You are here

Planet Debian

Subscribe to Feed Planet Debian
random musings and comments The experience of a free software community member Entries tagged english random musings and comments Indeed, there are many other ways to make the world a better place; but Free Software is the one I like the most. (y eso no es poca cosa) Random thoughts about everything tagged by Debian Just another weblog random musings and comments Random thoughts about everything tagged by Debian Thinking inside the box Joachim Breitners Denkblogade Thinking inside the box Debian and Free Software Random thoughts about everything tagged by Debian Free Software Indie Hacker Echoes Random thoughts about everything tagged by Debian Recent content in Planet Debian on Iain R. Learmonth Current Working Directory liw's English language blog feed Reproducible builds blog A blog from a scientist and Debian developer (and occasional book writer)... Tricks for data handling, programming, debian administration and development, command-line and many other joyful things in the same spirit. Oh, and sometimes completey unrelated things ! ganbatte kudasai! Ben Hutchings's diary of life and technology Random thoughts about everything tagged by Debian Conteúdo de Antonio Terceiro marcado com a tag "english" Entries tagged english Recent content in Planet Debian on Iain R. Learmonth Joachim Breitners Denkblogade Ricardo Mones - Recent content in Planet Debian on Iain R. Learmonth faiblog Payson, AZ Open Source Developer and enthusiast dedicated to KDE Insider infos, master your Debian/Ubuntu distribution WEBlog -- Wouter's Eclectic Blog Debian and Free Software Digital-Scurf Ramblings Recent content in Planet Debian on Iain R. Learmonth random musings and comments Thinking inside the box Reproducible builds blog a personal blog of Dimitri John Ledkov Recent content in Planet Debian on Iain R. Learmonth anarcat jmtd liw's English language blog feed showing latest 10 James McCoy As time goes by ... pabs
Përditësimi: 3 months 3 javë më parë

Reproducible Builds: Weekly report #121

Pre, 25/08/2017 - 9:50md

Here's what happened in the Reproducible Builds effort between Sunday August 13 and Saturday August 19 2017:

Reproducible Builds finally mandated by Debian Policy

"Packages should build reproducibly" was merged into Debian policy! The added text is as follows and has been included into debian-policy

Reproducibility --------------- Packages should build reproducibly, which for the purposes of this document [#]_ means that given - a version of a source package unpacked at a given path; - a set of versions of installed build dependencies; - a set of environment variable values; - a build architecture; and - a host architecture, repeatedly building the source package for the build architecture on any machine of the host architecture with those versions of the build dependencies installed and exactly those environment variable values set will produce bit-for-bit identical binary packages. It is recommended that packages produce bit-for-bit identical binaries even if most environment variables and build paths are varied. It is intended for this stricter standard to replace the above when it is easier for packages to meet it. .. [#] This is Debian's precisification of the ` definition `_.
  • Holger Levsen wrote a blog post briefly describing the background and implications of this. To quote him: "we are not 94% done yet, rather more like half done or so. We still need tools and processes to enable anyone to indepently verify that a given binary comes from the sources it is said to be coming, this will involve distributing .buildinfo files and providing user interfaces in APT and elsewhere and probably also systematic rebuilds by us and other parties. And 6% or 7% of the archive is still a lot of packages, eg. in Buster we currently still have 273 unreproducible key packages and for a large part we don't have patches yet so there is still a lot of work ahead."
  • There were discussion threads on Hacker News and Reddit.
  • Our long-term goal is that Policy mandates that packages "must" be reproducible, but for that we need to show further progress and also reach a consensus on .buildinfo files and much more.
Reproducible work in other projects

Bernhard M. Wiedemann's reproducibleopensuse scripts now work on Debian buster on the openSUSE Build Service with the latest versions of osc and obs-build.

Toolchain development and fixes

#872514 was opened on devscripts by Chris Lamb to add a reproducible-check program to report on the reproducibility status of installed packages.

Packages reviewed and fixed, and bugs filed

Upstream reports:

  • Bernhard M. Wiedemann:

Debian reports:

Debian non-maintainer uploads:

Reviews of unreproducible packages

47 package reviews have been added, 58 have been updated and 39 have been removed in this week, adding to our knowledge about identified issues.

4 issue types have been updated:

Weekly QA work

During our reproducibility testing, FTBFS bugs have been detected and reported by:

  • Adrian Bunk (59)
  • Bastien Roucariès (1)
  • James Clarke (1)
  • Jeremy Bicha (1)
diffoscope development

Development continued in git, including the following contributions:

  • Ximin Luo:
    • presenters: html: Don't traverse children whose parents were already limited (Closes: #871413)
    • On a non-GNU system, prefer tools that start with "g" for certain whitelisted commands. (Closes: #871029)
    • Add a --tool-prefix-binutils CLI flag. (Closes: #869868)
  • Chris Lamb:
    • Temporarily revert "Bump Standards-Version to 4.0.1" to avoid spurious CI test failures.
    • comparators.xml: Use name attribute over path to avoid leaking comparison full path in output.
    • Code style fixes.
disorderfs development

Development continued in git, including the following contributions:

  • Chris Lamb:
    • Add simple autopkgtest.
reprotest development

Development continued in git, including the following contributions:

  • Ximin Luo:
    • Choose an existent HOME for the "control" build. (Closes: #860428)
    • Update debian/changelog with Santiago's changes.
  • Santiago Torres:
    • Abstract parts of autopkgtest to support running on non-Debian systems.
    • Add a --host-distro flag to support that too.

