You are here

Planet Debian

Subscribe to Feed Planet Debian
Planet Debian -
Përditësimi: 5 months 3 javë më parë

Enrico Zini: Python hacks: opening a compressed mailbox

Mar, 05/03/2019 - 5:57md

Python mailbox.mbox is not good at opening compressed mailboxes:

>>> import mailbox >>> print(len(mailbox.mbox("/tmp/test.mbox"))) 9 >>> print(len(mailbox.mbox("/tmp/test.mbox.gz"))) 0 >>> print(len(mailbox.mbox("/tmp/test1.mbox.xz"))) 0

For a prototype rewrite of the MIA team's Echelon (the engine behind mia-query), I needed to scan compressed mailboxes, and I had to work around this limitation.

Here is the alternative mailbox.mbox implementation:

import lzma import gzip import bz2 import mailbox class StreamMbox(mailbox.mbox): """ mailbox.mbox does not support opening a stream, which is sad. This is a subclass that works around it """ def __init__(self, fd: BinaryIO, factory=None, create: bool = True): # Do not call parent __init__, just redo everything here to be able to # open a stream. This will need to be re-reviewed for every new version # of python's stdlib. # Mailbox constructor self._path = None self._factory = factory # _singlefileMailbox constructor self._file = fd self._toc = None self._next_key = 0 self._pending = False # No changes require rewriting the file. self._pending_sync = False # No need to sync the file self._locked = False self._file_length = None # Used to record mailbox size # mbox constructor self._message_factory = mailbox.mboxMessage def flush(self): raise NotImplementedError("StreamMbox is a readonly class") class UsageExample: DECOMPRESS = { ".xz":, ".gz":, ".bz2":, } @classmethod def scan(cls, path: Path) -> Generator[ScannedEmail, None, None]: decompress = cls.DECOMPRESS.get(path.suffix) if decompress is None: with open(path.as_posix(), "rb") as fd: yield from cls.scan_fd(path, fd) else: with decompress(path.as_posix(), "rb") as fd: yield from cls.scan_fd(path, fd) @classmethod def scan_fd(cls, path: Path, fd: BinaryIO) -> Generator[ScannedEmail, None, None]: mbox = StreamMbox(fd) for msg in mbox: ...

Reproducible builds folks: Reproducible Builds: Weekly report #201

Mar, 05/03/2019 - 2:14md

Here’s what happened in the Reproducible Builds effort between Sunday February 24 and Saturday March 2 2019:

diffoscope development

diffoscope is our in-depth “diff-on-steroids” utility which helps us diagnose reproducibility issues in packages. This week:

  • Chris Lamb:
    • Improved the displayed comment when falling back to a binary diff to include the file type. (#49)
    • Tidied definition of “no file-specific differences were detected” message suffix. []
    • Corrected a “recurse” typo. []
  • Vagrant Cascadian updated diffoscope in GNU Guix. []
Packages reviewed and fixed, and bugs filed

In addition, one of Chris Lamb’s previous patches for the Sphinx documentation system was merged upstream. He also updated his branch against the shadow password utility.

Test framework development

We operate a comprehensive Jenkins-based testing framework that powers This week, Holger Levsen made the following improvements:

  • Improve the output of the Debian reproducible “SHA1” checker [], also including stats for non-reproducible binNMUs, arch:all and arch:amd64 packages [].
  • Deal with zero results in the SHA1 checker. []
  • Move SHA1 checker to osuosl173 node. []
  • Add setup_schroot_buster_diffoscope job on osuosl173 node. []
  • Node maintenance. [][][]

In addition, Mattia Rizzolo performed some armhf node maintenance. []

This week’s edition was written by Bernhard M. Wiedemann, Chris Lamb, Holger Levsen, Vagrant Cascadian & reviewed by a bunch of Reproducible Builds folks on IRC & the mailing lists.

Steve Kemp: Raising a bilingual child

Mar, 05/03/2019 - 11:01pd

The last time I talked about parenting it was in the context of a childcare timetable, where my wife and I divide the day explicitly hour by hour so that one of us is "in charge" at all times.

For example, I might take care of Oiva from 7AM-12pm on Saturdays, then she takes over until 5pm, and I take 5-7PM (bed-time). We alternate who gives him a bath and sits/reads with him until he's asleep.

Even if all three of us are together there is always one person who is in-charge, and will handle nappies, food, and complaints. The system works well, and has done since he was a few weeks old. The big benefit is that both of us can take time off, avoiding burnout and frustration.

Anyway that's all stable, although my wifes overnight shifts sometimes play havoc with the equality, and I think we're all happy with it. The child himself seems to recognize who is in charge, and usually screams for the appropriate parent as required.

Today's post is more interesting, because it covers bilingual children, which our child is:

  • His mother is Finnish.
    • She speaks Finnish to him, exclusively.
  • I'm from the UK.
    • I speak English to him, exclusively.

Between ourselves we speak English 95% of the time and Finnish 2% of the time. The rest of our communication involves grunting, pointing, and eye-contact.

He's of an age now where he's getting really good at learning new words, and you can usually see who he learned them from. For example he's obsessed with (toy) cars. One of his earlier words was "auto", but these days he sometimes says "car" to me. He's been saying "ei" for months now, which is Finnish for "no". But now he's also started to say "no" in English.

We took care of a neighbours dog over the weekend, and when the dog tried to sniff one of his cars he pointed a finger at it, and said "No!". That was adorable.

Anyway his communication is almost exclusively single-words so far. If he's hungry he might say:

  • leipä! leipä! leipä!
    • Bread! Bread! Bread!
  • muesli! muesli! muesli!
    • muesli! muesli! muesli!

He understands complex ideas, commands, instructions, and sentences in both English and Finnish ("We're going to the shop", "Would you like to play in the park?", and many many more). But he's only really starting to understand that he can say the same thing in multiple languages - as per the example above of "ei" vs "no", or "car" vs "auto".

Usually he uses the word in the language he heard it in first. For example he'll say goodbye to people by saying "moi moi", but greet them with "hello". There are fun words though. For example 99% of the time a dog is a "woof woof", but sometimes recently he's been describing them as "hauva". A train is a "choo choo", as is a tram, and a rabbit is a "pupu".

He's started saying "kissa" for cat, but when watching cartoons or reading books he's more likely to identify them as dogs.

No real conclusion here, but it's adorable when he says isä/isi for Daddy, and äiti for Mummy. Or when he's finished at the dining table and sometimes he says "pois" and other times says "away".

Sometimes you can see confusion when we both refer to something with different words, but he seems pretty adept at understanding. I'm looking forward to seeing him flip words between languages more often - using each one within a couple of minutes. He has done that sometimes, but it's a rare thing. He'll sometimes say "daddy car" and "äiti auto", but more often than not the association seems random. He's just as likely to say "more kala" as "more fish".

Gunnar Wolf: Mob justice and extreme violence in Copilco Universidad — @Alcaldia_Coy @CopilcoUniv @CopilcoVecinos @manuelnegrete22

Mar, 05/03/2019 - 7:03pd

Some days ago I read a piece of news that shocked me at different levels: Three blocks away from my home, and after being "unclearly" denounced for harassing a woman, a guy was beaten to death. Several sources for this: El Diario MX: Por acosar a mujer lo golpean hasta la muerte; El Siglo de Torreón: Asesinan a hombre por presuntamente acosar a mujer en Coyoacán; Zócalo: Matan a hombre en Coyoacán; Milenio: Por presuntamente acosar a mujer, golpean y matan a hombre en CU.

