21 October 2014
This is an update of my previous attempt at summarizing this discussion. As I proposed one of the amendments, you should not blindly trust me, of course. :-)
First, let’s address two FAQ:
What is the impact on jessie?
On the technical level, none. The current state of jessie already matches what is expected by all proposals. It’s a different story on the social level.
Why are we voting now, then?
Ian Jackson, who submitted the original proposal, explained his motivation in this mail.
We now have four different proposals: (summaries are mine)
- [iwj] Original proposal (Ian Jackson): Packages may not (in general) require one specific init system (Choice 1 on this page)
- [lucas] Amendment A (Lucas Nussbaum): support for alternative init systems is desirable but not mandatory (Choice 2 on this page)
- [dktrkranz] Amendment B (Luca Falavigna): Packages may require a specific init system (Choice 3 on this page)
- [plessy] Amendment C (Charles Plessy): No GR, please: no GR required (Choice 4 on this page)
[plessy] is the simplest, and does not discuss the questions that the other proposals are answering, given it considers that the normal Debian decision-making processes have not been exhausted.
In order to understand the three other proposals, it’s useful to break them down into several questions.
Q1: support for the default init system on Linux
A1.1: packages MUST work with the default init system on Linux as PID 1.
(That is the case in both [iwj] and [lucas])
A1.2: packages SHOULD work with the default init system on Linux as PID 1.
With [dktrkranz], it would no longer be required to support the default init system, as maintainers could choose to require another init system than the default, if they consider this a prerequisite for its proper operation; and no patches or other derived works exist in order to support other init systems. That would not be a policy violation. (see this mail and its reply for details). Theoretically, it could also create fragmentation among Debian packages requiring different init systems: you would not be able to run pkgA and pkgB at the same time, because they would require different init systems.
Q2: support for alternative init systems as PID 1
A2.1: packages MUST work with one alternative init system (in [iwj])
(Initially, I thought that “one” here should be understood as “sysvinit”, as this mail, Ian detailed why he chose to be unspecific about the target init system. However, in that mail, he later clarified that a package requiring systemd or uselessd would be fine as well, given that in practice there aren’t going to be many packages that would want to couple specifically to systemd _or_ uselessd, but where support for other init systems is hard to provide.)
To the user, that brings the freedom to switch init systems (assuming that the package will not just support two init systems with specific interfaces, but rather a generic interface common to many init systems).
However, it might require the maintainer to do the required work to support additional init systems, possibly without upstream cooperation.
Lack of support is a policy violation (severity >= serious, RC).
Bugs about degraded operation on some init systems follow the normal bug severity rules.
A2.2: packages SHOULD work with alternative init systems as PID 1. (in [lucas])
This is a recommendation. Lack of support is not a policy violation (bug severity < serious, not RC). A2.3: nothing is said about alternative init systems (in [dktrkranz]). Lack of support would likely be a wishlist bug.
Q3: special rule for sysvinit to ease wheezy->jessie upgrades
(this question is implicitly dealt with in [iwj], assuming that one of the supported init systems is sysvinit)
A3.1: continue support for sysvinit (in [lucas])
For the jessie release, all software available in Debian ‘wheezy’ that supports being run under sysvinit should continue to support sysvinit unless there is no technically feasible way to do so.
A3.2: no requirement to support sysvinit (in [dktrkranz])
Theoretically, this could require two-step upgrades: first reboot with systemd, then upgrade other packages
Q4: non-binding recommendation to maintainers
A4.1: recommend that maintainers accept patches that add or improve
support for alternative init systems. (in both [iwj] and [lucas], with a different wording)
A4.2: say nothing (in [dktrkranz])
Q5: support for init systems with are the default on non-Linux ports
A5.1: non-binding recommendation to add/improve support with a high priority (in [lucas])
A5.2: say nothing (in [iwj] and [dktrkranz])
Comments are closed: please discuss by replying to that mail.
21 October 2014 à 13:07
17 October 2014
TL;DR: static version of http://debaday.debian.net/, as it was when it was shut down in 2009, available!
A long time ago, between 2006 and 2009, there was a blog called Debian Package of the Day. About once per week, it featured an article about one of the gems available in the Debian archive: one of those many great packages that you had never heard about.
At some point in November 2009, after 181 articles, the blog was hacked and never brought up again. Last week I retrieved the old database, generated a static version, and put it online with the help of DSA. It is now available again at http://debaday.debian.net/. Some of the articles are clearly outdated, but many of them are about packages that are still available in Debian, and still very relevant today.
17 October 2014 à 13:05
06 October 2014
In the last months, I have been working on improving the security of D-Bus, mainly to make it more resistant to denial of service attacks. This work was sponsored by Collabora.
Eight security issues were discovered, fixed and attributed a CVE. They were found by looking at the source code (in D-Bus and Linux' af_unix implementation), checking existing issues in the D-Bus bugzilla and a bit of luck.
Security issues fixed in D-Bus
- CVE-2014-3477(Bug #78979): dbus-daemon sent an AccessDenied error to the service instead of a client when the client is prohibited from accessing the service, which allowed local users to cause a denial of service (initialization failure and exit) or possibly conduct a side-channel attack via a D-Bus message to an inactive service.
