Planet Debian

Randall Donald: Busy Summer

Fri, 08 Aug 2008 18:39:46 +0000

My wife and I have almost settled in our new home now. We start moving the alpacas today. I finally have some time to address the issues with the NVIDIA packages in regards to Lenny. As 2.6.26 is now in unstable I can build kernel modules for the proper kernel target and get a xen patch for 71.86.06. 173.14.12 will go into experimental shortly.

Benjamin Mako Hill: Revealing Errors OSCON Keynote

Fri, 08 Aug 2008 17:59:40 +0000

When I gave a Revealing Errors talk at Lug Radio Live USA, I had the misfortune of being up against Robert Love's talk on Android which many people at the conference wanted to see -- myself included! One person who showed up to my talk anyway was Allison Randall. She was apparently entertained enough to invite me to give a short version of the talk as one of the keynote presentations at OSCON 2008!

In the talk, I covered the ideas behind my Revealing Errors project and quickly walked through a few examples that showcase what I'm trying to do. I'm happy with the result: a couple thousand people showed up for the talk despite the fact that it was at 8:45 AM after the biggest "party night" of the conference!

For those that missed it for whatever reason, you can watch a video recording that O'Reilly made and that I've embedded below.

A larger version of the Flash video as well as a QuickTime version is over on blip.tv and I've created an OGG Theora version for all my freedom loving readers.

Joey Hess: august

Fri, 08 Aug 2008 17:00:39 +0000

I've been fearing August for months. That miserable hot streak in early June pumped it up to absolute dread. Not being able to escape to winter in Argentina didn't help.

Now it's August and we're going to have a whole week of weather like today's: In the upper 70's (aka mid 20's), breezy, beautiful puffy clouds.

I'm still dreading the second half of the month though. ;-)

Jaldhar Vyas: Worse Than Software Patents. More Restrictive Than the DMCA

Fri, 08 Aug 2008 16:23:20 +0000

Today is Galactic Freedom Day. Debian needs to join in and ensure future generations have full access to the source code of their anal probes.

Stefano Zacchiroli: improved integration among PTS and Lintian

Fri, 08 Aug 2008 13:56:43 +0000

DebConf8 hacks: better PTS/Lintian integration

Yesterday nigh hack: better integration of the PTS with Lintian.d.o.

Quoting from the filed misc developer news:

=== Lintian and the PTS ===

The integration between lintian and the PTS has been improved. On one hand
now the hyperlink to the Lintian will be shown for a source package only if
Lintian had something "to say" about that package. On the other hand, if
there were warnings or errors in the last Lintian ran, they will be shown as
TODO items in the appropriate part of the PTS web interface.

The display logics is as follows:

 * if there is 1 or more amongst errors and warnings they will be shown as TODO items
 * if there is 1 or more amongst errors, warnings, and information messages, the hyperlink to the Lintian report will be shown

Some more info are available in the bug logs (bug #458329, bug #243729); if you want a sample page have a look at ocaml, but I'm pretty sure that most random package pages will show at least 1 lintian warning in need of your love

Tollef Fog Heen: eweouz 0.1 released

Fri, 08 Aug 2008 13:05:00 +0000

I just released the first version of eweouz, the interface between emacs and evolution-data-server. Sources are available, no packages yet. It is now possible to both add contacts from within gnus and search for contacts.

Patches and feedback is of course welcome.

Martin-Éric Racine: brainstorm: new LPC dongle design

noreply@blogger.com (Martin-Éric) — Fri, 08 Aug 2008 13:01:07 +0000

One of our most popular products at the dayjob has been our Programmable LPC Dongle. It has seen widespread use as an embedded hardware development and debugging tool and is particularly popular among Coreboot developers as a ROM emulator, because of its low price and because we publish the FPGA code under the LGPL.

Unfortunately, our current LPC Dongle product is nearing end of life, because some components are no longer available.

We're currently designing a brand new Programmable LPC Dongle and, noticing the plethora of improvement ideas we already received from the Coreboot community, we decided to widen the scope and invite a larger group of hardware developers to tell us what features they want to see in our next-generation Programmable LPC Dongle.

Anyone interested in participating in this brainstorm is welcome to send me their ideas to first-middle.lastname@artecgroup.com by September 1st 2008. While we cannot guarantee that every idea submitted will be used, we will definitely be reading all the feedback we receive.

Enrico Zini: Handling concurrent update-apt-xapian-index runs

Fri, 08 Aug 2008 10:02:51 +0000

Handling concurrent update-apt-xapian-index runs

So, update-apt-xapian-index takes a bit of a long time to run. When you install the package, if the index isn't there then postinst will rebuild it in background, good.

Now, suppose you have an advanced package manager that after installing apt-xapian-index, detects that it's installed, detects that there is no database and runs an update with a nice GUI feedback. If this happened while the update is running in the background, the usual thing to do would be to abort the update; however, the package manager wouldn't be able to know when the indexing has finished and it can enable the advanced features.

Let's not do the usual thing, then:

# `progress' is the object that does progress reporting.  Commandline options
# can choose a silent one, a machine readable one or a user readable one.

# Lock the session so that we prevent concurrent updates
lockfd = os.open(XAPIANDBLOCK, os.O_RDWR | os.O_CREAT)
lockpyfd = os.fdopen(lockfd)
try:
    fcntl.lockf(lockpyfd, fcntl.LOCK_EX | fcntl.LOCK_NB)

    # `ServerProgress` is a proxy progress reporter that listens for
    # connections on a Unix socket, and broadcasts progress status updates both
    # to the local progress reporter and to whoever connects to the socket.
    progress = ServerProgress(progress)
except IOError, e:
    if e.errno == errno.EACCES or e.errno == errno.EAGAIN:
        progress.notice("Another update is already running: showing its progress.")
        # `ClientProgress' is another proxy class that connects to the socket
    # forwards progress updates to whatever the user has chosen as the
    # local progress indicator.
        childProgress = ClientProgress(progress)
        childProgress.loop()
        sys.exit(0)
    else:
        raise

What happens here is that if the upload is in progress, the second update-apt-xapian-index will not be able to lock a lockfile. But instead of exiting, it connects to the other indexer via a unix socket, and shows the progress just as if it were the one doing the indexing.

So, now, suppose I run update-apt-xapian-index:

# update-apt-xapian-index
Reading Debtags database: done.  
Rebuilding Xapian index... 20%

And suppose I run another one:

# update-apt-xapian-index
Another update is already running: showing its progress.
Rebuilding Xapian index... 20%

And suppose I run yet another one:

# update-apt-xapian-index --batch-mode
notice: Another update is already running: showing its progress.
begin: Rebuilding Xapian index
progress: 19/100
progress: 20/100

And suppose I run yet another one (running with -q shows nothing, but it will wait until the master indexer has finished):

# update-apt-xapian-index -q

This way, the advanced package manager (adept 3 does this) will show a progress indicator and correctly let the user know when indexing has finished... only, if an update is already running, the progress indicator will not start at 0% because the update was already in progress, and the user will think: "wow, I've been lucky!".

The server side of the socket only uses nonblocking I/O, so there's no risk of slave indexers causing the master indexer to hang.

It's been simple to implement, and brillant. It is in apt-xapian-index 0.15, which I have just uploaded to sid. Shame it's a bit late for lenny.

John Goerzen: Weird Firefox Problem

nospam@example.com (John Goerzen) — Fri, 08 Aug 2008 08:20:00 +0000

Once again, I find myself turning to this wonderful series of tubes for help on a weird problem.