Of course, when anybody cries for help, it should be our natural response (everybody's!) to rush and try to help. However, stopping an aggression is a far cry from taking justice in our own hands and killing a guy.

Mob justice is usually associated with peri-urban or rural areas, with higher socioeconomic margination and less faith in authority. Usually, lynching mobs generate a very bad and persistent name to wherever said acts of brutality happened. While I don't want to say we are better than..., it shocks me even more to have found this kind of brutality in the midst of the Universitary neighbourhood, at a very busy pedestrian street, at all times (this happened somewhat after noon on Thursday) full of teachers and students.

Not only that. The guy who was attacked was allegedly a homeless guy, in his mid 20s. Some reports say that after the beating took place, he was still alive, but when the emergency services arrived (30 minutes later!) he had died. We are literally less than 200m away from Facultad de Medicina, and hundreds of students and teachers walk there. Was nobody able to help? Did nobody feel the urge to help?

If this guy was a homeless person, quite probably he was weak from malnutrition, maybe crossed with some addictions, and that's what precipitated his death. But, again — This raises other suspicions. Maybe he was pointed to by some of the store owners that wanted to drive him away from their premises? (he was attacked inside a commercial passageway, not in the open street)

Also... While there is not much information regarding this attack, I'm quite amazed almost no important local (or even national!) media have picked this up. We are less than 1Km away from the central offices of Grupo Imágen! This is no small issue. Remember the terrible circus raised around the Tláhuac lynches in ~2005 (and how Tláhuac still carries that memory almost 15 years later)? What is the difference here?

No attack on women should be tolerated quietly. But no lynchmob should be given a blind eye to. This deeply worries and saddens me.

Shirish Agarwal: Celebrating Science Day at GMRT and WSF

Mar, 05/03/2019 - 6:37pd
World Social Forum 2004

I would start with WSF which is in this case is The World Social Forum. This is where I got a real taste of what global activisim could do. The year was 2004 and it was against the World Economic Forum (or part of it was happening in Mumbai.) It was a double whammy as either due to design or just a coincidence the Kala Ghoda festival was happening at the same time. It had seemed at the time that change was in the air and things will change shortly but it was not to be. The reason this got remembered as I was cleaning my mailbox after a long time, doing a real deep cleaning and while doing it, came across a bunch of mails and people and ideas. While lot of things on the plate have been won, there have been equal or more number of losses. For e.g. Shell is still into fossil fuels and has grown consistently over the years, even political parties can raise foreign funds thanks to the present Government with retrospective effect of 60 years but non-profits cannot do as apparently “only they can influence people”, not political parties. All of this isn’t news unless you have been living under a rock for the last 4 years or so. It all just seems a bit more perverse than before hence had to share it but this was not the purpose of this blog post.

National Science Day at GMRT

We had been celebrating National Science Day at GMRT for last 7 years with this year being the seventh in the series. The only one I missed was last year but then wasn’t well and didn’t want any possibility of aggravation of health issues as had been sick. I had shared I wouldn’t be able to do any of the heavy lifting and our conversation for the event started like this –

shirish agarwal, [27.02.19 13:14]
@mandiv1 apparently Arvind and Aadesh would not be able to go to Reserved-bit .

shirish agarwal, [27.02.19 13:14]
somebody else would have to do the needful.

Akshat, [27.02.19 13:16]
@shirishag75 don’t worry about the logistics. We will take care.

Snippet of Telegram chat.

Later came to know though that this year all of the equipment and merch. sponsorship was done by Zimbra. There were also some other expenses but all of them were borne by Zimbra. So here are a list of photos which shows some of the photos taken by members of the two groups.

Around the end of the first day

While we were supposed to be around 12-13 volunteers, 9 from both Debian and Mozilla turned up for the event. Six were from the Debian side of things, while three from Mozilla. While there were couple of newbies, most of the people had worked with each other before so it was easy to get by.

Joking around after a hard day’s work

After packing and finishing for the day, it was time to rib with each other as well as know each other. Nothing like ribbing and getting ribbed to take the tiredness of the day out. Having a cup of tea or two also helps.

How GMRT looks in the evening GMRT Antennae in Unison – Akshat

GMRT is based in a semi-rural, semi-forested area. The GMRT Radio telescopes are a group of 30 steerable Radio telescopes situated in an about 27 sq. km. , each Radio telescope cover an area of 45 meters and the whole constellation is in the form of a parabolic dish or a Y-shape to be more precise. This particular picture has been clicked by Akshay as it shows his signature eye and framing. It was upgraded few years back and is now back is to former glory. I also just remembered some questions that were asked to the Tatas in Thoughtworks Complex Systems workshop for SKA for which there were no clear answers but that’s a topic for another day.

Photo Op with the Zimbra Team Another picture with the zimbra team

This was at the end of the second day when the Zimbra team came to see us. Unfortunately they came after lunch when traffic was low to almost non-existent and people were winding up for the momento and the prize ceremony which is held for students coming from various schools and colleges. Organizations are given a momento as it’s geared so that students are aware of all the science around them, the causation and the effect. They also have some repos. on github if people wanna contribute.

Big thanks to Zimbra for sponsoring us and NCRA and GMRT for giving us the stall, travel, lodging and boarding. Also thanks to all the volunteers from FSCI and Mozilla showing up and making it what it was.
Akshat giving a Debian CD and literature about free software

This is probably in the morning on the second day when me and Vikas were out to see some of the other stalls which were there.

Projects I liked

There were probably in excess of 100 odd stalls and while it was virtually impossible to visit all the stalls, all of us did manage to visit some or the other stalls. The ones which I liked were the one where an old gentleman showed how light is refracted. He had a green laser pointer and had asked for a dark room and showed the various ways light was refracted. The one which I really liked was when how probably light refracts in a fibre-optic cable. The other one I enjoyed was when I came to know of the ITER . I was told that they have been able to generate more energy than taken although after coming back just came to know that the project is only 58% completed, the rest taking almost 15 years more to complete.

The other informational projects which I came to know about were the Earth core. While in countless movies, we have reached the center of the earth, in actuality we don’t know. There are assumptions that it may have liquid and some metal on what we have been to explore so far. It may be entirely possible that there may be one more than one more layer of metal and liquid that is being assumed but as we don’t know we can’t do anything about it. The people who were showing that were actually showing how earth’s magnetic poles are moving all the time. They also shared the possibility of the magnetic poles flipping and while I can find quite a few media stories speculating that myth/fact I dunno what to make of it. Of course if does flip, all our communications will be down. Even birds take their bearing from the magnetic north (although instinctively) . Humans would be the worst affected for sure .

While there were many more, there was a whole stall of students using either Arduino Uno or Arduino Mega. I am afraid I didn’t ask which. There were many projects which I liked but they were more thought more in dreams rather than reality. For instance, one of the projects was for a submersible to check the quality of water. They had made a nice UI and used the Arduino to remotely stop and start the boat. As everybody knows, sensors are not so cheap so the only sensor they managed to get was a temperature sensor and they showed how it would work. The assumption being dirty water being more hot than fresh water. Also it would report variances within water temperature. itself so you could know what the temperature of water is at any one point of time.