Mattia fixed the script which creates the HTML representation of our database scheme to not append .html twice to the filename.


This week's edition was written by Ximin Luo, Chris Lamb and Holger Levsen & reviewed by a bunch of Reproducible Builds folks on IRC & the mailing lists.

Reproducible builds folks Reproducible builds blog

New projects on Hosted Weblate

Pre, 25/08/2017 - 6:00md

Hosted Weblate provides also free hosting for free software projects. The hosting requests queue has grown too long, so it's time to process it and include new project.

This time, the newly hosted projects include:

If you want to support this effort, please donate to Weblate, especially recurring donations are welcome to make this service alive. You can do them on Liberapay or Bountysource.

Filed under: Debian English SUSE Weblate

Michal Čihař Michal Čihař's Weblog, posts tagged by Debian

Let's BBQ again, like we did last summer!

Pre, 25/08/2017 - 4:00pd

It's that time again! Another year, another OMGWTFBBQ! We're expecting 50 or so Debian folks at our place in Cambridge this weekend, ready to natter, geek, socialise and generally have a good time. Let's hope the weather stays nice, but if not we have gazebo technology... :-)

Many thanks to a number of awesome companies and people near and far who are sponsoring the important refreshments for the weekend:

I've even been working on the garden this week to improve it ready for the event. If you'd like to come and haven't already told us, please add yourself to the wiki page!

Steve McIntyre Steve's blog

Aigars Mahinovs: Debconf 17 photo retrospective

Hën, 21/08/2017 - 8:49md

Debconf17 has come and gone by too fast, so we all could use a moment looing back at all the fun and serious happenings of the main event in the Debian social calendar. You can find my full photo gallery on Google, Flickr and Debconf Share.

Make sure to check out the Debconf17 group photo and as an extra special treat for you - enjoy the "living" Debconf17 group photo!


Steinar H. Gunderson: Random codec notes

Dje, 20/08/2017 - 9:40md

Post-Solskogen, there hasn't been all that many commits in the main Nageru repository, but that doesn't mean the project is standing still. In particular, I've been working with NVIDIA to shake out a crash bug in their drivers (which in itself uncovered some interesting debugging techniques, although in the end, the bug turned out just to be uncovered by the boring standard technique of analyzing crash dumps and writing a minimal program to reproduce). But I've also been looking at intraframe codecs; my sort-of plan was to go to VideoLAN Dev Days to present my findings, but unfortunately, there seems to be a schedule conflict, so instead, you can have some scattered random notes:

  • JPEG is really impressive technology. It's made in 1992, and it's still frighteningly close to state of the art! Beating it without getting a lot slower isn't trivial at all; witness that even with WebP etc., we still don't have a JPEG-killer because it's just so incredibly good. (Granted, in 1992, decompressing a JPEG would easily take half a minute or more.)
  • rANS is pretty neat; it gives you almost all the advantages of arithmetic coding, but does without divisions in the decoder (and if you have static probabilities and fast high multiplies, also in the encoder). I still don't feel like I understand it fully, though. And it has the odd property of having to encode and decode in different directions, which may or may not be a problem to you. But ryg's interleaving tricks to get SIMD are pretty nice; I won't claim to fully understand those either. Maybe I will need to eventually.
  • GPU performance models continue to bend my head. GPUs may have managed to make a parallel programming model that people actually manage to use, but getting really high performance out of compute shaders is still hard to get use to.
  • It really annoys me that Quick Sync doesn't support luma-only encoding (ie. 4:0:0); the best you can do is seemingly 4:2:0 and then have empty chroma planes, which wastes resources. It would have been a nice way to hack around the limitation that you can't have 4:2:2 or alpha.
  • Time-frequency switching is the solution to a problem that sounds trivial if you're a DSP beginner and nearly impossible if you've actually done some DSP. I'm not intuitively convinced it's worth it if you have fast float muladds, but it's pretty neat. Allowing multiple block sizes to an intraframe codec has a cost in that you'll need a size decision heuristic, though, which pretty much instantly complicates the encoder.

Work in progress :-) Maybe something more coherent will come out eventually.

Edit: Forgot about TF switching!

Joachim Breitner: Titel

Dje, 20/08/2017 - 8:50md

Thomas Lange: Building a Debian Live CD with FAI

Mër, 26/07/2017 - 4:34md

In this wiki entry, I describe how to extend a FAI nfsroot, so it can be used as a file system for a diskless client or a Live CD. A host can mount it via NFS when booting via PXE. You can create a Live CD easily by using the command fai-cd.

This works also nicely with a Xfce desktop, and I've prepared a ISO image for easy testing.

You can log in as user demo, and the password is fai.

The next thing is to check, if we can use FAI's dirinstall or install method for creating the same environment, so it will be easy to create customized Live images.


Norbert Preining: Debian/TeX Live 2017.20170724-1

Mër, 26/07/2017 - 1:25pd

Yesterday I uploaded the first update of the TeX Live packages in Debian after TeX Live 2017 has entered Debian/unstable. The packages should by now have reached most mirrors. Nothing spectacular here besides a lot of updates and new packages.

