You are here

Planet Debian

Subscribe to Feed Planet Debian
Planet Debian -
Përditësimi: 2 months 3 javë më parë

Trying out crostini on chromebook plus (kevin).

Sht, 10/11/2018 - 1:51pd
Trying out crostini on chromebook plus (kevin). It's an aarch64 environment, some packages are missing because of that. Feels much slower compared to termux on the same machine especially when I am installing packages, but maybe because apt is completely different.

Junichi Uekawa Dancer's daily hackings

Sal Mubarak 2075

Pre, 09/11/2018 - 5:30pd

Best wishes to one and all for a prosperous and auspicious Gujarati New Year (V.S. 2075 called sadharana.)

We have spent Diwali week this year in sunny Orlando Florida doing various touristy things. (None of which involve a certain copyright hoarding mouse I'm happy to say.) I didn't put up a [VAC] notice because I haven't really been doing anything much in Debian of late. That is something I hope to change in the coming year but I'll think about that later. Right now I'm excited about the day trip we're going to make to Cape Canaveral. So here is a picture of Apollo 12, one of the biggest fireworks Man has ever sent to the Gods on Diwali 2026. Well, the pedant in me is forced to point out the launch date was actually Labh Pancham but that's close enough.

Jaldhar Vyas La Salle Debain

My Free Software Activities in October 2018

Pre, 09/11/2018 - 12:42pd

Welcome to Here is my monthly report that covers what I have been doing for Debian. If you’re interested in Java, Games and LTS topics, this might be interesting for you.

Debian Games
  • Again Yavor Doganov saved the day by porting monster-masher away from obsolete libraries like esound and gconfmm (RC, #848052, #856086, #885037). I reviewed and sponsored the package for him again.
  • Gürkan Myczko prepared a new upstream version of greed, a classic text-console game. I provided a desktop icon and sponsored the upload.
  • Several games failed to build from source because freetype-config is gone and pkg-config must be used from now on. That required RC bug fixes in asc (#887600),  brutalchess (#892337, patch by Reiner Herrmann), cube2font (#892330, patch by Reiner Herrmann with additional updates by Martin Erik Werner) and scorched3d (#892434, patch by Adrian Bunk)
  • I packaged new upstream versions of pcsx2, a Playstation 2 emulator, to fix RC bug #907411, also pygame-sdl2, renpy and bzflag.
  • I refreshed the packaging of abe, asc-music, amoebax, angrydd, airstrike, burgerspace, berusky2 and berusky-data.
  • Dima Kogan approached me about improving the current Bullet packaging and provided patches to build the double-precision library versions too.  Bullet is a state-of-the-art C++ library for 3D collision detection, soft body and rigid body dynamics. I once introduced it to Debian because it was a required build-dependency of freeorion. Nowadays it powers several scientific applications. I still maintain it because I think it is a very useful library, e.g. used among others by openrobotics.
  •  I spent most of the time this month on updating Teeworlds. Since I run a Teeworlds server myself I discovered a remote denial-of-service vulnerability first hand. Of course my server was not the only target and the upstream developers  had already released a fix. But I only got aware of it by chance. So I requested CVE-2018-18541, packaged the latest upstream release 0.7.0 and also prepared a security update for Stretch, released as DSA-4329-1.
  • Last but not least I sponsored a new game created and prepared by Gerardo Ballabio called galois. It is a tetris-like game with special features like 3D and different brick shapes. It is currently waiting in the NEW queue.
Debian Java Misc
  • I sponsored android-platform-system-core for Kai-Chung Yan and did a non-maintainer upload for eboard, a chess client to fix RC bug #893167. I forwarded some patches and I hope we will see another upstream release in the near future that addresses some issues.
  • I packaged a new upstream release of ublock-origin.
Debian LTS

This was my thirty-second month as a paid contributor and I have been paid to work 30 hours on Debian LTS, a project started by Raphaël Hertzog. In that time I did the following:

  • From 08.10.2018 until 14.10.2018 and 29.10.2018 until 4.11.2018 I was in charge of our LTS frontdesk. I investigated and triaged CVE in gnulib, otrs2, tcpreplay, net-snmp, ghostscript, paramiko, pyopenssl, qpdf, requests, glassfish, imagemagick, tomcat8, tomcat7, moin, glusterfs, mono, tiff, systemd, network-manager, shellinabox, openssl, curl, squid3, icecast2, sdl-image1.2, libsdl2-image, mkvtoolnix, libapache-mod-jk, mariadb-10.0, mysql-connector-java and jasper.
  • There was a problem with our list manager and some announcements could not be preserved.
  • DLA-1535-1. Issued a security update for php-horde fixing 1 CVE.
  • DLA-1536-1. Issued a security update for php-horde-core fixing 1 CVE.
  • DLA-1537-1. Issued a security update for php-horde-kronolith fixing 1 CVE.
  • DLA-1540-1. Issued a security update for net-snmp fixing 1 CVE.
  • DLA-1543-1. Issued a security update for gnulib fixing 1 CVE.
  • DLA-1544-1. Issued a security update for tomcat7 fixing 1 CVE.
  • DLA-1545-1. Issued a security update for tomcat8 fixing 1 CVE.
  • DLA-1546-1. Issued a security update for moin fixing 1 CVE.
  • DLA-1552-1. Issued a security update for ghostscript fixing 3 CVE.
  • DLA-1564-1. Issued a security update for mono fixing 1 CVE.
  • DLA-1565-1. Issued a security update for glusterfs fixing 5 CVE.