I have Firefox (Iceweasel) on all the computers I regularly use. One of these computers has had a persistent problem.

After using it for awhile, it takes a really long time to look up hostnames in DNS. And after upgrading to Firefox 3, it got much worse. Not only did name resolution get slow, but sometimes page loads would get exceptionally slow as well. I could have 5 tabs open, and all of a sudden at the magic moment, nothing would load on any tab. It was as if I was being hit by 75% packet loss. And new pages wouldn't load, either.

tcpdump showed Firefox not even sending out packets at these times. After a few minutes, it might be back to normal. But I could always quit and restart and it would be fine.

Now, here's the weird thing: I've eliminated every possible difference I can think of between this one machine and the others I use Firefox on. My plugins and extensions are the same set with the same versions. My configuration is the same. When this problem is happening, other network-related programs (even other web browsers) on the same machine are working fine. Nobody else here seems to be having this problem.

Any ideas?

MJ Ray: Is Yahoo Now Even Worse On Spam?

Fri, 08 Aug 2008 07:37:46 +0000

When working on mailservers, I’ve noticed that Yahoo’s mailservers seem to “punish” others by sending code 421 (service not available) for a few minutes for a first report of spam that originated from there, longer for a second report and so on. Yahoo’s help pages suggest they do this if you don’t “comply with our guidelines (described below)” (which aren’t actually described below).

That system seems to completely screw everyone on a server if a user forwards their own email to Yahoo and then flags some as spam, or if a website user who registered with a Yahoo mail address then closes their Yahoo account without updating their registration details. In the worst cases, a server’s mail queue can become clogged with stuff that it can’t forward to Yahoo. I’ve suggested that server owners ban forwarding to Yahoo, but not all have done that yet.

Yahoo’s server-punishing tactics are particularly unfair because of the amount of spam we receive from Yahoo - when I tried rejecting that, the server tested seemed to get more 421 punishment for that. I now usually direct it to a blackhole, which feels a bit dangerous.

Now I’ve just seen this from Indymedia which makes it sound like Yahoo’s getting even worse recently:-

“Yahoo doesn’t make it so easy for us. They do (unintendedly) transport a remarkable amount of spam, often sent by robots which automatically (and wide scale) crack Yahoos’ new account signup CAPTCHAS (those images with the cats + dogs + digits + letters in them) just to relay their spam through Yahoo. So it’s not easy to determine who sends legitimate email through Yahoo and who does not.”

I wrote about some alternative service providers back in 2006, including ippimail, which Yahoo users might like to change to. I’d be interested in comments about any new arrivals in this field.

BT internet customers are probably using Yahoo-hosted email too. I recommend changing to The Phone Co-op, but my company is an agent for them, so I would say that, wouldn’t I?

Andrew Pollock: [tech] Moving

Fri, 08 Aug 2008 06:51:00 +0000

I've found a new colo for my server, and Brent has kindly offered to do the remote hands work for me tomorrow. Fingers crossed it'll be fairly smooth...

Joachim Breitner: pam-dbus: authentication by bubbles

mail@joachim-breitner.de (nomeata) — Fri, 08 Aug 2008 05:19:00 +0000

Imagine you have a device, such as a linux phone, that allows login via ssh, e.g. when on a wireless network. You don’t want to set a password with the (limited) phone UI. On the other hand, you don’t want to allow passwordless root logins into your phone. But you do want the ability to login via ssh, after all that’s why you have bought a linux smartphone. This led me to the idea of a pam module and corresponding UI piece that asks the currently logged in user: „Hey, someone tries to login. Is that ok or not?“ This might also be useful for guest accounts on regular laptops. For more on that, see my last blog post.

So I hacked it together (actually twice, due to some unfortunate use of rm at some point), invested most of the time in learning more about the python garbage collector vs. callbacks, explicitly marked global variables and proper automake stuff. In the end I got, well, just what I wanted. A simple pam module, dubbed pam-dbus that sends a request via the dbus system bus and an autostart program (written in python for now, but I might re-implement it in C) that uses notification-daemon to get confirmation from the user.

You are welcome to try the sources and binary debian packages or have a look at the darcs repository for pam-dbus (with debian/ directory, repository browser). This will end up in Debian later, I guess.

Update: Erik Johansson pointed out that if you want to use this with ssh, you need to set UsePAM yes in /etc/ssh/ssd_config.

Joachim Breitner: Flow control with pam configuration

mail@joachim-breitner.de (nomeata) — Fri, 08 Aug 2008 04:20:22 +0000

Usually, files in /etc/pam.d/ are simple, linear descriptions of how a user should be authenticated, e.g. „Try to authenticate him against ldap, and then against the local data base“. But sometimes, you want something more advanced, for example „If the user is called guest, please authenticate him with pam_dbus, otherwise use regular pam_unix.“ This is possible, and here I’ll note down how to do that.

There are actually two problems to solve: How to detect the username, and then how to do the flow control.

For the first problem, I recently discovered the pam_succeed_if module, that allows for relatively advanced logic for checking uids, usernames, hostnames and group membership. For our case, the line would read

auth ? pam_succeed_if.so quiet user = guest

Now what next? If we just wanted to allow unrestricted access to guest, we could put „sufficient“ for the questionmark. But we need something like if..then..else. Unfortunately (and I hope this will be fixed eventually), the only flow control available is „skip the next n lines“. So we can skip to pam_unix when this module fails (i.e. the user was someone else but guest), and if we did not skip, we can run the guest-specific module and then skip over pam_unix. So here is the complete snippet:

auth [default=2 success=ignore] pam_succeed_if.so quiet user = guest
auth [success=ok new_authtok_reqd=done ignore=ignore default=die] pam_dbus.so
auth [default=1] pam_permit.so
auth required pam_unix.so

You can read more about this advanced configuration in the PAM Administration guide. And here is the corresponding configuration for gdm, where guest can always login:

auth [default=2 success=ignore] pam_succeed_if.so quiet user = guest
auth required pam_permit.so
auth [default=1] pam_permit.so
auth required pam_unix.so

So I have a guest account with a locked password and I can allow ssh logins with a mouse click and use it directly with gdm. I probably should put the gdm configuration also in xscreensaver to not lock me out.

Wouter Verhelst: There is a cabal

Fri, 08 Aug 2008 03:22:00 +0000

Seriously.

Frank Lichtenheld: Moving a mailing list from SF.net to another Mailman instance

Thu, 07 Aug 2008 23:33:00 +0000

I had to move a mailing list from SourceForge to a self-hosted Mailman instance while preserving all the user options. Since one has no shell access to these SF's Mailman I decided to extract the information from the Web-Interface, which sadly enough is no easy task. There is no complete list available but only chunked by starting letter and in groups of 30 addresses or less.

Since the mailing list in question had about 1500 subscribers manual transcription was really no option. So I wrote a small script that automatically extracts all the information and outputs it in a CSV-like format.

I've also hacked Mailman's add_members script to set all these options from this format.

In case someone finds this useful, both are available on my git server under free licenses:

grab-subscribers.pl: Extract subscriber information from Mailman Web-Interface with LWP.
add_members: Use the information extracted by grab-subscribers.pl to populate a Mailman mailing list.

DISCLAIMER: This is hacked together really quickly and was used exactly once. Don't expect too much.