If I have to pick one update it would be the one of algorithm2e, a package that has seen lots of use and some bugs due to two years of inactivity. Good to see a new release.


New packages

algolrevived, invoice2, jfmutil, maker, marginfit, pst-geometrictools, pst-rputover, pxufont, shobhika, tikzcodeblocks, zebra-goodies.

Updated packages

acmart, adobemapping, algorithm2e, arabluatex, archaeologie, babel, babel-french, bangorexam, beamer, beebe, biblatex-gb7714-2015, bibleref, br-lex, bxjscls, combofont, computational-complexity, dozenal, draftfigure, elzcards, embrac, esami, factura, fancyhdr, fei, fithesis, fmtcount, fontspec, fonttable, forest, fvextra, genealogytree, gotoh, GS1, l3build, l3experimental, l3kernel, l3packages, latexindent, limap, luapackageloader, lwarp, mcf2graph, microtype, minted, mptopdf, pdfpages, polynom, powerdot, probsoln, pxbase, pxchfon, pythontex, reledmac, siunitx, struktex, tcolorbox, tetex, texdirflatten, uowthesistitlepage, uptex-fonts, xcharter.

Petter Reinholdtsen: Norwegian Bokmål edition of Debian Administrator's Handbook is now available

Mar, 25/07/2017 - 9:10md

I finally received a copy of the Norwegian Bokmål edition of "The Debian Administrator's Handbook". This test copy arrived in the mail a few days ago, and I am very happy to hold the result in my hand. We spent around one and a half year translating it. This paperbook edition is available from If you buy it quickly, you save 25% on the list price. The book is also available for download in electronic form as PDF, EPUB and Mobipocket, as can be read online as a web page.

This is the second book I publish (the first was the book "Free Culture" by Lawrence Lessig in English, French and Norwegian Bokmål), and I am very excited to finally wrap up this project. I hope "Håndbok for Debian-administratoren" will be well received.

Reproducible builds folks: Reproducible Builds: week 117 in Buster cycle

Mar, 25/07/2017 - 7:07md

Here's what happened in the Reproducible Builds effort between Sunday July 16 and Saturday July 22 2017:

Toolchain development

Bernhard M. Wiedemann wrote a tool to automatically run through different sources of non-determinism, and report which of these caused irreproducibility.

Dan Kegel's patches to fpm were merged.

Bugs filed

Patches submitted upstream:

Patches filed in Debian:

Reviews of unreproducible packages

73 package reviews have been added, 44 have been updated and 50 have been removed in this week, adding to our knowledge about identified issues.

No issue types were updated.

Weekly QA work

During our reproducibility testing, FTBFS bugs have been detected and reported by:

  • Adrian Bunk (106)
  • Daniel Stender (1)
  • Drew Parsons (1)
  • Félix Sipma (1)
  • Lucas Nussbaum (25)
diffoscope development
  • Juliana Rodrigues:
    • Add new XML comparator. (Closes: #866120)
  • Guangyuan Yang:
    • Fix 2 cases in test_device on FreeBSD
  • Chris Lamb:
    • comparators.xml: Fix EPUB "missing file" tests; they ship a META-INF/container.xml file.
    • comparators.sqlite: Simplify file detection in Sqlite3Database.RE_FILE_TYPE
    • Style and attribution fixes to XML comparator and
  • Ximin Luo:
    • main, logging: restore old logger settings to avoid pytest vomiting in certain situations
    • comparators/directory: Fix #868534 by expecting less strict test output
reprotest development
  • Ximin Luo:
    • Use autopkgtest upstream paths, makes things easier to import
    • Add script for importing autopkgtest code, and import autopkgtest 4.4

Ximin also restarted the discussion with autopkgtest-devel about code reuse for reprotest.

Santiago Torres began a series of patches to make reprotest more distro-agnostic, with the aim of making it usable on Arch Linux. Ximin reviewed these patches.


This week's edition was written by Ximin Luo, Bernhard M. Wiedemann and Chris Lamb & reviewed by a bunch of Reproducible Builds folks on IRC & the mailing lists.

Russell Coker: Forking Mon and DKIM with Mailing Lists

Mar, 25/07/2017 - 4:50md

I have forked the “Mon” network/server monitoring system. Here is a link to the new project page [1]. There hasn’t been an upstream release since 2010 and I think we need more frequent releases than that. I plan to merge as many useful monitoring scripts as possible and support them well. All Perl scripts will use strict and use other best practices.

The first release of etbe-mon is essentially the same as the last release of the mon package in Debian. This is because I started work on the Debian package (almost all the systems I want to monitor run Debian) and as I had been accepted as a co-maintainer of the Debian package I put all my patches into Debian.

It’s probably not a common practice for someone to fork upstream of a package soon after becoming a comaintainer of the Debian package. But I believe that this is in the best interests of the users. I presume that there are other collections of patches out there and I hope to merge them so that everyone can get the benefits of features and bug fixes that have been separate due to a lack of upstream releases.

Last time I checked mon wasn’t in Fedora. I believe that mon has some unique features for simple monitoring that would be of benefit to Fedora users and would like to work with anyone who wants to maintain the package for Fedora. I am also interested in working with any other distributions of Linux and with non-Linux systems.

