You are here

Agreguesi i feed

Jo Shields: Packaging is hard. Packager-friendly is harder.

Planet Ubuntu - Mër, 14/02/2018 - 12:21md

Releasing software is no small feat, especially in 2018. You could just upload your source code somewhere (a Git, Subversion, CVS, etc, repo – or tarballs on Sourceforge, or whatever), but it matters what that source looks like and how easy it is to consume. What does the required build environment look like? Are there any dependencies on other software, and if so, which versions? What if the versions don’t match exactly?

Most languages feature solutions to the build environment dependency – Ruby has Gems, Perl has CPAN, Java has Maven. You distribute a manifest with your source, detailing the versions of the dependencies which work, and users who download your source can just use those.

Then, however, we have distributions. If openSUSE or Debian wants to include your software, then it’s not just a case of calling into CPAN during the packaging process – distribution builds need to be repeatable, and work offline. And it’s not feasible for packagers to look after 30 versions of every library – generally a distribution will contain 1-3 versions of a given library, and all software in the distribution will be altered one way or another to build against their version of things. It’s a long, slow, arduous process.

Life is easier for distribution packagers, the more the software released adheres to their perfect model – no non-source files in the distribution, minimal or well-formed dependencies on third parties, swathes of #ifdefs to handle changes in dependency APIs between versions, etc.

Problem is, this can actively work against upstream development.

Developers love npm or NuGet because it’s so easy to consume – asking them to abandon those tools is a significant impediment to developer flow. And it doesn’t scale – maybe a friendly upstream can drop one or two dependencies. But 10? 100? If you’re consuming a LOT of packages via the language package manager, as a developer, being told “stop doing that” isn’t just going to slow you down – it’s going to require a monumental engineering effort. And there’s the other side effect – moving from Yarn or Pip to a series of separate download/build/install steps will slow down CI significantly – and if your project takes hours to build as-is, slowing it down is not going to improve the project.

Therein lies the rub. When a project has limited developer time allocated to it, spending that time on an effort which will literally make development harder and worse, for the benefit of distribution maintainers, is a hard sell.

So, a concrete example: MonoDevelop. MD in Debian is pretty old. Why isn’t it newer? Well, because the build system moved away from a packager ideal so far it’s basically impossible at current community & company staffing levels to claw it back. Build-time dependency downloads went from a half dozen in the 5.x era (somewhat easily patched away in distributions) to over 110 today. The underlying build system changed from XBuild (Mono’s reimplementation of Microsoft MSBuild, a build system for Visual Studio projects) to real MSbuild (now FOSS, but an enormous shipping container of worms of its own when it comes to distribution-shippable releases, for all the same reasons & worse). It’s significant work for the MonoDevelop team to spend time on ensuring all their project files work on XBuild with Mono’s compiler, in addition to MSBuild with Microsoft’s compiler (and any mix thereof). It’s significant work to strip out the use of NuGet and Paket packages – especially when their primary OS, macOS, doesn’t have “distribution packages” to depend on.

And then there’s the integration testing problem. When a distribution starts messing with your dependencies, all your QA goes out the window – users are getting a combination of literally hundreds of pieces of software which might carry your app’s label, but you have no idea what the end result of that combination is. My usual anecdote here is when Ubuntu shipped Banshee built against a new, not-regression-tested version of SQLite, which caused a huge performance regression in random playback. When a distribution ships a broken version of an app with your name on it – broken by their actions, because you invested significant engineering resources in enabling them to do so – users won’t blame the distribution, they’ll blame you.

Releasing software is hard.

Packaging is hard. Packager-friendly is harder.

Planet Debian - Mër, 14/02/2018 - 12:21md

Releasing software is no small feat, especially in 2018. You could just upload your source code somewhere (a Git, Subversion, CVS, etc, repo – or tarballs on Sourceforge, or whatever), but it matters what that source looks like and how easy it is to consume. What does the required build environment look like? Are there any dependencies on other software, and if so, which versions? What if the versions don’t match exactly?

Most languages feature solutions to the build environment dependency – Ruby has Gems, Perl has CPAN, Java has Maven. You distribute a manifest with your source, detailing the versions of the dependencies which work, and users who download your source can just use those.

Then, however, we have distributions. If openSUSE or Debian wants to include your software, then it’s not just a case of calling into CPAN during the packaging process – distribution builds need to be repeatable, and work offline. And it’s not feasible for packagers to look after 30 versions of every library – generally a distribution will contain 1-3 versions of a given library, and all software in the distribution will be altered one way or another to build against their version of things. It’s a long, slow, arduous process.

Life is easier for distribution packagers, the more the software released adheres to their perfect model – no non-source files in the distribution, minimal or well-formed dependencies on third parties, swathes of #ifdefs to handle changes in dependency APIs between versions, etc.

Problem is, this can actively work against upstream development.

Developers love npm or NuGet because it’s so easy to consume – asking them to abandon those tools is a significant impediment to developer flow. And it doesn’t scale – maybe a friendly upstream can drop one or two dependencies. But 10? 100? If you’re consuming a LOT of packages via the language package manager, as a developer, being told “stop doing that” isn’t just going to slow you down – it’s going to require a monumental engineering effort. And there’s the other side effect – moving from Yarn or Pip to a series of separate download/build/install steps will slow down CI significantly – and if your project takes hours to build as-is, slowing it down is not going to improve the project.

Therein lies the rub. When a project has limited developer time allocated to it, spending that time on an effort which will literally make development harder and worse, for the benefit of distribution maintainers, is a hard sell.

So, a concrete example: MonoDevelop. MD in Debian is pretty old. Why isn’t it newer? Well, because the build system moved away from a packager ideal so far it’s basically impossible at current community & company staffing levels to claw it back. Build-time dependency downloads went from a half dozen in the 5.x era (somewhat easily patched away in distributions) to over 110 today. The underlying build system changed from XBuild (Mono’s reimplementation of Microsoft MSBuild, a build system for Visual Studio projects) to real MSbuild (now FOSS, but an enormous shipping container of worms of its own when it comes to distribution-shippable releases, for all the same reasons & worse). It’s significant work for the MonoDevelop team to spend time on ensuring all their project files work on XBuild with Mono’s compiler, in addition to MSBuild with Microsoft’s compiler (and any mix thereof). It’s significant work to strip out the use of NuGet and Paket packages – especially when their primary OS, macOS, doesn’t have “distribution packages” to depend on.

And then there’s the integration testing problem. When a distribution starts messing with your dependencies, all your QA goes out the window – users are getting a combination of literally hundreds of pieces of software which might carry your app’s label, but you have no idea what the end result of that combination is. My usual anecdote here is when Ubuntu shipped Banshee built against a new, not-regression-tested version of SQLite, which caused a huge performance regression in random playback. When a distribution ships a broken version of an app with your name on it – broken by their actions, because you invested significant engineering resources in enabling them to do so – users won’t blame the distribution, they’ll blame you.

Releasing software is hard.

directhex https://apebox.org/wordpress debian – APEBOX.ORG

Sean Davis: Exo 0.12.0 Stable Release

Planet Ubuntu - Mër, 14/02/2018 - 12:05md

With full GTK+ 2 and 3 support and numerous enhancements, Exo 0.12.0 provides a solid development base for new and refreshed Xfce applications.

What’s New?

Since this is the first stable release in nearly 2.5 years, I am going to provide a quick summary of the changes since version 0.10.7, released September 13, 2015.

