Un año más se está celebrando una nueva edición de un programa cuyo objetivo es incorporar nuevos estudiantes al gran proyecto mundial que es KDE.  En otras palabras, me complace presentar las más contribuciones finalesa Season of KDE 2022, que complementa las de las semanas pasadas (I y II), que a lo largo de su más de una década de existencia se ha consolidado como una alternativa bastante fiable a otros programas como Google Summer of Code o Google Code In que consiguen incorporar sabia nueva al proyecto.

Season of KDE 2022

Uno de los objetivos del proyecto KDE es involucrar al mayor número de personas en él y para ello organiza todo tipo de acciones: eventos como Akademy, encuentros como los Sprints, blogs colaborativos como KDE Planet, participación en proyectos para estudiantes como el Google Code In o Google Summer of Code, y, por supuesto, mejorar el código de sus múltiples proyectos con sus programas de incubación.

No contento con esto, una vez al año organiza Season of KDE, es decir, su programa para involucrar a nuevos estudiantes en KDE. Una especie de Google Summer of Code pero para colaborar directamente en KDE y con la posibilidad de desarrollar proyectos no vinculados necesariamente con la programación, es decir, proyectos de promoción, documentación, diseño, etc.

Este año, en el Dot de KDE se ha redactado un artículo escrito por Johnny Jazeix, donde nos explica nueve de estos proyectos que se han iniciado el pasado mes de diciembre.

Contribuciones finales a Season of KDE 2022

Para dar visibilidad al proyecto creo que es positivo darlos a conocerlos en el blog en pequeñas contribuciones. A finales de enero ya hablé de tres de ellas y el primer fin de semana de febrero de tres más… esta semana toca las finales. De esta forma tenemos a:

• Soumik Dutta documentará el protocolo de comunicación de KDE Connect. Soumik creará una documentación completa que cubra los contratos de la API y las vías de acción de los eventos, validará la documentación generada, decidirá el diseño y fusionará el trabajo con la documentación existente. Soumik tendrá como mentores a Apollo Zhu y Lucas Wang.
• Para el proyecto KDE-Eco, Karanjot Singh preparará escenarios de uso estándar para las mediciones de consumo de energía. El primer paso será seleccionar una herramienta automática para reproducir escenarios y, a continuación, definir/escribir escenarios para probar el consumo de energía para múltiples proyectos KDE/FOSS, como Kate, KWrite, Vim, nano, emacs, etc. Finalmente, Karanjot implementará los escenarios. Karanjot tendrá como mentor a Joseph P. De Veaugh-Geiss.
• Stefan Kowalczyk mejorará la experiencia de usuario para los errores internos y las alertas de KDE Connect en iOS. iOS no permite múltiples alertas al mismo tiempo, por lo que el objetivo del proyecto es poner en cola las alertas de KDE Connect si hay más de una, y mostrarlas una tras otra. Stefan tendrá como mentores a Apollo Zhu y Lucas Wang.

Tumbleweed es una distribución «Rolling Release» de actualización contínua. Aquí puedes estar al tanto de las últimas novedades.

openSUSE Tumbleweed es la versión «rolling release» o de actualización continua de la distribución de GNU/Linux openSUSE.

Hagamos un repaso a las novedades que han llegado hasta los repositorios esta semana.

El anuncio original lo puedes leer en el blog de Dominique Leuenberger, publicado bajo licencia CC-by-sa, en este este enlace:

• https://dominique.leuenberger.net/blog/2022/02/opensuse-tumbleweed-review-of-the-week-2022-06/

Semana 5 – 5 snapshots. Pero no esperes que ambos números vayan a coincidir en las semanas siguientes!

Como ya estamos acostumbrados, Tumbleweed sigue rodando a un ritmo constante. Una vez más, se han publicado 5 snapshots durante la semana (0203, 0204, 0205, 0206 y 0207); 0208 no se creó (retrasos en el tiempo de compilación, demasiada carga) y 0209 se descartó debido a fallas en las dependencias.

