Debian

warning: Creating default object from empty value in /home/gwolf/drupal6/modules/taxonomy/taxonomy.pages.inc on line 33.

Debian @ Internet Freedom Fesitval #internetFF

Submitted by gwolf on Mon, 04/01/2019 - 18:07

Today, we had a little get-together of DDs in València, Spain, with some other DDs.

Most of us were here to attend the Internet Freedom Festival (IFF), plus Héctor and Filippo, who are locals. We missed some DDs (because in a 2500+ people gathering... Well, you cannot ever find everybody you are looking for!) so, sorry guys for not having you attend!

Sadly, we have no further report than having enjoyed a very nice dinner. No bugs were closed, no policy was discussed, no GRs were drafted, no cabals were hatched.

( categories: )

Many random blurbs on Debian

Submitted by gwolf on Mon, 03/25/2019 - 23:03

I have been busy as hell this year. I might have grabbed a bigger bite than what I can swallow – In many fronts! Anyway, sitting at an airport, at least I have time to spew some random blurbs to The Planet and beyond!

Voting
We all feared when no candidates showed up at the first call for DPL. But things sorted out themselves as they tend to (and as we all knew that would happen ;-) ), and we have four top-notch DPL candidates. It's getting tough to sort through their platforms and their answers in the lists; the old-timers among us have the additional advantage of knowing who they are and probably having worked closely with some of them. I am still drafting my Condorcet ballot. It won't be an easy task to completely rank them!
DebConf 20 and world politics
For personal and selfish reasons, I am very, very happy to have a reason to go back to Israel after over two decades. Of course, as everybody would expect, there is a bothering level of noise that's not going to quiet down until probably late August 2020... DebConf has often taken controversial turns. Israel is not the toughest one, even if it seems so to some readers. And... Well, to those that want to complain about it — Please do understand that the DebConf Committee is not a politically-acting body. Two bid submissions were presented fully, and the Israeli one was chosen because its local team is stronger. That is probably the best, most important criteria for this conference to be successful. No, it's not like we are betraying anything — It's just the objective best bidding we got from completely volunteer teams.
DebConf 19
What are you waiting for? Register! Submit a talk! Pack up and get your ticket for Brazil!

I'd better get moving, the plane might be getting some ideas about taking off.

( categories: )

Spinning rust woes: Cowbuilder

Submitted by gwolf on Fri, 02/15/2019 - 13:37

Wow.
I use a traditional, spinning rust hard drive as my main volume:

  1. $ /dev/sda2 on / type btrfs (rw,relatime,compress=zlib:3,space_cache,subvolid=5,subvol=/)

I just adopted Lars' vmdb2. Of course, I was eager to build and upload my first version and... Hit a FTBFS bug due to missing dependencies... Bummer!
So I went to my good ol' cowbuilder (package cowdancer)to fix whatever needed fixing. But it took long! Do note that my /var/cache/pbuilder/base.cow was already set up and updated.
  1. # time cowbuilder --build /home/gwolf/vcs/build-area/vmdb2_0.13.2+git20190215-1.dsc
  2. (...)
  3. real 15m55.403s
  4. user 0m53.734s
  5. sys 0m23.138s

But... What if I take the spinning rust out of the equation?
  1. # mkdir /var/cache/pbuilder
  2. # mount none -t tmpfs /var/cache/pbuilder
  3. # time rsync -a /var/cache/pbuilderbk/* /var/cache/pbuilder
  4.  
  5. real 0m5.363s
  6. user 0m2.333s
  7. sys 0m0.709s
  8. # time cowbuilder --build /home/gwolf/vcs/build-area/vmdb2_0.13.2+git20190215-1.dsc
  9. (...)
  10. real 0m52.586s
  11. user 0m53.076s
  12. sys 0m8.277s

Close to ¹/₁₆th of the running time — Even including the copy of the base.cow!

OK, I cheated a bit before the rsync, as my cache was already warm... But still, convenient!