New Features GTK Extensions Helpers
  • WebBrower: Added Brave, Google Chrome, and Vivaldi
  • MailReader: Added Geary, dropped Opera Mail (no longer available for Linux)
Utilities
  • exo-csource: Added a new --output flag to write the generated output to a file
  • exo-helper: Added a new --query flag to determine the preferred application
ICONS
  • Replaced non-standard gnome-* icons
  • Replaced non-existent “missing-image” icon
BUILD CHANGES
  • Build requirements were updated. Exo now requires GTK+ 2.24, GTK+ 3.22, GLib 2.42, libxfce4ui 4.12, and libxfce4util 4.12. Building GTK+ 3 libraries is not optional.
  • Default debug setting is now “yes” instead of “full”.
DOCUMENTATION UPDATES
  • Added missing per-release API indices
  • Resolved undocumented symbols (100% symbol coverage)
  • Updated project documentation (HACKING, README, THANKS)
Release Notes
  • The full release notes can be found here.
  • The full change log can be found here.
Downloads

The latest version of Exo can always be downloaded from the Xfce archives. Grab version 0.12.0 from the below link.

https://archive.xfce.org/src/xfce/exo/0.12/exo-0.12.0.tar.bz2

  • SHA-256: 64b88271a37d0ec7dca062c7bc61ca323116f7855092ac39698c421a2f30a18f
  • SHA-1: 364a9aaa1724b99fe33f46b93969d98e990e9a1f
  • MD5: 724afcca224f5fb22b510926d2740e52

David Tomaschik: Preparing for Penetration Testing with Kali Linux

Planet Ubuntu - Mër, 14/02/2018 - 9:00pd
The Penetration Testing with Kali Linux (PWK) course is one of the most popular information security courses, culminating in a hands-on exam for the Offensive Security Certified Professional certification. It provides a hands-on learning experience for those looking to get into penetration testing or other areas of offensive security. These are some of the things you might want to know before attempting the PWK class or the OSCP exam.

Read more...

Using VLC to stream bittorrent sources

Planet Debian - Mër, 14/02/2018 - 8:00pd

A few days ago, a new major version of VLC was announced, and I decided to check out if it now supported streaming over bittorrent and webtorrent. Bittorrent is one of the most efficient ways to distribute large files on the Internet, and Webtorrent is a variant of Bittorrent using WebRTC as its transport channel, allowing web pages to stream and share files using the same technique. The network protocols are similar but not identical, so a client supporting one of them can not talk to a client supporting the other. I was a bit surprised with what I discovered when I started to look. Looking at the release notes did not help answering this question, so I started searching the web. I found several news articles from 2013, most of them tracing the news from Torrentfreak ("Open Source Giant VLC Mulls BitTorrent Streaming Support"), about a initiative to pay someone to create a VLC patch for bittorrent support. To figure out what happend with this initiative, I headed over to the #videolan IRC channel and asked if there were some bug or feature request tickets tracking such feature. I got an answer from lead developer Jean-Babtiste Kempf, telling me that there was a patch but neither he nor anyone else knew where it was. So I searched a bit more, and came across an independent VLC plugin to add bittorrent support, created by Johan Gunnarsson in 2016/2017. Again according to Jean-Babtiste, this is not the patch he was talking about.

Anyway, to test the plugin, I made a working Debian package from the git repository, with some modifications. After installing this package, I could stream videos from The Internet Archive using VLC commands like this:

vlc https://archive.org/download/LoveNest/LoveNest_archive.torrent

The plugin is supposed to handle magnet links too, but since The Internet Archive do not have magnet links and I did not want to spend time tracking down another source, I have not tested it. It can take quite a while before the video start playing without any indication of what is going on from VLC. It took 10-20 seconds when I measured it. Some times the plugin seem unable to find the correct video file to play, and show the metadata XML file name in the VLC status line. I have no idea why.

I have created a request for a new package in Debian (RFP) and asked if the upstream author is willing to help make this happen. Now we wait to see what come out of this. I do not want to maintain a package that is not maintained upstream, nor do I really have time to maintain more packages myself, so I might leave it at this. But I really hope someone step up to do the packaging, and hope upstream is still maintaining the source. If you want to help, please update the RFP request or the upstream issue.

I have not found any traces of webtorrent support for VLC.

As usual, if you use Bitcoin and want to show your support of my activities, please send Bitcoin donations to my address 15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b.

Petter Reinholdtsen http://people.skolelinux.org/pere/blog/ Petter Reinholdtsen - Entries tagged english

BH 1.66.0-1

Planet Debian - Mër, 14/02/2018 - 2:37pd

A new release of the BH package arrived on CRAN a little earlier: now at release 1.66.0-1. BH provides a sizeable portion of the Boost C++ libraries as a set of template headers for use by R, possibly with Rcpp as well as other packages.

This release upgrades the version of Boost to the Boost 1.66.0 version released recently, and also adds one exciting new library: Boost compute which provides a C++ interface to multi-core CPU and GPGPU computing platforms based on OpenCL.

Besides the usual small patches we need to make (i.e., cannot call abort() etc pp to satisfy CRAN Policy) we made one significant new change in response to a relatively recent CRAN Policy change: compiler diagnostics are not suppressed for clang and g++. This may make builds somewhat noisy so we all may want to keep our ~/.R/Makevars finely tuned suppressing a bunch of warnings...

Changes in version 1.66.0-1 (2018-02-12)
  • Upgraded to Boost 1.66.0 (plus the few local tweaks)

  • Added Boost compute (as requested in #16)

Via CRANberries, there is a diffstat report relative to the previous release.

Comments and suggestions are welcome via the mailing list or the issue tracker at the GitHub repo.

This post by Dirk Eddelbuettel originated on his Thinking inside the box blog. Please report excessive re-aggregation in third-party for-profit settings.

Dirk Eddelbuettel http://dirk.eddelbuettel.com/blog Thinking inside the box

Is it an upgrade, or a sidegrade?

Planet Debian - Mar, 13/02/2018 - 8:43md

I first bought a netbook shortly after the term was coined, in 2008. I got one of the original 8.9" Acer Aspire One. Around 2010, my Dell laptop was stolen, so the AAO ended up being my main computer at home — And my favorite computer for convenience, not just for when I needed to travel light. Back then, Regina used to work in a national park and had to cross her province (~6hr by a combination of buses) twice a week, so she had one as well. When she came to Mexico, she surely brought it along. Over the years, we bought new batteries and chargers, as they died over time...

Five years later, it started feeling too slow, and I remember to start having keyboard issues. Time to change.

Sadly, 9" computers were no longer to be found. Even though I am a touch typist, and a big person, I miss several things about the Acer's tiny keyboard (such as being able to cover the diagonal with a single hand, something useful when you are typing while standing). But, anyway, I got the closest I could to it — In July 2013, I bought the successor to the Acer Aspire One: An 10.5" Acer Aspire One Nowadays, the name that used to identify just the smallest of the Acer Family brethen covers at least up to 15.6" (which is not exactly helpful IMO).

Anyway, for close to five years I was also very happy with it. A light laptop that didn't mean a burden to me. Also, very important: A computer I could take with me without ever thinking twice. I often tell people I use a computer I got at a supermarket, and that, bought as new, costed me under US$300. That way, were I to lose it (say, if it falls from my bike, if somebody steals it, if it gets in any way damaged, whatever), it's not a big blow. Quite a difference from my two former laptops, both over US$1000.

I enjoyed this computer a lot. So much, I ended up buying four of them (mine, Regina's, and two for her family members).

Over the last few months, I have started being nagged by unresponsivity, mainly in the browser (blame me, as I typically keep ~40 tabs open). Some keyboard issues... I had started thinking about changing my trusty laptop. Would I want a newfangle laptop-and-tablet-in-one? Just thinking about fiddling with the OS to recognize stuff was a sort-of-turnoff...

This weekend we had an incident with spilled water. After opening and carefully ensuring the computer was dry, it would not turn on. Waited an hour or two, and no changes. Clear sign, a new computer is needed ☹

I went to a nearby store, looked at the offers... And, in part due to the attitude of the salesguy, I decided not to (installing Linux will void any warranty, WTF‽ In 2018‽). Came back home, and... My Acer works again!