Los cambios más relevantes de estas snapshots son:

• KDE Gear 21.12.2
• KDE Plasma 5.24.0
• Mesa 21.3.5
• llvm 13.0.1
• systemd: eliminado el soporte de sysv específico de SUSE. Se mantiene el soporte genérico de sysv basado en upstream. Ver el anuncio en la lista de correo Factory mailinglist
• Linux kernel 5.15.5
• zstd 1.5.2: presenta zstd-gzip, una implementación alternativa y más rápida de gzip. No es (todavía) un reemplazo directo, ya que los parámetros de la línea de comando no coinciden

Y cosas que se están preparando para futuras publicaciones:

• Mesa 21.3.6
• Linux kernel 5.15.8
• glibc 2.35
• Python 3.10 será el intérprete de Python predeterminado
• GCC 12 ya se ha ido introduciendo, preparándose para cuando se publique definitivamente, lo que implicará la recompilación de TODOS los paquetes de la distro, como es normal y habitual.

Si quieres estar a la última con software actualizado y probado utiliza openSUSE Tumbleweed la opción rolling release de la distribución de GNU/Linux openSUSE.

Mantente actualizado y ya sabes: Have a lot of fun!!

Enlaces de interés

• • • ¿Por qué deberías utilizar openSUSE Tumbleweed?
    • zypper dup en Tumbleweed hace todo el trabajo al actualizar
    • ¿Cual es el mejor comando para actualizar Tumbleweed?
    • Comprueba la valoración de las «snapshots» de Tumbleweed
    • ¿Qué es el test openQA?
    • http://download.opensuse.org/tumbleweed/iso/
    • https://es.opensuse.org/Portal:Tumbleweed

——————————–

Dear Tumbleweed users and hackers,

As we are used to by now, Tumbleweed keeps on rolling at a steady pace. Once again, we managed to publish 5 snapshots during the week (0203x 0204, 0205, 0206, and 0207); 0208 was not created (delays in build time, too much load) and 0209 was discarded due to failures around vagrant dependencies.

The most relevant changes shipped as part of those 5 snapshots were:

• KDE Gear 21.12.2
• KDE Plasma 5.24.0
• rpm no longer pulls glibc-locale, but only glibc-locale-base, See this discussion
• Mesa 21.3.5
• llvm 13.0.1
• systemd: drop SUSE specific sysv support. Generic, upstream based sysv support remains in place. See original announcement at Factory mailinglist
• Linux kernel 5.15.5
• zstd 1.5.2: introduces zstd-gzip, an alternative, faster implementation of gzip. It is not (yet) a drop-in replacement, as the command line parameters are not matching

That matches pretty well the announcements of last week – of course, the longer-lasting things are still pending and work in progress. Staging projects currently contain:

• Mesa 21.3.6
• Linux kernel 5.15.8 – with full drm support in earlyboot, see Mailinglist
• glibc 2.35
• Python 3.6 interpreter will be removed (We have roughly 75 python36-FOO packages left)
• Python 3.10 as the distro default interpreter (a bit down the line)
• GCC 12 introduction has started to be as ready as possible for when the upstream release happens.

The February syslog-ng newsletter is now on-line:

• syslog-ng relaunch
• Sequence – making PatternDB creation for syslog-ng easier
• Syslog-ng on MacOS Monterey
• Installing syslog-ng on CentOS Stream 9

It is available at https://www.syslog-ng.com/community/b/blog/posts/the-syslog-ng-insider-2022-01-reboot-sequence-monterey-centos-9

• So, you want to remove that pesky file from your last commit?
• By accident (naturally, as you and me are perfect beings) a file was commited and it should have not?
• The cat went over the keyboard and now there’s an extra file in your commit?

If the answer to any of the above is yes, here’s how to do it without pain (Tanking into account, that you want to do that on the last commit; If you need to do it in the middle of a rebase, see the previous post or combine this trick with a rebase (edit a commit with a rebase…).

git restore --source=HEAD^ pesky.file

You can always checkout the file again, or use some witchcraft extracted from man git-restore to do it all at once

This is blatantly stolen from: https://devconnected.com/how-to-remove-files-from-git-commit/ but also man git could get you there too, given enough reading.