Gustavo Noronha Silva: 7 Aug 2008

Thu, 07 Aug 2008 22:38:56 +0000

So it is currently possible to use simple library calls in glib-based code to run something as root, by taking advantage of the gksu policykit mechanism:

GksuProcess* gksu_process_new(const gchar *working_directory, const gchar **arguments); gboolean gksu_process_spawn_async(GksuProcess *process, GError **error);

The DBus service already works; it is able to setup the environment and X authorization correctly. There is still lots to do; startup notification is still not handled, and dealing with the application’s stdandard output and error messages, as well as providing a way for the caller to send stuff into the processe’s standard input. It is already possible to start an application and know that it has been finished, though.

As for the code:

$ git clone git://kov.eti.br/srv/git/gksu-polkit.git/

Criticism is welcome!

In other news… I’d like to ask our dear lazy web if anyone is using some nice way of providing only posts tagged in specific categories in a feed in wordpress. I’d like to use that to provide my posts to planet debian from my wordpress install.

Aigars Mahinovs: Paris Hilton

Thu, 07 Aug 2008 21:29:21 +0000

… I find that I am actually respecting her after this.

Aigars Mahinovs: Better now!

Thu, 07 Aug 2008 20:58:32 +0000

As soon as my laptop came back from repairs, I started to feel better - being back with 1920×1200 resolution is great! NVidia is much more stable than ATi and Intel wireless is just great!

And then last weekend I was in Berlin for the FFII board meeting and used the opportunity to see the city with my girlfriend. I must say that there is a lot of interesting things to see in Berlin.The things I would recommend everyone are: go to the Zoo (5-7 hours of superb fun), then take bus 100 to Alexander Platz (driving by all the main landmarks), go up on the TV tower, then come down and sometime late in the night go to ‘Weekend’ dance club.

Lucas Nussbaum: Exporting logs from Suunto X6HR watches on Linux

Thu, 07 Aug 2008 15:51:46 +0000

I’m the happy owner of a nice geeky toy: a Suunto X6HR watch, that includes an altimeter and an heart rate monitor, which I use mainly for moutain biking and hiking.

During outings, the watch can log the altitude and heart rate every 2, 10 or 60 seconds, and the data can be transfered to a PC using a serial interface. The problem is that Suunto only provides software for Windows. I got tired of using virtualbox to connect to the watch (qemu doesn’t work, Suunto Activity Manager apparently does strange things with the serial port), so I reverse-engineered the protocol (using skimanager and Jérome Kieffer’s work as a basis) and implemented a script to fetch the logs, and export them in a format suitable for gnuplot.

Of course, Suuntux is publicly available. I’d be happy to hear from you if it works for you too. Also, if you own a Suunto X6 (similar watch, without HRM), I’d be interested in supporting it too (if it’s not supported already).

Below is a example graph, from a short mountain bike ride just before leaving for Debconf.

Sandro Tosi: Another info source for Debian

noreply@blogger.com (Sandro Tosi) — Thu, 07 Aug 2008 14:24:20 +0000

It seems that #debian-devel@OFTC channel topic is used to inform for some particular situations, even grave ones (like HP Fort Collins outage of today).

But what to do if you'd like to be alerted for such situation and you can't check IRC, or you prefer different communication medium (like mails or feeds)?

There is a nice page on wiki.d.o that's been updated every time that #debian-devel@OFTC topic is changed. So, go there and simply subscribe to it (and you'll receive emails every time the page is changed). There should be a way to get an RSS feed from a MoinMoin page, but can't find a way: suggestions?

Russell Coker: A Basic IPVS Configuration

Thu, 07 Aug 2008 13:10:19 +0000

I have just configured IPVS on a Xen server for load balancing between multiple virtual hosts. The benefit is not load balancing but management. With two virtual machines providing a service I can gracefully shut one down for maintenance and have the other take the load. When there are two machines providing a service a load balancing configuration is much better than a hot-spare, one reason is the fact that there may be application scaling issues that prevent one machine with twice the resources from giving as much performance as two smaller machines. Another is the fact that if you have a machine configured but never used there will always be some doubt as to whether it would work…

The first thing to do is to assign the IP address of the service to the front-end machine so that other machines on the segment (IE routers) will be able to send data to it. If the address for the service is 10.0.0.5 then the command “ip addr add dev eth0 10.0.0.5/24 broadcast +” will make it a secondary address on the eth0 interface. On a Debian system you would add the line “up ip addr add dev eth0 10.0.0.5/24 broadcast + || true” to the appropriate section of /etc/network/interfaces, for a Red Hat system it seems that /etc/rc.local is the best place for it. I expect that it would be possible to merely advertise the IP address via ARP without adding it to the interface, but the ability to ping the IPVS server on the service address seems useful and there seems no benefit in not assigning the address.

There are three methods used by IPVS for forwarding packets, gatewaying/routing (the default), IPIP encapsulation (tunneling), and masquerading. The gatewaying/routing method requires the back-end server to respond to requests on the service address. That would mean assigning the address to the back-end server without advertising it via ARP (which seems likely to have some issues for managing the system). The IPIP encapsulation method requires setting up IPIP which seemed like it would be excessively difficult (although maybe not more than required to set up masquerading). The masquerading option (which I initially chose) rewrites the packets to have the IP address of the real server. So for example if the service address is 10.0.0.5 and the back-end server has the address 10.0.1.5 then it will see packets addresses to 10.0.1.5. A benefit of masquerading is that it allows you to use different ports, so for example you could have a non-virtualised mail server listening on port 25 and a back-end server for a virtual service listening on port 26. While there is no practical limit to the number of private IP addresses that you might use it seems easier to manage servers listening on different ports with the same IP address - and there is the issue of server programs that are not written to support binding to an IP address.

ipvsadm -A -t 10.0.0.5:25 -s lblc -p
ipvsadm -a -t 10.0.0.5:25 -r 10.0.1.5 -m

The above two commands create an IPVS configuration that listens on port 25 of IP address 10.0.0.5 and then masquerades connections to 10.0.1.5 on port 25 (the default is to use the same port).

Now the problem is in getting the packets to return via the IPVS server. If the IPVS server happens to be your default gateway then it’s not a problem and it will already be working after the above two commands (if a service is listening on 10.0.1.5 port 25).

If the IPVS server is not the default gateway and you have only one IP address on the back-end server then this will require using netfilter to mark the packets and then route based on the packet matching. Marking via netfilter also seems to be the only well documented way of doing similar things. I spent some time working on this and didn’t get it working. However having multiple IP addresses per server is a recommended practice anyway (a back-end interface for communication between servers as well as a front-end interface for public data).

ip rule add from 10.0.1.5 table 1
ip route add default via 10.0.0.1 table 1

I use the above two commands to set up a new routing table for the data for the virtual service. The first line causes any packets from 10.0.1.5 to be sent to routing table 1 (I currently have a rough plan to have table numbers match ethernet device numbers, the data in question is going out device eth1). The second line adds a default router to table 1 which sends all packets to 10.0.0.1 (the private IP address of the IPVS server).

Then it SHOULD all be working, but in the network that I’m using (RHEL4 DomU and RHEL5 Dom0 and IPVS) it doesn’t. For some reason the data packets from the DomU are not seen as part of the same TCP stream (both in Net Filter connection tracking and by the TCP code in the kernel). So I get an established connection (3 way handshake completed) but no data transfer. The server sends the SMTP greeting repeatedly but nothing is received. At this stage I’m not sure whether there is something missing in my configuration or whether there’s a bug in IPVS. I would be happy to send tcpdump output to anyone who wants to try and figure it out.

My next attempt at this was via routing. I removed the “-m” option from the ipvsadm command and added the service IP address to the back-end with the command “ifconfig lo:0 10.0.0.5 netmask 255.255.255.255” and configured the mail server to bind to port 25 on address 10.0.0.5. Success at last!