While setting up the mailing list for etbemon I wrote an article about DKIM and mailing lists (primarily Mailman) [2]. This explains how to setup Mailman for correct operation with DKIM and also why that seems to be the only viable option.

Related posts:

  1. DKIM and Mailing Lists Currently we have a problem with the Debian list server...
  2. An Update on DKIM Signing and SE Linux Policy In my previous post about DKIM [1] I forgot to...
  3. Installing DKIM and Postfix in Debian I have just installed Domain Key Identified Mail (DKIM) [1]...

Satyam Zode: Maya - the OpenEBS Go Kit Project

Mar, 25/07/2017 - 12:53md

The Kit project in Go is the common project containing all the standard libraries or packages used across all the Go projects in the organization.


I attended GopherCon India 2017, there was a talk on “Package Oriented Design In Go” by William Kennedy. In that talk, William explained some really important and thoughtful design principles which We can apply in our day to day life, while writing Go. Hence, I wanted to apply these design philosophies to the Go projects in which I have been working on as a part of OpenEBS project. I learnt a good practice of having a Go Kit project at the organization level from William’s talk.

What is the Kit Project?

The Kit project in Go is the common project containing all the standard libraries or packages used across all the Go projects in the organization. Packages in the Kit project should follow design philosophies.

Need for a Kit project

Sometimes, We write same Go packages again and again to do the same task at different levels in the different Go projects under the same organization. For example, we write custom logger package in the different Go projects. If the custom logger package is same across the organization and can be reused by simply importing it, then this custom logger package is the perfect fit for Kit project. You can sense how much time and cost it will save for us when we have a Kit project.

How to convert existing projects to have “kit”

Maya is the kit project in the progress. I will walk through our journey of creating a Kit project called maya for OpenEBS organization from existing Go projects. At OpenEBS, as a open source and growing Go project, We value Go principles and We try hard to leverage Go’s offerings. Maya is the Kit project for the Application projects like maya-apiserver, maya-storage-bot etc. Maya contains all the kubernetes & nomad API’s, common utilities etc. needed for development of maya-apiserver and maya-storage-bot. In the near future, we are trying to push our custom libraries to maya. So that, it will become a promising Go kit project for OpenEBS community.

We have specifically followed the package oriented design principles in Go to create maya as a kit project.

  • Usability We moved common packages such as orchprovider, types, pkg to maya from maya-apiserver. These packages are very generic and can be used in most of the Go projects in OpenEBS organization. Brief details about new packages in Maya.
    • Orchprovider : orchprovider contains packages of different orchestrators such as kubernetes and nomad.

    • types: types provides all the generic types related to orchestrator.

    • pkg: pkg contains packages like nethelper, util etc.

    • volumes: volumes contain packages related to volume provisioner and profiles.

  • Purpose

    Packages in the Kit project should be purposeful. These packages must provide, not contain. In maya, we have packages like types, orchprovider, volumes etc. name of these packages suggests the functionality provided by them.

  • Portability

    Portability is important factor for packages in kit project. Hence, we are making maya in such a way that it will be easy to import and use in any Go project. Packages in the Maya are not single point of dependency and all the packages are independent of each other.

Project structure for the Maya as Kit project
  • Without having Maya as a kit project:
    • Project structure for the Maya
    ├── buildscripts │ └── docker ├── command ├── docs ├── example ├── scripts │ └── config └── templates
    • Project structure for the Maya-apiserver
    ├── buildscripts │   └── docker ├── cmd ├── docs ├── lib │   ├── api │   │   └── v1 │   ├── artifacts │   │   ├── docker │   │   ├── docker-compose │   │   └── k8s │   ├── config │   ├── flaghelper │   ├── loghelper │   ├── mockit │   │   └── etcmayaserver │   ├── nethelper │   ├── orchprovider │   │   ├── k8s │   │   └── nomad │   ├── profile │   │   ├── orchprovider │   │   └── volumeprovisioner │   ├── server │   ├── util │   └── volumeprovisioner │   └── jiva └── proposals
  • Maya as a kit project
    • Project structure for the Maya (Kit Project)
    ├── buildscripts │ └── docker ├── command ├── docs ├── example ├── orchprovider │ ├── k8s │ │ └── v1 │ └── nomad │ └── v1 ├── pkg │ ├── nethelper │ └── util ├── scripts │ └── config ├── templates ├── types │ └── v1 │ └── profile │ └── orchestrator └── volumes ├── profile │ └── volumeprovisioner └── provisioner └── jiva
    • Project structure for the Maya-apiserver (Application Project)
    ├── buildscripts │   └── docker ├── cmd ├── docs ├── lib │   ├── artifacts │   │   ├── docker │   │   ├── docker-compose │   │   └── k8s │   ├── config │   ├── flaghelper │   ├── loghelper │   └── server └── proposals
Example usage of maya kit project in maya-apiserver

Maya-apiserver uses maya as a Kit project. Maya-apiserver exposes OpenEBS operations in form of REST APIs. This allows multiple clients e.g. volume related plugins to consume OpenEBS storage operations exposed by Maya API server.

  • Need for orchestration providers in maya-apiserver

    Maya-apiserver has been designed keeping storage inside containers in mind. In other words, containerized storage. This leads to maya-apiserver using best of breed container orchestrators. Hence maya-apiserver abstracts the container related orchestration needs in form of orchprovider namespace. Therefore,to achieve above need maya-api server uses orchprovider package provided by Maya.