- CVE-2014-3532(Bug #80163): when running on Linux 2.6.37-rc4 or later, local users could cause a denial of service (system-bus disconnect of other services or applications) by sending a message containing a file descriptor, then exceeding the maximum recursion depth before the initial message is forwarded.
- CVE-2014-3533(Bug #80469): dbus-daemon allowed local users to cause a denial of service (disconnect) via a certain sequence of crafted messages that caused the dbus-daemon to forward a message containing an invalid file descriptor.
- CVE-2014-3635(Bug #83622): an off-by-one error in dbus-daemon allowed remote attackers to cause a denial of service (dbus-daemon crash) or possibly execute arbitrary code by sending one more file descriptor than the limit, which triggered a heap-based buffer overflow or an assertion failure.
- CVE-2014-3636(Bug #82820): a denial-of-service vulnerability in dbus-daemon allowed local attackers to prevent new connections to dbus-daemon, or disconnect existing clients, by exhausting descriptor limits.
- CVE-2014-3637(Bug #80559): malicious local users could create D-Bus connections to dbus-daemon which could not be terminated by killing the participating processes, resulting in a denial-of-service vulnerability.
- CVE-2014-3638(Bug #81053): dbus-daemon suffered from a denial-of-service vulnerability in the code which tracks which messages expect a reply, allowing local attackers to reduce the performance of dbus-daemon.
- CVE-2014-3639(Bug #80919): dbus-daemon did not properly reject malicious connections from local users, resulting in a denial-of-service vulnerability.
In addition to fixing specific bugs, I also explored ideas to restrict the number of D-Bus connections a process
or a cgroup
could create. After discussions with upstream, those ideas were not retained upstream. But while working on cgroups, my patch for parsing /proc/pid/cgroup
was accepted in Linux 3.17.
Identify bogus D-Bus match rules
D-Bus security issues are not all in dbus-daemon: they could be in applications misusing D-Bus. One common mistake done by applications is to receive a D-Bus signal and handle it without checking it was really sent by the expected sender. It seems impossible to check the code of all applications potentially using D-Bus in order to see if such a mistake is done. Instead of looking the code of random applications, my approach was to add a new method GetAllMatchRules
in dbus-daemon to retrieve all match rules and look for suspicious patterns. For example, a match rule for NameOwnerChanged signals that does not filter on the sender of such signals is suspicious and it worth checking the source code of the applications to see if it is legitimate. With this method, I was able to fix bugs in Bluez
is released in dbus 1.9.0 and it is now possible to try it without recompiling D-Bus
to enable the feature. I have used a script
to tell me which processes register suspicious match rules. I would like if there was a way to do that in a graphical interface. It's not ready yet, but I started a patch in D-Feet
06 October 2014 à 16:19
10 September 2014
The start of the jessie freeze is quickly approaching, so now is a good time to ensure that packages you rely on will the part of the upcoming release. Thanks to automated removals, the number of release critical bugs has been kept low, but this was achieved by removing many packages from jessie: 841 packages from unstable are not part of jessie, and won’t be part of the release if things don’t change.
It is actually simple to check if you have packages installed locally that are part of those 841 packages:
apt-get install how-can-i-help (available in backports if you don’t use testing or unstable)
- Look at packages listed under Packages removed from Debian ‘testing’ and Packages going to be removed from Debian ‘testing’
Then, please fix all the bugs :-) Seriously, not all RC bugs are hard to fix. A good starting point to understand why a package is not part of jessie is tracker.d.o.
On my laptop, the two packages that are not part of jessie are the geeqie image viewer (which looks likely to be fixed in time), and josm, the OpenStreetMap editor, due to three RC bugs. It seems much harder to fix… If you fix it in time for jessie, I’ll offer you a $drink!
10 September 2014 à 19:28
01 September 2014
In March 2013 I looked at Debian releases used by popcon participants. I’ve just re-done the same analysis. Please see the previous post on this topic for details.
01 September 2014 à 01:53
31 August 2014
After an intensive evening of brainstorming by the 5th floor cabal, I am happy to release the very first version of the Debian Trivia, modeled after the famous TCP/IP Drinking Game. Only the questions are listed here — maybe they should go (with the answers) into a package? Anyone willing to co-maintain? Any suggestions for additional questions?
- what was the first release with an “and-a-half” release?
- Where were the first two DebConf held?
- what are Debian releases named after? Why?
- Give two names of girls that were originally part of the Debian Archive Kit (dak), that are still actively used today.
- Swirl on chin. Does it ring a bell?
- What was Dunc Tank about? Who was the DPL at the time? Who were the release managers during Dunc Tank?
- Cite 5 different valid values for a package’s urgency field. Are all of them different?
- When was the Debian Maintainers status created?
- What is the codename for experimental?
- Order correctly lenny, woody, etch, sarge
- Which one was the Dunc Tank release?
- Name three locations where Debian machines are hosted.
- What does the B in projectb stand for?
- What is the official card game at DebConf?
- Describe the Debian restricted use logo.
- One Debian release was frozen for more than a year. Which one?
- name the kernel version for sarge, etch, lenny, squeeze, wheezy. bonus for etch-n-half!
- What happened to Debian 1.0?
- Which DebConfs were held in a Nordic country?
- What does piuparts stand for?
- Name the first Debian release.
- Order correctly hamm, bo, potato, slink
- What are most Debian project machines named after?
