’t even out yet, we’re currently integrating Qt 5.12 LTS with the latest packages from Factory.

Qt 5.14

Users of Tumbleweed and Leap with newer KDE software are used to having the latest available features and bugfixes, which is only possible by keeping up with Qt development and acting proactively.

So while the 5.14 branch of Qt is still young, we’re already busy integrating it into our builds. During the initial packaging of the 5.14 Alpha some bugs (QTBUG-78867, QTBUG-78881, QTBUG-78911, QTBUG-78948) were already identified and most of them fixed by now, so the KDE:Qt:5.14 project is built and usable by now. To develop against Qt 5.14 and test your applications with it, you can add the repo and get started


face

This laptop of mine that I purchased just over two years ago has the ability to have 3 storage devices. I have previously described what I’ve done in it with an mSATA and the 2.5″ SSD. Between the two, I have 995 GiB of storage, 101 GiB for root using the mSATA and 894 GiB on the 2.5″ drive. That was fine and all for normal things, but VMs do require a lot of space and so a lot of space I needed. Although I do often use my optical drive, it’s not as often as I use VMs so I decided to get a caddy and install a third drive in this 14″ chassis laptop.

Here is a short video on how simple the process is… and another reason to play around with Kdenlive. In short, adding a hard drive is as simple as:

  • Insert the drive into the caddy
  • Secure the drive using the set-screws but be careful to not over tighten
  • remove optical drive from the computer and insert hard drive (SSD) caddy into bay
  • Bob’s your uncle

Really… why?

The main reason is, I need more space for virtual machines. I’m sure for normal people the two drives is more than adequate but I have to play. Most people would probably just clear out the old virtual machines after they were done but I am guilty of data hording and probably need to get that under control. I also don’t have much interest in wiping or possibly interfering with how my laptop is running as openSUSE Tumbleweed works so fantastically well on it.

My process is, I try out the Linux distribution virtually to obtain some general impressions, test out a few things, check the memory usage and so forth. If I find it exceptionally interesting or want to test a use case, I take it to the next level and put it on some hardware. I find it a more efficient use of my time to do my first round of testing virtually before I meddle with the metal.

It also doesn’t help that I am more likely to use Virt Manager with Qemu which uses Qcow2 drive images and they take up more space than VDI images from VirtualBox. Since I tend to get a better feel for the distribution using Virt Manager, especially with Gnome based desktops, I am more likely able to give them a fair shake. Consequently, I need more storage space.

The drives are all still too full which might mean no matter the amount of storage, I will use it up.

Final Thoughts

Despite the fact this laptop is older, I can’t seem to find another comparable 14″ machine that has the drive flexibility that the Dell Latitude E6440 has. I do wish it had some kind of refresh to allow for a faster CPU with lower power utilization but that is just not the demands of typical users these


Wednesday
09 October, 2019


Michael Meeks: 2019-10-09 Wednesday.

21:00 UTCmember

face
  • Testing, project planning, etc. Got the Oculus Quest update making it possible to play 'go' games, very impressed with Daedalus' flying thing. Band practice at church, worked late.

face

À tous les membres de la communauté Alionet,

Il n'aura échappé à personne que notre forum présente actuellement quelques problèmes ces derniers temps. Malgré la mise en place de mesures appropriées, nous subissons quotidiennement des vagues de spams qui se manifestent par des inscriptions frauduleuses, des mails non sollicités envoyés et qui pourraient mener un jour à une attaque de plus grande ampleur sur le serveur.
Au-delà de ça, l'actuel moteur du forum, vBulletin est vieillissant, nous utilisons une version qui n'est plus maintenue. De plus c'est un moteur de forum non libre et payant (y compris les mises à jour). Le forum lui-même contient de trop nombreuses catégories qui ne sont plus utilisées et, notamment du


face

A fundamental concept of all openSUSE packages as well as any image offered for download is a fully transparent, reproducible and automatic build and development process based on sources.

In openSUSE developers do not perform manual builds on some specially crafted machine in their basement and then upload the result somewhere. Instead all sources are stored in a version control system inside the open build service (OBS) instance at build.opensuse.org. OBS then automatically builds the sources including all dependencies according to defined build instructions (eg spec files for rpms). OBS also automatically adds cryptographic signatures to files that support it to make sure nobody can tamper with those files.

The WSL appx files are basically zip files that contain a tarball of a Linux system (like a container) and a Windows exe file, the so called launcher. Building a container is something OBS can already do fully automatic by means of Kiwi. The launcher as well as the final appx however is typically built on a Windows machine using Visual Studio by the developer.