Extended Long Term Support (ELTS) is a project led by Freexian to further extend the lifetime of Debian releases. It is not an official Debian project but all Debian users benefit from it without cost. The current ELTS release is Debian 7 „Wheezy“. This was my fifth month and I have been paid to work 15  hours on ELTS.

  • I was in charge of our ELTS frontdesk from 15.10.2018 until 21.10.2018 and I triaged CVE in chromium-browser, ghostscript, openexr, unzip, virtualbox, elfutils, liblivemedia, exiv2, movabletype-opensource, quemu, quemu-kvm, tiff and tcpreplay.
  • ELA-50-1. Issued a security update for linux fixing 34 CVE.
  • ELA-51-1. Issued a security update for tomcat7 fixing 1 CVE.
  • ELA-54-1. Issued a security update for curl fixing 1 CVE.
  • ELA-55-1. Issued a security update for firmware-nonfree fixing 8 CVE.

Thanks for reading and see you next time.

Apo planetdebian –

Record number of uploads of a Debian package in an arbitrary 24-hour window

Enj, 08/11/2018 - 11:56md

Since Dimitri has given me the SQL virus I have a hard time avoiding opportunities for twisting my brain.

Seeing the latest post from Chris Lamb made me wonder: how hard would it be to do better? Splitting by date is rather arbitrary (the split may even depend on the timezone you’re using when you’re doing the query), so let’s try to find out the maximum number of uploads that happened for each package in any 24 hour window.

First, for each upload, we get how many uploads of the same package happened in the subsequent 24 hours.

SELECT source, date, ( SELECT count(*) FROM upload_history AS other_upload WHERE other_upload.source = first_upload.source AND >= AND < + '24 hours') AS count FROM upload_history AS first_upload

For each source package, we want the maximum count of uploads in a 24 hour window.

SELECT source, max(count) FROM upload_counts GROUP BY source

We can then join both queries together, to get the 24-hour window in which the most uploads of a given source package has happened.

WITH upload_counts AS ( SELECT source, date, ( SELECT count(*) FROM upload_history AS other_upload WHERE other_upload.source = first_upload.source AND >= AND < + '24 hours') AS count FROM upload_history AS first_upload ) SELECT source, date, count FROM upload_counts INNER JOIN ( SELECT source, max(count) AS max_uploads FROM upload_counts GROUP BY source ) AS m USING (source) WHERE count = max_uploads AND max_uploads >= 9 ORDER BY max_uploads DESC, date ASC;

The results are almost the ones Chris has found, but cl-sql and live-config now have one more upload than live-boot.

source | date | count --------------------+------------------------+------- cl-sql | 2004-04-17 03:34:52+00 | 14 live-config | 2010-07-15 17:19:11+00 | 14 live-boot | 2010-07-15 17:17:07+00 | 13 zutils | 2010-12-30 17:33:45+00 | 11 belocs-locales-bin | 2005-03-20 21:05:44+00 | 10 openerp-web | 2010-12-30 17:32:07+00 | 10 debconf | 1999-09-25 18:52:37+00 | 9 gretl | 2000-06-16 18:53:11+00 | 9 posh | 2002-07-24 17:04:46+00 | 9 module-assistant | 2003-09-11 05:53:18+00 | 9 live-helper | 2007-04-20 18:16:38+00 | 9 dxvk | 2018-11-06 00:04:02+00 | 9 (12 lines)

Thanks to Adrian and Chris for the involuntary challenge!

olasd english – olasd's corner of the 'tubes

Record number of uploads of a Debian package in a day

Enj, 08/11/2018 - 10:43md

Previously, on IRC...

* bunk looks at dxvk and wonders whether 9 uploads of a package on 1 day are a record

According to the Ultimate Debian Database, it turns out it isn't:

udd=> SELECT source, DATE(date) as day, COUNT(source) FROM upload_history GROUP BY (source, day) ORDER BY count DESC LIMIT 10; source | day | count --------------------+------------+------- live-config | 2010-07-15 | 13 live-boot | 2010-07-15 | 13 cl-sql | 2004-04-17 | 13 zutils | 2010-12-30 | 11 openerp-web | 2010-12-30 | 10 belocs-locales-bin | 2005-03-20 | 10 debconf | 1999-09-25 | 9 dxvk | 2018-11-06 | 9 live-helper | 2007-04-20 | 9 module-assistant | 2003-09-11 | 9 (10 rows) Chris Lamb lamby: Items or syndication on Planet Debian.


Enj, 08/11/2018 - 8:44md

duc's GUI view

Continuing a series of blog posts about Debian packages I have adopted (starting with smartmontools), in January this year I adopted duc ("Dude, where are my bytes?")

duc is a tool to record and visualise disk space usage. Recording and visualising are performed separately, meaning the latter is very fast. There are several visualisers available. The three most interesting ones are

  • duc ui, a text terminal/ncurses-based heirarchical browser
  • duc gui, a GUI/X11 application
  • duc cgi, a CGI for access with a web browser

The GUI and CGI resemble the fantastic Filelight KDE tool, which I've always preferred to the similar tools available for GNOME, Windows or macOS. (duc itself works fine on macOS). The CGI could be deployed on my NAS, but I haven't set it up yet.