This week’s openSUSE Tumbleweed snapshots delivered exciting news not only to rolling release users, but also brought significant news for users of the long-established Leap release.

KDE’s next Long-Term Support (LTS) release, Plasma 5.24, arrived in a recent snapshot, and it brings the “Perfect Harmony” for both Tumbleweed and Leap users. Plasma 5.24 will be one of the Desktop Environments (DE) in Leap 15.4; the beta version of Leap 15.4 is expected to be released for testing with the new Plasma version within the next couple of weeks, according to the roadmap.

Plasma 5.24 arrived in snapshot 20220207. The release has improvements in looks and ease of use. It is the final Plasma 5 version until the transition to Plasma 6. Breeze, Plasma’s default theme, was changed giving the DE an improved visual consistency. Breeze lets users pick accent colors and the light/dark color preference gives non-KDE apps that respect the FreeDesktop preferences an automatic light or dark switch based on the chosen color scheme. Discover gives users the option to automatically restart after an update is completed. By simply clicking the checkbox at the bottom of the Updates page, users can take a break and come back to a rebooted, updated system. There are several other feature improvements in the update and people can watch the creation of the Honeywave wallpaper that was developed for the release since it was streamed live on YouTube. The 5.16.5 Linux Kernel update brought several changes for semiconductor company and openSUSE sponsor Marvell; most of this centered on fixes and enablements for their OCTEON® TX2 processor family. Facebook’s fast compression package zstd updated to version 1.5.2, did some spec file cleanup and enabled a zlib/gzip compatible backend since compression library zlib is shown to be significantly faster than gzip. There were about 50 RubyGem packages updated in the snapshot and rubygem-spring 4.0.0 was the only major version update in the snapshot.

Some of the daily snapshots this week were large and the 20220206 snapshot had a variety of packages updated. An update of Mesa 21.3.5 and Mesa-drivers 21.3.5 fixed Zink driver bugs. Finnish translations were made with the update of libstorage-ng 4.4.79 and openSUSE’s 0.1.8 opensuse-welcome package also updated translations. A quarterly update of Google’s regular expression library re2 20220201 addressed a -Wunused-but-set-variable warning from Clang 13.x and yast2-storage-ng 4.4.35 improved integration with the yast2-nfs-client to offer a consistent user experience. Other packages to update in the snapshot were xwayland 22.0.99.902, llvm13 13.0.1 and python-Pillow 9.0.1.

A total of six packages arrived in snapshot 20220205. Text editor vim 8.2.4286 states in the changelog that entering a character with CTRL V may include modifiers. The texted editor update also fixed two Common Vulnerabilities and Exposures, CVE-2022-0417 and CVE-2022-0393. File system utility update e2fsprogs 1.46.5 fixed a crash and fixed the handling of resizing the file system, which would exceed inode limitations. Light-weight programming language lua54 5.4.4 fixed some bugs and removed two patches and ncurses 6.3.20220129 added a warning in the configuration script if the file specified for --with-caps does not exist. Both yast2-core 4.4.1 and yast2-country 4.4.11 were also updated; the latter fixed arguments for the localectl set-locale.

The 20220204 snapshot brought KDE Gear 21.12.2. File manager Dolphin improved zooming of the files. Video editor Kdenlive fixed an issue that sometimes could not move grouped clips to the right when only one empty frame was present. It also fixed a freeze when trying to drag a clip that was just added to Bin. Kmail fixed a build issue with GNU Compiler Collection 12 and learning tool kgeography fixed the color of Howland, Baker and Jarvis islands of United States minor. The Universal Command Line Interface for Amazon Web Services, aws-cli 1.22.46 updated requirements in the spec file from setup.py. The release added a new NNA accelerator compilation support for Sagemaker Neo, which is used for optimizing machine learning. A Qt 6 development pattern was added with the patterns-kde 20220203 update. Both findutils 4.9.0 and a git + version of mobile shell mosh 1.3.2 were updated in the snapshot.