But, I know five years are enough. I decided to keep looking for a replacement. After some hesitation, I decided to join what seems to be the elite group in Debian, and go for a refurbished Thinkpad X230.

And that's why I feel this is some sort of "sidegrade" — I am replacing a five year old computer with another five year old computer. Of course, a much sturdier one, built to last, originally sold as an "Ultrabook" (that means, meant for a higher user segment) much more expandable... I'm paying ~US$250, which I'm comfortable with. Looking at several online forums, it is a model quite popular with "knowledgeable" people AFAICT even now. I was hoping, just for the sake of it, to find a X230t (foldable and usable as tablet)... But I won't put too much time into looking for it.

The Thinkpad is 12", which I expect will still fit in my smallish satchel I take to my classes. The machine looks as tweakable as I can expect. Spare parts for replacement are readily available. I have 4GB I bought for the Acer I will probably be able to carry on to this machine, so I'm ready with 8GB. I'm eager to feel the keyboard, as it's often repeated it's the best in the laptop world (although it's not the classic one anymore) I'm just considering to pop ~US$100 more and buy an SSD drive, and... Well, lets see how much does this new sidegrade make me smile!

gwolf http://gwolf.org Gunnar Wolf

Eric Hammond: Replacing EC2 On-Demand Instances With New Spot Instances

Planet Ubuntu - Mar, 13/02/2018 - 9:00pd

with an SMS text warning two minutes before interruption, using CloudWatch Events Rules And SNS

The EC2 Spot instance marketplace has had a number of enhancements in the last couple months that have made it more attractive for more use cases. Improvements include:

  • You can run an instance like you normally do for on-demand instances and add one option to make it a Spot instance! The instance starts up immediately if your bid price is sufficient given spot market conditions, and will generally cost much less than on-demand.

  • Spot price volatility has been significantly reduced. Spot prices are now based on long-term trends in supply and demand instead of hour-to-hour bidding wars. This means that instances are much less likely to be interrupted because of short-term spikes in Spot prices, leading to much longer running instances on average.

  • You no longer have to specify a bid price. The Spot Request will default to the instance type’s on-demand price in that region. This saves looking up pricing information and is a reasonable default if you are using Spot to save money over on-demand.

  • CloudWatch Events can now send a two-minute warning before a Spot instance is interrupted, through email, text, AWS Lambda, and more.

Putting these all together makes it easy to take instances you formerly ran on-demand and add an option to turn them into new Spot instances. They are much less likely to be interrupted than with the old spot market, and you can save a little to a lot in hourly costs, depending on the instance type, region, and availability zone.

Plus, you can get a warning a couple minutes before the instance is interrupted, giving you a chance to save work or launch an alternative. This warning could be handled by code (e.g., AWS Lambda) but this article is going to show how to get the warning by email and by SMS text message to your phone.

WARNING!

You should not run a Spot instance unless you can withstand having the instance stopped for a while from time to time.

Make sure you can easily start a replacement instance if the Spot instance is stopped or terminated. This probably includes regularly storing important data outside of the Spot instance (e.g., S3).

You cannot currently re-start a stopped or hibernated Spot instance manually, though the Spot market may re-start it automatically if you configured it with interruption behavior “stop” (or “hibernate”) and if the Spot price comes back down below your max bid.

If you can live with these conditions and risks, then perhaps give this approach a try.

Start An EC2 Instance With A Spot Request

An aws-cli command to launch an EC2 instance can be turned into a Spot Request by adding a single parameter: --instance-market-options ...

The option parameters we will use do not specify a max bid, so it defaults to the on-demand price for the instance type in the region. We specify “stop” and “persistent” so that the instance will be restarted automatically if it is interrupted temporarily by a rising Spot market price that then comes back down.

Adjust the following options to suite. The important part for this example is the instance market options.

ami_id=ami-c62eaabe # Ubuntu 16.04 LTS Xenial HVM EBS us-west-2 (as of post date) region=us-west-2 instance_type=t2.small instance_market_options="MarketType='spot',SpotOptions={InstanceInterruptionBehavior='stop',SpotInstanceType='persistent'}" instance_name="Temporary Demo $(date +'%Y-%m-%d %H:%M')" instance_id=$(aws ec2 run-instances \ --region "$region" \ --instance-type "$instance_type" \ --image-id "$ami_id" \ --instance-market-options "$instance_market_options" \ --tag-specifications \ 'ResourceType=instance,Tags=[{Key="Name",Value="'"$instance_name"'"}]' \ --output text \ --query 'Instances[*].InstanceId') echo instance_id=$instance_id

Other options can be added as desired. For example, specify an ssh key for the instance with an option like:

--key $USER

and a user-data script with:

--user-data file:///path/to/user-data-script.sh

If there is capacity, the instance will launch immediately and be available quickly. It can be used like any other instance that is launched outside of the Spot market. However, this instance has the risk of being stopped, so make sure you are prepared for this.

The next section presents a way to get the early warning before the instance is interrupted.

CloudWatch Events Two-Minute Warning For Spot Interruption

As mentioned above, Amazon recently released a feature where CloudWatch Events will send a two-minute warning before a Spot instance is interrupted. This section shows how to get that warning sent to an email address and/or SMS text to a phone number.

Create an SNS topic to receive Spot instance activity notices:

sns_topic_name=spot-activity sns_topic_arn=$(aws sns create-topic \ --region "$region" \ --name "$sns_topic_name" \ --output text \ --query 'TopicArn' ) echo sns_topic_arn=$sns_topic_arn

Subscribe an email address to the SNS topic:

email_address="YOUR@EMAIL.ADDRESS" aws sns subscribe \ --region "$region" \ --topic-arn "$sns_topic_arn" \ --protocol email \ --notification-endpoint "$email_address"

IMPORTANT! Go to your email inbox now and click the link to confirm that you want to subscribe that email address to the SNS topic.

Subscribe an SMS phone number to the SNS topic:

phone_number="+1-999-555-1234" # Your phone number aws sns subscribe \ --region "$region" \ --topic-arn "$sns_topic_arn" \ --protocol sms \ --notification-endpoint "$phone_number"

Grant CloudWatch Events permission to post to the SNS topic:

aws sns set-topic-attributes \ --region "$region" \ --topic-arn "$sns_topic_arn" \ --attribute-name Policy \ --attribute-value '{ "Version": "2008-10-17", "Id": "cloudwatch-events-publish-to-sns-'"$sns_topic_name"'", "Statement": [{ "Effect": "Allow", "Principal": { "Service": "events.amazonaws.com" }, "Action": [ "SNS:Publish" ], "Resource": "'"$sns_topic_arn"'" }] }'

Create a CloudWatch Events Rule that filters for Spot instance interruption warnings for this specific instance:

rule_name_interrupted="ec2-spot-interruption-$instance_id" rule_description_interrupted="EC2 Spot instance $instance_id interrupted" event_pattern_interrupted='{ "source": [ "aws.ec2" ], "detail-type": [ "EC2 Spot Instance Interruption Warning" ], "detail": { "instance-id": [ "'"$instance_id"'" ] } }' aws events put-rule \ --region "$region" \ --name "$rule_name_interrupted" \ --description "$rule_description_interrupted" \ --event-pattern "$event_pattern_interrupted" \ --state "ENABLED"

Set the target of CloudWatch Events rule to the SNS topic using an input transfomer to make sensible text for an English reader:

sns_target_interrupted='[{ "Id": "target-sns-'"$sns_topic_name"'", "Arn": "'"$sns_topic_arn"'", "InputTransformer": { "InputPathsMap": { "title": "$.detail-type", "source": "$.source", "account": "$.account", "time": "$.time", "region": "$.region", "instance": "$.detail.instance-id", "action": "$.detail.instance-action" }, "InputTemplate": "\"<title>: <source> will <action> <instance> ('"$instance_name"') in <region> of <account> at <time>\"" } }]' aws events put-targets \ --region "$region" \ --rule "$rule_name_interrupted" \ --targets "$sns_target_interrupted"

Here’s a sample message for the two-minute interruption warning:

“EC2 Spot Instance Interruption Warning: aws.ec2 will stop i-0f47ef25380f78480 (Temporary Demo) in us-west-2 of 121287063412 at 2018-02-11T08:56:26Z”

Bonus: CloudWatch Events Alerts For State Changes

In addition to the two-minute interruption alert, we can send ourselves messages when the instance is actually stopped, and when it is started again, and when it is running. This is done with slightly different CloudWatch Events pattern and input transformer, but following basically the same pattern.