( categories: )

Raspberry Pi 3 Debian Buster *unofficial preview* image update

Submitted by gwolf on Wed, 02/06/2019 - 11:43

As I mentioned two months ago, I adopted the Debian Raspberry 3 build scripts, and am now building a clean Buster (Debian Testing) unofficial preview image. And there are some good news to tell!
Yesterday, I was prompted by Martin Zobel-Helas and Holger Levsen to prepare this image after the Buster Debian Installer (d-i) alpha release. While we don't use d-i to build the image, I pushed the build, and found that...
I did quite a bit of work together with Romain Perier, a soon-to-become Debian Maintainer, and he helped get the needed changes in the main Debian kernel, thanks to which we now finally have working wireless support!

Romain also told me he did some tests, building an image very much like this one, but built for armel instead of armhf, and apparently it works correctly on a Raspberry Pi Zero. That means that, if we do a small amount of changes (and tests, of course), we will be able to provide straight Debian images to boot unmodified on all of the Raspberry lineup!
So, as usual:
You can look at the instructions at the Debian Wiki page on RaspberryPi3. Or you can just jump to the downloads, at my people.debian.org:

Enjoy!

( categories: )

New release of the Raspberry Pi 3 *unofficial Debian preview* image

Submitted by gwolf on Tue, 12/04/2018 - 20:35

Back in June, Michael Stapelberg asked for somebody interested in adopting the unofficial Debian image for the Raspberry Pi 3 family. It didn't take me long to raise my hand.
What did take me long is to actually do it. I have adopted Raspberry3 image spec repository, with the recipes to build the image using Lars' great vmdb2, as well as the raspi3-firmware non-free Debian package.
After delaying this for too long, first in order to understand it better, and second because of the workload I had this last semester, I think we are ready to announce...

There is a new, updated preview image!

You can look at the instructions at the Debian Wiki page on RaspberryPi3. Or you can just jump to the downloads, at my people.debian.orgxzipped image (388MB, unzips to 1.5GB, and resizes to the capacity of your boot SD at first boot), verification sha256sum, and PGP-signed verification sha256sum.
There are still many things that can be improved, for sure. The main issues for me are:

  • No wireless support. Due to a bug in Linux kenel 4.18, wlan0 support is broken. It is reported, and we expect it to be fixed in the next kernel upload.
  • Hardcoded root password. This will be tackled later on — part of the issue is that I cannot ensure how this computer will be booted. I have some ideas to tackle this, though...

Other than that, what we have is a very minimal Debian system, ready for installing software!
At some point in the future, I plan to add build profiles for some common configurations. But lets go a step at a time.

( categories: )

Yes! I am going to...

Submitted by gwolf on Sun, 06/24/2018 - 18:44

Having followed through some paperwork I was still missing...

I can finally say...

Dates

I’m going to DebCamp18! I should arrive at NCTU in the afternoon/evening of Tuesday, 2018-07-24.

I will spend a day prior to that in Tokio, visiting a friend and probably making micro-tourism.

My Agenda

Of course, DebCamp is not a vacation, so we expect people that take part of DebCamp to have at least a rough sketch of activities. There are many, many things I want to tackle, and experience shows there's only time for a fraction of what's planned. But lets try:

keyring-maint training
We want to add one more member to the keyring-maint group. There is a lot to prepare before any announcements, but I expect a good chunk of DebCamp to be spent explaining the details to a new team member.
DebConf organizing
While I'm no longer a core orga-team member, I am still quite attached to helping out during the conference. This year, I took the Content Team lead, and we will surely be ironing out details such as fixing schedule bugs.
Raspberry Pi images
I replied to Michael Stapelberg's call for adoption of the unofficial-but-blessed Raspberry Pi 3 disk images. I will surely be spending some time on that.
Key Signing Party Coordination
I just sent out the Call for keys for keysigning in Hsinchu, Taiwan. At that point, I expect very little work to be needed, but it will surely be on my radar.

Of course... I *do* want to spend some minutes outside NCTU and get to know a bit of Taiwan. This is my first time in East Asia, and don't know when, if ever, I will have the opportunity to be there again. So, I will try to have at least the time to enjoy a little bit of Taiwan!

( categories: )

15.010958904109589041

Submitted by gwolf on Thu, 04/19/2018 - 23:10

Gregor's post made me think...

And yes! On April 15, I passed the 15-year-mark as a Debian Developer.