Indexing is performed via duc index <path> and seems very quick when compared to something like du -sh. The index is stored in a local database.

I adopted duc in sad circumstances after the prior maintainer decided to step down, in response to a discussion we had about a feature request for the Debian package. This wasn't the outcome I wanted, but it's a package I use regularly on several machines so I stepped up to adopt it.

jmtd Jonathan Dowland's Weblog

New Debian Developers and Maintainers (September and October 2018)

Enj, 08/11/2018 - 2:00md

The following contributors got their Debian Developer accounts in the last two months:

  • Joseph Herlant (aerostitch)
  • Aurélien Couderc (coucouf)
  • Dylan Aïssi (daissi)
  • Kunal Mehta (legoktm)
  • Ming-ting Yao Wei (mwei)
  • Nicolas Braud-Santoni (nicoo)
  • Pierre-Elliott Bécue (peb)
  • Stephen Gelman (ssgelm)
  • Daniel Echeverry (epsilon)
  • Dmitry Bogatov (kaction)

The following contributors were added as Debian Maintainers in the last two months:

  • Sagar Ippalpalli
  • Kurt Kremitzki
  • Michal Arbet
  • Peter Wienemann
  • Alexis Bienvenüe
  • Gard Spreemann


Jean-Pierre Giraud Bits from Debian

New and improved Frikanalen Kodi addon version 0.0.3

Enj, 08/11/2018 - 10:30pd

If you read my blog regularly, you probably know I am involved in running and developing the Norwegian TV channel Frikanalen. It is an open channel, allowing everyone in Norway to publish videos on a TV channel with national coverage. You can think of it as Youtube for national television. In addition to distribution on RiksTV and Uninett, Frikanalen is also available as a Kodi addon. The last few days I have updated the code to add more features. A new and improved version 0.0.3 Frikanalen addon was just made available via the Kodi repositories. This new version include a option to browse videos by category, as well as free text search in the video archive. It will now also show the video duration in the video lists, which were missing earlier. A new and experimental link to the HD video stream currently being worked on is provided, for those that want to see what the CasparCG output look like. The alternative is the SD video stream, generated using MLT. CasparCG is controlled by our mltplayout server which instead of talking to mlt is giving PLAY instructions to the CasparCG server when it is time to start a new program.

By now, you are probably wondering what kind of content is being played on the channel. These days, it is filled with technical presentations like those from NUUG, Debconf, Makercon, and TED, but there are also some periods with EMPT TV and P7.

As usual, if you use Bitcoin and want to show your support of my activities, please send Bitcoin donations to my address 15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b.

Petter Reinholdtsen Petter Reinholdtsen - Entries tagged english

Free Software Activities in October 2018

Enj, 08/11/2018 - 6:59pd

Welcome to another monthly summary of my free software work. Currently I'm focusing on improving the state of packaging for FreeCAD and its ecosystem of dependencies and related packages in Debian Science. Additionally, I recently revived the FreeCAD Community Extras PPA as a way of staging these packages out to users for testing. If you are a FreeCAD user, developer, or simply a user of one of these packages, I would greatly appreciate your feedback and testing to identify bugs while my packages wait to make it into the Debian archive.

However, in the long-term, I plan to move away from spending so much time on Debian packaging and returning to FreeCAD core development, and a special not-so-secret related project: PostCAD, providing OpenCASCADE geometry & topology bindings plus CAD data and filetype format support for PostgreSQL, a la PostGIS. The goal is to build this out as a rich backend which FreeCAD can talk to about neat CAD stuff. It's a heaping of work, though, so I don't expect to have a public release until mid or late 2019.

I would like to find others who are interested in contributing to FreeCAD ecosystem packaging for mentorship. That way, my efforts are maintained by the community and the quality and availability of packages won't wane with my attention on them. Since FreeCAD participates in Google Summer of Code, this would be a great opportunity for interested university students to learn Debian packaging and improve the state of science & engineering software on Debian.

Anyway, on to my summary!

Debian News

This month, I officially became a Debian Maintainer. This is a basic level of formal membership in the Debian project, and it comes with limited upload rights to the archive. I can only upload packages for which I am marked as a maintainer, for example FreeCAD.

I took advantage of this to upload some improvements for FreeCAD which I had been sitting on. After a few tweaks, the package was ready for an upgraded upload from Experimental to Unstable, which begins the process of candidacy for Testing, the release pocket for the upcoming Debian 10.

Debian FreeCAD Gets Qt 5

Most important about this upload, though was that FreeCAD is finally being built with Qt 5 support. While Qt 5 had been working for quite a while, we were waiting on a dependency to be uploaded to Debian, PySide 2, which finally was uploaded this summer. Because this is a big switch to flip, any testing and reporting of bugs for this Debian package would be appreciated!

FreeCAD Package Structure Reorganization

One of the other major packaging changes for FreeCAD 0.17 is that the package is no longer a single, monolithic freecad package. We now have:

  • a freecad metapackage, which installs the other packages
  • common files and resources (e.g. images) in freecad-common
  • freecad-runtime contains Python 2/3 compatible runtime files
  • the executable built against Python 2, freecad-python2
  • and the library files used by the executable, libfreecad-python2-0.17

There are several advantages to this approach. The first is that since freecad-common and freecad-runtime are just pictures, Python scripts, and the like, we can save space in the archive by only needing one copy of the package, instead of one for each supported architecture. For freecad-python2 and libfreecad-python2-0.17, one can see the advantage in the name: since these are Python 2 specific, we will soon be able to provide their Python 3 counterparts.