Create a CloudWatch Events Rule that filters for Spot instance interruption warnings for this specific instance:

rule_name_state="ec2-instance-state-change-$instance_id" rule_description_state="EC2 instance $instance_id state change" event_pattern_state='{ "source": [ "aws.ec2" ], "detail-type": [ "EC2 Instance State-change Notification" ], "detail": { "instance-id": [ "'"$instance_id"'" ] } }' aws events put-rule \ --region "$region" \ --name "$rule_name_state" \ --description "$rule_description_state" \ --event-pattern "$event_pattern_state" \ --state "ENABLED"

And again, set the target of the new CloudWatch Events rule to the same SNS topic using another input transfomer:

sns_target_state='[{ "Id": "target-sns-'"$sns_topic_name"'", "Arn": "'"$sns_topic_arn"'", "InputTransformer": { "InputPathsMap": { "title": "$.detail-type", "source": "$.source", "account": "$.account", "time": "$.time", "region": "$.region", "instance": "$.detail.instance-id", "state": "$.detail.state" }, "InputTemplate": "\"<title>: <source> reports <instance> ('"$instance_name"') is now <state> in <region> of <account> as of <time>\"" } }]' aws events put-targets \ --region "$region" \ --rule "$rule_name_state" \ --targets "$sns_target_state"

Here’s are a couple sample messages for the instance state change notification:

“EC2 Instance State-change Notification: aws.ec2 reports i-0f47ef25380f78480 (Temporary Demo) is now stopping in us-west-2 of 121287063412 as of 2018-02-11T08:58:29Z”

“EC2 Instance State-change Notification: aws.ec2 reports i-0f47ef25380f78480 (Temporary Demo) is now stopped in us-west-2 of 121287063412 as of 2018-02-11T08:58:47Z”

Cleanup

If we terminate the EC2 Spot instance, the persistent Spot Request will restart a replacement instance. To terminate it permanently, we need to first cancel the Spot Request:

spot_request_id=$(aws ec2 describe-instances \ --region "$region" \ --instance-id "$instance_id" \ --output text \ --query 'Reservations[].Instances[].[SpotInstanceRequestId]') echo spot_request_id=$spot_request_id aws ec2 cancel-spot-instance-requests \ --region "$region" \ --spot-instance-request-ids "$spot_request_id"

Then terminate the EC2 instance:

aws ec2 terminate-instances \ --region "$region" \ --instance-ids "$instance_id" \ --output text \ --query 'TerminatingInstances[*].[InstanceId,CurrentState.Name]'

Remove the targets from the CloudWatch Events “interrupted” rule and delete the CloudWatch Events Rule:

target_ids_interrupted=$(aws events list-targets-by-rule \ --region "$region" \ --rule "$rule_name_interrupted" \ --output text \ --query 'Targets[*].[Id]') echo target_ids_interrupted='"'$target_ids_interrupted'"' aws events remove-targets \ --region "$region" \ --rule "$rule_name_interrupted" \ --ids $target_ids_interrupted aws events delete-rule \ --region "$region" \ --name "$rule_name_interrupted"

Remove the targets from the CloudWatch Events “state” rule (if you created those) and delete the CloudWatch Events Rule:

target_ids_state=$(aws events list-targets-by-rule \ --region "$region" \ --rule "$rule_name_state" \ --output text \ --query 'Targets[*].[Id]') echo target_ids_state='"'$target_ids_state'"' aws events remove-targets \ --region "$region" \ --rule "$rule_name_state" \ --ids $target_ids_state aws events delete-rule \ --region "$region" \ --name "$rule_name_state"

Delete the SNS Topic:

aws sns delete-topic \ --region "$region" \ --topic-arn "$sns_topic_arn"

Original article and comments: https://alestic.com/2018/02/ec2-spot-cloudwatch-events-sns/

Ubuntu LoCo Council: Three month wrap-up

Planet Ubuntu - Hën, 12/02/2018 - 11:18md

The new LoCo Council has been a little lax with updating this blog. It’s admittedly taken us a little bit of time to figure out what exactly we’re doing, but we seem to be on our feet now. I’d like to rectify the blog issue by wrapping up the first three months of our reign in a summary post to get us back on track.

December 2017

This was the first month of the new council, and our monthly meeting took place on the 11th. We had a number of LoCo verification applications to review.

ArizonaTeam

Arizona had a strong application, with lots of activity, and an ambitious roadmap for the coming year. Despite their having multiple members in attendance, no questions were necessary to receive a unanimous vote for re-verification.

MyanmarTeam

This one was more difficult. Their application listed the most recent event to be in 2016, although with some digging it looked like they might have had activity in 2017 as well. Unfortunately, they had no members in attendance to answer our questions, so we voted unanimously to provisionally extend their status for two months in order to give them a little more time to get their application in order.

VenezuelaTeam

This was probably the quickest re-verification in history. Their application was comprehensive, with an incredible number of activities over the last several years. Their re-verification was unanimously granted.

TunisianTeam

This one seemed to have an up-to-date application, but none of the supporting documentation seemed up-to-date, and no members were in attendance. We again voted for a two-month extension.

PortugalTeam

Portugal had several team members in attendance, and their application was impressive. They even split events into those that they organized, and those in which they participated (but did not organize) because the lists were too long to manage. They were unanimously re-verified.

SwissTeam

Their application was still in draft form, and they had no one in attendance. We again provisionally extended two months.

January

Our January meeting took place on the 8th, and our agenda included two LoCos that were provisionally extended in December.

TunisianTeam

This time, Tunisia had members in attendance. Their application was similar to the one we reviewed in December, but this time they were there to explain that they actually have nearly 300 wiki pages that previous leadership had created, and they were in the midst of pruning them. They’re also working very hard to grow membership. After some discussion, we agreed that they seemed to have a solid plan and good leadership, so we unanimously voted to re-verify.

MyanmarTeam

Once again, Myanmar had no members in attendance, and their application timestamp was the same as when we reviewed in December. As a result, we decided to skip reviewing the application and wait for February.

February

Our February meeting took place today, on the 12th. Our agenda included two LoCos that were provisionally extended in December.

MyanmarTeam

This time, Myanmar had some members in attendance. However, the timestamp of their application still hadn’t changed since the December review. Fortunately, members were there to answer our questions. They explained that there was activity, but it hadn’t made it to the application. They promised to update the application if we extended for one more month, which we did. This was not unanimous, however.

SwissTeam

Their application was no longer in draft form, but we still had a number of questions about their application. In an email to the Council, their leadership requested that we have our discussion in Launchpad since they couldn’t make the meeting. We obliged, and provisionally extended their status for one month.

Jeremy Bicha: GNOME Tweaks 3.28 Progress Report 2

Planet Ubuntu - Hën, 12/02/2018 - 6:35md

GNOME 3.28 has reached its 3.27.90 milestone. This milestone is important because it means that GNOME is now at API Freeze, Feature Freeze, and UI Freeze. From this point on, GNOME shouldn’t change much, but that’s good because it allows for distros, translators, and documentation writers to prepare for the 3.28 release. It also gives time to ensure that new feature are working correctly and as many important bugs as possible are fixed. GNOME 3.28 will be released in approximately one month.

If you haven’t read my last 3.28 post, please read it now. So what else has changed in Tweaks this release cycle?