Since the goal of the openSUSE WSL offering is to have the appx files officially and automatically be produced along with other images such as the DVD installer, Live images or containers, the appx files have to be built from sources in OBS.

Fortunately there’s already a MinGW cross toolchain packaged as rpms OBS and a tool to generate appx files on Linux.

Combining that all together OBS can actually build the WSL appx from sources. The current state of development can be found in the Virtualization:WSL project in OBS. The generated appx files are published on download.opensuse.org.
The current images for Leap 15.2 Alpha and Tumbleweed there are good enough for some testing already so please go ahead and do so, feedback welcome!
Note that since the appx files are signed by OBS rather than Microsoft, there are a few steps required to install them.

Going forward there is still quite some work needed to polish this up. Kiwi for example can’t build the appx directly itself but rather the fb-util-for-appx is called by a spec file. That requires some hacks with the OBS project config to work. On Linux side there’s currently no password set for the root user, so we need a better “first boot” solution. More details on that in a later article. Meanwhile, remember to have a lot of fun…


face

Now that you had a chance to look at our post about Advanced Encryption Options (especially if you are an s390 user), it is time to check what happened during the last YaST development sprint, which finished last Monday.

As usual, we have been working in a wide range of topics which include:

  • Improving support for multi-device file systems in the expert partitioner.
  • Fixing networking, secure boot and kdump problems in AutoYaST.
  • Stop waiting for chrony during initial boot when it does not make sense.
  • Preparing to support the split of configuration files between /usr/etc and /etc.
  • Using /etc/sysctl.d to write YaST related settings instead of the /etc/sysctl.conf main file.

Expert Partitioner and Multi-Device File Systems

So far, the Expert Partitioner was assuming that Btrfs was the only file system built on top multiple devices. But that is not completely true because some file systems are able to use an external journal to accomplish a better performance. For example, Ext3/4 and XFS can be configured to use separate devices for data and the journaling stuff.

We received a bug report caused by this misunderstanding about multi-device file systems. The Expert Partitioner was labeling as “Part of Btrfs” a device used as an external journal of an Ext4 file system. So we have improved this during the last sprint, and now external journal devices are correctly indicated in the Type column of the Expert Partitioner, as shown in the screenshot below.

External Journal Type

Moreover, the file system information now indicates which device is being used for the external journal.

External Journal Device Details

And finally, we have also limited the usage of such devices belonging to a multi-device Btrfs. Now, you will get an error message if you try to edit one of those devices. In the future, we will extend this feature to make possible to modify file systems using an external journal from the Expert Partitioner.

AutoYaST Getting Some Love

During this sprint, we have given AutoYaST some attention in different areas: networking, bootloader and kdump.

About the networking area, we have finished s390 support in the new network layer, fixing some old limitations in devices activation and udev handling. Apart from that, we have fixed several bugs and improved the documentation a lot, as we found it to be rather incomplete.

Another important change was adding support to disable secure boot for UEFI through AutoYaST. Of course, we updated the documentation too and, during the process, we added some elements that were missing and removed others that are not needed anymore.

Finally, we fixed a tricky problem when trying to get kdump to work on a minimal system. After some debugging, we found out that AutoYaST adds too late kdump to the list of packages to install. This issue has been fixed and now it should work like a charm.

As you may have seen, apart from writing code, we try to contribute to the documentation so our users have a good source of information. If you are


face

En este nuevo tutorial del editor Vim veremos cómo añadir un mismo texto en una columna en varias líneas a la vez

Este tutorial viene a engrosar la lista de artículos y tutoriales del editor Vim que poco a poco voy creando en mi blog y que puedes encontrar en este enlace:

Quizás también te puede resultar útil esta pequeña guía sobre algunos de los comandos más útiles y utilizados del editor Vim para una consulta rápida:

Este nuevo tutorial sobre el editor Vim nos puede ser útil a la hora de querer insertar un texto en una columna en varias líneas a la vez. Como por ejemplo para comentar varias líneas de código a la vez, añadir una columna a una lista, etc.

Las posibilidades son muchas y gracias a Vim podemos realizar esta tarea de una forma muy sencilla y ahorrándonos tiempo y pulsaciones de teclas en una tarea que puede ser muy tediosa.