Ideally, by the time of the Debian 10 release, the FreeCAD 0.17 package will provide both Python 2 and 3 supported versions, and which one you want to use can be switched between using the alternatives system, which I will explain later in this post.

FreeCAD Python 3 Imminent

Like Qt 5, FreeCAD has supported Python 3 for quite some time. (Workbenches and 3rd party code are another story.) However, in Debian, a Python 3-enabled FreeCAD package is blocked by the pending upload of pivy 0.6. I helped coordinate the upstream release of this package but due to issues with its dependency Coin3D the upload is stalled until those issues are resolved.

Community Extras PPA - Early Packge Previews

Now that we have the Community Extras PPA, it serves as a convenient location for me to upload packages as soon as I have one completed and ready for testing. Here are my uploads this month.

Gmsh 4

Gmsh has released a major version upgrade, which includes removing the experimental Java API and introducing Julia bindings, although this package doesn't do anything with them. The current version in the Debian archives is 3.0.6.

This package is only available on Bionic (Ubuntu 18.04) due to its dependencies. I hadn't tried on Cosmic (Ubuntu 18.10) since I worked on this in the beginning of October and it wasn't released yet.

Calculix 2.14

CalculiX in Debian is currently several versions behind (2.11) so I got a request to package this. However, CalculiX actually spans several packages, but calculix-ccx, the solver, is the only one used by FreeCAD, so unlike the other packages, this one is not quite ready for Debian until the other ones are done as well, since they are separate source packages.

This package is available on Bionic and Xenial (Ubuntu 16.04).

Translated FreeCAD-Doc Packages

One of the big areas for improvement in FreeCAD is the state of its documentation, and I'm glad to announce that one big improvement is on its way. I have been working on a standalone freecad-doc package, since it was removed from the Debian archive for being derived from pre-compiled binary files. This package involves using a local synced copy of the FreeCAD Wiki text and images, and using the script that was used to generate the aforementioned binary files.

The main improvement my package offers is support for the two most complete translations of the FreeCAD wiki, French and Italian. This is accomplished by making freecad-doc a metapackage which depends on any one of freecad-doc-en, -it, or -fr being installed. Then, the relevant files in freecad-doc upon which freecad will call are in fact managed symlinks to the appropriate translations. The symlinks are managed by the DebianAlternatives system (see update-alternatives(1).)

In order to switch between translations if more than one is installed, you can run sudo update-alternatives --config freecad-doc. This will control the in-program help for FreeCAD, so when you click the "What's this?" button, the resultant help page will be the translated version.

Additionally, compiled PDFs of the FreeCAD help are provided for all three languages.

One result of the nature of this package is that it is quite large: each freecad-doc translated package weighs in about 300 MB so the combined size is about 1.2 GB, per Ubuntu distribution.

As a result, this package is only available on Bionic and Xenial.

PyCOLLADA 0.6, now with Python 3!

Another package which is fairly out of date in Debian (version 0.4 present), I decided to update it since pycollada is a dependency of FreeCAD and I am intrigued by the possibilities of the COLLADA (COLLAborative Design Activity) format. This allows for interchange with interactive 3D applications like Blender.

The big news with this package is that Python 3 support is now available, so I updated the source packaging to provide both Python 2 and 3 packages.

Again due to dependencies, it's only available on Cosmic and Bionic.


My work on Debian Science and FreeCAD is supported by my patrons at Thank you all very much!

If you appreciate my work as described in this post, any level of support is greatly appreciated, including moral support!

Social Media

You can follow me on Twitter at @thekurtwk. I'm also currently working on a Twitch streaming setup, which I hope to have ready by the end of the year! I'll be trying out some live programming, engineering, and Linux gaming. You can find me at

Kurt Kremitzki Biosystems Engineering Blog (Posts about debian)

AMD Ryzen 5 2400G on Debian

Enj, 08/11/2018 - 3:15pd

Today at work I built two new computers for co-workers. They were (rightfully so) complaining the 2008 iMacs they were using were getting old and slow.

I can't help but be a little sad about it. These computers are still pretty usable for light tasks and are in overall pretty good shape. To be honest, I'm not sure what I'll be doing with them.

Tasked with the job of building new computers at a reasonable price, I decided to go with the latest AMD CPU, the Ryzen 5 2400G. This is the second generation of Ryzen chips and it includes an APU, thus negating the need to buy a discrete GPU.

This chip is pretty recent so the support in Stretch isn't great. The APU graphics stack was too recent to be supported by the 4.9 stable kernel, so I had to install 4.18 from the backports.

I also had to install the xserver-xorg-video-amdgpu driver from testing, as AMD's Vega arch wasn't a thing when Stretch came out. Although AMD did the right thing and used FOSS drivers for their Vega GPU lineup, you still need proprietary firmware (firmware-amd-graphics) for the APU to be fully supported.

It was my first time using NVME SSDs, and oh boy are those fast. I was sceptical at first (SATA SSDs are pretty fast, right?) but the difference in snap really is noticeable. I now regret I didn't put that in my desktop at home when I replaced my SSD 6 months ago...

All in all I'm pretty happy with the final result. The performance of the Ryzen 5 2400G is good and the price of the overall build was reasonable.