  • Need for volumes in the maya-apiserver

    There can be multiple persistent volume provisioners e.g. jiva & cstor which has the details of workings of its volume. maya-apiserver tries to abstract these into volumes operations whose specifics will reside in individual namespaces i.e. jiva, cstor, etc. Hence, maya-apiserver will make use of volumes package from Maya to satisfy above requirements.


Go Kit project should contain packages which are usable, purposeful and portable. Go Kit projects will improve the efficiency of the organization at both human and code level.

Gunnar Wolf: Getting ready for DebConf17 in Montreal!

Mar, 25/07/2017 - 5:56pd

(image shamelessly copied from Noodles' Emptiness)

This year I will only make it to DebConf, not to DebCamp. But, still, I am very very happy and excited as the travel date looms nearer! I have ordered some of the delicacies for the Cheese and Wine party, signed up for the public bicycle system of Montreal, and done a fair share of work with the Content Team; finally today we sent out the announcement for the schedule of talks. Of course, there are several issues yet to fix, and a lot of things to do before traveling... But, no doubt about this: It will be an intense week!

Oh, one more thing while we are at it: The schedule as it was published today does not really look like we have organized stuff into tracks — But we have! This will be soon fixed, adding some color-coding to make tracks clearer on the schedule.

This year, I pushed for the Content Team to recover the notion of tracks as an organizative measure, and as something that delivers value to DebConf as a whole. Several months ago, I created a Wiki page for the DebConf tracks, asking interested people to sign up for them. We currently have the following tracks registered:

Andreas Tille
Debian Science
Michael Banck
Cloud and containers
Luca Filipozzi
Systems administration, automation and orchestation
Gunnar Wolf

We have two tracks still needing a track coordinator. Do note that most of the tasks mentioned by the Wiki have already been carried out; what a track coordinator will now do is to serve as some sort of moderator, maybe a recurring talkmeister, ensuring continuity and probably providing for some commentary, giving some unity to its sessions. So, the responsibilities for a track coordinator right now are quite similar to what is expected for video team volunteers — but to a set of contiguous sessions.

If you are interested in being the track coordinator/moderator for Embedded or for Systems administration, automation and orchestation or even to share the job with any of the other, registered, coordinators, please speak up! Mail and update the table in the Wiki page.

See you very soon in Montreal!

Bits from Debian: DebConf17 Schedule Published!

Mar, 25/07/2017 - 1:15pd

The DebConf17 orga team is proud to announce that over 120 activities have been scheduled so far, including 45- and 20-minute talks, team meetings, and workshops, as well as a variety of other events.

Most of the talks and BoFs will be streamed and recorded, thanks to our amazing video team!

We'd like to remind you that Saturday August 5th is also our much anticipated Open Day! This means a program for a wider audience, including special activities for newcomers, such as an AMA session about Debian, a beginners workshop on packaging, a thoughtful talk about freedom with regard to today's popular gadgets and more.

In addition to the published schedule, we'll provide rooms for ad-hoc sessions where attendees will be able to schedule activities at any time during the whole conference.

The current schedule is available at

This is also available through an XML feed. You can use ConfClerk in Debian to consume this, or Giggity on Android devices:

We look forward to seeing you in Montreal!

Norbert Preining: Garmin fenix 5x – broken by design

Mar, 25/07/2017 - 1:11pd

Some month ago I upgrade my (European) fenix3 to a (Japanese) fenix 5x, looking forward to the built-in maps as well as support for Japanese. I was about to write a great review, how content I have been with the fenix 3 and how much better the 5x is. Well, until I realized that Garmin’s engineers seem to be brain-damaged and shipping broken by design devices: Just one word: Set an alarm on the watch, and wonder …

.. because you will never wake up the next day, since the alarm was deleted due to an unattended (so-called) sync operation. Happened to me, several times, worst was when I was with clients working as guide.

So the problem is well known, see this link and this link and this link, and it is not restricted to the fenix. The origin of the problem is that Garmin is incapable of implementing a synchronization protocol. They have three sources of data: The Connect website, the Connect application on the smartphone, and the watch itself. And interestingly they only do pushes from Web to application to device, overwriting settings on the lower end. Which means, any alarm that I create on the watch will be overwritten, ie deleted, on every sync – sorry, not sync, on every forced push from the mobile.

It is a bit depressing, but I think the urgent solution is to exempt alarms from the synchronization completely, and remove them from both the connect web page and the application, until a better, a real, synchronization is implemented.

I found a work-around in one of the threads on the Garmin forum, that is: create an alarm on the web or application, better alarms for each of the times you might need it. These will be synced to the device, and can be activated/deactivated on the device without problems. But to be honest – this is not a solution I can really trust in when I need to get up in the morning.

Besides this issue, which is unfortunately rather severe a restriction for me as mountaineer and mountain guide, I really love the watch and will write a more detailed review soon.

Jonathan McDowell: Learning to love Ansible

Hën, 24/07/2017 - 7:41md

This post attempts to chart my journey towards getting usefully started with Ansible to manage my system configurations. It’s a high level discussion of how I went about doing so and what I got out of it, rather than including any actual config snippets - there are plenty of great resources out there that handle the actual practicalities of getting started much better than I could.