Nos situamos sobre la línea y el lugar en el que queremos insertar el texto y lo primero, tenemos que entrar en el modo de edición en bloque o columnas del editor Vim. Para ello en modo Normal pulsamos Ctrl+v

En ese modo Visual especial, movemos el cursor por las líneas en las que queremos añadir el texto.

Cuando hayamos seleccionado todas, pulsamos sobre la tecla I (i mayúscula)

Escribimos el texto que queremos insertar. Mientras escribimos sólo veremos que se inserta en la línea donde está el cursor.

Cuando hayamos acabado de escribir, pulsamos sobre la tecla Escape y Vim añadirá ese mismo texto en la misma posición a las líneas seleccionadas en el primer paso.

El texto a añadir puede ser al comienzo, o en cualquier posición de la línea, eso sí, en todas las líneas será en la misma columna.

A continuación os dejo con un ejemplo gráfico de esta misma explicación. Pincha sobre la imagen:


face

Welcome to a new sneak peek on the YaST improvements you will enjoy in SLE-15-SP2 and openSUSE Leap 15.2… or much earlier if you, as most YaST developers, are a happy user of openSUSE Tumbleweed.

In our report of the 84th sprint we mentioned some changes regarding the encryption capabilities of the YaST Partitioner, like displaying the concrete encryption technology or the possibility to keep an existing encryption layer.

Keeping the previous encryption layer

And the report of sprint 85 contained a promise about a separate blog post detailing the new possibilities we have been adding when it comes to create encrypted devices.

So here we go! But let’s start with a small disclaimer. Although some of the new options are available for all (open)SUSE users, it’s fair to say that this time the main beneficiaries are the users of s390 systems, which may enjoy up to four new ways of encrypting their devices.

Good Things don’t Need to Change

As you may know, so far the YaST Partitioner offered an “Encrypt Device” checkbox when creating or editing a block device. If such box is marked, the Partitioner asks for an encryption password and creates a LUKS virtual device on top of the device being encrypted.

LUKS (Linux Unified Key Setup) is the standard for Linux hard disk encryption. By providing a standard on-disk-format, it facilitates compatibility among distributions. LUKS stores all necessary setup information in the partition header, enabling to transport or migrate data seamlessly. So far, there are two format specifications for such header: LUKS1 and LUKS2. YaST uses LUKS1 because is established, solid and well-known, being fully compatible with the (open)SUSE installation process and perfectly supported by all the system tools and by most bootloaders, like Grub2.

You should not fix what is not broken. Thus, in most cases, the screen for encrypting a device has not changed at all and it still works exactly in the same way under the hood.

Editing an encrypted device

But using an alternative approach may be useful for some use cases, and we wanted to offer an option in the Partitioner for those who look for something else. So in some special cases that screen will include a new selector to choose the encryption method. Let’s analyze all those new methods.

Volatile Swap Encryption with a Random Key

When a swap device has been marked to be encrypted, the user will be able to choose between “Regular LUKS1” and “Volatile Encryption with Random Key”. Both options will be there for swap devices on all hardware architectures. The first option simply uses the classical approach described above.

Selecting the encryption method

The second one allows to configure the system in a way in which the swap device is re-encrypted on every boot with a new randomly generated password.

Encrypt swap with a random password

Some advanced users may point that configuring such a random encryption for swap was already possible in versions of openSUSE prior to Leap 15.0. But the procedure to do so was obscure to say the least. The encryption


Tuesday
08 October, 2019


Michael Meeks: 2019-10-08 Tuesday.

21:00 UTCmember

face
  • Mobile UX improvements and tweaking for Online; calls with the team variously; lots of fun.

face

El cliente de correo Thunderbird tiene planeado incorporar OpenGPG para la gestión de claves y cifrado de correo en su código y no como un complemento, como es actualmente.

Hasta ahora si quieres gestionar el cifrado de tu correo y las claves públicas mediante Thunderbird tienes que instalar un complemento externo llamado Enigmail que usa GNUPG.

Debido a que Thunderbird cambiará los tipos de complementos que soportará para la versión 78, la versión de Thunderbird 68.x (que será mantenida hasta otoño de 2020) será la última que pueda utilizarse con Enigmail

Para aquellos que utilizamos Enigmal actualmente, Thunderbird 78 ofrecerá una asistencia para migrar los ajustes y claves que estemos utilizando. Un desarrollador de Enigmail se ha ofrecido para trabajar con el equipo de Thunderbird en este cambio.

Si no has utilizado antes Enigmail, Thunderbird no lo ofrecerá de manera predeterminada, pero sí ayudará a los usuarios a descubrir esa nueva funcionalidad que incorporará Thunderbird ya sin complementos ni añadidos.