The two snapshots starting off the week were loaded with several packages. While snapshot 20220202 was mostly filled with RubyGem packages, snapshot 20220203 had more updates of Python Package Index and YaST packages. Snapshot 20220203 had multiple package updates for a broad range of users. Audio package PipeWire should again be able to play sound in Zoom, telegram and other apps with the 0.3.45 update. The default sink and source names and properties in PipeWire are also improved. Support for seamless and saliency blending of a foreground and background image was made in the ImageMagick 7.1.0.22 update. The screen reader package for individuals with visual impairments, orca, updated to version 41.2, fixed a couple bugs, improved handling performance and added more event-flood detection. The kernel dump helpers package kdump 1.0.2 fixed the network interface naming and added a dependency on kdumptool. Other packages to update in 20220203 were sudo 1.9.9 and a git + update for samba 4.15.5. Snapshot 20220202 updated to the 5.16.4 Linux Kernel, which had a decent amount of improvements for Flash Memory through Memory Technology Device changes. XML parser library expat 2.4.4 fixed CVE-2022-23852 and CVE-2022-23990, which affected the integer overflow. Out of the 26 RubyGem packages to update in the snapshot, rubygem-hashie 5.0.0 was the only package to have a major version update, which added exporting a normal Hash from an indifferent one through the to_hash method.

Quoique nous soyons des aficionados de Linux et du concept de Logiciel Libre, nous devons de temps en temps nous tourner vers des freeware afin de sécuriser nos amis utilisant Windows contre les rançongiciels (par exemple). Dans la lumière de ce qui précède, nous vous invitons à venir voir le freeware Website-Watcher en action le …

Website-Watcher (freeware) et la détection de rançongicielsRead More »

The post Website-Watcher (freeware) et la détection de rançongiciels appeared first on Cybersécurité, Linux et Open Source à leur plus haut niveau | Network Users Institute | Rouen - Normandie.

I spent my last weekend in Brussels at FOSDEM. Well, not really: while I had a couple of Belgian beers, the conference itself was a virtual event and I was at home in Budapest. It’s the second year that FOSDEM is virtual, and yet again I can state that it’s the best virtual event of the year. I had two talks this year. After my second talk, I got some questions during the Q & A session which I could not answer, so I will try to answer them. But before that, let me share my experience!

Experience

Why do I say that FOSDEM is the best virtual event? Of course, even they cannot re-create everything from a real-life event, but it is probably the closest and there are even some improvements compared to IRL events.

All talks are pre-recorded and recordings are played back automatically, so there are no schedule problems. As they are pre-recorded, even if the presenter has technical problems, like I had an unstable Internet connection due to storm damage, everyone can still watch the talks.

Talks are available as a simple video stream, but if you register, then there is a live chat where you can ask and upvote questions. There were lively discussions during both of my syslog-ng and sudo talks, and the questions are also answered live during the video stream after the playback is finished.

If the time is up, attendees can stay in the virtual room and watch the next talk starting automagically, or they can also have a hallway track with the presenter. Instructions are printed in the chat and I had some good discussions after my talks in this way.

Sudo talk answers

“do you happen to know why sudo -e has been broken on Fedora CoreOS has been broken for a while?”

This problem has already been fixed upstream, see: https://github.com/sudo-project/sudo/issues/122 It will be most likely fixed as soon as sudo is updated to the latest version (or the patch is picked).

“Does sudo support logfmt, which is somewhat more readable? Halfway between fully structured and human-readable.”

No. Regular sudo logs are pretty similar and slightly more complex, but syslog-ng can parse them: (sudo parser):

Feb  7 17:51:51 czplaptop sudo[21742]:   czanik : TTY=pts/1 ; PWD=/home/czanik ; USER=root ; COMMAND=/bin/bash

Starting with version 1.9.4 there is also JSON formatting, which is less human-readable, but can be parsed by just about anything and contains a lot more information:

Defaults log_format=json

“Do you have any feedback regarding using sudo with SELinux?”