Louis-Philippe Véronneau Louis-Philippe Véronneau

RIP Dropbox on Linux

Enj, 08/11/2018 - 2:11pd

Yesterday, Dropbox has finally pulled the plug on its Linux support. Let us keep a silent minute for the deceased.

Of course, Dropbox does see this differently, but their explanation that ext4 is the only reasonable file system (and be aware, not in all combination and encryption), and also the only that supports extended attributes, is so ridiculously stupid that it is vain to even discuss it.

Yes I know, as OSS enthusiast I should (and I am) using NextCloud. But integration-wise Dropbox is still the best, and many of my applications only offer Dropbox integration (or, God forbid, OneDrive integration).

For those desperate one like me:

  • git clone
  • make the script executable
  • call make there to build the shared library
  • disable auto-start in the Dropbox application
  • add the to your list of autostart programs

It is not a perfect, and surely not a solution that will work forever, but for now until I have moved all my files out and somehow converted to different applications, it does its job.

RIP Dropbox on Linux, and I hope this company will disappear as punishment for their stupidity.

Norbert Preining There and back again

GNOME ED update – October

Enj, 08/11/2018 - 1:07pd

I’m currently writing this from sunny (but very cold!) Colorado Springs, and tomorrow I’m off to SeaGL. We’ll have a booth there, so come and say hi to me and Rosanna if you’re in Seattle! More on that in the next report, however :)


As per usual, our main focus has been on the hiring of new staff members for the Foundation. We’ve completed a few second interviews and a couple of first interviews. We’re aiming to start making offers around the end of November. If you have put in an application, and haven’t heard back in a while, please don’t worry! It’s simply due to a large number of people who’ve applied and the very manual way we’ve had to process these. Everyone should hear back.

We’ve also had some interesting times with our banking. The short version is, we’ve moved banks to another provider. This has taken quite a bit of work, but hopefully, this should be settling down now.

As mentioned in issue #43, we have an employee handbook. However, it’s not public and hasn’t been updated. We’ve now managed to find a service that will do some of this for us, so we don’t need to create a whole load of text.

Finally, some minor items: Three trademark agreements were granted/modified, one GDPR request is being considered (removal of email from list archives), the GNOME namespace on has been requested (which involved a number of calls with our trademark lawyer), a Dun and Bradstreet number (D-U-N-S) has been requested so we can then request a free Apple code signing certificate and the EU events box should now have a laptop.

Conferences SustainOSS Summit

This event was quite interesting and was held in London at the end of October. There was an estimated 150 people attend, and all to talk about the sustainability of open source software, and how this can be improved (sustainability here should be read in all forms; financial, newcomer experience; maintainer burnout etc).


Held in Bristol at the start of November Freenode#Live was once again an impressive event, and I presented my “Why Free Software on the desktop matters” talk. The most useful aspect of the event is to meet up with key people in the FOSS community, and Advisory Board members.

Finally, as we were leaving the venue, one of the venue staff members came up to say hello. He’s a professional graphic illustrator/designer and although having never heard about free software before, was impressed by the conference and our passion that he’s volunteering to help with design work.

Neil McGovern Geek – Liberal Murmurs

Beauty Breaks Through

Mër, 07/11/2018 - 10:23pd

Two years ago, I was in the middle of the forest in rural southern Indiana. It was a time of hope – of defeating racism, sexism, xenophobia. Hope for affordable health care, for peace, for care for the young and the old. Then I woke up, in that beautiful place, to the news that Donald Trump would be president. Trump. President.

A few days later, I wrote Morning In The Skies, which included, in part:

Not long after the election, I got in a plane, pushed in the throttle, and started the takeoff roll down a runway in the midst of an Indiana forest. The skies were the best kind of clear blue, and pretty soon I lifted off and could see for miles. Off in the distance, I could see the last cottony remnants of the morning’s fog, lying still in the valleys, surrounding the little farms and houses as if to give them a loving hug. Wow.

Sometimes the flight is bumpy. Sometimes the weather doesn’t cooperate, and it doesn’t happen at all. Sometimes you can fly across four large states and it feels as smooth as glass the whole way.

Whatever happens, at the end of the day, the magic flying carpet machine gets locked up again. We go home, rest our heads on our soft pillows, and if we so choose, remember the beauty we experienced that day.

Really, this post is not about being a pilot. This post is a reminder to pay attention to all that is beautiful in this world. It surrounds us; the smell of pine trees in the forest, the delight in the faces of children, the gentle breeze in our hair, the kind word from a stranger, the very sunrise.

I hope that more of us will pay attention to the moments of clear skies and wind at our back. Even at those moments when we pull the hangar door shut.

For two years, I have often reflected on the bittersweet memories of that trip to Indiana. But for some reason, I hadn’t shared that photo until today. That beautiful valley-hugging fog is what you see above.

These last two years have been — well, full. Full of hate, even of death in the wake of several racist murders. But that’s not all. These years have also been full of an awakening, a swelling of people that care. People that care enough to do something. All across the country, people have risen up to send the message: “Trumpism is not American.” My own family did something we never had before: joined a protest, against families being separated. I and many others knocked on doors and made phone calls for the first time. Millions of Americans care and are doing something. We have seen the true colors of what the GOP has become, and it’s ugly, but people care. What’s more, we’ve won the first battle. Here in what the media often calls “deep-red Kansas”, we will have a Democratic governor. Racism and vote suppression has been sent packing, here in Kansas.