Now I just have to get Piranha working to remove back-end servers from the list when they fail.

Update: It’s quite important that when adding a single IP address to device lo:0 you use a netmask of 255.255.255.255. If you use the same netmask as the front-end device (which would seem like a reasonable thing to do) then (with RHEL4 kernels at least) you get proxy ARPs by default. For example you used netmask 255.255.255.0 to add address 10.0.0.5 to device lo:0 then on device eth0 the machine will start answering ARP requests for 10.0.0.6 etc. Havoc then ensues.

MJ Ray: RFID Security and Stability

Thu, 07 Aug 2008 07:28:45 +0000

While developing an RFID extension for the Koha library catalogue system over the last few months, I’ve learned a lot about I-Code tags and security systems, but I’ve not yet looked into Mifare yet, which is the other big RFID product line from NXP. I have been seeing several reports of problems with Oyster (which is Mifare-based) and a crack to be published.

I thought Mifare was meant to be a much tougher product than I-Code. I’m surprised and disappointed that NXP’s reaction to a hack was to try to prevent publication. I haven’t heard from any suppliers about vulnerabilities, so I doubt that NXP are passing the message on to all Mifare-operators yet. They should tell Mifare operators so that they can protect themselves. It looks like the head-in-sand approach to security, which is very worrying.

At least one of our RFID systems is Mifare-capable (which is why I think we should have been told about this vulnerability), so I’ll look into that when I get some spare time (March 2012 perhaps?) unless someone points me at a link with juicy details.

Junichi Uekawa: Ubuntu kernels not working with qemubuilder.

Thu, 07 Aug 2008 05:38:29 +0000

Ubuntu kernels not working with qemubuilder. I've seen reports that Ubuntu kernels don't work because they have /dev/sda instead of /dev/hda for IDE devices. I'm not entirely sure that's a clever thing to do, but I'm not entirely sure if it's a clever thing to hardcode /dev/hda for i386/amd64 qemu architectures.

Jaldhar Vyas: 6 Down 999,999,994 To Go

Thu, 07 Aug 2008 04:18:44 +0000

Congratulations to Kartik who finally became a Debian Developer

There is definitely a lot of interest in Debian in India—even more if you count Ubuntu. Unfortunately interest is not translating into participation. Why are we seeing so little involvement in the project from Indians? What can we do to convert "users" to "builders"?

If you have any thoughts on the matter I would like to hear about them.

Stefano Zacchiroli: yay from debcamp8

Thu, 07 Aug 2008 03:08:01 +0000

DebCamp8, shakiness, planes, `python-debian`

Well, not unexpected news, but since I've been rather quite lately it is worth reminding that I'm now at DebConf8, enjoying the DebCamp. I've arrived today after a quite long trip made of unexpected extra plane stops in Madrid (thanks Iberia for not declaring it and letting me ponder about how can it possibly take 16 hours from Barcelona to Buenos Aires, now I know the reason ...) and shaky bus hours.

First tiny teeny achievement of DebCamp (among a handful of beers already) is an upload of python-debian 0.1.11, implementing among other things support for parsed dependencies and a major overhaul changelog parsing (thanks to James Westby). Unfortunately we are going to miss Lenny with this release, but after all it is a package mostly meant for Debian Developers, so it is probably not a big deal.

Clint Adams: NM teaches shameful doublespeak for non-free

Thu, 07 Aug 2008 00:04:01 +0000

The worst thing an idealist can be is practical. I see this problem nearly every day when people are trying to comply with laws, rules, regulations, standards, or what-have-you. You fail to meet the objective, so you smudge reality and make compromises. Well, we cannot reasonably drive under the speed limit so let's arbitrarily make up our own limit (10 mph over) and stick to that. That way we endure the hardship of having to comply with something but not the extreme and unattainable hardship of complying with the real thing. Nevermind that some people actually obey the speed limit; that's just anecdotal evidence or a fluke or some other excuse you can use to disregard the fact that what you are claiming is impossible is actually possible.

That's an example of a rule mandated by an external power (the oppressor you theoretically owe your allegiance to or the oppressor you are on loan to). Where idealism really comes into play is when people choose their own oppression, be that a formal religion, moral code that they got from a pamphlet somebody was handing out on the sidewalk, or other voluntarily-adopted standards of behavior.

Then you end up with raw-food vegans who eat pepperoni pizza twice a week, environmentalists who drive cars, PETA members who keep pets, feminists who are lapsitters, Christians who sin, people who claim that things are best-effort, and people who claim that things that are obviously part of other things are not really part of those things.

Ingo Juergensmann: 2008 M68k Porter Meeting

nospam@example.com (Ingo Jürgensmann) — Wed, 06 Aug 2008 19:19:15 +0000

Joey mailed lately just another announcement for the m68k port ermeeting. This year in Kiel from August 29th - 31st:

Executive summary:

2008 M68k Linux Porter Meeting
August 29th - 31st
University of Kiel, Germany

This summer we are organising a Linux porter meeting especially
targetting the m68k architecture. During the meeting current problems
of the m68k architecture, its integration in Debian, releases
etc. will be discussed.

The meeting will take place at the last weekend in August (29-31) at
the University of Kiel, Germany. Details and participants are
collected here:

This meeting is evolved from the Oldenburg porter meeting that has
started with the m68k architecture but had to stop two years ago.

Interested developers and supporters are invited to join the meeting
and help develop the m68k port of Linux.

If you are interested to attend this meeting, please drop Christian
(cts) or me a note or add yourself to the Wiki page.

Regards,

Joey

Despite all the problems the m68k faced in the last years, we're still alive and performing fine. Part of the meeting will be discussion about the current changes of the m68k port like Aranym buildds and other stuff.

So, if you're interested in the m68k port or the experience of the m68k porters for your embedded architecture, come to Kiel and visit us! :-)

Wouter Verhelst: Re: Akademy

Wed, 06 Aug 2008 18:19:00 +0000

Kris blogs about akademy being in Sint-Katelijne-Waver—which, since I moved to Mechelen, is my backyard, really—and wonders why nobody in the Belgian FLOSS community talked about it.

It's not that I didn't know; Sune Vuorela, one of our Debian KDE developers, mentioned it to me a few months ago. He knew about our office in Mechelen, since he slept there at some FOSDEM a few years back. Of course, my first reaction was "oh, you'll pay me a visit then, right?", though I quickly realized "hang on, won't I be in Argentina then?"

Turns out that's was the case. So I didn't bother blogging; perhaps I should have.

Thing is, I've always felt like the Belgian FLOSS community is somewhat disjunct. It shouldn't be; we have a bunch of healthy and working community communication things, we have timely dinner meetings and drink meetings; and we even have a big important international developers meeting in the heart of our country. Even with that, I feel that more could be done. For example, I would probably like more unorganized social gatherings (say, more "lets-have-a-beer-now" type of meetings), and other things.

Is this just me? I dunno.

Matthew Garrett

Wed, 06 Aug 2008 18:13:03 +0000

Testing 2.6.27-rc2 with the current released (not development) BIOS on the Foxconn G33M reveals the following:

There are no ACPI errors on boot, other than the (irrelevant) OEMB table (there are in previous kernels, stuff's clearly been fixed in .26 or so. Can't really be bothered digging through to find out what)
The system fails to reboot if it has been suspended and resumed. The fix is three lines long, one of which is a comment and one of which is blank.
The system is otherwise perfectly stable.