I’ve been convinced about the merits of configuration management for machines for a while now; I remember conversations about producing an appropriate set of recipes to reproduce our haphazard development environment reliably over 4 years ago. That never really got dealt with before I left, and as managing systems hasn’t been part of my day job since then I never got around to doing more than working my way through the Puppet Learning VM. I do, however, continue to run a number of different Linux machines - a few VMs, a hosted dedicated server and a few physical machines at home and my parents’. In particular I have a VM which handles my parents’ email, and I thought that was a good candidate for trying to properly manage. It’s backed up, but it would be nice to be able to redeploy that setup easily if I wanted to move provider, or do hosting for other domains in their own VMs.

I picked Ansible, largely because I wanted something lightweight and the agentless design appealed to me. All I really need to do is ensure Python is on the host I want to manage and everything else I can bootstrap using Ansible itself. Plus it meant I could use the version from Debian testing on my laptop and not require backports on the stable machines I wanted to manage.

My first attempt was to write a single Ansible YAML file which did all the appropriate things for the email VM; installed Exim/Apache/Roundcube, created users, made sure the appropriate SSH keys were in place, installed configuration files, etc, etc. This did the job, but I found myself thinking it was no better than writing a shell script to do the same things.

Things got a lot better when instead of concentrating on a single host I looked at what commonality was shared between hosts. I started with simple things; Debian is my default distro so I created an Ansible role debian-system which configured up APT and ensured package updates were installed. Then I added a task to setup my own account and install my SSH keys. I was then able to deploy those 2 basic steps across a dozen different machine instances. At one point I got an ARM64 VM from Scaleway to play with, and it was great to be able to just add it to my Ansible hosts file and run the playbook against it to get my basic system setup.

Adding email configuration got trickier. In addition to my parents’ email VM I have my own email hosted elsewhere (along with a whole bunch of other users) and the needs of both systems are different. Sitting down and trying to manage both configurations sensibly forced me to do some rationalisation of the systems, pulling out the commonality and then templating the differences. Additionally I ended up using the lineinfile module to edit the Debian supplied configurations, rather than rolling out my own config files. This helped ensure more common components between systems. There were also a bunch of differences that had grown out of the fact each system was maintained by hand - I had about 4 copies of each Let’s Encrypt certificate rather than just putting one copy in /etc/ssl and pointing everything at that. They weren’t even in the same places on different systems. I unified these sorts of things as I came across them.

Throughout the process of this rationalisation I was able to easily test using containers. I wrote an Ansible role to create systemd-nspawn based containers, doing all of the LVM + debootstrap work required to produce a system which could then be managed by Ansible. I then pointed the same configuration as I was using for the email VM at this container, and could verify at each step along the way that the results were what I expected. It was still a little nerve-racking when I switched over the live email config to be managed by Ansible, but it went without a hitch as hoped.

I still have a lot more configuration to switch to being managed by Ansible, especially on the machines which handle a greater number of services, but it’s already proved extremely useful. To prepare for a jessie to stretch upgrade I fired up a stretch container and pointed the Ansible config at it. Most things just worked and the minor issues I was able to fix up in that instance leaving me confident that the live system could be upgraded smoothly. Or when I want to roll out a new SSH key I can just add it to the Ansible setup, and then kick off an update. No need to worry about whether I’ve updated it everywhere, or correctly removed the old one.

So I’m a convert; things were a bit more difficult by starting with existing machines that I didn’t want too much disruption on, but going forward I’ll be using Ansible to roll out any new machines or services I need, and expect that I’ll find that new deployment to be much easier now I have a firm grasp on the tools available.

Jonathan Carter: Plans for DebCamp17

Hën, 24/07/2017 - 11:08pd

In a few days, I’ll be attending DebCamp17 in Montréal, Canada. Here are a few things I plan to pay attention to:

  • Calamares: My main goal is to get Calamares (ooops, they have a TSL problem currently so weblink disabled until that’s fixed) in a great state for inclusion in the archives, along with sane default configuration for Debian (calamares-settings-debian) that can easily be adapted for derivatives. Calamares itself is already looking good and might make it into the archives before DebCamp even starts, but the settings package will still need some work.
  • Gnome Shell Extensions: During the stretch development cycle I made great progress in packaging some of the most popular shell extensions, but there are a few more that I’d like to get in for buster: apt-update-indicator, dash-to-panel (done), proxy-switcher, tilix-dropdown, tilix-shortcut
  • zram-tools: Fix a few remaining issues in zram-tools and get it packaged into the archive.
  • DebConf Committee: Since January, I’ve been a delegate on the DebConf committee, I’m hoping that we get some time to catch up in person before DebConf starts. We’ve been working on some issues together recently and so far we’ve been working together really well. We’re working on keeping DebConf organisation stable and improving community processes, and I hope that by the end of DebConf we’ll have some proposals that will prevent some re-occurring problems and also help mend old wounds from previous years.
  • ISO Image Writer: I plan to try out Jonathan Riddell’s iso image writer tool and check whether it works with the use cases I’m interested in (Debian install and live media, images created with Calamares, boots UEFI/BIOS on optical and usb media). If it does what I want I’ll probably package it too if Jonathan Riddell didn’t get to it yet.
  • Hashcheck: Kyle Robertze wrote a tool called Hashcheck for checking install media checksums from a live environment. If he gets a break during DebCamp from video team stuff, I’m hoping we can look at some improvements for it and also getting it packaged in Debian.