So, today I am 15.010958904109589041 years old in the project, give or take some seconds.

And, quoting my dear and admired friend, I deeply feel I belong to this community. Being part of Debian has defined the way I have shaped my career, has brought me beautiful friendships I will surely keep for many many more years, has helped me decide in which direction I should push to improve the world. I feel welcome and very recognized among people I highly value and admire, and that's the best collective present I could get.

Debian has grown and matured tremendously since the time I decided to join, and I'm very proud to be a part of that process.

Thanks, and lets keep it going for the next decade.

( categories: )

# apt install yum

Submitted by gwolf on Mon, 03/05/2018 - 13:16
# apt install yum

No, I'm not switching to Fedora or anything like that.

( categories: )

#DebConf17, Montreal • An evening out

Submitted by gwolf on Mon, 08/07/2017 - 06:49

I have been in Montreal only for a day. Yesterday night, I left DebConf just after I finished presenting the Continuous Key-Signing Party introduction to go out with a long-time friend from Mexico and his family. We went to the Mont Royal park, from where you can have a beautiful city view:

What I was most amazed of as a Mexico City dweller is of the sky, of the air... Not just in this picture, but as we arrived, or later when a full moon rose. This city has beautiful air, and a very beautiful view. We later went for dinner to a place I heartfully recommend to other non-vegetarian attendees:

Portuguese-style grill. Delicious. Of course, were I to go past it, I'd just drive on (as it had a very long queue waiting to enter). The secret: Do your request on the phone. Make a short queue to pick it up. Have somebody in the group wait for a table, or eat at the nearby Parc Lafontaine. And... Thoroughly enjoy :-)

Anyway, I'm leaving for the venue, about to use the Bixi service for the first time. See you guys soon! (if you are at DebConf17, of course. And you should all be here!)

( categories: )

DebConf17 Key Signing Party: You are here↓

Submitted by gwolf on Fri, 08/04/2017 - 19:23

I ran my little analysis program written last year to provide a nice map on the DebConf17 key signing party, based on the . What will you find if you go there?

  • A list of all the people that will take part of the KSP
  • Your key's situation relative to the KSP keyring

As an example, here is my location on the map (click on the graph to enlarge):

Its main use? It will help you find what clusters are you better linked with - And who you have not cross-signed with. Some people have signed you but you didn't sign them? Or the other way around? Whom should you approach to make the keyring better connected? Can you spot some attendees who are islands and can get some help getting better connected to our keyring? Please go ahead and do it!

PS— There are four keys that are mentioned in the DebConf17 Keysigning Party Names file I used to build this from: 0xE8446B4AC8C77261, 0x485E1BD3AE76CB72, 0x4618E4C700000173, E267B052364F028D. The public keyserver network does not know about them. If you control one of those keys and you want me to run my script again to include it, please send it to the keyservers and mail me. If your key is not in the keyservers, nobody will be able to sign it!

( categories: )

Getting ready for DebConf17 in Montreal!

Submitted by gwolf on Mon, 07/24/2017 - 22:56


(image shamelessly copied from Noodles' Emptiness)

This year I will only make it to DebConf, not to DebCamp. But, still, I am very very happy and excited as the travel date looms nearer! I have ordered some of the delicacies for the Cheese and Wine party, signed up for the public bicycle system of Montreal, and done a fair share of work with the Content Team; finally today we sent out the announcement for the schedule of talks. Of course, there are several issues yet to fix, and a lot of things to do before traveling... But, no doubt about this: It will be an intense week!

Oh, one more thing while we are at it: The schedule as it was published today does not really look like we have organized stuff into tracks — But we have! This will be soon fixed, adding some color-coding to make tracks clearer on the schedule.

This year, I pushed for the Content Team to recover the notion of tracks as an organizative measure, and as something that delivers value to DebConf as a whole. Several months ago, I created a Wiki page for the DebConf tracks, asking interested people to sign up for them. We currently have the following tracks registered:

Blends
Andreas Tille
Debian Science
Michael Banck
Cloud and containers
Luca Filipozzi
Embedded
Pending
Systems administration, automation and orchestation
Pending
Security
Gunnar Wolf

We have two tracks still needing a track coordinator. Do note that most of the tasks mentioned by the Wiki have already been carried out; what a track coordinator will now do is to serve as some sort of moderator, maybe a recurring talkmeister, ensuring continuity and probably providing for some commentary, giving some unity to its sessions. So, the responsibilities for a track coordinator right now are quite similar to what is expected for video team volunteers — but to a set of contiguous sessions.