31 August 2014 à 08:42
24 August 2014
Stefano Zacchiroli opened DebConf’14 with an insightful talk titled Debian in the Dark Ages of Free Software (slides available, video available soon).
He makes the point (quoting slide 16) that the Free Software community is winning a war that is becoming increasingly pointless: yes, users have 100% Free Software thin client at their fingertips [or are really a few steps from there]. But all their relevant computations happen elsewhere, on remote systems they do not control, in the Cloud.
That give-up on control of computing is a huge and important problem, and probably the largest challenge for everybody caring about freedom, free speech, or privacy today. Stefano rightfully points out that we must do something about it. The big question is: how can we, as a community, address it?
Towards a Free Service Definition?
I believe that we all feel a bit lost with this issue because we are trying to attack it with our current tools & weapons. However, they are largely irrelevant here: the Free Software Definition is about software, and software is even to be understood strictly in it, as software programs. Applying it to services, or to computing in general, doesn’t lead anywhere. In order to increase the general awareness about this issue, we should define more precisely what levels of control can be provided, to understand what services are not providing to users, and to make an informed decision about waiving a particular level of control when choosing to use a particular service.
Benjamin Mako Hill pointed out yesterday during the post-talk chat that services are not black or white: there aren’t impure and pure services. Instead, there’s a graduation of possible levels of control for the computing we do. The Free Software Definition lists four freedoms — how many freedoms, or types of control, should there be in a Free Service Definition, or a Controlled-Computing Definition? Again, this is not only about software: the platform on which a particular piece of software is executed has a huge impact on the available level of control: running your own instance of WordPress, or using an instance on wordpress.com, provides very different control (even if as Asheesh Laroia pointed out yesterday, WordPress does a pretty good job at providing export and import features to limit data lock-in).
The creation of such a definition is an iterative process. I actually just realized today that (according to Wikipedia) the very first occurrence of an attempt at a Free Software Definition was published in 1986 (GNU’s bulletin Vol 1 No.1, page 8) — I thought it happened a couple of years earlier. Are there existing attempts at defining such freedoms or levels of controls, and at benchmarking such criteria against existing services? Such criteria would not only include control over software modifications and (re)distribution, but also likely include mentions of interoperability and open standards, both to enable the user to move to a compatible service, and to avoid forcing the user to use a particular implementation of a service. A better understanding of network effects is also needed: how much and what type of service lock-in is acceptable on social networks in exchange of functionality?
I think that we should inspire from what was achieved during the last 30 years on Free Software. The tools that were produced are probably irrelevant to address this issue, but there’s a lot to learn from the way they were designed. I really look forward to the day when we will have:
- a Free Software Definition equivalent for services
- Debian Free Software Guidelines-like tests/checklist to evaluate services
- an equivalent of The Cathedral and the Bazaar, explaining how one can build successful business models on top of open services
24 August 2014 à 15:39
15 August 2014
Everyone has been blogging about GUADEC, but I’d like to talk about my other favorite conference of the year, which is GNOME.Asia. This year, it was in Beijing, a mightily interesting place. Giant megapolis, with grandiose architecture, but at the same time, surprisingly easy to navigate with its efficient metro system and affordable taxis. But the air quality is as bad as they say, at least during the incredibly hot summer days where we visited.
The conference itself was great, this year, co-hosted with FUDCon’s asian edition, it was interesting to see a crowd that’s really different from those who attend GUADEC. Many more people involved in evangelising, deploying and using GNOME as opposed to just developing it, so it allows me to get a different perspective.
On a related note, I was happy to see a healthy delegation from Asia at GUADEC this year!
15 August 2014 à 04:50
17 July 2014
Two years ago, I got appointed as chairman of the openSUSE Board. I was very excited about this opportunity, especially as it allowed me to keep contributing to openSUSE, after having moved to work on the cloud a few months before. I remember how I wanted to find new ways to participate in the project, and this was just a fantastic match for this. I had been on the GNOME Foundation board for a long time, so I knew it would not be easy and always fun, but I also knew I would pretty much enjoy it. And I did.
Fast-forward to today: I'm still deeply caring about the project and I'm still excited about what we do in the openSUSE board. However, some happy event to come in a couple of months means that I'll have much less time to dedicate to openSUSE (and other projects). Therefore I decided a couple of months ago that I would step down before the end of the summer, after we'd have prepared the plan for the transition. Not an easy decision, but the right one, I feel.
And here we are now, with the official news out: I'm no longer the chairman :-) (See also this thread) Of course I'll still stay around and contribute to openSUSE, no worry about that! But as mentioned above, I'll have less time for that as offline life will be more "busy".
openSUSE Board Chairman at oSC14
Since I mentioned that we were working on a transition... First, knowing the current board, I have no doubt everything will be kept pushed in the right direction. But on top of that, my good friend Richard Brown has been appointed as the new chairman. Richard knows the project pretty well and he has been on the board for some time now, so is aware of everything that's going on. I've been able to watch his passion for the project, and that's why I'm 100% confident that he will rock!
17 July 2014 à 14:40
09 April 2014
While trying to debug a bandwidth problem on a 3G connection, I tried speedtest.net, which ranks fairly high when one searches for “bandwidth test” on various search engines. I was getting very strange results, so I started wondering if my ISP might be bandwidth-throttling all traffic except the one from speedtest.net tests. After all, that’s on a 3G network, and another french 3G ISP (SFR) apparently uses Citrix ByteMobile to optimize the QoE by minifying HTML pages and recompressing images on-the-fly (amongst other things).