Aunque todavía quedan algunos aspectos que decidir y solucionar, es una buena noticia que Thunderbird tome en cuenta el cifrado como algo inherente al correo y en lo posible lo simplifique para expandir su uso.

Todavía queda mucho para que Thunderbird 78, que se publicará en el verano de 2020, incluya esta funcionalidad de manera predeterminada, pero ya es un trabajo que se está haciendo.

Si quieres más información, puedes consultar el anuncio oficial del proyecto Thunderbirdechar un vistazo a su página wiki.

Artículos de interés


Monday
07 October, 2019


face

A problem that a lot of sysadmins and developers have is, how do you run a single task on a CPU without it being interrupted? It’s a common scenario for real-time and virtualised workloads where any interruption to your task could cause unacceptable latency.

For example, let’s say you’ve got a virtual machine running with 4 vCPUs, and you want to make sure those vCPU tasks don’t get preempted by other tasks since that would introduce delays into your audio transcoding app.

Running each of those vCPU tasks on its own host CPU seems like the way to go. All you need to do is choose 4 host CPUs and make sure no other tasks run on them.

How do you do that?

I’ve seen many people turn to the kernel’s isolcpus for this. This kernel command-line option allows you to run tasks on CPUs without interruption from a) other tasks and b) kernel threads.

But isolcpus is almost never the thing you want and you should absolutely not use it apart from one specific case that I’ll get to at the end of this article.

So what’s the problem with isolcpus?

1. Tasks are not load balanced on isolated CPUs

When you isolate CPUs with isolcpus you prevent all kernel tasks from running there and, crucially, it prevents the Linux scheduler load balancer from placing tasks on those CPUs too. And the only way to get tasks onto the list of isolated CPUs is with taskset. They are effectively invisible to the scheduler.

Continuing with our audio transcoding app running on 4-vCPUs example above, let’s say you’ve booted with the following kernel command-line: isolcpus=1-4 and you use taskset to place your four vCPU tasks on to those isolated CPUs like so: taskset -c 1-4 -p <vCPU task pid>

The thing that always catches people out is that it’s easy to end up with all of your vCPU tasks running on the same CPU!

$ ps -aLo comm,psr | grep qemu
qemu-system-x86 1
qemu-system-x86 1
qemu-system-x86 1
qemu-system-x86 1

Why? Well because isolcpus disabled the scheduler load balancer for CPUs 1-4 which means the kernel will not balance those tasks equally among all the CPUs in the affinity mask. You can work around this by manually placing each task onto a single CPU by adjusting its affinity.

2. The list of isolated CPUs is static

A second problem with isolcpus is that the list of CPUs is configured statically at boot time. Once you’ve booted, you’re out of luck if you want to add or remove CPUs from the isolated list. The only way to change it is by rebooting with a different isolcpus value.

cset to the rescue

My recommended way to run tasks on CPUs without interruption by isolating them from the rest of the system with the cgroups subsystem via the cset shield command, e.g.

$ cset shield --cpu 1-4 --kthread=on
cset: --> shielding 

Michael Meeks: 2019-10-07 Monday.

21:00 UTCmember

face
  • Mail chew, couple of team calls, admin. Misc. debugging, and re-factoring. PCC meeting in the evening, and collected minutes.

face

Kurz práce v příkazové řádce Linuxu nejen pro MetaCentrum 2020

Nebojte se příkazové řádky Linuxu! Je to mocný a přívětivý nástroj umožňující efektivně zpracovat i velká data a zautomatizovat činnosti. Prakticky shodně funguje příkazová řádka i v Apple osX, BSD a dalších UNIXových systémech, nejen v Linuxu. Kurz je vhodný pro úplné začátečníky i mírně pokročilé. Jediným vstupním požadavkem je zájem (nebo potřeba) pracovat v příkazové řádce, typicky na linuxovém výpočetním serveru. Kurz bude probíhat v Linuxu, ale většina věcí funguje stejně na osX a dalších UNIXových systémech.

vojta Po, 10/07/2019 - 16:56
Czech

face

The openSUSE community concluded its sixth openSUSE.Asia Summit this weekend at the Fakultas Teknik of the Universitas Udayana in Bali, Indonesia.

Bali’s newest tourist attraction, the Garuda Wisnu Kencana status, towered outside the window as participants discussed all things openSUSE and open source.