If you are interested in being the track coordinator/moderator for Embedded or for Systems administration, automation and orchestation or even to share the job with any of the other, registered, coordinators, please speak up! Mail content@debconf.org and update the table in the Wiki page.

See you very soon in Montreal!

( categories: )

Open Source Symposium 2017

Submitted by gwolf on Mon, 05/22/2017 - 12:21

I travelled (for three days only!) to Argentina, to be a part of the Open Source Symposium 2017, a co-located event of the International Conference on Software Engineering.

This is, all in all, an interesting although small conference — We are around 30 people in the room. This is a quite unusual conference for me, as this is among the first "formal" academic conference I am part of. Sessions have so far been quite interesting.
What am I linking to from this image? Of course, the proceedings! They managed to publish the proceedings via the "formal" academic channels (a nice hard-cover Springer volume) under an Open Access license (which is sadly not usual, and is unbelievably expensive). So, you can download the full proceedings, or article by article, in EPUB or in PDF...
...Which is very very nice :)
Previous editions of this symposium have also their respective proceedings available, but AFAICT they have not been downloadable.
So, get the book; it provides very interesant and original insights into our community seen from several quite novel angles!

( categories: )

On Dmitry Bogatov and empowering privacy-protecting tools

Submitted by gwolf on Fri, 04/14/2017 - 23:53

There is a thorny topic we have been discussing in nonpublic channels (say, the debian-private mailing list... It is impossible to call it a private list if it has close to a thousand subscribers, but it sometimes deals with sensitive material) for the last week. We have finally confirmation that we can bring this topic out to the open, and I expect several Debian people to talk about this. Besides, this information is now repeated all over the public Internet, so I'm not revealing anything sensitive. Oh, and there is a statement regarding Dmitry Bogatov published by the Tor project — But I'll get to Tor soon.

One week ago, the 25-year old mathematician and Debian Maintainer Dmitry Bogatov was arrested, accused of organizing riots and calling for terrorist activities. Every evidence so far points to the fact that Dmitry is not guilty of what he is charged of — He was filmed at different places at the times where the calls for terrorism happened.

It seems that Dmitry was arrested because he runs a Tor exit node. I don't know the current situation in Russia, nor his political leanings — But I do know what a Tor exit node looks like. I even had one at home for a short while.

What is Tor? It is a network overlay, meant for people to hide where they come from or who they are. Why? There are many reasons — Uninformed people will talk about the evil wrongdoers (starting the list of course with the drug sellers or child porn distributors). People who have taken their time to understand what this is about will rather talk about people for whom free speech is not a given; journalists, political activists, whistleblowers. And also, about regular people — Many among us have taken the habit of doing some of our Web surfing using Tor (probably via the very fine and interesting TAILS distribution — The Amnesiac Incognito Live System), just to increase the entropy, and just because we can, because we want to preserve the freedom to be anonymous before it's taken away from us.

There are many types of nodes in Tor; most of them are just regular users or bridges that forward traffic, helping Tor's anonymization. Exit nodes, where packets leave the Tor network and enter the regular Internet, are much scarcer — Partly because they can be quite problematic to people hosting them. But, yes, Tor needs more exit nodes, not just for bandwidth sake, but because the more exit nodes there are, the harder it is for a hostile third party to monitor a sizable number of them for activity (and break the anonymization).

I am coincidentially starting a project with a group of students of my Faculty (we want to breathe life again into LIDSOL - Laboratorio de Investigación y Desarrollo de Software Libre). As we are just starting, they are documenting some technical and social aspects of the need for privacy and how Tor works; I expect them to publish their findings in El Nigromante soon (which means... what? ☺ ), but definitively, part of what we want to do is to set up a Tor exit node at the university — Well documented and with enough academic justification to avoid our network operation area ordering us to shut it down. Lets see what happens :)

Anyway, all in all — Dmitry is in for a heavy time. He has been detained pre-trial at least until June, and he faces quite serious charges. He has done a lot of good, specialized work for the whole world to benefit. So, given I cannot do more, I'm just speaking my mind here in this space.