We have a powerful reminder that part of what makes this world beautiful is its people. People that go knock on doors in the cold. People that drive people to voting places. People that care about health care for others, about food for others, about education, intact families, refugees, and the earth itself. People that know the fight has just begun and are going to be there fighting for what is right and just for years to come. People that make the world beautiful.

John Goerzen The Changelog

TeX Live/Debian updates 20181106

Mër, 07/11/2018 - 1:51pd

All around updates in the TeX Live on Debian world: Besides the usual shipment of macro and font packages, we have uploaded a new set of binaries checked out from current svn, as well as the latest and shiniest version of biber to complement the macro update of biblatex.

The version for the binary packages is 2018.20181104.49075 and is based on svn revision 49075. That means we get:

  • new dvisvgm version 2.6.1
  • several bugfixes in dvipdfmx
  • addition of dviout-util (previously only available on Windows): dvispc, chkdvifont
  • various security related bugfixes

In addition to that, in Debian we switched to the separately packaged version of teckit instead of using the one shipped in TeX Live.

The version of the macro/font packages is 2018.20181106-1 and contains the usual set of updated and new packages, see below for the complete list. One important – though not functional – update is the one of hyph-utf8, where the license of the UK English patterns has changed from a TeX like license statement (changes allowed with renaming clause) that generates again and again puzzlement in the Debian community (latest instance is bug 912557, which actually spread out into other packages). Thanks to the original authors and the team of hyph-utf8 these patterns are now finally under the MIT license.

Biber has been updated to 2.12-1 which is compatible with the version of biblatex in the current set of packages.

The packages are already included in the archive but might need a bit until arriving at your local mirror.

Please enjoy.

New packages

biblatex-bath, brandeis-problemset, changelog, cluttex, colorprofiles, ditaa, facture-belge-simple-sans-tva, grabbox, identkey, pgf-cmykshadings, pst-moire, srdp-mathematik, thesis-qom, zhlineskip,

Updated packages

acmart, aeb-minitoc, arabluatex, arara, asciilist, babel, babel-belarusian, baskervillef, biblatex, biblatex-bath, biblatex-chem, biblatex-ext, biblatex-nature, biblatex-opcit-booktitle, biblatex-phys, biblatex-science, bidi, brandeis-problemset, catechis, changes, chemfig, cm, cochineal, colorprofiles, currency, diffcoeff, docsurvey, ducksay, europecv, exsol, facture-belge-simple-sans-tva, fancyvrb, firamath, fontawesome5, fonts-tlwg, footnoterange, grayhints, gtrlib-largetrees, hyphen-afrikaans, hyphen-ancientgreek, hyphen-armenian, hyphen-basque, hyphen-belarusian, hyphen-bulgarian, hyphen-catalan, hyphen-chinese, hyphen-churchslavonic, hyphen-coptic, hyphen-croatian, hyphen-czech, hyphen-danish, hyphen-dutch, hyphen-english, hyphen-esperanto, hyphen-estonian, hyphen-ethiopic, hyphen-finnish, hyphen-french, hyphen-friulan, hyphen-galician, hyphen-georgian, hyphen-german, hyphen-greek, hyphen-hungarian, hyphen-icelandic, hyphen-indic, hyphen-indonesian, hyphen-interlingua, hyphen-irish, hyphen-italian, hyphen-kurmanji, hyphen-latin, hyphen-latvian, hyphen-lithuanian, hyphen-mongolian, hyphen-norwegian, hyphen-occitan, hyphen-piedmontese, hyphen-polish, hyphen-portuguese, hyphen-romanian, hyphen-romansh, hyphen-russian, hyphen-sanskrit, hyphen-serbian, hyphen-slovak, hyphen-slovenian, hyphen-spanish, hyphen-swedish, hyphen-thai, hyphen-turkish, hyphen-turkmen, hyphen-ukrainian, hyphen-uppersorbian, hyphen-welsh, hyph-utf8, keyvaltable, komacv-rg, l3build, l3experimental, l3kernel, l3packages, latex2e-help-texinfo, latex2e-help-texinfo-spanish, latexdiff, latexindent, latex-make, latexmk, listofitems, lualibs, luaotfload, luatexja, luaxml, lwarp, multilang, nicematrix, onedown, pdfcomment, pgf-cmykshadings, platex-tools, plautopatch, pst-marble, reledmac, rutitlepage, spectralsequences, svg, tex4ht, texcount, tikzmark, toptesi, typed-checklist, uantwerpendocs, univie-ling, witharrows, xits.

Norbert Preining There and back again

Reproducible Builds: Weekly report #184

Mar, 06/11/2018 - 7:52md

If you’re interested in attending the Reproducible Builds summit in Paris between 11th—13th December please see our event page.

In the meantime, here’s what happened in the Reproducible Builds effort between Sunday October 28 and Saturday November 3 2018:

Packages reviewed and fixed, and bugs filed

Chris Lamb also sent two previously-authored patches for GNU mtools to ensure the Debian Installer images could become reproducible. (1 & 2)

This week’s edition was written by Alexander Bedrossian, Amit Biswas, Anoop Nadig, Bernhard M. Wiedemann, Chris Lamb, David A. Wheeler, Holger Levsen, Snahil Singh, Nick Gregory & reviewed by a bunch of Reproducible Builds folks on IRC & the mailing lists.