There was also an Arduino-based bot to clean floors. It looked similar to some of the Japanese bots I have seen. For instance see this one shared on CNET . As it was a college robot, it had an extended arm of about couple of feet with a sensor to detect a foreign object. There was a housewife hanging around who was obviously stressed and was looking at it as a solution to relieve her from some of the household chores. They were also working and looking at to be also used as a mop in addition to the broom but had difficulty figuring out how to get the both the price, engine efficiency and battery also syncing with each other. Of course they weren’t thinking of self-repair but that’s another topic altogether. We also saw projects using Arduino for car theft, museum navigation (for which I gave them a few suggestions) and one using Raspberry Pi 3 with OpenCV to detect cars license numbers for toll gates. I impressed upon them to try the same at their college where it should be much more easily implementable than elsewhere.

I also need to commend all the colleges for this time many colleges upped the budgets to between INR 11 – 15K although it is still a lot lower than what is needed. Vikas, who was with me told some of the students about the robo competitions which are held routinely in many of the Engineering Colleges in Pune.

I would end sharing of the projects by another one I really liked. This was done by some college I don’t remember, we were told about the estuary . Estaury is the place where the ocean and river meet and is one of the best places for flora and fauna to be there. One of the famous estauries she said was a place called Mandvi near Goa, Konkan. Due to lot of garbage being put in the river the estaury doesn’t work in the way it was and is intended to work.

Debian Information

At the end, there was lot of information about Debian which was exchanged with the group. I shared about the Internships article which I had written sometime back and then shared another list of projects yesterday by one of my friends whom I had encouraged to do the same when I was writing the article from bangalore . I do like the one where he talks of the WordPress-libre movement, it does have lot of value but would need quite a bit of time and knowledge, which will come with time.

One of the most often questions asked is how does Debian make money. While Debian is a non-profit it does make money in terms of sponsorships as it is helpful to all the companies who make money of it. The simplest way is to have a look at present and past sponsors of Debconf. Just to share of a few on top of my head. Google sponsors as they use a customized use of Debian as their main OS within the organization. They sponsor quite a bit of Debian Development and probably have a few DD’s (Debian Developer) on their rolls. Hewlett Packard sells and sold quite a bit of Mid-and high-end range of servers to CDN’s, hosting and off the shelf customers who prefer to run Debian on those servers. Lot of HPC machines run Debian. Infomaniak is into hosting and from the looks of it they have prospered with the partnership as now they are Platinum sponsors.

I could go on and on, but is enough to share that there are lot of business and research issues which are solved. Even NCRA and GMRT are big users of Debian as is Pune University, hence they support us the way they can. They are highly dependant on Government Funding.

I also shared some of the Debian Politics but didn’t much as Mayur, Mehul and Aniket were absent, they are from Mozilla and we usually trade happenings and stories :). In many ways, Debian is also going through some changes , in some ways similar to what Mozilla has been going through but that’s a topic for another day. I do hope lot of people do get a chance to go and attend Debtusav Delhi which is also happening soon. This year we are hoping to have lots of Debutsavs if we hope to have a Debconf in India anytime soon. Till later.

Carl Chenet: You Should Not Ignore the Mastodon Social Network Any More

Mar, 05/03/2019 - 12:00pd

The Mastodon social network reached 2 million users some days ago, almost doubling its number of users in one year.

The Mastodon Growth

When I joined the Mastodon social network 2 years ago, I was interested in a new alternative to Twitter, which is now mostly a ad network.

Some days ago the number of users of Mastodon reached 2 millions, a hugh and unbelievable number for a project based on a Free Software, not backed by a company being funded multiple times like Twitter is.

Being community-driven, locally animated by instances with their own rules, the number of users of Mastodon increases steadily (the peak on the graph is a bot attack). These great results can’t be ignored any longer by people who want to develop an audience or increase the visibility of their project.

Your account on Mastodon

Lots of people created an account in 2017 to test Mastodon and only stayed some days before discontinuing using it. The user growth of Mastodon shows today they should try again. This social network is today a major growth tool for any project or community.

Growing the audience of a social network account takes time. And the steady growth of Mastodon shows it’s perfectly reliable for projects and company to invest time to grow their social account on Mastodon.

The Mastodon account of a Hacker News-like website, le Journal du hacker, grew to 2,000 subscribers in 18 months.

Individuals also grow Mastodon account with a good audience. With more than 2M users today, you can efficiently spread the word about your different projects.

Fediverse and the next growths

Mastodon uses the protocol ActivityPub to exchange information. Other applications use the same protocol, like Pleroma, an alternative to Mastodon, or PixelFed, a community-driven, Instagram-like application. These applications will be able to interact with the Mastodon user base to help their own growth. Merging different user bases could in the future generate a massive user base in some years.

To Be Continued

The Mastodon social network has a large potential and its user growth shows a steady adoption, not related to ads or artificial growth promoted by a company. Different communities adopted and use Mastodon on a regular basis for their needs. Lots of individuals stopped using Twitter for various reasons and now use Mastodon.

Now, what about you?

About The Author

Carl Chenet, Free Software Indie Hacker, Founder of, a Job board dedicated to Free and Open Source Software Jobs in the US (soon to be released).

Follow Me On Social Networks


The post You Should Not Ignore the Mastodon Social Network Any More appeared first on Carl Chenet's Blog.

Jonathan McDowell: Bordering on ridiculous

Hën, 04/03/2019 - 9:47md

There’s been a lot of discussion (to put it mildly) about the backstop in regards to Brexit. Effectively the TL;DR is that it’s designed to prevent the return of a hard border between Northern Ireland and Ireland, in the absence of some more organized solution. As someone born and raised in Northern Ireland I’m in favour of that. My parents live in Newry, which is just north of the border on the main Belfast/Dublin road. I remember the border checkpoint.

The backstop causes problems because it requires the United Kingdom to keep in sync with the EU in many respects, to retain the customs union and allow the free movement of goods across the border in a friction-free manner. Originally there was a suggestion that this union could apply solely to Northern Ireland, with some sort of checks made on the air/sea border between NI and the rest of the UK. The DUP rejected any suggestion of a border in the Irish Sea, and as the party propping up the Tories they have some sway in this whole thing. That’s unfortunate, as I think that this sort of special status for Northern Ireland could make it a very attractive place to do business, with good access to both the rest of the UK and the EU. The DUP claim to be rejecting anything that might make Northern Ireland separate from the UK. What they fail to acknowledge is the multitude of ways in which NI is separate, some of them their doing.

Let’s start with some legal examples. Belfast was the first place to have generally available civil partnerships for gay couples (there was an earlier exceptional ceremony in Brighton for a terminally ill man). Today Northern Ireland is the only place not to allow same sex marriage - England and Wales introduced the Marriage (Same Sex Couples) Act 2013 and Scotland introduced the Marriage and Civil Partnership (Scotland) Act 2014. The DUP have repeatedly used the Petition of Concern to block such legislation in Northern Ireland, and stated they will continue to do so.

The other headline difference is the fact that the Abortion Act 1967 does not apply in Northern Ireland, which instead falls back to the Criminal Justice Act (Northern Ireland) 1945 and the older Offences Against the Person Act 1861, only allowing abortion in cases where it is to preserve the life of the mother.

Less of a headline difference is the fact it’s illegal to give a child under 16 alcohol in Northern Ireland (Children and Young Persons Act (Northern Ireland) 1968 s.25), unless it’s on the order of a doctor. Everywhere else it’s illegal for under 5s (Children and Young Persons Act 1933 s.5), but ok for older children in private premises. It’s wise to try to prevent underage drinking, but I’d have thought enabling it legally in the home isn’t the risk factor we should be worried about here. NI also has more restrictive off-license alcohol licensing, leading to weird cordoned off areas in supermarkets where they keep the alcohol and most small shops not stocking it at all.