Summary: Almost all problems caused by bugs in Linux, one problem caused by BIOS vendors interpreting the ACPI specification differently to the Linux implementation and trivially worked around. No sabotage.

Thanks very much to Carl at Foxconn for being able to get me information about what was causing the reboot issue - I spent significantly longer putting the system together than I did fixing it.

Kartik Mistry: I AM DD now!

Wed, 06 Aug 2008 17:58:32 +0000

* I think it will take time to have updated status on my NM status page but I can’t resist myself because,

- kartik@debian.org works

- I updated db.debian.org

- Added uid in my GPG key and synchronized it with Debian Keyserver

- Updated Developers location

So, in short, all these things means:

I AM DD NOW!

Many thanks to My family (Koki, Mom, Papa, brother Rinit and Little Kavin for supporting and encouraging me during this long journey), Jaldhar Vyas for advocating my application, my AM Mohammed Adnène Trojette (adn), all kind and helpful sponsors of my n number of packages (jaldhar, mones, adn, daniel (special thanks for number of uploads), pabs, joeyh for Festival upload, rkrishnan, acid, tolimar, twerner, bubulle, nijel, bernat, marillat, akumar, hertzog and finally gwolf).

Special mention and thanks to bubulle and sam - for coming down and having nice meet at BLR during foss.in/2007, that gave my power back to continue my work when I was frustrated with certain situations.

Another special thanks to dear friends - nirav, pradeepto, tuxmaniac and atul chitnis for always encouraging me for my Debian work.

In short, you all people rocks!

Now, what next?

I will keep continue doing my packging work as it is, I have plan to get involve more in near future, but as of now - I first need give time and focus RC bugs for Lenny

David Welton: langpop.com in Tim Bray's OSCON keynote

Wed, 06 Aug 2008 16:38:00 +0000

It was neat to see "langpop.com" on the screeen during Tim Bray's talk at OSCON (contains a link to the video):

http://www.tbray.org/ongoing/When/200x/2008/08/05/Annotated-OSCON-Keynote

The talk itself was an overview of the state of programming languages. However, 15 minutes is not enough time to do the topic justice, but if you're not a language geek, it's not a bad survey, and I really like his style: he's fair when he points out the good and the bad. Like him, I am sick of PHP and do not care to use it any time in the near future, but that doesn't mean there aren't a lot of good things to be said about it. In any case, I'm honored that Tim used langpop.com as a source for his talk.

Julien Danjou: The nochange-log

Wed, 06 Aug 2008 11:30:00 +0000

Saw in base-files changelog:

base-files (4.0.5) unstable; urgency=low
[…]
* It's still soon to change /etc/debian_version. Please be patient.

-- Santiago Vila <sanvila@debian.org>  Tue,  5 Aug 2008 18:06:06 +0200

Applause.

Pablo Lorenzzoni: 100-thousand and counting

Wed, 06 Aug 2008 11:07:20 +0000

For those of you wondering how is the battle against the Brazilian Internet Surveillance Bill, I have to report we already got more than 100-thousand people to sign the petition. You can check the current count in the image on the right. I am updating it every 15 minutes, so you can even use its URL in another place (as are some people doing already).

The bill will be voted by the Chamber-of-Deputies any time now… We heard it would be on yesterday, but apparently it was not even enlisted for this week. This doesn’t mean much, since the Deputies can hold an “out-of-list” voting… we’ll be watching.

Meanwhile, I read an article by Sérgio Amadeu that summarizes some of our feeling about that bill. Are we in the Western World (allegedly freedom lovers) turning into control-freaks? A whole lot of people I know are not even offended by this bill! These are the same people that don’t think it’s weird that USA claimed the right to seize any storage device entering their borders, for any time they want, with no warranted privacy. Are we in a middle of a paradigm shift? Are we accepting less freedom? What would George Orwell think of that?

Maybe we got in a wormhole and ended up in 1984…

Christian Perrier: Holidays report

Wed, 06 Aug 2008 10:57:00 +0000

Sure, that sounds fairly formal to send a report for holidays, doesn't it?

Anyway, as I have a few (often Debian/FLOSS related) friends around the world who are reading my blog entries, this might interest them so that's indeed a report..:-)...and I have time for it, so...

I'm currently going back from Cahors to Maurepas (home), on my way to Debconf. We spent 10 days in Cahors with Elizabeth and the girls, finally joined by Jean-Baptiste on Sunday. We had great time over there, enjoying the richness of Quercy:

heat (I need that before MDQ winter)
nice running spots: for once, I could run by starting from the bottom of hills, climbing *up* and finishing down. I ran a lot, sometimes on very hard tours such as 18km with 300m positive height difference. I also did a few "fast" runs ("fast" here would make a few Debian friends laugh a lot, isn't it Ralf, Dirk.....)
medieval architecture in Gourdon, Martel, St-Cirq Lapopie, Cahors...
peace of the Lot valley
Cahors wine: strong and tasty, of course
Rocamadour and Trappe d'Echourgnac cheese (I won't bring Rocamadour at Debconf as it wouldn't survive)
rest, sleep
McDonald's parking lot for network connectivity
very little hacking

So, I'm now heading back home, assemble stuff and will take off for Debconf on Thursday 7th (Paris Orly to Madrid, then Buenos Aires via Air Europa: IIRC nobody from Debconf is in the same flight).

"Assemble stuff" here also means collecting cheese for the now famous Debconf Cheese&Wine party. That one will be tricky to achieve as most of us are coming from quite far away and...there are only 6 French citizens who attend DC8..:-)). Anyway, I already know that my fellow Nicolas François (namely nominated as Assistance CheeseMaster recently) will bring some good stuff. I haven't decided yet what to bring. I might be influenced by my holidays, so cheeses from South-West France are highly probable. Cahors wine will be the choice (prepare yourself: that is strong stuff).

At Debconf itself, we'll have a quite busy schedule. I intend to mostly work along with Felipe, Nicolas, Grisu and others on i18n.debian.net. I'll have to animate the i18n sessions for which I want to prepare some schedule instead of just "lat's gather and talk" which didn't work so well last year, IMHO.

And I have that bloody keynote lecture which, BTW, could be rescheduled if I properly read debconf-discuss as, finally 9am for keynotes seems to be considered too early for the late birds at DC8...:-)... We'll see: I will certainly have something that's not very well cooked and prepared. Expect some improvisation: this year I didn't want to stress myself with a talk, slides and blahblah.

Elizabeth will come back from Cahors on Saturday with the kids. She'll have a holiday week at her father's place whil ethe kids will....do their stuff at Maurepas (this is what happens when kids are grown up).

We'll gather together again on Aug 18th and I go back to work on 19th. Crazy, I know but I have a very busy and full work schedule for the upcoming next 2 months.

September will be a hard time to go through: Jean-Baptiste will start his "Licence Profesionnelle" in Automated and Embarked Systems. He'll do it in shared time: half-time at university for classes and half-time working in a company (which turns out to be Essilor, the world leader for progressive glasses....and the company which Elizabeth is working for). He'll stay at my sister-in-law place during the week (30km away from our place but closer from university and work).

Sophie, our 18-year old daughter, will spend the year in Toulouse, to prepare the admission in a Social Workers school. She'll have her own apartment, in the very center of the city, 20 meters away from Place du Capitole. Annoying, isn't it ? :-)

So, we'll mostly stay with our "little" Magali, our 16 y.o. who will be attending High School, on her way to Baccalauréat. Tell us about shrinking families....

Now time to work on some slides for the Debconf keynote. Damn.