So, I fired wireshark, and discovered that no, it’s just speedtest being a bit naive. Speedtest uses its own text-based protocol on port 8080. Here is an excerpt of a download speed test:
< HELLO 2.1 2013-08-14.01
> DOWNLOAD 1000000
Yeah, right: sequences of “ABCDEFGHIJ”. How course, extremely easy to compress, which apparently happens transparently on 3G (or is it PPP? but I tried to disable PPP compression, and it did not see any change).
It’s funny how digging into problems that look promising at first sight often results in big disappointments :-(
09 April 2014 à 19:23
19 March 2014
tc qdisc add dev wlan0 root handle 1: cbq avpkt 1000 bandwidth 10Mbit
tc class add dev wlan0 parent 1: classid 1:1 cbq rate 3Mbit allot 1500 prio 3 bounded isolated
tc filter add dev wlan0 parent 1: protocol ip u32 match ip protocol 6 0xff match ip sport 80 0xffff flowid 1:1
Thanks to traffic control, the GStreamer queue never got empty in my test.
git clone git://git.collabora.co.uk/git/user/alban/tcmmd
git clone https://github.com/alban/tcmmd
Q: Instead of sending the 5-tuple to tcmmd, why not set the IP type-of-service (TOS) on outgoing packets with setsockopt-SO_PRIORITY
to avoid changes in the application and have an iptables target to feed that information about connections back to the ingress traffic control?
A: It could be possible if the bandwidth was fixed, but on mobile networks, the application needs to be changed anyway to give feedback when the queue in the GStreamer pipeline get emptied.
Q: Why not play with the TCP windows instead shaping the ingress traffic?
A: As far as I know, Linux does not have the infrastructure for that. The TCP windows to manipulate would not be from the GStreamer application but from all other connections, so it can't be done from userspace.
Q: Does it work with IPv6?
A: No. The architecture is not specific to IPv4 but it is just not implemented yet for IPv6. Tcmmd would need to generate new TC rules because the IP headers are different between IPv4 and IPv6.
Thanks Sjoerd for the architecture diagram and proof-reading.
19 March 2014 à 14:11
27 February 2014
Following my blog post on the topic, I played a bit with various options.
But let’s explain my use case (which might be quite specific). I need to deal with three main sources of events:
- the Zimbra instance from my lab. It provides a CalDav interface.
- the ICS export from my University’s teaching timetable.
- a calendar for personal stuff. I don’t want to use my lab’s Zimbra for that.
Additionally, I follow some ICS feeds for some colleagues and other events.
I tend to access my calendar mostly on my computer, and sometimes on my N900 phone.
None of the web interfaces I looked at enabled me to (1) manage different calendars hosted on different CalDav servers; (2) subscribe to ICS feeds; (3) provide a CalDav interface to synchronize my phone.
I ended up using a radicale instance for my personal calendar, which was extremely easy to set up. It’s unfortunately a bit slow when there are many events (1600 since 2010 in my case), so I ended up importing only future events, and I will probably have to cleanup from time to time.
I switched to using IceDove with the Lightning add-on to manage all my calendars and ICS feeds. It’s unfortunately slower and less user-friendly than Google Calendar, but I’ll live with it.
On my N900, I used syncevolution to synchronize my various CalDav calendars. It works fine, but understanding how to configure it is rather tricky due to the number of concepts involved (templates, databases, servers, contexts, …). The synchronization is quite slow (several minutes for the 400-events Zimbra calendar), but works.
I also wanted a way to export my calendars to colleagues (both in a “free/busy” version, and in a “full information” version). I quickly hacked something using ruby-agcaldav (which is not packaged in Debian, and required quite a few dependencies, but it was easy to generate packages for all of them using gem2deb — the situation with other languages did not look better).
The resulting script is:
cal = AgCalDAV::Client.new(:uri => 'LABCALDAVSERVER', :user => 'xx', :password => "xx")
ev = cal.find_events(:start => '2014-02-01', :end => '2200-01-01')
cal = AgCalDAV::Client.new(:uri => 'RADICALESERVER', :user => 'xx', :password => "xx")
ev2 = cal.find_events(:start => '2014-02-01', :end => '2200-01-01')
limit = (Time::now - 7*86400).to_datetime
# create new empty calendars
ncpriv = Icalendar::Calendar.new
ncpub = Icalendar::Calendar.new
(ev + ev2).each do |e|
next if e.end < limit # drop old events to keep the calendar small
# build event for the free/busy calendar
pe = Icalendar::Event.new
pe.start = e.start
pe.end = e.end
pe.klass = "PRIVATE"
pe.transp = e.transp
# build event for the calendar with event information
pube = Icalendar::Event.new
pube.start = e.start
pube.end = e.end
pube.transp = e.transp
if not e.klass == "PRIVATE"
pube.summary = e.summary
pube.location = e.location
# export free/busy calendar
fd = File::new('xx.ics', 'w')
# export calendar with event information
fd = File::new('yy-Zeeh9bie.ics', 'w')
So, mostly everything works. The only thing that doesn't is that I haven't found a way to subscribe to an ICS feed on my N900. Any ideas?