All of these legal differences are reconcilable with the DUP’s status as a conservative Christian right party. However they all serve to separate Northern Ireland more from the rest of the UK, making it look like a parochial backwater, and that’s harder to reconcile with the DUP’s statement that they want to avoid that. Equally there are other pieces of legislation that have variations in the Northern Ireland implementation (and the fact there’s even a separate Act or Order for NI for things predating devolution is sometimes an oddity).

For example, The Employment Rights (Northern Ireland) Order 1996, Article 140 specifies that an employee needs 1 year continuous employment to be able to make an unfair dismissal claim, while the Employment Rights Act 1996, s.108 requires 2 years before such a claim can be made in the rest of the UK. Good for workers in NI, but not a logical difference to have.

We can’t even claim these differences all pre-date the Good Friday Agreement Stormont Assembly. In 2014 the DUP were quite happy to try and diverge NI’s tax regime from the rest of the UK by aiming for a corporation tax reduction that was, irony of ironies, designed to bring NI into line with the rest of Ireland in an attempt to get some of the inward investment pie.

It’s also worth noting that land law is significantly different between NI and England & Wales (to the extent that while doing my law degree I was taught them as 2 parallel strands rather than the lecturers simply pointing out the divergences along the way). Scotland is even more different, so that’s perhaps not as useful an example of variation, but it does usefully lead into a discussion about differences in the provision of government services. Searching the Land Registry for Northern Ireland is in-person physical act. Doing so for England and Wales with the HM Land Registry is possible online.

This can be seen again in the area of driving licences, something you’d expect a unified UK approach for. The rest of the UK has abolished the paper counterpart for driving licences. Not Northern Ireland. If you hold an NI licence and want to hire a car don’t forget to bring your paper part! (Yes, this has bitten me once.) Northern Ireland was also the first part of the UK to have a photograph as part of the driving licence (probably because we were the only part of the UK being stopped at army checkpoints and asked for ID).

On the subject of cars, the MOT in Northern Ireland is performed in government run test centres. Elsewhere in the UK MOT’s are handled by approved test centres - usually a garage. There are advantages to both (primarily a trade off between government impartiality and the convenience of being able to drop your car off for a test with someone who will fix the failures), but there’s no logical reason for the difference across the country.

The executive has also used the sea border with the rest of the UK to its advantage, for example during the 2001 foot and mouth outbreak, when additional controls were put in place at ports and airports in Northern Ireland to try and prevent the spread of the disease to NI farming stock. (I remember the disinfectant mats being in place at Belfast International Airport during this period.)

We have other differences too. 4 Northern Irish banks issue their own bank notes (though First Trust are stopping) - they’re worth exactly the same as Bank of England notes (being valid pounds sterling), but good luck freely spending them in the rest of the UK! And for a long time we didn’t even have representation from the big UK banks here (which made having an NI bank account while being at university in England problematic at times).

These geographical and legal differences naturally extend into the private sector. It’s not just the banks who lack representation here, high street shops are affected too. I keep getting Ocado vouchers included in other orders but they’re no use to me because Waitrose aren’t present here. McDonalds didn’t arrive until the early 90s. There are plenty of other examples.

I’m sure some of this is due to the existence of a large body of water between Northern Ireland and the rest of the UK making delivery more complex. It’s not uncommon for suppliers to charge more or completely refuse to deliver to NI. Even when they do there are frequently restrictions (see Amazon’s for an example). Good luck getting a replacement phone or laptop battery shipped from a reputable supplier these days!

Car insurance has also historically been higher in Northern Ireland. A paper produced by the Northern Ireland Assembly, ‘Update: Comparative Car and Home Insurance Costs in NI’ (NIAR 508-10) discussed potential reasons for this, concluding that the higher rate of accidents and associated legal system differences resulting in higher compensation and legal fees were likely causes. I guess that explains some of the terrifying road safety ads shown on TV here over the years.

What’s my point with all of this? Largely that I feel it’s foolish to try and pretend Northern Ireland doesn’t have differences with the rest of the UK, and deciding that the existence of some additional checks on movement across the Irish Sea is the red line seems to be shutting the stable door after the horse has bolted. If the DUP had shown any inclination to rectify the other arbitrary differences that exist here I’d have more sympathy, but the fact they persist in maintaining some of them just strikes me as hypocrisy.

Mike Gabriel: My Work on Debian LTS/ELTS (February 2019)

Hën, 04/03/2019 - 4:41md

In February 2019, I have worked on the Debian LTS project for 6 hours (of originally planned 10 hours) and on the Debian ELTS project for another 6 hours as a paid contributor. The non-worked 4 LTS hours I will carry over into March 2019.

LTS Work
  • Upload and announce FreeRDP security fixes and RDP v6 / CredSSP v3 proto updates (DLA-1666-1 [1])
ELTS + LTS Work (shared hours)
  • Chew on OpenSSH security fixes. Esp. CVE-2019-6111 caused me headaches with the final result that the said fix for CVE-2019-6111 did not fix it entirely. See Debian bug #923486 [2].

CVE-2019-6111 has already been amended fully now in Debian unstable's and stable's version of OpenSSH. For jessie LTS a fixed version will be provided within the next couple of days.


Elana Hashman: I'm running for the Open Source Initiative Board of Directors

Sht, 02/03/2019 - 5:00md

The 2019 election for the Open Source Initiative Board of Directors is upon us, and I'm running for a seat on the board as an Individual Member.

The Open Source Initiative (OSI) is a shadowy cabal global non-profit organization that is primarily responsible for maintaining the Open Source Definition and list of approved Open Source Licenses, in addition to promoting and representing the wider open source community. If you use or care about open source software, the OSI impacts you!

Why am I running?

There are three main things that I'd like to accomplish as a board member:

  • Grow the OSI's membership, and build a more representative organization.
  • Defend the Open Source Definition and FOSS commons.
  • Define the future of open source, as part of the larger community.

You can read more of the specifics of my platform on the OSI election wiki.

Why vote for me?

My platform is actionable, specific, and measurable. For example, when I say I want to grow the OSI's membership, this isn't just a platitude: I'm running a membership drive to recruit 25 new members and I've nearly met my goal already! If you vote for me, it's easy for you to hold me accountable to these specific commitments.

I have a cross-cutting, boots-on-the-ground view of the challenges and needs of the FOSS community. I'm active as a developer in many different open source communities: the Python community, the Clojure community, the JavaScript community, the Kubernetes and CNCF communities. I bring a new, broad perspective to the Board as a primarily technical contributor from communities who are not yet deeply involved with the OSI, and pledge to represent their interests.

As a packager, I have a practical understanding of software licensing and redistribution. Defending the Open Source Definition isn't just about ideology for me: threats to the FOSS commons directly impact my work as a downstream developer. Packaging FOSS for distribution in Debian, applying patches, and sharing derivative works all require a deep understanding of the practice of software licenses and copyright. Hence, I have important and applicable experience for license review.

This sounds great, sign me up!

If you like what you've seen here, I'd be thrilled if you considered joining the OSI as a new member and voting for me.

You can sign up for a membership here.

Do let me know if I was your inspiration for joining, as I'd love to count you towards my membership drive! You can reach out via Mastodon, Twitter, or email. I'll also make sure to send you a reminder to vote in the election. Voting opens Monday, March 4 at 12:00am PST and closes Friday, March 15 at 11:59PM PST.