Desktop

As has been widely discussed, Nautilus itself will no longer manage desktop icons in GNOME 3.28. The intention is for this to be handled in a GNOME Shell extension. Therefore, I had to drop the desktop-related tweaks from GNOME Tweaks since the old methods don’t work.

If your Linux distro will be keeping Nautilus 3.26 a bit longer (like Ubuntu), it’s pretty easy for distro maintainers to re-enable the desktop panel so you’ll still get all the other 3.28 features without losing the convenient desktop tweaks.

As part of this change, the Background tweaks have been moved from the Desktop panel to the Appearance panel.

Touchpad

Historically, laptop touchpads had two or three physical hardware buttons just like mice. Nowadays, it’s common for touchpads to have no buttons. At least on Windows, the historical convention was a click in the bottom left would be treated as a left mouse button click, and a click in the bottom right would be treated as a right mouse button click.

Macs are a bit different in handling right click (or secondary click as it’s also called). To get a right-click on a Mac, just click with two fingers simultaneously. You don’t have to worry about whether you are clicking in the bottom right of the touchpad so things should work a bit better when you get used to it. Therefore, this is even used now in some Windows computers.

My understanding is that GNOME used Windows-style “area” mouse-click emulation on most computers, but there was a manually updated list of computers where the Mac style “fingers” mouse-click emulation was used.

In GNOME 3.28, the default is now the Mac style for everyone. For the past few years, you could change the default behavior in the GNOME Tweaks app, but I’ve redesigned the section now to make it easier to use and understand. I assume there will be some people who prefer the old behavior so we want to make it easy for them!

GNOME Tweaks 3.27.90 Mouse Click Emulation

For more screenshots (before and after), see the GitLab issue.

Other

There is one more feature pending for Tweaks 3.28, but it’s incomplete so I’m not going to discuss it here yet. I’ll be sure to link to a blog post about it when it’s ready though.

For more details about what’s changed, see the NEWS file or the commit log.

David Tomaschik: Book Review: Red Team by Micah Zenko

Planet Ubuntu - Sht, 10/02/2018 - 9:00pd

Red Team: How to Succeed By Thinking Like the Enemy by Micah Zenko focuses on the role that red teaming plays in a variety of institutions, ranging from the Department of Defense to cybersecurity. It’s an excellent book that describes the thought process behind red teaming, when red teaming is a success and when it can be a failure, and the way a red team can best fit into an organization and provide value. If you’re looking for a book that’s highly technical or focused entirely on information security engineering, this book may disappoint. There’s only a single chapter covering the application of red teaming in the information security space (particularly “vulnerability probes” as Zenko refers to many of the tests), but that doesn’t make the rest of the content any less useful – or interesting – to the Red Team practitioner.

Read more...

Daniel Holbach: Took a year off…

Planet Ubuntu - Pre, 09/02/2018 - 10:59pd

Since many of you reached out to me in the past weeks to find out if I was still travelling the world and how things were going, I thought I’d reconnect with the online world and write a blog post again.

After a bit more than a year, my sabbatical is coming to an end now. I had a lot of time to reflect, recharge batteries, be curious again, travel and make new experiences.

In December ’16 I fled the winter in Germany and went to Ecuador. Curiosity was my guidebook, I slowed down, let nature sink in, enjoyed the food and hospitality of the country, met many simply beautiful people along the way, learned some Spanish, went scuba diving with hammerhead sharks and manta rays, sat on top of mountains, hiked, listened to stories from village elders in Kichwa around the fire, went paragliding, camped in the jungle with Shuar people, befriended a macaw in a hippie village and got inspired by many long conversations.

As always when I’m travelling, my list of recommended next destinations grew and I could easily have gone on. After some weeks, I decided to get back to Berlin though and venture new paths there.

When I first got involved in Ubuntu, I was finishing my studies in Computer Sciences. Last March, thirteen years later, I felt the urge to study again. To open myself up to new challenges, learn entirely new skills, exercise different parts of the brain and make way for a possible new career path in the future. I felt quite uncertain, I wasn’t sure if I was crazy to attempt it,  but I was going to try. I went back to square one and started training as a psychotherapist. This was, and still is, an incredibly exciting step for me and has been a very rewarding experience so far.

I wasn’t just looking for a new intellectual exercise – I was also looking for a way to work more closely with people. Although it’s quite different from what I did up until now, this decision still was very consistent with my beliefs, passions and personality in general. Supporting another human being on their path, helping to bring out their potential and working out new perspectives together have always deeply attracted me.

I had the privilege of learning about and witnessing the work of great therapists, counsellors and trainers in seminars, workshops, books, talks and groups, so I had some guidance which supported me and I chose body psychotherapy as the method I wanted to learn. It is part of the humanistic psychotherapy movement and at its core are (among others) the following ideals:

  • All people are inherently good.
  • People are driven towards self-actualisation: development of creativity, free will, and positive human potential.
  • It is based on present-tense experience as the main reference point.
  • It encourages self-awareness and mindfulness.
  • Wikipedia quotes an article, which describes the benefits as having a "crucial opportunity to lead our troubled culture back to its own healthy path. More than any other therapy, Humanistic-Existential therapy models democracy. It imposes ideologies of others upon the client less than other therapeutic practices. Freedom to choose is maximized."

If you know me just a little bit you can probably tell, that this all very much resonated with me. In a way, it’s what led me to the Ubuntu project in 2004 – there is a lot of “humanity towards others” and “I am what I am because of who we all are” in there.

Body psychotherapy was also specifically interesting to me, as it offers a very rich set of interventions and techniques, all experience-based and relying on the wisdom of our body. Furthermore it seeks to reconcile the body and mind split our culture so heavily promotes.

Since last March I immersed myself in this new world: took classes, read books, attended a congress and workshops and had quite a bit of self-experience. In November I took the required exams and became “Heilpraktiker für Psychotherapie”. The actual training in body psychotherapy I’m going to start this year in March. As this is going to take still several years, I’m not exactly sure when or how I will start working in this field. While it’s still quite some time off and right now only an option for some time in the future, I know that this process will encourage me to become more mindful, patient, empathic and a better listener, colleague, partner and friend.

Does this mean, I’m going to leave the tech world? No, absolutely not. My next steps in this domain I’m going to leave to another blog post though.

I feel very privileged having been able to take the time and embark on this adventure and add a new dimension to my coordinate system. All of this wouldn’t have been possible without close people around me who supported and encouraged me. I’m very grateful for this and feel quite lucky.

This has been a very exciting year, a very important experience and I’m very much looking forward to what’s yet to come.

Jono Bacon: Case Study: Building Product, Community, and, Sustainability at Fractal Audio Systems

Planet Ubuntu - Enj, 08/02/2018 - 9:26md

In musicians circles, the Fractal Audio Systems Axe FX range of products has become one of the most highly regarded product lines. Aside from just being a neat product, what is interesting to me is the relationship they have built with their community and value they have created in the product via sustained software updates.

As a little background, the Axe FX and their other AX8/FX8 floor-board products, are hardware units that replicate in software the characteristics of an analog tube guitar amplifier and speaker cabinets. Now, for years there have been companies (e.g. Line6, IK Multimedia) trying to create a software replication of popular Marshall, Mesa Boogie, Ampeg, Peavey, Fender, and other amp tones, with the idea being that you can spend far less on the software and have a wide range of amps to choose from as well. This not only saves on physical space and dollars, but also simplifies recording these amps as you won’t need to plug in a physical microphone – you just play direct through the software. Sadly, the promise has been largely pretty disappointing. Most generally sound like fizzy, cheap knockoffs.

The Axe FX II

While this may be a little strange to grok for the non-musicians reading this, but there isn’t just a tonality assessment to determine if the amp simulator sounds like the real thing, but there is a feel element. Tube amps feel different to play. They have tonal characteristics that adjust as you dial in different settings, and one of the tricky elements for amp simulators to solve is that analog tubes adjust as you use them; the tone adjusts in subtle ways depending on what you play, how you play it, which power supply you are using, how you dial in the amp, and more.