[Update] Dmitry's case has been covered in LWN. There is also a statement concerning the arrest of Dmitry Bogatov by the Debian project. This case is also covered at The Register.

( categories: )

Giving up on the Drupal 8 debianization ☹

Submitted by gwolf on Mon, 12/26/2016 - 22:03

I am sad (but feel my duty) to inform the world that we will not be providing a Drupal 8 package in Debian.

I filed an Intent To Package bug a very long time ago, intending to ship it with Jessie; Drupal 8 was so deep a change that it took their community overly long to achieve and stabilize. Still, Drupal 8 was released over a year ago today.

I started working on debianizing the package shortly afterwards. There is also some online evidence – As my call for help sent through this same blog.

I have been too busy this last year. I let the packaging process lay dormant for too long, without even touching it for even half a year. Then, around September, I started working with the very nice guys of Indava, David and Enrique, and did very good advances. They clearly understood Debian's needs when it comes to full source inclusion (as D8 ships many minified Javascript libraries), attribution (as additionally to all those, many third-party PHP projects are bundled in the infamous vendor/ directory), and system-wide dependency management (as Drupal builds on some frameworks and libraries already available within Debian, chiefly Symfony, Doctrine, Twig... Even more, most of them appeared to work at the version levels we will be shipping, so all was dandy and for some weeks, I was quite optimistic on finishing the package on time and with the needed quality and testing. Yay!

But... Reality bites.

When I started testing my precious package... It broke in horrible ways. Uncomprehensible PHP errors (and I have to add here, I am a PHP newbie and am reluctant to learn better a language that strikes me as so inconsistent, so ugly), which we spent some time tackling... Of course, configuration changes are more than expected...

But, just as we Debianers learnt some important lessons after the way-too-long Sarge freeze (ten years ago, many among you won't remember those frustrating days), Drupal learnt as well. They changed their release strategy — Instead of describing it, those interested can read it at its source.

What it meant for me, sadly, is that this process does not align with the Debian maintenance model. This means: The Drupal API stays mostly-stable between 8.0.x, 8.1.x, 8.2.x, etc. However, Drupal will incorporate new versions of their bundled libraries. I understood the new versions would be incorporated at minor-level branches, but if I read correctly some of my errors, some dependencies change even at patch-level updates.

And... Well, if you update a PHP library, and the invoking PHP code (that is, Drupal) relies in this new version... Sadly, it makes it unmaintainable for Debian.

So, long story short: I have decided to drop Drupal8 support in Debian. Of course, if somebody wants to pick up the pieces, the Git repository is still there (although I do plan on erasing it in a couple of weeks, as it means useless waste of project resources otherwise), and you could probably even target unstable+backports in a weird way (as it's software that, given our constraints, shouldn't enter testing, at least during a freeze).

So... Sigh, a tear is dropped for every lost hour of work, and my depeest regrets to David and Enrique who put their work as well to make D8 happen in Debian. I will soon be closing the ITP and... Forgetting about the whole issue? ☹

( categories: )

Book presentation by @arenitasoria: Hacker ethics, security and surveillance

Submitted by gwolf on Thu, 11/17/2016 - 14:24

At the beginning of this year, Irene Soria invited me to start a series of talks on the topic of hacker ethics, security and surveillance. I presented a talk titled Cryptography and identity: Not everything is anonymity.

The talk itself is recorded and available in archive.org (sidenote: I find it amazing that Universidad del Claustro de Sor Juana uses archive.org as their main multimedia publishing platform!)

But as part of this excercise, Irene invited me to write a chapter for a book covering the series. And, yes, she delivered!

So, finally, we will have the book presentation:

I know, not everybody following my posts (that means... Only those at or near Mexico City) will be able to join. But the good news: The book, as soon as it is presented, will be published under a CC BY-SA license. Of course, I will notify when it is ready.

Syndicate content