Junichi Uekawa: I've been writing Dockerfile for many of my personalprojects.

Sht, 02/03/2019 - 9:23pd
I've been writing Dockerfile for many of my personal projects. However the resulting image isn't useful for me and I don't need root to build my tools. I am just interested in them building at all.

Steinar H. Gunderson: Two surprises

Pre, 01/03/2019 - 11:32md

Two nasty surprises from today (both cost me a fair amount of time):

  • In C, signed multiplied by unsigned becomes... unsigned. Think twice before declaring your constants unsigned.
  • If you have an NVIDIA GPU and boot with “nomodeset”, your Intel GPU no longer is available to VA-API.

François Marier: Connecting a VoIP phone directly to an Asterisk server

Pre, 01/03/2019 - 7:25pd

On my Asterisk server, I happen to have two on-board ethernet boards. Since I only used one of these, I decided to move my VoIP phone from the local network switch to being connected directly to the Asterisk server.

The main advantage is that this phone, running proprietary software of unknown quality, is no longer available on my general home network. Most importantly though, it no longer has access to the Internet, without my having to firewall it manually.

Here's how I configured everything.

Private network configuration

On the server, I started by giving the second network interface a static IP address in /etc/network/interfaces:

auto eth1 iface eth1 inet static address netmask

On the VoIP phone itself, I set the static IP address to and the DNS server to I then updated the SIP registrar IP address to

The DNS server actually refers to an unbound daemon running on the Asterisk server. The only configuration change I had to make was to listen on the second interface and allow the VoIP phone in:

server: interface: interface: access-control: refuse access-control: allow access-control: allow

Finally, I opened the right ports on the server's firewall in /etc/network/iptables.up.rules:

-A INPUT -s -p udp --dport 5060 -j ACCEPT -A INPUT -s -p udp --dport 10000:20000 -j ACCEPT Accessing the admin page

Now that the VoIP phone is no longer available on the local network, it's not possible to access its admin page. That's a good thing from a security point of view, but it's somewhat inconvenient.

Therefore I put the following in my ~/.ssh/config to make the admin page available on http://localhost:8081 after I connect to the Asterisk server via ssh:

Host asterisk LocalForward 8081

Kurt Kremitzki: My Free Software Activities in January & February 2019

Pre, 01/03/2019 - 7:10pd

Hello all and welcome again to another of my monthly summary posts on my work in free software, with a focus on open engineering in Debian & Ubuntu. I'm fortunate to have the February 12th Debian 10 soft freeze deadline to scapegoat for my missed January update, and thanks too to February for being short enough to postpone it further and combine the two updates.

I've decided to go with a bit of a dryer chronological approach to this update as there's lots to cover. Worth highlighting, however:

  • New Debian upload for a FreeCAD 0.18 pre-release
  • New Debian upload for OpenFOAM. An upstream switch from to and a different versioning scheme results in a massive version bump, 4.1 to 1812. That's over 1800 versions better. (Seriously though, it's about a 2 year bump in changes.)
  • New Debian uploads for mesh generation softwares Gmsh 4.1.3 and Netgen 6.2.1810 -- though Netgen might miss Debian 10? It's stuck in the NEW queue.
  • FreeCAD is participating in Google Summer of Code and I'm looking for a student to mentor
Timeline January
  • Jan 6: Updated the FreeCAD bug tracker to the latest version.
  • Jan 12: Completed transition of FreeCAD PPAs to new versions of Coin3D & its Python bindings package Pivy, which resolved a major breakage caused by me on Dec 29 but was a necessary precursor to a FreeCAD 0.18 release; I just didn't execute it as well as I should have
  • Jan 16: Upload of OpenFOAM 1812.
  • Jan 18: Discussed on GitHub with the upstream of OpenCAMLib about release plans now that it is Python 3 compatible
  • Jan 19: Contact via GitHub issue with libMesh upstream about Debian packaging, with enthusiastic response.
  • Jan 19: FreeCAD pull request to fix Start Workbench behavior in Debian/Ubuntu since we can't include binary .FCStd examples, even though they're glorified ZIPs, for Debian Free Software Guidelines reasons (or can we? please contact me if you know otherwise)
  • Jan 25-27: Hosted Austin Debian Bug Squashing Party. Unfortunately, it wasn't very successful in drawing in people besides those already interested in Debian at the host venue, the ATX Hackerspace. I didn't want to over-advertise it since the venue was limited in capacity, which in retrospect was a mistake. Oh well, there was also plenty to learn for the next one. The following bugs were closed: 918479, 888026, 884092, 886538, 882510, 899099, 920525, 919711.
  • Jan 26: Announced the experimental, an instance of FreeCAD's homepage designed to test possible improvements to be had by moving away from shared hosting
  • Jan 28: Contact via GitHub issue with sfepy upstream about it failing to build from source to try to get help on issue potentially preventing it from being included in Debian 10.
  • Feb 4: Sponsored uploads of FreeCAD 0.18 pre-release and Gmsh 4.1.3 into Unstable, thanks Anton Gladky.
  • Feb 4: Announced, an experimental instance of FreeCAD's bug tracker designed to test possible improvements to be had from moving away from shared hosting
  • Feb 5: Regained control of abandoned FreeCAD Snap, which was a pre-release of 0.17, by way of the uploader returning from MIA and adding me.
  • Feb 9: Merge PR for FreeCAD-Homepage repo to add Expires headers and unset ETags to try to get better performance
  • Feb 13: Confirmed sfepy upstream fix resolved the issue, but it came a day after the soft freeze preventing re-entry to Testing.
  • Feb 23: Upload of python-fluids 0.1.73, experiment with Salsa GitLab CI.
  • Feb 25: Google Summer of Code organizations announced. FreeCAD participating under umbrella organization OpenCAx led by BRL-CAD. I created a GitHub issue for the project I'd like to mentor. I'm looking for a student interested in improving the state of Debian & Ubuntu packaging for FreeCAD and its ecosystem of packages. Particularly -- not everyone's first encounter with FreeCAD is with the latest and greatest version. If someone installs an old version and has a bad experience with an easily fixable packaging bug, we should try to tackle that issue to not drive away people who are already interested, but get a bad impression.
  • Feb 25: Sponsored upload of Netgen to Unstable, thanks Anton Gladky. Netgen had to re-enter NEW because I made a mistake in the naming of the binary package, so I had to revise the package to make libnglib-6.2 (for the .1810 release) replace libnglib-6.2.1804.
  • Feb 25: Sponsored upload of pycollada which adds Python 3 support and a python3- package, so it has to pass through NEW again.
  • Feb 28: Upload of OpenCASCADE, revising the package to revert to the default 'opencascade' installation paths instead of 'occt' (a not-so-great packaging decision as OpenCASCADE was my 2nd ever Debian package)

Verbal support by way of my contact info below is greatly appreciated, but if you want to help support my free software & open engineering work financially, I've made it easy with several options:

Any level of support is appreciated!


You can follow me on Twitter @thekurtwk.

I'm also now on Matrix, an open network for secure, decentralized communication,

Louis-Philippe Véronneau: Roundcube fr_FEM locale 1.4-rc1

Pre, 01/03/2019 - 6:00pd

Roundcube 1.4-rc1 was released today and with it, I've released version 1.4-rc1 of my fr_FEM (French gender-neutral) locale.

I'm really excited by the new Roundcube version, as it adds a bunch of neat encryption stuff and more importantly, now uses a new responsive skin. I'm sure mobile users will enjoy that new feature a lot.