27 February 2014 à 16:39
25 February 2014
I’m trying to self-host my calendar setup, and I must admit that I’m lost between all the different solutions.
My requirements are:
- (A) manage my own personal calendar using a reasonably modern web interface (probably on my own CalDAV server)
- (B) display a dozen public ICS calendars in the web interface. Organizing those public calendars in a tree would be great.
- (C) display several caldav calendars (from two different instances of zimbra), preferably in RW mode
- (D) provide ICS links with a secret token that allow me to provide a full view of my calendar to some people (except for private events, where I should just be marked ‘busy’)
- (E) provide ICS links with a secret token that allow me to provide a “busy/available” view of my calendar to some people
- (F) export something usable on my n900. MFE would be great since that is already known to work.
- (G) easy to setup (Debian packages available in wheezy or wheezy-backports, especially for the server part)
- (H) preferably lightweight. I don’t need a full groupware application. I can ignore the other bits if really needed.
It does not seem to be possible to find a single framework doing all of the above. AFAIK:
- Owncloud does A, D, G
- Baikal does A. not sure about the rest.
- For (B), an alternative is to script the download of the ics and then upload it to the CalDAV using cadaver. But that sounds quite low-level for such a trivial use case.
- I’ve looked at using IceOwl (and Thunderbird+Lightning) with a CalDAV server such as Radicale. That would solve A (using iceowl instead), B, C. But which CalDAV servers support D, E, F ? Radicale does not do any of those, apparently.
What did I miss?
25 February 2014 à 21:31
17 January 2014
One of my pet projects in Debian is the Debian Maintainer Dashboard. Built on top of UDD, DMD provides a maintainer-centric view to answer the “I have a few hours for Debian, what should I do now?” question (see example).
Christophe Siraut did a lot of great work recently on DMD, rewriting much of the internals. As a result, he also added a RSS feed feature: you can now get notified of new TODO list items by subscribing to that feed.
If you have suggestions or comments, please use the debian-qa@ list (see this thread).
17 January 2014 à 09:20
07 October 2013
I attended Open World Forum last week (thanks to Inria for funding my travel). It was a fantastic opportunity to meet many people, and to watch great talks. If I had to single out just one talk, it would clearly be John Sullivan’s What do you mean you can’t Skype?!.
On Saturday, I delivered a talk presenting the Debian project. It was my first DPL-ish talk to the general public, so it still needs some tuning, but I think it went quite well (slides available). Next opportunity to talk about Debian: LORIA, Nancy, France, 2013-10-17 13:30 (iPAC seminar).
07 October 2013 à 14:33
25 September 2013
Some time ago, Ubuntu had Ubuntu Brainstorm, a website where non-developers could submit ideas of improvements, and other people could comment and vote on them. I was wondering if there was existing software to deploy a similar service, e.g. as a plugin to popular forum software. I’ve found ideascale.com, but relying on the Cloud for that is not acceptable for my planned use.
(For clarification: my immediate interest for that is unrelated to Debian work)
25 September 2013 à 07:33
21 August 2013
So, I’m back from DebConf, which probably translated to the 10 busiest days of my life, but also to one of the best times of my life. The Le Camp venue clearly contributed to this success: having everybody at the same place, but at the same time many opportunities for quiet chat or just enjoying the view, was really a good idea. Everybody who made DebConf possible deserve a huge “thank you”, as well as all attendees: it is really a honor to be a part of such a fantastic community.
Now, let’s go back to daily life, and to my re-filled Debian TODO list!
21 August 2013 à 07:21
16 August 2013
This upload was the first one of my very first package in Debian. It was sponsored by Dafydd Harries, who I’ve finally met at DebConf13, and got out of NEW on 2005-08-16. Exactly 8 years ago today. I only realized that yesterday evening, and Debian’s birthday feels even more special to me now. Dafydd, it looks like I owe you a lot! :)
16 August 2013 à 07:27
This DebConf is obviously quite special for me, being the DPL. It has really been great so far to talk to meet so many people, and especially to meet so many new Debian contributors or Developers. I’m really happy to see that the next generation is ready! :)
On Sunday, I delivered my Bits from the DPL talk. The video is available, and I’ve finally uploaded the slides (working link here, it seems that Penta ate my slides). I hope you enjoyed it/will enjoy it!
16 August 2013 à 07:20
03 August 2013
This June, I was in Seoul, Korea for the GNOME.Asia Summit, the yearly occasion to meet up with the Asian side of the GNOME community. As always, it was an awesome conference, with so many cool people. I learned about new projects like Seafile and got to meet new friends and catch up with old ones.
I’d also to thank my employer, Collabora, for sponsoring my flight and the GNOME foundation for paying the hotel.
03 August 2013 à 21:49
28 July 2013
Last week-end I was in Greece, in Thessaloniki, enjoying the openSUSE Conference 2013. If I had to summarize the event in one word, that would be:
wow! It was the first time we had this event in another city than Nuremberg and Prague (two places where SUSE has offices), and it was the first time the organization was fully lead by the community. I was quite confident that things couldn't go wrong since, after all, what matters is that we're all in the same place. But I was amazed that the whole event went so smoothly! This was really a great job from a whole team of volunteers:
Just to give an example of the hard work that was accomplished: most (all?) talks were successfully streamed, and the recordings are already online! Stella and Kostas definitely deserve credits for the overall success, as they kept leading the organization in the right direction since last year, and the event wouldn't have been possible without their dedication. Our sponsors also helped make all this happen, so many thanks to SUSE, ARM, DevHdR and Oracle!