The Axe FX changed much of this. While many saw it initially as just another amp simulator, it has evolved to a point where in A/B testing it is virtually indistinguishable from the amps it is modelling tonally, and the feel is very much there too. This is why bands such as Metallica, U2, Periphery, Steve Vai, and others carry them on tour with them: they can accomplish the same tonal and feel results without the big, unreliable, and complex-to-maintain tube amps.

Sustained Software Updates

The reason why this has been such a game changer is that Cliff Chase, founder of Fractal Audio Systems, has taken a borderline obsessive approach to detail in building this amp/speaker modelling and creating a small team to deliver it.

Cliff Chase, head honcho at Fractal Audio Systems (middle).

From a technology perspective, this is interesting for a few reasons.

Firstly, Fractal have been fairly open about how their technology has evolved. They published a whitepaper on their MIMIC technology and they have been fairly open about how this modelling technology has evolved. You can see the release notes, some further technical details, and a collection of technical posts by Cliff on the forum.

What I found particularly interesting here was Fractal have consistently delivered these improvements via repeated firmware updates out to existing devices. As an example, the MIMIC technology I mentioned above was a major breakthrough in their technology and really (no pun intended) amped up the simulation quality, but it was delivered as a free firmware update to existing hardware.

Now, many organizations would have seen such a technologically important and significant product iteration software update as an opportunity to either release a new hardware product or sell a new line of firmware at a cost. Fractal didn’t do this and have stuck to their philosophy that when you buy their hardware, it is “future proofed” with firmware updates for years to come.

This is true. As an example, the Axe FX II was released in May 2011 and has received 20+ firmware updates which have significantly improved the quality of the product.

In a technology culture where companies release new-feature software updates for a limited period of time (often 2 – 3 years) and then move firmly into maintenance/security updates for a stated “product life” (often 4 – 7 years), Fractal Audio Systems are bucking this trend significantly.

Community

This regular stream of firmware updates that bring additional value, not just security/compatibility fixes, is notable for a few reasons.

Firstly, it has significantly expanded the lifespan and market impact of these devices. Musicians and producers can be a curmudgeonly bunch, and it can take a while for a product to take hold. This is particularly true in a world where “purism” of the art of creating and producing music, and the purism of the tools you use would ordinarily reject any kind of simulated equipment. The Axe FX has become a staple in touring and production rigs because of it’s constant evolution and improvements.

Tones can be shaped using the Axe Edit desktop client.

Secondly, from a consumer perspective, there is something so satisfying about purchasing a hardware product that consistently improves. Psychologically, we are used to software evolving (in either good or bad directions), but hardware has more of a “cast in stone” psychological impression in many of us. We buy it, it provides a function, and we don’t expect it to change much. In the case of the Fractal Audio Systems hardware, it does change, and this provides that all important goal companies focus on: customer delight.

Thirdly, and most interestingly for me, Fractal Audio Systems have fostered a phenomenally devoted, positive, and supportive community. From a community strategy perspective, they have not done anything particularly special: they have a forum, a wiki, and members of the Fractal Audio Systems team post periodically in the forum. They have the usual social media accounts and they release videos on YouTube. This devotion in the community is not from any community engagement fakery…it is from (a) a solid product, and (b) a company who they feel isn’t bullshitting them.

This latter element, the bullshit factor, is key. When I work with my clients I always emphasize the importance of authenticity in the relationship between a company and their community of users/customers. This doesn’t mean pandering to the community and the critics, it means an honest exchange of ideas and discussion in which the company and the community/users can derive equal levels of value out of the relationship.

In my observation of the Fractal Audio Systems community, they have done just this. Cliff Chase, as the supreme leader at Fractal Audio Systems is revered in the community as a mastermind, a reputation that is rightly earned. He is an active participant with the community, sharing his input both on the musical use of his products as well as the technology that has gone into them. He isn’t a CEO who is propped up on conference stages or bouncing from journalist to journalist merely talking about vision, he is knee-deep, sleeves rolled fully-up, working on improvements that then get rolled out…freely…to an excitable community of users.

This puts the community in a valuable position. They become the logical feedback loop (again, no pun intended) for how well the products and firmware updates are working, and while the community can’t participate in improving the products directly (as they don’t have access to the code or in many cases, the skills to contribute) they get to see the fruits of their feedback in these firmware updates.

This serves two important benefits. Firstly, validation is an enormous force in what we do. Everyone, no matter who you are, needs validation of their input and ideas. When the community share feedback that is then validated by Cliff and co., and then rolled out in a freely available firmware update that benefits everyone, this is a deeply satisfying experience. Secondly, in many communities there is a suspicion about providing value (such as feedback or other technical contributions) to a company if only the company benefits from this (e.g. by selling a new product encompassing that feedback). Given that Fractal Audio Systems pushes out these updates freely, it largely eradicates that issue.

In Conclusion

Everything I have outlined here could be construed as a master plan on behalf of the folks at Fractal Audio Systems. I don’t think this is the case. I don’t believe that when Cliff Chase founded the company he layed all of this out as a grand plan for how to build community and customer engagement.

This goes back to purity. My guess is that Cliff and team just wanted to build a solid product that makes their customers happy and providing this regular stream of updates was the most obvious way to do it. It wouldn’t surprise me if they themselves were surprised by how much goodwill would be generated throughout this process.

This is all paving away to the next iteration of this journey, when the Axe FX III was announced last week. It provides significantly greater horsepower, undoubtedly to usher in the next era of improvements. This is a journey I will be following along with when I get an Axe FX III of my own in March.

The post Case Study: Building Product, Community, and, Sustainability at Fractal Audio Systems appeared first on Jono Bacon.

Stuart Langridge: Sorry Henry

Planet Ubuntu - Enj, 08/02/2018 - 7:34md

I think I found a bug in a Henry Dudeney book.

Dudeney was a really famous puzzle creator in Victorian/Edwardian times. For Americans: Sam Loyd was sort of an American knock-off of Dudeney, except that Loyd stole half his puzzles from other people and HD didn’t. Dudeney got so annoyed by this theft that he eventually ended up comparing Loyd to the Devil, which was tough talk in 1910.

Anyway, he wrote a number of puzzle books, and at least some are available on Project Gutenberg, so well done the PG people. If you like puzzles, maths or thinking sorts, then there are a few good collections (and there are nicer to read versions at the Internet Archive too). The Canterbury Puzzles is his most famous work, but I’ve been reading Amusements in Mathematics. In there he presents the following puzzle:

81.—THE NINE COUNTERS. 15879 ×23×46

I have nine counters, each bearing one of the nine digits, 1, 2, 3, 4, 5, 6, 7, 8 and 9. I arranged them on the table in two groups, as shown in the illustration, so as to form two multiplication sums, and found that both sums gave the same product. You will find that 158 multiplied by 23 is 3,634, and that 79 multiplied by 46 is also 3,634. Now, the puzzle I propose is to rearrange the counters so as to get as large a product as possible. What is the best way of placing them? Remember both groups must multiply to the same amount, and there must be three counters multiplied by two in one case, and two multiplied by two counters in the other, just as at present.

81. ANSWER

In this case a certain amount of mere “trial” is unavoidable. But there are two kinds of “trials”—those that are purely haphazard, and those that are methodical. The true puzzle lover is never satisfied with mere haphazard trials. The reader will find that by just reversing the figures in 23 and 46 (making the multipliers 32 and 64) both products will be 5,056. This is an improvement, but it is not the correct answer. We can get as large a product as 5,568 if we multiply 174 by 32 and 96 by 58, but this solution is not to be found without the exercise of some judgment and patience.