If you happen to run Roundcube, please test this new locale release! Feedback is always welcome.

You can find the locale here.

Paul Wise: FLOSS Activities February 2019

Pre, 01/03/2019 - 1:28pd
Changes Issues Review Administration
  • FoxtrotGPS: merged patches
  • mokomaze: release
  • Debian wiki: reset email addresses, whitelist email addresses
  • Edited and sent Debian Misc Developer News edition 47
  • Respond to queries from the Debian derivatives census Outreachy project intern
  • Respond to queries from Debian users and developers on the mailing lists and IRC

The purple-discord upload and the apt-listchanges bug were sponsored by my employer. All other work was done on a volunteer basis.

Tim Retout: My Free Software Activities for Jan/Feb 2019

Enj, 28/02/2019 - 10:55md

I have done a small amount of free software work! However, I’m going to cheat and list it since the start of the year.

Social groups

First, the fun stuff:

  • I organised the first two meetings of the Bedford Linux User Group. Fire engines were observed on both occasions, but this was pure coincidence.
  • I sent pull requests adding a fancy map to the new site. I need to follow up to make that mobile-friendly…
apt security

I sent PRs to adjusting the summary and providing instructions on using HTTPS.

I’m planning to extend this with a threat model for apt.

Firefox app mode

I wrote a patch for a bug I’ve been subscribed to for a while, requesting an “app” mode similar to Chrome:

I don’t have much hope that this will actually get reviewed or applied, because it conflicts with a new “earlyBlankFirstPaint” feature. Still, I had fun writing it, and if anyone can tell me how Mozilla development works, I’d be most grateful.

Libreoffice bugs

I filed a fun Writer bug:

If you insert a tall enough image into a page header in LibreOffice Writer, you can get it to add pages indefinitely. Impressively, the application remains quite responsive while it tries to flow the text forever…

…no idea how to fix this one though!

Molly de Blanc: Free software activities (February, 2019)

Enj, 28/02/2019 - 10:39md

First and foremost I worked on planning LibrePlanet, the FSF’s annual conference and member’s meeting. Beyond that, I got to have a month that sounds very exciting. It was, in truth, quite exhausting but still a lot of fun! In spite of some setbacks (see below), things went well overall.

February activities (personal)

February activities (professional)

  • I attended FOSDEM! I listed this twice because, while the talk I gave was related to my Debian work, I also carried out FSF activities and meetings.
  • I attended and keynoted Copyleft Conf.
  • I wrote about dating as a free software issue.
  • I put a lot of time into planning LibrePlanet.

Chris Lamb: Free software activities in February 2019

Enj, 28/02/2019 - 6:46md

Here is my monthly update covering what I have been doing in the free software world during February 2019 (previous month):

Debian LTS

This month I have worked 18 hours on Debian Long Term Support (LTS) and 12 hours on its sister Extended LTS project.

  • Investigated and triaged gsoap (CVE-2019-7659), kde4libs, python-django (CVE-2019-6975), spice-xpi (CVE-2010-2792), etc.

  • Frontdesk duties, responding to user/developer questions, reviewing others' packages, etc.

  • Issued DLA 1664-1 as it was discovered that there was a denial of service vulnerability (or even the ability to conduct private key recovery) within the elliptic curve cryptography handling in the Go programming language libraries.

  • Issued DLA 1667-1 for dovecot where a flaw in the TLS username handling could lead to an attacker being able to log in as anyone else in the system.

  • Issued DLA 1672-1 for curl, correcting three heap/stack-based vulnerabilities.

  • Issued DLA 1681-1 to address denial of service vulnerability in gsoap, a C/C++ language binding used for SOAP-based web services.

  • Issued DLA 1660-2 for rssh as it was discovered that the fix for the security vulnerability released for rssh in 2.3.4-4+deb8u2 introduced a regression that blocked scp(1) of multiple files.

  • Issued ELA 82-1 to address two vulnerabilities in the libarchive multi-format compression library.

Reproducible builds

Whilst anyone can inspect the source code of free software for malicious flaws almost all software is distributed pre-compiled to end users.

The motivation behind the Reproducible Builds effort is to ensure no flaws have been introduced during this compilation process by promising identical results are always generated from a given source, thus allowing multiple third-parties to come to a consensus on whether a build was compromised.

The initiative is proud to be a member project of the Software Freedom Conservancy, a not-for-profit 501(c)(3) charity focused on ethical technology and user freedom.

Conservancy acts as a corporate umbrella, allowing projects to operate as non-profit initiatives without managing their own corporate structure. If you like the work of the Conservancy or the Reproducible Builds project, please consider becoming an official supporter.

This month, I:

  • Made more progress towards making the Debian Installer images reproducible, performing some further testing of the generated images resulting in two patches to ensure that builds were reproducible regardless of both the user's umask(2) (#920631) and even the underlying ordering of files on disk (#920676).

  • Presented at Speck&Tech #31 entitled Open Security in Trento, Italy.

  • Implemented a check in the Lintian static analysis tool that performs automated checks against Debian packages in order to add a check for .sass-cache directories. As as they contain non-deterministic subdirectories they implicitly cause an unreproducible build. (#920593)

  • disorderfs is our FUSE-based filesystem that deliberately introduces non-determinism into filesystems for easy and reliable testing. In February I fixed an issue this week in the handling of the fsyncdir system call to ensure dpkg(1) can "flush" /var/lib/dpkg correctly [...].

  • strip-nondeterminism is our tool that post-processes files to remove known non-deterministic output. This month I adjusted its behaviour to de-duplicate hardlinks via stat(2) before processing to avoid issues when handling files in parallel; as the per-filetype handlers are yet currently guaranteed to be atomic, one process could temporarily truncate a file which can cause errors in other processes operating on the "same" file under a different pathname. This was thus causing package build failures in packages that de-duplicate hardlinks in their build process such as the Debian Administrator's Handbook. (#922168)

  • diffoscope is our in-depth "diff-on-steroids" utility which helps us diagnose reproducibility issues in packages. This month, I made the following changes:

    • Improve the displayed comment when falling back to a binary diff to include the file's type. (#49)
    • Add a --exclude-directory-metadata=recursive option to support ignoring timestamp (etc.) differences within nested containers. (#907600).
    • Add support for comparing .crx Chrome browser extensions. (#41)
    • Adjust the behaviour to not look for adjacent -dbgsym Debian package files automatically anymore to align better with users' expectations. The existing behaviour can be re-enabled by specifying the new --use-dbgsym flag (#44 / #920701).
    • Add support for comparing MP3 and files with similar metadata. (#43)
    • Replace the literal xxd(1) output in tests/data/hello.wasm with its binary equivalent (#47) and ensure both WebAssembly test data files are actually unique. (#42)
    • Catch tracebacks when mounting invalid filesystem images under guestfs. [...]
    • Fix tests when using Ghostscript 9.20 vs 9.26 for the Debian stable distribution and for stable with the security repositories enabled. [...][...]
    • Compare .asc PGP signatures as text, not as a hexdump of the text. (#908991).
    • Replace over 8 MB of Android boot ROM test suite fixtures with 14 KB equivalents to reduce the size of the release tarball. (#894334).
    • Additionally compare pgpdump(1) output when comparing PGP signatures. [...]
    • --help output improvements:
      • Include links to the diffoscope homepage and bug tracker. [...]
      • Refer to the Debian package names when indicating how to obtain the tlsh and argcomplete Python modules. [...]
      • Indent and wrap the list of supported file formats. [...]
    • Adopt the Black code formatter:
      • Run against the existing source code. [...].
      • Add an initial black setup in a PEP 518 pyproject.toml file [...], updating to include it in future release tarballs. [...]
      • Add a test to ensure future source code satisfies the formatter. [...]
      • Allow GitLab CI failures in stable-bpo due to new dependency. [...]
    • Drop a DOS/MBR "source string" test. [...]
    • Drop ubuntu-devel from internal test matrix due to a linux-firmware package installation issue. [...]
    • Uploaded version 112 to Debian unstable, dropped an errant </ul> from the website [...] and also applied the "black" code formatter to the client [...].
  • Updated the SSL certificate for to ensure validation after the deprecation of TLS-SNI-01 validation in LetsEncrypt, increased the diskspace and memory available for and kept up to date [...].