Joerg Jaspert: Automated wifi login, update

Hën, 24/07/2017 - 9:24pd

With recent changes the automated login script for WifiOnICE stopped working. Fortunately a fix is easy, it is enough to add a referrer header to the call and have de/ added to the url.

Updated script:

#!/bin/bash # (Some) docs at # IFACE=${1:-"none"} ACTION=${2:-"up"} case ${ACTION} in up) CONID=${CONNECTION_ID:-$(iwgetid "${IFACE}" -r)} if [[ ${CONID} == WIFIonICE ]]; then /usr/bin/timeout -k 20 15 /usr/bin/wget -q -O - --referer > /dev/null fi ;; *) # We are not interested in this : ;; esac

Gregor Herrmann: RC bugs 2017/08-29

Dje, 23/07/2017 - 9:22md

long time no blog post. – & the stretch release happened without many RC bug fixes from me; in practice, the auto-removals are faster & more convenient.

what I nevertheless did in the last months was to fix RC bugs in pkg-perl packages (it still surprises me how fast rotting & constantly moving code is); prepare RC bug fixes for jessie (also for pkg-perl packages); & in the last weeks provide patches & carry out NMUs for perl packages as part of the ongoing perl 5.26 transition.

  • #783656 – libhtml-microformats-perl: "libhtml-microformats-perl: missing dependency on libmodule-pluggable-perl"
    fix in jessie (pkg-perl)
  • #788008 – libcgi-application-plugin-anytemplate-perl: "libcgi-application-plugin-anytemplate-perl: missing dependency on libclone-perl"
    fix in jessie (pkg-perl)
  • #788350 – libhttp-proxy-perl: "libhttp-proxy-perl: FTBFS - proxy tests"
    fix in jessie (pkg-perl)
  • #808454 – src:libdata-faker-perl: "libdata-faker-perl: FTBFS under some locales (eg. fr_CH.UTF-8)"
    fix in jessie (pkg-perl)
  • #824843 – libsys-syscall-perl: "libsys-syscall-perl: FTBFS on arm64: test suite failures"
    fix in jessie (pkg-perl)
  • #824936 – libsys-syscall-perl: "libsys-syscall-perl: FTBFS on mips*: test failures"
    fix in jessie (pkg-perl)
  • #825012 – libalgorithm-permute-perl: "libalgorithm-permute-perl: FTBFS with Perl 5.24: undefined symbol: PUSHBLOCK"
    upload new upstream release (pkg-perl)
  • #826136 – libsys-syscall-perl: "libsys-syscall-perl FTBFS on hppa arch (with patch)"
    fix in jessie (pkg-perl)
  • #826471 – intltool: "intltool: Unescaped left brace in regex is deprecated at /usr/bin/intltool-update line 1070"
    extend existing patch, uploaded by maintainer
  • #826502 – quilt: "quilt: FTBFS with perl 5.26: Unescaped left brace in regex"
    apply patch from ntyni (pkg-perl)
  • #826505 – swissknife: "swissknife: FTBFS with perl 5.26: Unescaped left brace in regex"
    add patches from ntyni, upload to DELAYED/5
  • #839208 – libio-compress-perl: "libio-compress-perl: uninstallable, current version superseded by Perl 5.24.1"
    upload newer upstream release (pkg-perl)
  • #839218 – nama: "nama: FTBFS because of perl's lack of stack reference counting"
    apply patch from Balint Reczey (pkg-perl)
  • #848060 – src:libx11-protocol-other-perl: "libx11-protocol-other-perl: FTBFS randomly (failing tests)"
    fix in jessie (pkg-perl)
  • #855920 – src:fail2ban: "fail2ban: FTBFS: test_rewrite_file: AssertionError: False is not true"
    try to reproduce, later propose different fix
  • #855951 – src:libsecret: "libsecret FTBFS with test failures on many architectures"
    try to reproduce
  • #856133 – src:shiboken: "shiboken FTBFS on i386/armel/armhf: other_collector_external_operator test failed"
    try to reproduce
  • #857087 – nsscache: "nsscache: /usr/share/nsscache not installed"
    triaging, later fixed by maintainer
  • #858501 – libmojomojo-perl: "libmojomojo-perl: broken symlink: /usr/share/perl5/MojoMojo/root/static/js/jquery.autocomplete.js -> ../../../../../javascript/jquery-ui/ui/jquery.ui.autocomplete.min.js"
    fix symlink (pkg-perl)
  • #858509 – cl-csv-data-table: "cl-csv-data-table: broken symlink: /usr/share/common-lisp/systems/cl-csv-data-table.asd -> ../source/cl-csv-data-table/cl-csv-data-table.asd"
    propose a patch
  • #859539 – filezilla: "filezilla: Filezilla crashes at startup"
    simply close the bug :)
  • #859963 – src:mimetic: "mimetic FTBFS on architectures where char is unsigned"
    add patch to make variable signed
  • #860142 – libgeo-ip-perl: "libgeo-ip-perl: should recommend geoip-database and geoip-database-extra"
    analyse, lower severity (pkg-perl)
  • #863049 – "jessie-pu: package shutter/0.92-0.1+deb8u2"
    fix in jessie (pkg-perl)
  • #865045 – xmltv: "xmltv: FTBFS with Perl 5.26: t/test_filters.t failure"
    sponsor maintainer upload