But, you know what? I don’t think he’s right. Now, I appreciate that he probably had to spend hours or days trying out possibilities with a piece of paper and a fountain pen, and I just wrote the following 15 lines of Python in five minutes, but hey, he didn’t have to bear with his government trying to ban encryption, so let’s call it even.

from itertools import permutations nums = [1,2,3,4,5,6,7,8,9] values = [] for p in permutations(nums, 9): one = p[0]*100 + p[1]*10 + p[2] two = p[3]*10 + p[4] three = p[5]*10 + p[6] four = p[7]*10 + p[8] if four > three: continue # or we'll see fg*hi and hi*fg as different if one*two == three*four: expression = "%s*%s = %s*%s = %s" % ( one, two, three, four, one*two) values.append((expression, one*two)) values.sort(key=lambda x:x[1]) print("Solution for 1-9") print("\n".join([x[0] for x in values]))

The key point here is this: the little programme above indeed recognises his proposed solutions (158*32 = 79*64 = 5056 and 174*32 = 96*58 = 5568) but it also finds two larger ones: 584*12 = 96*73 = 7008 and 532*14 = 98*76 = 7448. Did I miss something about the puzzle? Or am I actually in the rare position of finding an error in a Dudeney book? And all it took was seventy years of computer technology advancement to put me in that position. Maths, eh? Tch.

It’s an interesting book. There are lots of money puzzles, in which I have to carefully remember that ha’pennies and farthings are a thing (a farthing is a quarter of a penny), there are 12 pennies in a shilling, and twenty shillings in a pound. There’s some rather racist portrayals of comic-opera Chinese characters in a few of the puzzles. And my heart sank when I read a puzzle about husbands and wives crossing a river in a boat, where no man would permit his wife to be in the boat with another man without him, because I assumed that the solution would also say something like “and of course the women cannot be expected to row the boat”, and I was then pleasantly surprised to discover that this was not the case and indeed they were described as probably being capable oarswomen and it was likely their boat to begin with! Writings from another time. But still as good as any puzzle book today, if not better.

From Henry Dudeney's Amusements in Mathematics, published 1917. We did, Henry, mate. Cheers for the puzzle book. https://t.co/tt8JljBXN1 pic.twitter.com/MFamXHxJ05

— Stuart Langridge (@sil) 25 September 2017

Jonathan Riddell: A Decade of Plasma

Planet Ubuntu - Enj, 08/02/2018 - 6:23md

I realised that it’s now a decade of KDE releasing its Plasma desktop.  The KDE 4 release event was in January 2008.  Google were kind enough to give us their office space and smoothies and hot tubs to give some talks and plan a way forward.

The KDE 4 release has gained something of a poor reputation, at the time we still shipped Kubuntu with KDE 3 and made a separate unsupported release for Plasma, but I remember it being perfectly useable and notable for being the foundation that would keep KDE software alive.  It had been clear for sometime that Kicker and the other elements of the KDE 3 desktop were functional but unlikely to gain much going forward.  When Qt 4 was announced back in (I’m pretty sure) 2004 Akademy in Ludwigsberg it was seen as a chance to bring KDE’s desktop back up to date and leap forward.  It took 4 long years and to keep community momentum going we had to release even if we did say it would eat your babies.

Kubuntu at KDE 4 release event

Somewhere along the way it felt like KDE’s desktop lost mindshare with major distros going with other desktops and the rise of lightweight desktops.  But KDE’s software always had the best technological underpinnings with Qt and then QtQuick plus the move to modularise kdelibs into many KDE Frameworks.

This week we released Plasma 5.12 LTS and what a fabulous reception we are getting.  The combination of simple and familiar by default but customisable and functional is making many people realise what an offering we now have with Plasma. When we tried Plasma on an ARM laptop recently we realised it used less memory then the “lightweight” Linux desktop that laptop used pre-installed.  Qt being optimised for embedded use means KDE’s offerings are fast whether you’re experimenting with Plasma Mobile or using it on the very latest KDE Slimbook II means it’ll run smooth and fast.

Some quotes from this week:

“Plasma, as tested on KDE neon specifically, is almost perfect” Ask Noah Show

“This is the real deal.. I’m going all in on this.. ” Linux Unplugged

“Become a Plasma Puppy”

Here’s @popey installing @KdeNeon at 30,000 feet. See how excited he looks. How did it turn out? pic.twitter.com/jWVrdR6kPp

— Martin Wimpress (@m_wimpress) February 4, 2018

Elite Ubuntu community spod Alan Pope tired to install KDE neon in aeroplane mode (fails because of a bug which we have since fixed, thanks for the poke).

Anyone up for a Plasma desktop challenge for the next week?

I’m installing @KdeNeon on all my systems for the next week: https://t.co/ya2tGeMQxu

Maybe some of you will try it along with me, and send me your updates as you go? Also here’s my current setup: pic.twitter.com/lVLf3x4l3U

— Chris Fisher (@ChrisLAS) February 4, 2018

Chris Fisher takes the Plasma Desktop Challenge, can’t wait to find out what he says next week.

On Reddit Plasma 5.12 post:

“KDE plasma is literally worlds ahead of anything I’ve ever seen. It’s one project where I felt I had to donate to let them know I loved it!”
“I’ve switched to Plasma a little over a year ago and have loved it ever since. I’m glad they’re working so hard on it!”
“Yay! Good to see Kickass Desktop Environment get an update!”

Or here’s a random IRC conversation I had today in a LUG channel

<yeehi> Riddell – I adore KDE now!
<yeehi> It is gobsmackingly beautiful
<yeehi> I put in the 12.0 LTS updates yesterday, maybe over a hundered packages, and all the time I was thinking, “Man, I just love those KDE developers!
<yeehi> It is such a pleasure to use and see. Also, I have been finding it to be my most stable GNU+Linux experience

So after a decade of hard work I’m definitely feeling the good vibes this week. Take the Plasma Challenge and be a Plasma Puppy! KDE Plasma is lightweight, functional and rocking your laptop.

 

 

by

Ubuntu Insights: Building Slack for the Linux community and adopting snaps

Planet Ubuntu - Mar, 06/02/2018 - 10:05pd

Used by millions around the world, Slack is an enterprise software platform that allows teams and businesses of all sizes to communicate effectively. Slack works seamlessly with other software tools within a single integrated environment, providing an accessible archive of an organisation’s communications, information and projects. Although Slack has grown at a rapid rate in the 4 years since their inception, their desktop engineering team who work across Windows, MacOS and Linux consists of just 4 people currently. We spoke to Felix Rieseberg, Staff Software Engineer, who works on this team following the release of Slack’s first snap last month to discover more about the company’s attitude to the Linux community and why they decided to build a snap.

Install Slack snap

Can you tell us about the Slack snap which has been published?

We launched our first snap last month as a new way to distribute to our Linux community. In the enterprise space, we find that people tend to adopt new technology at a slower pace than consumers, so we will continue to offer a .deb package.

What level of interest do you see for Slack from the Linux community?

I’m excited that interest for Slack is growing across all platforms, so it is hard for us to say whether the interest coming out of the Linux community is different from the one we’re generally seeing. However, it is important for us to meet users wherever they do their work. We have a dedicated QA engineer focusing entirely on Linux and we really do try hard to deliver the best possible experience.

We generally find it is a little harder to build for Linux, than say Windows, as there is a less predictable base to work from – and this is an area where the Linux community truly shines. We have a fairly large number of users that are quite helpful when it comes to reporting bugs and hunting root causes down.

How did you find out about snaps?

Martin Wimpress at Canonical reached out to me and explained the concept of snaps. Honestly, initially I was hesitant – even though I use Ubuntu – because it seemed like another standard to build and maintain. However, once understanding the benefits I was convinced it was a worthwhile investment.

What was the appeal of snaps that made you decide to invest in them?