  • Filed upstream pull requests for the python-octaviaclient component of the Openstack framework [...] and the Sphinx Python documentation generator [...] to make their

  • Submitted seven patches to fix specific reproducibility issues in heudiconv, libiio, lmfit-py, node-lunr, python-octaviaclient, sphinx & x2gobroker.

  • Drafted, published and publicised our weekly reports. (#197, #198, #199 & 200) and categorised a huge number of packages and issues in the Reproducible Builds "notes" repository.

Jonathan Carter: Free Software Activities (2019-02)

Enj, 28/02/2019 - 6:21md
I took this picture early in February in Brussels right before the FOSDEM conference.

2019-01-31: Upload new upstream release of gnome-shell-extension-remove-dropdown-arrows (11-1) to debian unstable

2019-01-31: Test lastest d-i build with updated buster artwork upload. First time I added official new Debian artwork to d-i, doesn’t look too horrible eh?

debian-installer with buster artwork.

2019-02-02: Day 1 of FOSDEM. Caught the debbug during the week but still got to see many Debianites and finally got an ‘apt install anarchy’ t-shirt that I’ve wanted for the longest time.

Debian booth at FOSDEM where various merchandise was for sale.

2019-02-03: Day 2 of FOSDEM. Had some good discussions with Sledge regarding Debian live roadmap for buster and bullseye, attended useful session on GRUB upstream and collaboration with distributions. Won second place in LPI sysadmin quiz competition finals.

LPI Quiz finalists at FOSDEM (photo: LPI Europe)

2019-02-03: DebConf committee meeting (with 4 out of the 5 DebConf committee members being present in person during FOSDEM!) discussing the Haifa and Lisbon bids, each of their repercussions and deciding on a time for the public vote.

2019-02-04: Did some hacking on timezone module for distro-installer on BRU-DOH flight.

2019-02-05: Advocate a prospective debian developer for their new-maintainer process.

2019-02-06: Sponsor package: libcxx-serial (1.2.1-1) ( request).

2019-02-06: Review package: owlrl (5.2.0-1) ( request) (needs some more work).

2019-02-06: Review package: rumur (2019.02.01-1) ( request) (needs some more work).

2019-02-06: Sponsor package: elinks (0.13~20190125-2) ( request) and granted DM permissions.

2019-02-06: File ITP for mozilla-deepspeech (ITP: #921519).

2019-02-07: Review package owlrl (5.2.0-1) ( request) (needs some more work).

2019-02-07: Sponsor package rumur (2019.02.04-1) ( request).

2019-02-07: Sponsor package owlr (5.2.0-1) ( request).

2019-02-07: Sponsor package dhcpcd5 (7.1.0-1) (email request) and granted DM permissions.

2019-02-07: Review package eggdrop (1.8.4-3) ( request) (needs some more work).

2019-02-07: Review package platformio (3.6.4-1) (#debian-python request) (needs some more work).

2019-02-11: Sponsor package blastem ( ( request) (Closes: #922003).

2019-02-08: Take AIMS Desktop 2018.1 through full-cycle testing for updated release.

2019-02-12: Upload preload (0.6.4-5~exp3) to debian experimental.

2019-02-13: Upload new upstream version of calamares (3.2.4-1) to debian unstable.

2019-02-13: Upload new native package version of live-wrapper (0.8) to debian unstable.

2019-02-13: NMU Upload package ibus (1.5.19-2) to debian unstable (Closes: #905790).

2019-02-13: Upload preload (0.6.4-5) to debian unstable (Closes: #920197).

2019-02-15: Upload calamares (3.2.4-2) to debian unstable (Closes: #922105).

2019-02-15: Upload calamares-settings-debian (10.0.18-1) to debian unstable.

2019-02-16: Sponsor package ocaml-mm (0.4.0-1) (irc request).

2019-02-16: Install test Debian 9.8 Release Live images for release.

2019-02-18: Upload new upstream version of toot (0.21.0-1) to debian unstable.

2019-02-19: Sponsor package liquidsoap (1.3.4-1) (irc request) and granted DM permissions.

2019-02-21: Upload package calamares (3.2.4-3) to debian unstable, file unblock request for transition to testing (#922826).

2019-02-22: Adopt and upload package calcoo (1.3.18-7) to debian unstable (Closes: #922897).

2019-02-22: Adopt and upload package tetzle (2.1.3+dfsg1-2) to debian unstable (Closes: #922886).

2019-02-22: Adopt and upload package fracplanet (0.5.1-3) to debian unstable (Closes: #922896).

2019-02-22: Adopt and upload package connectagram (1.2.9-2) to debian unstable (Closes: #922910).

2019-02-22: Adopt and upload package fractalnow (0.8.2-2) to debian unstable (Closes: #922898).

2019-02-25: Adopt and upload package tanglet (1.5.3-2) to debian unstable (Closes: #922909).

2019-02-25: Adopt and upload package gnubik (2.4.3-3) to debian unstable (Closes: #922892).

2019-02-25: Upload new upstream version of gnome-shell-extension-dashtodock (65-1) to debian unstable.

2019-02-25: Upload new native package version of ldm-themes (18.02.1) to debian unstable.

2019-02-25: Sponsor package xsoldier (1.8-6) to debian unstable (Closes: #923102) ( request).

2019-02-25: Do a bunch of drive-by reviews on ahead of the hard freeze that is quickly approaching.

2019-02-26: Upload new upstream version of gnome-shell-extension-tilix-dropdown (5.3-1) to debian unstable

2019-02-26: Test-drive latest debian-edu builds. For the record I didn’t contribute to debian-edu during this release, but I’m impressed with all the work that they’ve done. (unfortunately current builds have some issues with installing, will test again soon).

Debian-edu installation media bootscreen.

2019-02-26: Upload new upstream version of python3-flask-api (1.1+dfsg-1) (team upload) (Closes: #911004, #911003).

2019-02-26: Upload new upstream version of python3-flask-testing (0.7.1-1) (team upload) (Closes: #920478).

2019-02-26: Upload new upstream version of python3-adal (1.2.1-1) (team upload).

2019-02-28: Release new upstream bug fix version of zram-tools (

2019-02-28: Upload new upstream version of zram-tools ( to debian unstable (Closes: #911748, #911746, #911749, #911747, #913611).

2019-02-28: Upload libaa (1.4p5-46) to debian unstable (Closes: #709435, #396824)

Russ Allbery: Review: Daughters of the North

Enj, 28/02/2019 - 5:40pd

Review: Daughters of the North, by Sarah Hall

Publisher: Harper Perennial Copyright: 2007 ISBN: 0-06-143036-6 Format: Trade paperback Pages: 207

My name is Sister.