Having people from all over the world was once again an opportunity to meet up with old and new friends, who were coming from Brazil (Izabel, Carlos), the US, all over Europe obviously, but also India (Manu, Saurabh) and China as well as Taiwan (Sunny, Max, David, etc.)... The conference is the global event of the openSUSE community, without any doubt. With 250 attendees, there were a lot of hallway chats and informal meetings; I'm sure the
GNOME couch tradition that we initiated with Dominique and Richard will stay over the years ;-)
Unsurprisingly, the openSUSE Board took opportunity of having so many community members to discuss several topics with as many people as possible. The board also organized for the first time a session about team reports. Even though several teams didn't participate to that session (generally because no team members was there), we had more than ten teams joining the party on stage, and this was probably one of the best way to see how broad our community really is and to learn the latest developments in various areas of the project. We also had our usual town hall meeting which went rather nicely, with useful feedback to the board.
The bad thing for me is that I had to stay only for a few days due to work, but there's already a next opportunity to meet with the community: this will be the openSUSE Summit in Orlando next November. And if you cannot make it, then I can only recommending making sure that you will join us next year, for the openSUSE Conference in Dubrovnik!
28 July 2013 à 17:35
01 July 2013
Last Thursday was the first meet-up of the OpenStack Rhône-Alpes group, in Grenoble. The idea of organizing such a meet-up came up just one month ago, at Solutions Linux; having such an OpenStack meet-up in Rhône-Alpes feels so natural, given the amount of people we have in the area (we can even include Geneva ;-)). Dave did a great job with the organization, and HP provided a pretty nice venue (and sponsored food!).
We managed to attract around 25 people to this event, and given that it was our first and that we did nearly no noise about it, it's not too bad :-) We had people attending from HP, Bull, Red Hat, SUSE and more, and four of us delivered quick talks about XLcloud (by Patrick Petit, from Bull), oVirt (by Dave Neary, from Red Hat), HP's public cloud (by Gavin Brebner, from HP) and Crowbar (by yours truly). I must admit that Gavin Brebner's presentation about abusing HP's public cloud was extremely interesting; there's a lot of cool stuff happening to keep a public cloud running.
Of course, we enjoyed some nice food afterwards and stayed chatting a bit longer about OpenStack and other technical bits. And best of all: we celebrated OpenStack's third birthday a bit early:
If everything goes well, the next meet-up of the group will be in Lyon, in September, stay tuned! And we'll make more noise, so we hope more people will join!
01 July 2013 à 19:24
13 May 2013
Visiblement, la Poste utilise des machines qui, parfois, ont faim et doivent se nourrir :
Dommage pour cette lettre !
13 May 2013 à 15:16
30 March 2013
The graph below is generated from popcon submissions. Since they include the version of the popularity-contest package, one can determine the Debian release that was used by the submitter (a new version of the popularity-contest package is generally uploaded just after the release to make that tracking possible).
The graph is similar to the one found on popcon, except that versions newer than the latest stable release are aggregated as “testing/unstable”.
- Popcon submitters might not be representative of Debian users, of course.
- There’s quite a lot of testing/unstable users, and their proportion is quite stable:
- Today: testing/unstable: 43119 submissions (31.4%); squeeze: 75454 (54.9%); lenny: 13603 (9.9%)
- 2011-02-04 (just before the squeeze release): testing/unstable: 29012 (29.7%); lenny: 57262 (58.6%); etch: 10032 (10.3%)
- 2009-02-13 (just before the lenny release): testing/unstable: 30108 (36.9%); etch: 49996 (61.2%)
- I don’t understand why the number of Debian stable installations does not increase, except when a new release is made. It’s as if people installed Debian, upgraded directly to testing, and switched back to tracking stable after the release. Or maybe people don’t update their systems? A more detailed analysis could be done by looking at the raw popcon data.
- Upgrading to the next stable release takes time. Looking at the proportion of users still using oldstable one year after the release, it would be better not to remove oldstable from mirrors too early.
Scripts are available on git.debian.org.
30 March 2013 à 13:52
16 March 2013
After one week of campaign on -vote@, many subjects have been mentioned already. I’m trying here to list the concrete, actionable ideas I found interesting (does not necessarily mean that I agree with all of them) and that may be worth further discussion at a less busy time. There’s obviously some amount of subjectivity in such a list, and I’m also slightly biased ;) . Feel free to point to missing ideas or references (when an idea appeared in several emails, I’ve generally tried to use the first reference).