Without doubt, the biggest reason we decided to build the snap is the updating feature. We at Slack make heavy use of web technologies, which in turn allows us to offer a wide variety of features – like the integration of YouTube videos or Spotify playlists. Much like a browser, that means that we frequently need to update the application.

On macOS and Windows, we already had a dedicated auto-updater that doesn’t require the user to even think about updates. We have found that any sort of interruption, even for an update, is an annoyance that we’d like to avoid. Therefore, the automatic updates via snaps seemed far more seamless and easy.

How does building snaps compare to other forms of packaging you produce? How easy was it to integrate with your existing infrastructure and process?

As far as Linux is concerned, we have not tried other “new” packaging formats, but we’ll never say never. Snaps were an easy choice given that the majority of our Linux customers do use Ubuntu. The fact that snaps also run on other distributions was a decent bonus. I think it is really neat how Canonical is making snaps cross-distro rather than focusing on just Ubuntu.

Building it was surprisingly easy: We have one unified build process that creates installers and packages – and our snap creation simply takes the .deb package and churns out a snap. For other technologies, we sometimes had to build in-house tools to support our buildchain, but the `snapcraft` tool turned out to be just the right thing. The team at Canonical were incredibly helpful to push it through as we did experience a few problems along the way.

How do you see the store changing the way users find and install your software?

What is really unique about Slack is that people don’t just stumble upon it – they know about it from elsewhere and actively try to find it. Therefore, our levels of awareness are already high but having the snap available in the store, I hope, will make installation a lot easier for our users.

We always try to do the best for our users. The more convinced we become that it is better than other installation options, the more we will recommend the snap to our users.

What are your expectations or already seen savings by using snaps instead of having to package for other distros?

We expect the snap to offer more convenience for our users and ensure they enjoy using Slack more. From our side, the snap will save time on customer support as users won’t be stuck on previous versions which will naturally resolve a lot of issues. Having the snap is an additional bonus for us and something to build on, rather than displacing anything we already have.

What release channels (edge/beta/candidate/stable) in the store are you using or plan to use, if any?

We used the edge channel exclusively in the development to share with the team at Canonical. Slack for Linux as a whole is still in beta, but long-term, having the options for channels is interesting and being able to release versions to interested customers a little earlier will certainly be beneficial.

How do you think packaging your software as a snap helps your users? Did you get any feedback from them?

Installation and updating generally being easier will be the big benefit to our users. Long-term, the question is “Will users that installed the snap experience less problems than other customers?” I have a decent amount of hope that the built-in dependencies in snaps make it likely.

What advice or knowledge would you share with developers who are new to snaps?

I would recommend starting with the Debian package to build your snap – that was shockingly easy. It also starts the scope smaller to avoid being overwhelmed. It is a fairly small time investment and probably worth it. Also if you can, try to find someone at Canonical to work with – they have amazing engineers.

Where do you see the biggest opportunity for development?

We are taking it step by step currently – first get people on the snap, and build from there. People using it will already be more secure as they will benefit from the latest updates.

Dustin Kirkland: RFC: Ubuntu 18.04 LTS Minimal Images

Planet Ubuntu - Hën, 05/02/2018 - 8:44md
  • To date, we've shaved the Bionic (18.04 LTS) minimal images down by over 53%, since Ubuntu 14.04 LTS, and trimmed nearly 100 packages and thousands of files.
  • Feedback welcome here: https://ubu.one/imgSurvey
In last year's AskHN HackerNews post, "Ask HN: What do you want to see in Ubuntu 17.10?", and the subsequent treatment of the data, we noticed a recurring request for "lighter, smaller, more minimal" Ubuntu images.
This is particularly useful for container images (Docker, LXD, Kubernetes, etc.), embedded device environments, and anywhere a developer wants to bootstrap an Ubuntu system from the smallest possible starting point.  Smaller images generally:
  • are subject to fewer security vulnerabilities and subsequent updates
  • reduce overall network bandwidth consumption
  • and require less on disk storage
First, a definition..."The Ubuntu Minimal Image is the smallest base upon which a user can apt install any package in the Ubuntu archive."By design, Ubuntu Minimal Images specifically lack the creature comforts, user interfaces and user design experience that have come to define the Ubuntu Desktop and Ubuntu Cloud images.
To date, we've shaved the Bionic (18.04 LTS) minimal images down by over 53%, since Ubuntu 14.04 LTS, and trimmed nearly 100 packages and thousands of files.

David Tomaschik: Security Is Not an Absolute

Planet Ubuntu - Hën, 05/02/2018 - 9:00pd

If there’s one thing I wish people from outside the security industry knew when dealing with information security, it’s that Security is not an absolute. Most of the time, it’s not even quantifiable. Even in the case of particular threat models, it’s often impossible to make statements about the security of a system with certainty.

Read more...

Jono Bacon: Open Collaboration Conference CFP Now Open

Planet Ubuntu - Hën, 05/02/2018 - 8:27pd

Earlier last year I announced last year that I was partnering up with the Linux Foundation to create the Open Community Conference as part of their Open Source Summit events in North America and Europe.

Well, the events happened, and it was (in my humble opinion) an enormous success. We had 120+ papers submitted to the North American event and 85+ papers submitted to the European event. From there I whittled it down to around 40 sessions for each event which resulted in some fantastic content and incredible discussions/networking.

Not only was I delighted with the eagerness of people to speak, but we also had a tremendously diverse range of people submitting from a range of genders, backgrounds, cultures, experience levels, and beyond. I was proud to see this, and I am similarly proud to see the fantastically diverse attendees we have at the Community Leadership Summit each year (note: CFP is open there too). So, thanks to everyone who submitted, and sorry we couldn’t squeeze you all in to speak.

A Name Change: Open Collaboration Conference

I am delighted to announce we are doing it all again, with one small change: the name.

As the event has evolved, I have wanted it to incorporate as many elements focused on people collaborating together. While one component of this is certainly people building communities, other elements such as governance, remote working, innersource, cultural development, and more fit under the banner of “collaboration”, but don’t necessarily fit under the traditional banner of “community”.

As such, we decided to change the name of the conference to the Open Collaboration Conference. I am confident this will then provide both a home to the community strategy and tactics content, as well as these other related areas. This way the entire event services as a comprehensive capsule for collaboration in technology.

Call For Papers

So, I wanted to let you all know the key details right now of how to get involved in the events. Firstly, when the events are (as part of the Open Source Summit):

As usual, there is a deadline for the call for papers and they are:

  • North America – 29th April 2018
  • Europe – 1st July 2018

In terms of topics, I encourage you all submit papers that relate to:

  • Open Source Metrics
  • Incentivization and Engagement
  • Software Development Methodologies and Platforms
  • Building Internal Innersource Communities
  • Remote Team Management and Methods
  • Bug/Issue Management and Triage
  • Communication Platforms and Methods
  • Open Source Governance and Models
  • Mentoring and Training
  • Event Strategy
  • Content Management and Social Media
  • DevOps Culture
  • Community Management
  • Advocacy and Evangelism
  • Government and Compliance

I look forward to seeing you submissions and seeing you there!

The post Open Collaboration Conference CFP Now Open appeared first on Jono Bacon.

Costales: Ubucon Europe 2018: Last call for papers & current status event

Planet Ubuntu - Dje, 04/02/2018 - 1:36md
You're on time for submit a conference, workshop, stand or podcast for the next Ubucon!!


Main room. With no edits ;) Just checking things in situ for April
We're working hard for the next Ubucon Europe 2018 and we would like to tell you the current status:

  • Official webpage updated. 
  • You have especial discounts for your travel in bus, train and hotel. More info here.
  • The conferences will be for free. 
  • Social event of Saturday: It will be a traditional espicha. If you are coming, you need to pay that dinner in advance as soon as possible, because there are limited places! More info here.
  • You can follow the last news here: Telegram, Twitter, Google + & Facebook.
  • We'll publish the complete schedule soon.

Faqet

Subscribe to AlbLinux agreguesi