Russell Coker: Time Zones and Remote Servers

Wed, 06 Aug 2008 09:30:42 +0000

It’s widely regarded that the best practice is to set the time zone of a server to UTC if people are going to be doing sys-admin work from various countries. I’m currently running some RHEL4 servers that are set to Los Angeles time. So I have to convert the time from Melbourne time to UTC and then from UTC to LA time when tracking down log entries. This isn’t really difficult for recent times (within the last few minutes) as my KDE clock applet allows me to select various time zones to display on a pop-up. For other times I can use the GNU date command to convert from other time zones to the local zone of the machine, for example the command date -d "2008-08-06 10:57 +1000" will display the current Melbourne time (which is in the +1000 time zone) converted to the local time zone. But it is still painful.

In RHEL5, CentOS 5, and apparently all versions of Fedora newer Fedora Core 4 (including Fedora Core 4 updates) the command system-config-date allows you to select Etc/GMT as the time zone to get GMT. For reference selecting London is not a good option, particularly at the moment as it’s apparently daylight savings time there.

For RHEL4 and CentOS 4 the solution is to edit /etc/sysconfig/clock and change the first line to ZONE="Etc/GMT" (the quotes are important), and then run the command ln -sf /usr/share/zoneinfo/Etc/GMT /etc/localtime. Thanks to the Red Hat support guy who found the solution to this, it took a while but it worked in the end! Hopefully this blog post will allow others to fix this without needing to call Red Hat.

In Debian the command tzconfig allows you to select 12 (none of the above) and then GMT or UTC to set the zone. This works in Etch, I’m not sure about earlier versions (tzconfig always worked but I never tried setting UTC). In Lenny the tzconfig command seems to have disappeared, now to configure the time zone you use the command dpkg-reconfigure tzdata which has an option og Etc at the end of the list.

Updated to describe how to do this in Lenny, thanks for the comments.

Eric Warmenhoven: Expensive toys, expensive repairs

Wed, 06 Aug 2008 04:53:36 +0000

This past weekend, I took my Canon EF 24-105mm f/4L lens to take some indoor pictures. I had been using it previously to take outdoor pictures, and had used my polarizer, and left it on the lens when I was done. So this weekend, I tried taking it off, and couldn’t.

That’s the first time this had happened to me. I wasn’t sure what to do. Fortunately for me, before I did anything too extreme, Adam suggested I get a filter wrench. So I headed over to Wolf Camera to get one.

Wolf didn’t have one, so I asked where I could get one, and they suggested someone else who also didn’t have one, but they suggested Keeble & Shuchat Photography, who I had been to before. They did have wrenches, but not in the size that I needed. They suggested I just bring the lens to their repair department, which I did.

Fifteen minutes later, the filter still wasn’t off the lens, and they had given up. My lens is now on its way to Canon USA for a repair, and hopefully I’ll get both parts back, separated, and in usable condition. They estimated the cost would be somewhere between two and three hundred dollars. I guess that’s what happens when a lens that costs $1000 and a filter that costs $100 decide to misbehave in tandem. And I was hoping the repair would be a simple $5 filter wrench!

Gustavo Noronha Silva: 6 Aug 2008

Wed, 06 Aug 2008 03:56:04 +0000

As far as debcamp work plans go, my own has been making me quite happy. I started the week trying to start implementing gksu policykit mostly in vala, and failing miserably. Vala isn't ready to help me do some of the more weird things I had in mind.

The good news is falling back to C worked pretty smoothly, and I have the basic foundation working. There is plenty to be implemented still, but moving forward always feels good. If anyone is interested in discussing the gksu replacement that is being built on top of the PolicyKit framework come talk to me in the hack lab =D. Take a look at this gratuitous screenshot.

Adam Rosi-Kessel: Obama and Tire Pressure

Wed, 06 Aug 2008 02:32:50 +0000

Via Steve — this is nearly perfect. It is immensely satisfying to see a Democratic presidential candidate gracefully obliterate frivolous attacks rather than cower under them.

Technorati Tags: Politics, Obama, Energy

William Pitcock: LSB 4 doesn’t fix things any better than LSB 1, 2 or 3 did.

Wed, 06 Aug 2008 02:17:00 +0000

As mentioned elsewhere, LSB 4 is due out soon, and won’t really make a lick of difference when it comes to improving compatibility with non RPM/redhat-like systems. With software appliances and software as a service becoming more relevant, and appliance-oriented non-RPM distributions like rPath, Ubuntu JeOS and Defusion coming around that offer equal (or arguably better) value to customized Fedora/RHEL/CentOS and improved administrative ability due to using tools not stuck in the 1990s (RPM, I am looking at you here), one would think that the LSB working group might actually want to make LSB not suck.

Right now, Debian derivitives like Ubuntu JeOS and Defusion can compete by using alien, and rPath has the RPMPackageRecipe for conary, but these are kludges and carry their own share of problems.

So, why does the LSB require a specific format? There’s no reason for them to. Really, LSB compliance is a redhat-only club. Not just an RPM-only club… last time I checked, SuSE is in the same boat as everyone else and they use RPMs.

A lot of the LSB needs to simply be ripped out in order to do any good. Until the LSB working group is willing to drop a lot of the RedHat-isms they have had, non-RedHat distros will always have problems complying. What about source-based distros like Gentoo for example? There is really no easy way they can comply by default (on the other hand, do they care to?).

To put things simply, the LSB sucks. Here’s why:

The LSB spec depends on RPM. I mean, come on. Seriously. Why do they need to require a specific package manager? If package handling is really required, then why not create a simple package format that can be converted on demand into the system package format? Or why care about packages at all?
The LSB spec invents things without consulting distros. Like the whole init scripts thing. But that’s not as bad as depending on RPM or requiring a specific layout.

Ideally, the LSB spec would define a config format capable of describing how the system worked, and all of that, but it doesn’t. Until it does, then the LSB spec is worthless, because it can’t handle all distributions (even the common ones).

Petr Rockai: adept 3.0 alpha 6

Wed, 06 Aug 2008 00:38:17 +0000

Hi, it’s that time again: new alpha version of Adept hits the block. For the unaware, Adept is an APT front-end for KDE. You can do all the cool stuff with it that the other kids can’t. Join the fun!

New features since Alpha 5

(the list is a little less staggering than the last time, sorry about that, but it’s only been a week)

Tags are back! Enhance your searches with tags. Very cloudy, very buzzword-compliant, so very web two-oh. It actually works, too! (No irony intended. Maybe…)
Status-based filtering,
improved search in installer,
much better error handling for dpkg and download errors,
lost icons are back and a load of other bugfixes.

Where to get

I have again prepared binary packages, this time even more of them (a Hardy backport is included). Traditionally, in Debian, you can install alpha 6 from experimental:

apt-get install -t experimental adept

The sources.list goes:

deb http://ftp.debian.org/debian experimental main

If you are on Kubuntu Intrepid, the line is:

deb http://ppa.launchpad.net/mornfall/ubuntu intrepid main

and finally, on Kubuntu Hardy, the lines are (BUT: read below!)

deb http://ppa.launchpad.net/kubuntu-members-kde4/ubuntu hardy main
deb http://ppa.launchpad.net/mornfall/ubuntu hardy main

Big fat warning: Due to somewhat unexpected difficulties, Adept requires newer APT than available in Hardy. This means, adding the above sources.list lines will upgrade your apt to a version from Intrepid, that’s also completely untested on anything resembling a Hardy installation. Be wary. Moreover, installing Adept means means KDE 4.1 for Hardy users. (This does not apply to Intrepid users, they are already on the cutting edge and no extra dangers lie this way.)