Reproducible builds folks

Daisy and George got passports

Mar, 06/11/2018 - 2:56md

For readers of Planet Debian who met Daisy and George in July: they now have their own passports (and more adventure books in the works).

Jon Debian –

My Open-Source Activities from September to October 2018

Mar, 06/11/2018 - 12:51md

Welcome readers, this is a infrequently updated post series that logs my activities within open-source communities. I want my work to be as transparent as possible in order to promote open governance, a policy feared even by some “mighty” nations.

I do not work on open-source full-time, although I sincerely would love to. Therefore the posts may cover a ridiculously long period (even a whole year).

Unfortunately this blog site does not support commenting. So if anyone has anything to discuss regarding the posts, feel free to reach me via the social links at the footer of the page.


Debian is a general-purpose Linux distribution that is widely used on the planet. I am currently a Debian Maintainer who works on packages related to Android SDK and the Java ecosystem.

Some Android SDK Packages Now Available on Every Architecture

For a long time our packages are only available on x86, ARM and MIPS architectures. This is due to the fact that AOSP is only designed to support those 3 major instruction sets in the market. Another physical limitation is that libunwind, a common dependency by most Android SDK components, can only be built on said architectures after being patched by AOSP. ADB and fastboot now even removed the support on MIPS because we now build them against BoringSSL which does not support MIPS at all. In light of the removal of MIPS support in NDK as well, I can assume that the entire AOSP will say goodbye to MIPS at some point.

But not all components rely on libunwind. With some minor efforts and investigations, we can now enable some of them to build on every architecture that Debian supports. For now they include:

There will surely be more on the road, stay tuned.

DD Application Approved

For those who aren’t familiar with the term, DD means Debian Developer who are official member of the Debian Project and usually have access and permissions to most parts of Debian’s infrastructure.

As a Debian Maintainer (DM), I can ask for upload permission on any packages and upload them without needing a sponsor. But in case of introducing new binary packages or hijacking ones from another source package I will need a sponsor. I believe with a DD account working in Debian will become smoother and easier.

So I applied for DD about… 6 months ago! After a marathon of Q&A sessions I finally got approved by my AM Joerg Jaspert. Now I still have to wait for further review by the system, perhaps I can get the account in November.

Big thanks to Hans-Christoph Steiner, Markus Koschany and Emmanuel Bourg who advocated me, and my AM Joerg Jaspert.

Voidbuilder Release 0.2.0

Voidbuilder is a simple program that mimics pbuilder but uses Docker as the isolation engine. I have been using it privately and am quite satisfied.

Last month I released a 0.2.0 version with the following changes:

  • The login sub-command no longer builds the source-only bundle and this task must be done by the user.
  • One failed hook no longer fail the entire job, instead a message will pop up.
殷啟聰 | Kai-Chung Yan Blog by seamlik

How to run CEWE photo creator on Debian

Hën, 05/11/2018 - 8:28md


This post describes how I debug an issue with a proprietary software. I hope this will give you some hint on how to proceed should you face a similar issue. If you’re in a hurry, you can read the TL;DR; version at the end.

After the summer vacations, I’ve decided to offer a photo-book to my mother. I searched for open-source solution but the printed results were lackluster.

Unfortunately, the only possible solution was to use professional service. Some of these services offer a web application to create photo books, but this is painful to use on a slow DSL line. Other services provide a program named CEWE. This proprietary program can be downloaded for Windows, Mac and, lo and behold: Linux !

The download goes quite fast as the downloaded program is a Perl script that does the actual download. I would have preferred a proper Debian package, but at least Linux amd64 is supported.

Once installed, CEWE program is available as an executable and a bunch of shared libraries.

This program works quite well to create a photo album. I won’t go into the details there.

I ran into trouble when trying to connect the application to the service site to order the photo-book: the connection fails with a cryptic message “error code 10000”.

Commercial support was not much help as they insisted that I check my proxy settings. I downloaded again CEWE from another photo service. The new CEWE installation gave me the same error. This showed that the issue was on my side and not on the server’s side.

Given that the error occurred quite fast when trying to connect, I guessed that the connection setup was going south. Since the URL shown in the installation script began with https, I had to check for SSL issues.

I checked certificate issues: curl had no problem connecting to the server mentioned in the Perl script. Wireshark showed that the connection to the server was reset by the server quite fast. I wondered which version of SSL was used by CEWE and ran ldd. To my surprise, I found that ldd did not list libssl. Something weird was going on: SSL was required but CEWE was not linked to libssl…

I used another trick: explore all the menus of the application. This was a good move as I found a checkbox to enable debug report in CEWE in “Options -> paramètres -> Service” menu (that may be “options-> parameters -> support” in English CEWE). When set, debug traces are also shown on standard output of CEWE,

And, somewhere in the debug traces, I found:

W (2018-10-30T18:36:37.143) [ 0] ==> QSslSocket: cannot resolve SSLv3_client_method <==

So CEWE was looking for SSL symbols even though ldd did not require libssl…

I guessed that CEWE was using dlopen to open the ssl library. But which file was opened by dlopen ?

Most likely, the guys who wrote the call to dlopen did not want to handle file names with so version (i.e. like, and added code to open directly This file is provided by libssl-dev package, which was already installed on my system.