A number of participants traveled from all over the world to join students from the university. The students volunteered with running the summit and many made their first contributions to open source. Attendees from more than 20 nations attended the summit. Talks at the summit focused on open source technologies, community contributions, healthcare technologies like GNU Health, packaging, using the Open Build Service and much more.

Simon Lee and Dr. Axel Braun from the openSUSE Board provided attendees with a status update about the openSUSE Project and introduced Gerald Pfeifer as the new chairperson for openSUSE. GNOME‘s Executive Director Neil McGovern gave a keynote at the summit; the GNOME.Asia Summit will be next week in East Java, which is the island next to where the openSUSE.Asia Summit took place.

The organizers from the opensuse.id community put together a fantastic summit for the participants had several social events to collaborate on topics related to the project and expansion of the project and open source technologies within Asia. The project and attendees expressed their thanks to sponsors who helped to maked the summit a success. SUSE, Simplify8, Radiant Utama Interinsco TBKMyCoop, PT Boer Technology, Excellent, Bogorwebhost, Linksys, Fans.co.id

The openSUSE.Asia Summit started a tradition at the first openSUSE.Asia Summit of passing along the Summit’s photo album; the organizing team from the previous year passes the Summit’s photo album to the organizers who are completing the current Summit. Max Huang passed the album to Kukuh Syafaat during the ceremonial end of the summit.

That wasn’t the only ceremony. The conference started off with a ceremonial dance and opening remarks from the university’s staff.

Next year’s openSUSE.Asia Summit is planned to take place in Faridabad, India.


Sunday
06 October, 2019


Michael Meeks: 2019-10-06 Sunday.

21:00 UTCmember

face
  • All Saints in the morning, good to catch up with people. Back to see M&D passing through for lunch, David over later, caught up, played bananagrams. Read to M. and had a Mentalist at before bed with N. and H.

face

This is my fifth noodling and I did cut a few things. I will be playing with the length but this is about 13 minutes of my nonsense to chip tunes.

The 5th noodling installment can be found here

Commodore 64 IRC Success

I was able to get my Commodore 64 under its own power to access the IRC chat rooms, specifically the BigDaddyLinuxLive room where I was able to chat with such folks as Bill, Popey, Chris and another Allen. It is very satisfying experience. More on that here:

Commodore 64 on the Internet | IRC

Tech in the Courtroom

I recently had jury duty and the courthouse in my small-ish community, Windows 7 which is near end of life. For each bit of evidence, they used CDs and DVDs to store each individual item as evidence.

Building a Computer

I am building a computer for the first time in a very long time. I want to do it on a budget. I received some components at no cost to me, the case and motherboard so that drove the purchasing of the rest of the products.

Motherboard MSI 970A-G43

AMD FX-9590 CPU

Memory, 32 GiB DDR3 1866MHz

Video Card RX570

Storage 6x 2-TiB drives

1000 Watt Power Supply

Rather large case

All for about $350.00

More on this in the future.

Acer AspireOne Netbooks

Recently Set up two AspireOne Notebooks with openSUSE Tumbleweed using the Xfce environment. Initially one had had 1 GiB of RAM but an SSD, the other with 2 GiB of RAM and a slightly faster CPU but with a traditional hard drive.

https://cubiclenate.com/2019/09/29/acer-aspireone-d255-with-opensuse-tumbleweed-xfce/

Making Meringue from Egg Whites

Told after the fact two points of advice, whip the egg whites before you add the sugar, contrary to the directions and questioning whether or not there was any amount of egg yolk.

BDLL Follow Up

Manjaro is the current Distro Challenge… It’s Arch based so…

Eric Adams talked about how people can get “bug apathy” when they experience a problem on Linux or other open source software. know that I am guilty of that.

Bug reporting is something we Linux or free and open source software users should do. The vast majority of the software I don’t pay for, it’s open source and I believe that I have a social contract with these developers and maintainers to either help with the project or donate to it.

BigDaddyLinuxLive | 28 Sep 2019

openSUSE Corner

Tumbleweed Snapshots 20190918 20190920 20190921

PulseAudio 13.0 arrived which improved initial card profile selection for ALSA and improved 5.1 surround audio when set up.

LibreOffice 6.3.2.2 package received some stability tweaks and addressed two CVEs

Bash has been updated from 5.0 to 5.0.11 wich includes a minor update to bash to change POSIX mode behavior.

The Mesa 3D graphics library was updated to 19.1.7 wich fixed a Kwin compositor crash as well as cleaned up

<- Current blog entries