It is possible to specify an SELinux role and optional type in sudoers rules. The role/type can also be specified on the command line (see -r and -t options). This makes it possible to do SELinux-style role-based access control using sudo. Basically, you can use sudo to run commands with a specific SELinux role/type just like you would with a traditional Linux user.

“What kind of sudo extensions are possible using the C/python API?”

I listed a few in my live answer, but here is the documentation listing all possibilities:

• C: https://www.sudo.ws/docs/man/1.9.9/sudo_plugin.man/
• Python: https://www.sudo.ws/docs/man/1.9.9/sudo_plugin_python.man/

“Are session recordings encrypted?”

Session recordings are encrypted while in transit, see Securing the sudo to sudo_logsrvd connection. Session recordings are not stored in an encrypted format by sudo and sudo_logsrvd.

If you want to make sure that your sudo session recordings are tamper-proof, check out Safeguard for Privileged Sessions(a commercial product), which supports collecting sudo session recordings, saves them in an encrypted and time-stamped storage, and can play back recordings in a web-based interface.

Dicen que más vale tarde que nunca…y eso me ha pasado con este curso online de Linux desde cero organizado por la Oficina del Software Libre de la Universidad de Zaragoza. ¿Quieres saber más? Sigue leyendo.

Curso online de Linux desde cero de OSLUZ

El pasado 28 de enero de 2022 se inició a las 13:00 horas una iniciativa que tiene como público objetivo cualquier persona que tenga interés en comenzar a utilizar Linux, por curiosidad o por necesidad, sin ningún tipo de conocimiento previo.

El formato de las clases es ONLINE y se puede acceder desde el enlace https://videoconferencia.unizar.es/b/osl-cux-cmh y os podéis registrar en el curso enviando un correo a osluz@unizar.es, de esta forma recibirás recordatorios y material del curso.

El calendario de sesiones es el siguiente:

1ª sesión 28-1-2022: Instalación de linux: Comenzaremos el curso trabajando la instalación de 2 distribuciones Linux. Veremos lo fácil que es instalarlas y distintas opciones a seleccionar en Virtualbox. También crearemon un pen USB para poder instalar Linux en cualquier dispositivo.

2ª sesión 11-2-2022: El entorno gráfico de Linux, personalización del sistema. Instalación de aplicaciones. Más concretamente se va a dedicar a la personalización de Kubuntu y Plasma y a la revisión de aplicaciones desde el Centro de Software Discover y desde la terminal con APT y DPKG.

3ª sesión 25-2-2022: El administrador de archivos e introducción a la terminal. Comandos básicos.

4ª sesión 11-3-2022: Imprimir en Linux: instalación de impresoras y CUPS. Editores de texto.

5ª sesión 24-3-2022 (Jueves): Paquete de ofimática Libreoffice

6ª sesión 8-4-2022: Gestión de usuarios y grupos. 

7ª sesión 22-4-2022: Instalar Windows junto a Linux o viceversa

8ª sesión 6-5-2022: Instalación de programas Windows en Linux: Wine

9ª sesión 20-5-2022: – Anexo I Copias. Uso de cp, mv, dd, rsync, scp, (empaquetados) tar y cpio, compresión gzip y bzip2. Uso para copias de seguridad.

10ª sesión 3-6-2022: Anexo II Programar tareas: Crond

De esta forma Si eres un usuario de Windows que quiere migrar a Linux o si has oído hablar de Linux y lo quieres probar o si tienes algún ordenador o tablet antiguo al que le quieres dar una nueva vida, este es tu curso.

Todas las sesiones se grabarán y se publicarán en el canal de Youtube de OSLUZ.

Esta actividad se enmarca en el Concilio de lo Libre, iniciativa de Software Libre en la que participa la Universidad de Zaragoza a través de la Oficina de Software Libre y de la que ya hablamos en el blog.

Más información: OSLUZ