(For all Kubuntu users, there are more instructions to be found on https://launchpad.net/~mornfall/+archive.)

Heroes of Alpha 6

I hereby nominate the “Heroes of Alpha 6”, for their deeds that helped Adept move forward:

Yuriy Kozlov, for early pre-release testing and numerous patch contributions throughout the 3.0 alpha series
Jonathan Thomas (JontheEchidna), for discovering two bugs:
- failed downloads resulted in a cryptic internal errors
- an installer crash when using the search
Samuel James Sarette (lunarcloud), for discovering that you could start apply changes twice in a row, by switching back to changes and hitting apply again (not surprisingly screwing up Adept)
and finally, Jonathan Riddell, as there’d be no 3.0 alpha series without him…

(And a totally flirtless wink towards Blauzahl, who somehow inspired me to actually do some bugzilla sorting…)

And now, it’s easy to join the ranks of these heroes — just test the new alpha version and find bugs. Immortality won’t escape your grasp. Also, please don’t forget to read the next section.

Jobs for Alpha 6

Sorting through Launchpad for bugs that have been fixed in alpha 6 (compared to 2.1) would be really awesome. It is a big list and many of them are likely to need testing. (I can take care of that for the KDE bugzilla, but launchpad is a task just too daunting for me and my time possibilities, so help would be very much appreciated).

Notifier is still not included. The components to test are (if you have sudo, kdesu for the rest):

sudo adept
sudo adept installer
sudo adept updater

Please give a go to all of them, report rough edges, crashes and all that, either through IRC (mornfall at freenode, oftc) or mail me-at-mornfall-dot-net or use KDE Bugzilla.

Known Issues

Sometimes, it seems that the installer search manages to break the layout. Change the search text and try again, it might fix itself. If you find a way to reproduce, please let me know!
The installer search is still a little wonky at times (and maybe slow, dunno). And when there are no results, it keeps whatever groups there were before, they are just all empty. Oops.
Icons fail to load on Kubuntu Hardy.
Search seems to crash Adept just after installation on Hardy (could be related to xapian database update). Starting it again seems to help though. UPDATE: this does happen on other distributions as well. You run into the problem if you don’t have apt-xapian-index installed, you install it together with adept and then run adept right away. Then you get a crash on first search. Just restart adept and all should work just fine.
UPDATE: When recovery fails, Adept will crash instead of reporting the error and closing gracefully. Run dpkg —configure -a.
UPDATE: Don’t run adept through kdesudo on Kubuntu. It seems to cause mysterious issues with dpkg (and especially hal upgrades). No insight so far as to what is the problem.

Chris Lawrence: Green light specials

Tue, 05 Aug 2008 21:47:45 +0000

Today’s Signifying Nothing public service announcement follows.

Unless you plan to keep your clothes on, or are in the process of producing your one-person dramatic reenactment of Dr. Horrible’s Sing-Along Blog, don’t sit in front of your MacBook if the little green light above the screen is on.

This concludes today’s Signifying Nothing public service announcement.

Isaac Clerencia: Adelsried

Tue, 05 Aug 2008 21:46:00 +0000

It’s been almost a week already since I arrived to Adelsried. I am going to work here for two weeks and a half (according to the initial contract at least). That means I can’t go to Akademy in the end, too bad

The town is quite small, with around 2000 inhabitants, and not much social life, except for the hotel where we are hosted. The hotel is great, probably the best I have ever been to. Great swimming pool and jacuzzi, really friendly staff, nice rooms with big and comfy beds, a magnificent “biergarten” where we have some drinks and dinner every night, delicious food, bikes to ride for free, …

Despite the lack of social life, the town is beautiful, first of all it’s in the middle of a natural reservation, with dense forests completely surrounding the city. Every house has a gorgeous garden with loads of flowers and some interesting decorations. The highlight is this really high pole in the city center with loads of coats of arms, and a pine on top of it. Hilarious

The work is pretty good too, bleeding edge stuff, really good working environment, nice and international workmates and free drinks

And today I uttered my first full sentence in German since lots of years ago!!!

Sami Haahtinen: Locales, recap

Tue, 05 Aug 2008 21:06:36 +0000

After my post yesterday about locales and my problems, I got some comments.

Bryan, Simon and Wouter all pointed out what eventually figured out too but didn't mention in the post (I actually had to re-read the post to see what I wrote) that LC_ALL overrides all of the settings. Even though I figured it out eventually, with these comments it finally me that the purpose is actually to temporarily override the locale.

Another thing that didn't occur to me while figuring out the correct locale for my system was that I'm thinking about it all wrong. Since I've already gotten used to broken locales I kept thinking that I want en_US locale with some Finnish settings, but in reality I wanted fi_FI locale with English language. I have to admit that I was pretty sceptical about the solution but decided to try it out. And to my surprise, it actually worked!

So the final solution is this: LANG="fi_FI.UTF-8" LANGUAGE="en" LC_MESSAGES="en_US.UTF-8" LC_TIME="en_US.UTF-8"

It is a pretty clean solution and I'm happy to live with it. And as Simon pointed out, administrator changes should be preserved through upgrades. If not, one should file a bug for it.

There we go, another problem solved. Thanks for the comments and suggestions.

Wouter Verhelst: Re: Government

Tue, 05 Aug 2008 18:32:00 +0000

One of the things of getting too much mail is that you will get swamped in it, sometimes to the level of not even managing to figure out there's been replies on your blog for the past several weeks. Oops.

Apparently quite a number of people answered to my blog post about the belgian government issues, and I only found out right before leaving for Argentina. They're now all accepted from moderation, but that doesn't mean I can't follow up on them anymore.

Most of them just agree with what I have to say, or posit another opinion (which is fine), but some clearly show a misunderstanding of what I was trying to say. So, since I don't want to appear as one posting gibberish, allow me to clarify:

"I could say that some other things about the past debâcle also puzzle me, such as the insistence of some people to get an unconditional split of BHV, thereby destroying all chances of even remotely reaching a compromise."

You are saying that you would accept giving in to the demands of the Francophones that the Flemish give up territory. (Think about it, what century are they from? In what other country does one community demand the enlargement of its territory as an exchange for fixing a situation which the constitutional court has ruled to be illegal?)

Thanks for asking, but no, I'm not saying that. Let's be clear about this: there's a huge difference between a position that says "we need to split BHV, period" on the one hand, and "we need to give territory to the francophone community" on the other. It should be perfectly possible to, say, have the flemish community come up with some benefit to the francophone community in some respect somewhere that does not include "giving territory to the south of france"; but apparently the "negotiators" think not. To quote just one example: at some point Reinders (MR) suggested that a federal election circle be created to replace BHV, so that francophone politicians could still be elected in flanders, but also the other way around. This proposal was however killed by flemish politicians before the press as "not even negotiable" without even having discussed it. This, and other similar examples, I do not understand.

After all, the fact that the constitutional court has ruled the current situation to be illegal does not change anything about the fact that this is still a request from the Flemish part of the country, and not from the Francophones; anyone telling you anything else is simply lying. There's nothing wrong with wanting something and being declared correct in court, of course; but there is something wrong with wanting that unconditionally. Unless you won a war, that is. And then still.

Of course, not caring about much of the definitions of many political parties and not being a politician in any way, I ticked off someone who just happens to be a member of one of the parties I don't even like in the first place. Amedee, in case it matters: I didn't call CD&V a "Catholic" party to imply anything, but simply because I'm blissfully ignorant of the difference between Catholic and Christian. And happily so, too, given the CD&V's current behaviour. Oh, and the SP.A is not my favourite party; it's just that they seemed to be the more sensible of the lot during the last elections' campaigns. What's really my favourite party isn't something I'll tell you (or anyone), though.