On the campaign itself, and having general discussions inside Debian:
- have those discussions on a more regular basis, outside DPL elections (from lucas)
- use polls to measure consensus (from lucas, question from mjr)
- use a pre-arranged questionnaire that DPL candidates would fill in (from algernon)
On getting new users and contributors to Debian:
- discussion on the various steps: Debian user – first contribution – regular contributor – DM/DD (from lucas)
- maintain a single list of “paths in” (from moray and lucas)
- have some “neutral” people to ask about tasks, and to get suggestions from in response to explaining their current skills and experience (e.g. http://www.debian.org/women/mentoring) (from moray)
- more local meetings, compile list of regional contacts (moray)
- increase Debian presence at local meetings. Advertise the Debian Events initiative that facilitates that (from lucas)
- provide “Debian ambassador” title for students, similar to what is done by Google or Microsoft (from moray)
- re-work on advertising gift tags (bugs suitable for new contributors) (from lucas)
- make sure teams have list of easy tasks in their wiki pages (from lucas)
- discussion on student projects involving Debian (from lucas)
- do mentoring inside teams, like DebianMed’s MoM (from moray)
- participate in other internship-like programs, like Outreach Program for Women (link from lucas), or organize our own, which would also avoid some restrictions from GSoC (northern hemisphere only (point made by moray), restricted to students (ana))
- extend internship-like programs to other kinds of work (packaging, documentation, etc.)
- localize -mentors@ (mailing lists + IRC channels for DE, FR, ES contributors) (from lucas)
- organize IRC schools/seminars about e.g. packaging (from lucas)
- introduce more gamification in mentoring (from rra)
Infrastructure, processes, releases:
- improve infrastructure to help with team maintenance (e.g. PET) (from lucas)
- authorize NMUs for archive-wide changeovers such as /usr/doc -> /usr/share/doc (from moray)
- increase visibility of RC bugs squashers by listing them in Debian Project News (from lucas)
- provide inexpensive non-monetary gifts (free t-shirts?) to RC bug squashers (from lucas)
- re-open discussion on gradual freezes (from lucas), focus attention on more important packages by improving tools (from lucas) and removing packages earlier (from moray and lucas)
- involve upstreams and downstreams in RC bug fixing (from algernon)
Relationships with upstreams/downstreams:
- use Debian money to sponsor maintainers to attend upstream events (from lucas)
This list could be moved to wiki.d.o if others find sufficiently useful to help maintaining it.
16 March 2013 à 19:05
13 March 2013
Have you heard about it? openSUSE 12.3 is out!
I did an upgrade earlier today on my main laptop (with a simple
zypper dup after having updated the repos configuration, which went surprisingly fast), and this release looks great! But the best part: it comes with OpenStack love!
For the first time, an openSUSE release provides a fully working set of OpenStack packages. We had some OpenStack packages in the previous release, but they were not in such a great shape and some components were even missing (although we fixed that later on with packages in the build service).
With 12.3, you can finally enjoy OpenStack with the Folsom release in a very straight-forward way, and therefore you can easily deploy your own cloud. The packages that we provide are built from the
stable/folsom branch, and there's an online update coming soon so you can enjoy the
stable/folsom code as of end of last week.
To help people who might not want to learn everything needed to properly deploy OpenStack, we also have a small openstack-quickstart package, that comes with a script that can be used to deploy everything locally. It is obviously not recommended to run this on your main computer (I usually run this in a virtual machine), but it gets you quickly to the point where you can play with OpenStack.
Dashboard of an OpenStack cloud running on openSUSE 12.3
Play today with Grizzly!
Of course, Folsom is relatively old at this point and the new version, Grizzly, is to be released in three weeks. But don't be sad! We've been working on Grizzly packages for some time now: you can grab them from the Cloud:OpenStack:Master project in the build service (hey, look, it's even building packages for SLE and openSUSE 12.2! the build service is a rather convenient tool!). I guess we'll properly move them to Cloud:OpenStack:Grizzly once Grizzly is officially released.
Develop with DevStack!
I mentioned a few months ago that I had finished porting DevStack to openSUSE 12.2, and I wrote some small documentation on how to use it. It's really a neat tool, both for playing with OpenStack and for developing for it.
However, I realized earlier this week that I had never double-checked everything was still okay for 12.3. It turns out there's a small issue that completely breaks it, oops ;-) But once the fix is checked in, DevStack will be usable on the latest openSUSE. I'll do some more tests before marking this version of openSUSE as supported in DevStack, but that shouldn't block anyone from using DevStack on 12.3.
We're pretty open about how we develop OpenStack in openSUSE. Andreas wrote a post about all this a few days ago. We've opened up (or rather, revived) a mailing list dedicated to the cloud recently, which developers, packagers and users can all use to discuss OpenStack. And unsurprisingly, we also have an
#opensuse-cloud channel on Freenode. But most importantly, we've worked on making public the infrastructure we use to build OpenStack for openSUSE.
I think the important bit on this is that everybody is able, and welcome, to join this effort. It's not just about being able to say "see, we have OpenStack"; it's about building a rock-solid experience for OpenStack, and enjoying doing that!
Now, let's celebrate the release: party time! :-)
13 March 2013 à 19:02
04 March 2013
(Looking for those graphs online, I realized that I never properly published them, besides that old post)
I’ve been playing with snapshot.d.o, which is a fantastic resource if you want to look at Debian from an historical perspective (well, since 2005 at least).
We now have more team-maintained packages than packages maintained by someone alone. Interestingly, the “small, ad-hoc group of developers” model does not really take off.
Maintenance using a VCS
A large majority of our packages are maintained in a VCS repository, with Git being the clear winner now.
Possible goal for Jessie: standardize on a Git workflow, since every team tends to design its own?
Again, we have a clear winner here, with dh. It’s interesting to note that, while dh was designed as a CDBS killer, it kind-of fails in that role.