  • #865224 – src:uwsgi: "uwsgi: ftbfs with multiple supported python3 versions"
    adjust build dependencies, upload NMU with maintainer's permission
  • #865380 – libtest-unixsock-perl: "libtest-unixsock-perl: Build-Conflicts-Indep: libtest-simple-perl (>= 1.3), including Perl 5.26"
    conditionally skip a test (pkg-perl)
  • #865888 – nagios-plugin-check-multi: "nagios-plugin-check-multi: FTBFS with Perl 5.26: Unescaped left brace in regex is deprecated here"
    update unescaped-left-brace-in-regex.patch, upload to DELAYED/5
  • #866317 – html2ps: "html2ps: relies on deprecated Perl syntax/features, breaks with 5.26"
    prepare a patch, later do QA upload
  • #866934 – libhttp-oai-perl: "libhttp-oai-perl: /usr/bin/oai_pmh uses the 'encoding' pragma, breaks with Perl 5.26"
    patch out "use encoding" (pkg-perl)
  • #866944 – libmecab-perl: "libmecab-perl: FTBFS: no such file or directory: /var/lib/mecab/dic/debian/dicrc"
    build-depend on fixed version (pkg-perl)
  • #866981 – src:libpgobject-type-datetime-perl: "libpgobject-type-datetime-perl FTBFS: You planned 15 tests but ran 5."
    upload new upstream release (pkg-perl)
  • #866984 – src:libpgobject-type-json-perl: "libpgobject-type-json-perl FTBFS: You planned 9 tests but ran 5."
    upload new upstream release (pkg-perl)
  • #866991 – libcpan-meta-perl: "libcpan-meta-perl: uninstallable in unstable"
    fix versioned Breaks/Replaces (pkg-perl)
  • #867046 – gwhois: "gwhois: fails with perl 5.26: The encoding pragma is no longer supported at /usr/bin/gwhois line 80."
    drop "use encoding", upload to DELAYED/5
  • #867208 – src:libpgobject-type-bytestring-perl: "libpgobject-type-bytestring-perl FTBFS: Failed 1/5 test programs. 0/8 subtests failed."
    upload new upstream release (pkg-perl)
  • #867210 – libtext-mecab-perl: "libtext-mecab-perl: FTBFS: test failures: Failed to create mecab instance"
    build-depend on fixed version (pkg-perl)
  • #867983 – libclass-load-perl: "libclass-load-perl: FTBFS: t/012-without-implementation.t failure"
    upload new upstream release (pkg-perl)
  • #867984 – libclass-load-xs-perl: "libclass-load-xs-perl: FTBFS: t/012-without-implementation.t failure"
    upload new upstream release (pkg-perl)
  • #868069 – liburi-namespacemap-perl: "liburi-namespacemap-perl: unbuildable with sbuild"
    fix build dependencies (pkg-perl)
  • #868075 – libperlx-assert-perl: "libperlx-assert-perl: missing dependency on libkeyword-simple-perl | libdevel-declare-perl"
    fix dependencies (pkg-perl)
  • #868613 – src:liblog-report-lexicon-perl: "liblog-report-lexicon-perl FTBFS: Failed 2/10 test programs. 2/305 subtests failed."
    upload new upstream release (pkg-perl)
  • #868888 – get-flash-videos: "Fails: Can't locate Term/"
    add missing dependency (pkg-perl)
  • #869208 – src:libalgorithm-svm-perl: "libalgorithm-svm-perl FTBFS on 32bit: SVM.c: loadable library and perl binaries are mismatched (got handshake key 0x80c0080, needed 0x81c0080)"
    add patch to add ccflags (pkg-perl)
  • #869360 – slic3r: "slic3r: missing dependency on perlapi-*"
    propose a patch
  • #869383 – src:clanlib: "clanlib FTBFS with perl 5.26"
    propose a patch
  • #869418 – src:libtest-taint-perl: "libtest-taint-perl FTBFS on armel: not ok 2 - $ENV{TEST_ACTIVE} is tainted"
    add a patch (pkg-perl)
  • #869429 – vile: "vile: Uninstallable after BinNMU / not binNMU-safe"
    some triaging

Vincent Fourmond: Screen that hurts my eyes, take 2

Dje, 23/07/2017 - 3:21md
Six month ago, I wrote a lengthy post about my new computer hurting my eyes. I haven't made any progress with that, but I've accidentally upgraded my work computer from Kernel 4.4 to 4.8 and the nvidia drivers from 340.96-4 to 375.66-2. Well, my work computer now hurts, I've switched back to the previous kernel and drivers, I hope it'll be back to normal.

Any ideas of something specific that changed, either between 4.4 and 4.8 (kernel startup code, default framebuffer modes, etc ?), or between the 340.96 and the 375.66 drivers ? In any case, I'll try that specific combination of kernels/drivers home to see if I can get it to a useable state.

Update, July 23rd

I reverted to the earlier drivers/kernel, to no avail. But it seems in fact the problem with my work computer is linked to an allergy of some kind, since antihistamine drugs have an effect (there are construction works in my lab, perhaps they are the cause ?). No idea still for my home computer, for which the problem is definitely not solved.