This is the name that was given to me three years ago. It is what the others called me. It is what I call myself. Before that, my name was unimportant. I can't remember it being used. I will not answer to it now, or hear myself say it out loud. I will not sign to acknowledge it. It is gone. You will call me Sister.

I was the last woman to go looking for Carhullan.

It's the unspecified near-future. The British economy, and then society, collapsed from climate change, flooding, and endless wars. The cities are now governed by a fascist emergency Authority, a permanent martial law that controls people's work assignments and allocations and that has required women to have birth control devices inserted. The narrator's marriage has collapsed with the society; her husband does not understand why she is so upset about things that can't be changed.

And so, at the start of the book, she carries out a careful plan to walk away, leaving the city and her marriage behind for the abandoned countryside. She goes to Carhullan: an isolated, self-sustaining farm run by women who refused to be registered and relocated and therefore were stripped of citizenship. A community from which men are barred.

(Let me express my deep gratitude to Hall for starting with her escape, and showing the background only in flashbacks. That authorial choice made this a much better book.)

Daughters of the North (published in the UK as The Carhullan Army) is clearly SF in subject matter: near future dystopia, with a twist of feminist separatism reminiscent of the peak of second-wave feminism. I read it because it won the James Tiptree Jr. Award for speculative fiction that explores and expands gender. But it was also a finalist for the Man Booker prize, with all that implies about writing quality and focus. So be warned: along with a book review, you're also getting an extended digression into the nature of genre and how books like this use the same premise for considerably different goals.

Let me be clear from the start: the writing in Daughters of the North is gorgeous.

Rain blew in from the summit of High Street, colder than before, soaking my face and clothes again. I tried to fasten my jacket but my fingers felt awkward and would not cooperate, so I held it closed over my chest. I peered into the squall. There was still no sign of the farm or even the outbuildings. All I could see were drifts of rain and the relentless brown withers of fell, appearing then disappearing. The adrenaline of the encounter had worn off. I had walked more than twenty miles to escape. And I had gambled with my life. Now I felt numb, and close to seizing up. All I wanted was water to drink, and to take the bag off my back, lie down, and go to sleep. It took all my energy to put one foot in front of the other and remain upright.

It is gorgeous in the way mimetic fiction so often is, where individual moments are sketched through sensory impressions and emotional reactions and given room to breathe and be felt. It's unhurried and deliberate, but still lean and focused, describing the transformation of a woman in a slim two hundred pages.

What it is not is opinionated. Or, more accurately, it's not forthright about its opinions. It describes the feelings and reactions of a woman who becomes known as Sister, it hints at the emotional undercurrents that led her to make the choices that she made, it describes her transformation in the communal culture of Carhullan, and then it stops. What conclusions one draws from that are left entirely to the reader.

I've become convinced by the definition of genre as a set of reading protocols rather than a specific setting or plot structure. (My exposure to this idea is primarily via Jo Walton, but it's a common idea in SF criticism.) Books like this are a convincing way to test that definition. I suspect that many science fiction readers will come away form Daughters of the North profoundly unsatisfied, muttering things like "but what happened then?" or "but were they right?" I also suspect that many readers of primarily mainstream fiction will slip happily into this book and add it to the mental pile of speculative fiction they enjoy. Or, even more likely, decide it's not speculative fiction at all. And, in a way, I think they would be right.

In Daughters of the North, the world is setting. But in speculative fiction, the world is a character. The difference between setting and character is that characters change and grow over the course of the story, at least in the reader's understanding. Setting does not, or if it does, it changes incidentally.

In the supplementary material at the end of the edition of this book that I read, Hall says that she wanted to explore what might draw someone away from the established order and towards extremism or militancy. By the end of this book, one does have some feel for why the narrator made that choice, but it's tenuous and contradictory and conditional. I think Hall does a beautiful job of illustrating how much of life is inherently tenuous and contradictory and conditional. Decisions are rarely crisp and clear, but they still change one's life. Sometimes someone abruptly stops enduring the unendurable, and then something new happens. I think it's very telling, and very sharply observed by Hall, that although the narrator is fleeing humiliation and oppression, the part of her former life that bothers her the most is the futility and purposelessness. Carhullan, despite a few characteristics of utopia, is also brutal and political. But its charismatic leader never fails to give the community a purpose and a goal.

For the reader approaching this book through the speculative fiction reading protocol, though, it can be profoundly frustrating. There are glimmers of the expected plot arc: this world is awful, and the main character recognizes that and decides to act. There is some movement along that arc. But for the reader expecting setting as character, for the world itself to grow and change, Daughters of the North is maddeningly ambivalent. Who exactly are the Authority? What are they thinking; what are their motives? What's the best way to fight them? Is it the way Carhullan fights them? Will it work? What will they do in response? Daughters of the North is uninterested in these questions.

I think it's close to impossible to provide in the same book both the deep sense of character and sensation of mimetic fiction and the sense of change and revolution and setting as character of speculative fiction. The mission to change the world is emotional and political; it demands engagement and consumes the oxygen of the plot. It doesn't leave room for closely-observed ambiguity or ambivalence, or for the quiet spaces in the center of the narrator's character that allow the reader to interpolate or project, to try to puzzle out the shape of friendship and society and courage in a society that is by turn fanatical and utopian. I can write the mimetic fiction reader's reaction to the SF objections: do you want your emotions spoon-fed to you? Why do you want the book to tell you what to think instead of working it out for yourself? If this book described the details of politics and revolution, it would turn into another operatic war story, and all of the fine detail would be lost.

And, to be clear, they're not wrong. But neither is the SF reader; it's just another way of reading.

Despite my appreciation of what Daughters of the North is doing, and the skill with which Hall wrote it, I fear I'm far closer to the SF camp. Here's my counter-argument: I don't want to be told what to think, but I want a fight. I don't want the book to hint at moral dilemmas; I want it to take a stand so that I can argue with it. Write a passionate defense for your utopia. Why is it better? What works? What doesn't? Is the change in political communication style inside Carhullan an aspect of gender, or something Jackie (the Carhullan leader) created, or something any group of people could create with the right discussion structure? The Authority is clearly awful and clearly wrong, but what's the replacement? Is it more Carhullans? Something else? What do you think will happen past the end of this book? Why?

It's not that I want to be spoon-fed, it's that I want to engage. I wanted the story to fight for something, to go out on a limb, to take a risk on its opinions, to declare for a side. Yes, the world is ambiguous and murky: now what? We still have to act, we still have to make decisions, and we still have to decide if those decisions were right or wrong. How do we do that? What criteria should we use? Is Jackie justified in the things she does in this story?

That's what you get out of a story where the world is a character. You get worlds with character growth, which means an argument about change. Political, social, technological, often all three. Daughters of the North almost gets there, gets so very close by the end of the book to making that core argument, but then still turns inward. To the last page, it's more interested in closely observing Sister than in portraying change in the world.

I think some people will adore this book, and it certainly deserves the Tiptree award. It's a far more subtle story of feminist separatism than many of its predecessors, and examines the idea from some interesting angles. It never bored me and never bogged down; it kept me turning the pages eagerly to the end of the story, and I think it succeeded within the goals of its own genre. But, deep in my heart, I'm a world-as-character reader.

Content warning for those who might want it: Daughters of the North contains a detailed torture scene, a scene I would call partner rape, and a few instances of graphic violence.

Rating: 7 out of 10