Possible goal for Jessie: deprecate at least pure-debhelper packaging?
Patch systems and packaging formats
Again, clear winner with 3.0 (quilt).
The (dirty) scripts that generate those graphs are available in Git (but you need to connect to stabile to execute them, and it’s rather time consuming — hours/days).
04 March 2013 à 13:05
03 March 2013
When Francesca started her DPL game, I too started think about possible candidates. Here is my shortlist of dream candidates:
- <insert your name here>
- <or here>
- <or there>
- <or even there>
Seriously, if you are a DD, you have the right to run. There’s no need for someone to nominate you. If you think that you could possibly say something interesting during the discussion period, and can spare the time to participate in the -vote@ discussions, please run. DPL campaigns used to be a great time where Debian visions, goals, politics and random stuff were discussed. The more candidates, the more interesting campaigns (8 candidates in 2007!).
Also, there are already
two three other candidates, so even if you don’t want the job, it’s not that risky.
(Initially, I thought about nominating everyone, but security-wise, it might not be such a great idea.)
03 March 2013 à 19:54
01 February 2013
In a couple of hours, I'll be taking the train and heading to Brussels for FOSDEM. I've lost counts of how many FOSDEM I've attended, which is probably a good indication of how great the event is!
As usual, this will be a good place to catch up with friends, but also to talk with tons of different people about so many topics. If you want to chat about OpenStack, SUSE Cloud, openSUSE or GNOME, I'll be glad to join you.
The schedule is quite packed, but from what I can tell so far, I'll be sitting in the cloud devroom on Sunday (don't hesitate to join in order to learn about what's happening in the OpenStack world!). Oh, I'll also give a talk in Janson about challenges that the GNOME project is facing, just before the closing keynote.
And no, I won't have my blue hat, so you'll need to find another way to catch me (hint: I have a SUSE backpack nowadays) ;-)
01 February 2013 à 10:56
25 January 2013
Last week-end, just before leaving for some travel, I became aware that gnome-panel was being forked into consort-panel (btw, I commented on that post, but I guess it was a bit too late since it's stuck in the moderation queue).
Now, let me start by stating clearly that I have nothing against forks: people are free to go this way, and that's cool with me. However, I quickly got confused for three reasons: I thought it was clear that volunteers are welcome to maintain gnome-panel, I thought I had explained to Ikey in June 2012 why some changes would be blocked from entering fallback mode but could hopefully happen in a not-too-distant future, and I'm getting explicitly blamed here and there for putting roadblocks.
I usually don't mind being blamed, but I prefer when it's for good reasons ;-) Of course, as a maintainer, I reject patches. There are usually good reasons, including the fact that there's a design philosophy that a module like gnome-panel had to follow since it was fully part of GNOME. Rejecting patches is part of the maintainer job. It doesn't mean that contributions are not welcome, but I guess it can be perceived as such... Another task of a maintainer is to enable people to keep the code alive, and in the case of gnome-panel, it was clear to me that having the fallback mode as part of GNOME 3 was a blocker to do so. It took more time than I would have liked, but this is something that got fixed when the fallback mode got dropped of GNOME 3.
With this in mind, and to clarify why I got confused by the fork announcement, here's a quick timeline of events in 2012, related to the fate of gnome-panel, covering what I was aware of until the blog post from a few days ago:
- June 24th & 25th: I get a mail from Ikey about some patches he wrote to revert changes that were done in gnome-panel 3.x. I answer that this can't get in at the moment, due to the fact that the fallback mode is an official part of GNOME 3 and has to work the GNOME 3 way. I also mention that this direction of gnome-panel could change if the fallback mode is dropped from GNOME (and that I would step down as maintainer if gnome-panel becomes actively developed again). As far as I know, this mail discussion (six mails) is the only time I've interacted with Ikey until I commented on his blog post a few days ago (no other mail, nothing in bugzilla; there might have been some irc chat, but I don't keep irc logs).
- June 25th: I start a thread on desktop-devel-list to see if we still need to keep the fallback mode as part of GNOME 3.6, and I invite Ikey to participate in the thread (in the private mail discussion mentioned above). A decision is taken, and it's to keep the fallback mode for now.
- end of August: I start the DropOrFixFallbackMode feature page for GNOME 3.8, because I feel the fallback mode in GNOME is not getting enough love. This feature page explicitly mentions that
some people would like to improve components of the fallback mode to work differently, and that dropping the fallback mode would enable these people to step up and push for what they'd like to do.
- December 5th: I send a mail to a small group of people who I know might be interested in keeping some fallback components maintained, to help them start on their work. Clearly, I failed to include Ikey in the discussion, but only because I had forgotten about our discussion from June.
The ironic point here, at least to me, is that it's Ikey's mail that triggered my push for the fallback mode to be dropped from official GNOME so people could work on gnome-panel with more freedom. Which is what seems to be wanted.
Anyway, let me take this as an opportunity to remind everyone that people are welcome to become maintainers of gnome-panel. It'd be preferable to maintain it in the GNOME infrastructure, but I guess even just forking it with full history on gitorious/github would work. No need to rename, no need to follow the GNOME 3 design, etc. If full forking+renaming is preferred for some reason, in the end, that's fine; I'd be curious to know what good reason exists, though.
And as usual, you're welcome to blame me for X, Y or Z :-)
25 January 2013 à 15:08