But wait, CEWE was probably written for Debian stable with an older libssl. I tried libssl1.0-dev.. which conflicts with libssl-dev. Oh well, I can live with that for a while…

And that was it ! With libssl1.0-dev installed, CEWE was able to connect to the photo service web site without problems.

So here’s the TL;DR; version. To run CEWE on Debian, run:

sudo apt install libssl1.0-dev

Last but not least, here are some suggestions for CEWE:

  • use libssl1.1. as libssl1.0 is deprecated and will be removed from Debian
  • place the debug checkbox in “System” widget. This widget was the first I opened when I began troubleshooting. “Service” does not mean much to me. Having this checkbox in both “Service” and “System” widgets would not harm

All the best

[ Edit: I first blamed CEWE for loading libssl in a non-standard way. libssl is actually loaded by QtNetwork. Depending on the way Qt is built, SSL is either disabled (-no-openssl option), loaded by dlopen (default) or loaded with dynamic linking (-openssl-linked). The way Qt is built is CEWE choice. Thanks Uli Schlachter for the heads-up]


dod Dominique Dumont's Blog

The Best flake8 Extensions for your Python Project

Hën, 05/11/2018 - 11:00pd

In the last blog post about coding style, we dissected what the state of the art was regarding coding style check in Python.

As we've seen, Flake8 is a wrapper around several tools and is extensible via plugins: meaning that you can add your own checks. I'm a heavy user of Flake8 and relies on a few plugins to extend the check coverage of common programming mistakes in Python. Here's the list of the ones I can't work without. As a bonus, you'll find at the end of this post, a sample of my go-to tox.ini file.


The name is quite explicit: this extension checks the order of your import statements at the beginning of your files. By default, it uses a style that I enjoy, which looks like:

import os import sys import requests import yaml import myproject from myproject.utils import somemodule

The builtin modules are grouped as the first ones. Then comes a group for each third-party modules that are imported. Finally, the last group manages the modules of the current project. I find this way of organizing modules import quite clear and easy to read.

To make sure flake8-import-order knows about the name of your project module name, you need to specify it in tox.ini with the application-import-names option.

If you beg to differ, you can use any of the other styles that flake8-import-order offers by default by setting the import-order-style option. You can obviously provide your own style.


The flake8-blind-except extension checks that no except statement is used without specifying an exception type. The following excerpt is, therefore, considered invalid:

try: do_something() except: pass

Using except without any exception type specified is considered bad practice as it might catch unwanted exceptions. It forces the developer to think about what kind of errors might happen and should really be caught.

In the rare case any exception should be caught, it's still possible to use except Exception anyway.


The flake8-builtins plugin checks that there is no name collision between your code and the Python builtin variables.

For example, this code would trigger an error:

def first(list): return list[0]

As list is a builtin in Python (to create a list!), shadowing its definition by using list as the name of a parameter in a function signature would trigger a warning from flake8-builtins.

While the code is valid, it's a bad habit to override Python builtins functions. It might lead to tricky errors; in the above example, if you ever need to call list(), you won't be able to.


This module is handy as it is still slapping my fingers once in a while. When using the logging module, it prevents from writing this kind of code:"Hello %s" % mystring)

While this works, it's suboptimal as it forces the string interpolation. If the logger is configured to print only messages with a logging level of warning or above, doing a string interpolation here is pointless.

Therefore, one should instead write:"Hello %s", mystring)

Same goes if you use format to do any formatting.

Be aware that contrary to other flake8 modules, this one does not enable the check by default. You'll need to add enable-extensions=G in your tox.ini file.


The flake8-docstrings module checks the content of your Python docstrings for respect of the PEP 257. This PEP is full of small details about formatting your docstrings the right way, which is something you wouldn't be able to do without such a tool. A simple example would be:

class Foobar: """A foobar"""

While this seems valid, there is a missing point at the end of the docstring.

Trust me, especially if you are writing a library that is consumed by other developers, this is a must-have.


This extension is a good complement to flake8-docstrings: it checks that the content of your docstrings is valid RST. It's a no-brainer, so I'd install it without question. Again, if your project exports a documented API that is built with Sphinx, this is a must-have.

My standard tox.ini

Here's the standard tox.ini excerpt that I use in most of my projects. You can copy paste it and use

[testenv:pep8] deps = flake8 flake8-import-order flake8-blind-except flake8-builtins flake8-docstrings flake8-rst-docstrings flake8-logging-format commands = flake8 [flake8] exclude = .tox # If you need to ignore some error codes in the whole source code # you can write them here # ignore = D100,D101 show-source = true enable-extensions=G application-import-names = <myprojectname>

Before disabling an error code for your entire project, remember that you can force flake8 to ignore a particular instance of the error by adding the # noqa tag at the end of the line.

If you have any flake8 extension that you think is useful, please let me know in the comment section!

Julien Danjou Julien Danjou

Ahh, the joy of Cloudflare SNI certificates

Sht, 03/11/2018 - 8:23md

Nice neighbourhood,

For your copy and paste pleasure:

openssl s_client -connect < /dev/null | openssl x509 -noout -text | grep DNS:


03.11.18: Cloudflare fixed this mess somewhat. They now look for SNI servernames and use customer-specific certs. See:

openssl s_client -servername -connect < /dev/null | openssl x509 -noout -text | grep DNS:

(notice the -servername in the above vs. the original command that will fail with something like 140246838507160:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:s23_clnt.c:769: now)

Daniel Lange Daniel Lange's blog