Martin F. Krafft: The dhclient nightmare

Tue, 05 Aug 2008 16:53:08 +0000

Thank you, Ted Lemon and Paul Vixie for the ISC DHCP server and client! My days would be so boring without them. I revel in your wisdom, experience, and sheer genius when I get behind some of the design decisions you made when writing those pieces of software.

My current favourite is the hook integration into dhclient-script(8). Read what the manpage has to say about it:

[…] the client script checks for the presence of an executable /etc/dhcp3/dhclient-enter-hooks script, and if present, it invokes the script inline, using the Bourne shell . command. The entire environment documented under OPERATION is available to this script, which may modify the environment if needed to change the behaviour of the script.

Hooks which can modify the environment and thus influence all other hooks that follow, as well as the script which applies the network configuration dhclient obtained to the local machine! Yay! Genius!

You are my heroes.

NP: Pluto: Pipeline under the Ocean

Eddy Petrișor: git-core etch backport is useless

noreply@blogger.com (eddyp) — Tue, 05 Aug 2008 17:39:29 +0000

Update:

It seems that the lenny version (1:1.5.6.3-1) plus some small changes to allow building and running on etch does not have this problem.

The changes include:

* backported to etch
- compile against tcl8.4, instead of tcl8.5
- gtik and git-gui depend on tk8.4, instead of tk8.5
- drop the versioned dep on asciidoc and docbook-xsl

It s really nice that git-core is backported to etch, but is kind of hard to convince people to use it when gitk needs tk8.5, which is unavailable in etch.

This was the reason why previosely I made a local backport (1:1.5.6-1~bpo40+1~local) thinking the missing/extra[*] dep was a temporary glitch. According to bug 456423, this should be safe.

Does backports.org have a buildd network? IIRC, it uses the experimental buildd network, but that doesn't explain the desynchronisation of the packages in etch-backports.

Oddly enough, the build now fails on my etch machine during the tests in t9400-git-cvsserver-server.sh (looks like it is not related to the tk8.5 change):

* FAIL 23: cvs update (create new file)
echo testfile1 >testfile1 &&
git add testfile1 &&
git commit -q -m "Add testfile1" &&
git push gitcvs.git >/dev/null &&
cd cvswork &&
GIT_CONFIG="$git_config" cvs -Q update &&
test "$(echo $(grep testfile1 CVS/Entries|cut -d/ -f2,3,5))" = "testfile1/1.1/" &&
diff -q testfile1 ../testfile1

* expecting success: echo line 2 >>testfile1 &&
git add testfile1 &&
git commit -q -m "Append to testfile1" &&
git push gitcvs.git >/dev/null &&
cd cvswork &&
GIT_CONFIG="$git_config" cvs -Q update &&
test "$(echo $(grep testfile1 CVS/Entries|cut -d/ -f2,3,5))" = "testfile1/1.2/" &&
diff -q testfile1 ../testfile1
Counting objects: 5, done.
Compressing objects: 100% (2/2), done.
Writing objects: 100% (3/3), 282 bytes, done.
Total 3 (delta 1), reused 0 (delta 0)
Unpacking objects: 100% (3/3), done.
To gitcvs.git
0879984..e6bd37b master -> master
cvs update: Updating .
cvs update: New directory `master'
* FAIL 24: cvs update (update existing file)
echo line 2 >>testfile1 &&
git add testfile1 &&
git commit -q -m "Append to testfile1" &&
git push gitcvs.git >/dev/null &&
cd cvswork &&
GIT_CONFIG="$git_config" cvs -Q update &&
test "$(echo $(grep testfile1 CVS/Entries|cut -d/ -f2,3,5))" = "testfile1/1.2/" &&
diff -q testfile1 ../testfile1

* checking known breakage:
mkdir test &&
echo >test/empty &&
git add test &&
git commit -q -m "Single Subdirectory" &&
git push gitcvs.git >/dev/null &&
cd cvswork &&
GIT_CONFIG="$git_config" cvs -Q update &&
test ! -d test

Counting objects: 4, done.
Compressing objects: 100% (2/2), done.
Writing objects: 100% (3/3), 388 bytes, done.
Total 3 (delta 0), reused 0 (delta 0)
Unpacking objects: 100% (3/3), done.
To gitcvs.git
e6bd37b..4a13ee9 master -> master
cvs update: Updating .
cvs update: New directory `master'
* FIXED 25: cvs update w/o -d doesn't create subdir (TODO)

* expecting success: (for dir in A A/B A/B/C A/D E; do
mkdir $dir &&
echo "test file in $dir" >"$dir/file_in_$(echo $dir|sed -e "s#/# #g")" &&
git add $dir;
done) &&
git commit -q -m "deep sub directory structure" &&
git push gitcvs.git >/dev/null &&
cd cvswork &&
GIT_CONFIG="$git_config" cvs -Q update -d &&
(for dir in A A/B A/B/C A/D E; do
filename="file_in_$(echo $dir|sed -e "s#/# #g")" &&
if test "$(echo $(grep -v ^D $dir/CVS/Entries|cut -d/ -f2,3,5))" = "$filename/1.1/" &&
diff -q "$dir/$filename" "../$dir/$filename"; then
:
else
echo >failure
fi
done) &&
test ! -f failure
Counting objects: 13, done.
Compressing objects: 100% (4/4), done.
Writing objects: 100% (12/12), 754 bytes, done.
Total 12 (delta 1), reused 0 (delta 0)
Unpacking objects: 100% (12/12), done.
To gitcvs.git
4a13ee9..f573218 master -> master
cvs update: Updating .
cvs update: New directory `master'
grep: A/CVS/Entries: No such file or directory
grep: A/B/CVS/Entries: No such file or directory
grep: A/B/C/CVS/Entries: No such file or directory
grep: A/D/CVS/Entries: No such file or directory
grep: E/CVS/Entries: No such file or directory
* FAIL 26: cvs update (subdirectories)
(for dir in A A/B A/B/C A/D E; do
mkdir $dir &&
echo "test file in $dir" >"$dir/file_in_$(echo $dir|sed -e "s#/# #g")" &&
git add $dir;
done) &&
git commit -q -m "deep sub directory structure" &&
git push gitcvs.git >/dev/null &&
cd cvswork &&
GIT_CONFIG="$git_config" cvs -Q update -d &&
(for dir in A A/B A/B/C A/D E; do
filename="file_in_$(echo $dir|sed -e "s#/# #g")" &&
if test "$(echo $(grep -v ^D $dir/CVS/Entries|cut -d/ -f2,3,5))" = "$filename/1.1/" &&
diff -q "$dir/$filename" "../$dir/$filename"; then
:
else
echo >failure
fi
done) &&
test ! -f failure

* expecting success: git rm testfile1 &&
git commit -q -m "Remove testfile1" &&
git push gitcvs.git >/dev/null &&
cd cvswork &&
GIT_CONFIG="$git_config" cvs -Q update &&
test -z "$(grep testfile1 CVS/Entries)" &&
test ! -f testfile1
rm 'testfile1'
Counting objects: 3, done.
Compressing objects: 100% (2/2), done.
Writing objects: 100% (2/2), 233 bytes, done.
Total 2 (delta 1), reused 0 (delta 0)
Unpacking objects: 100% (2/2), done.
To gitcvs.git
f573218..2ed3834 master -> master
cvs update: Updating .
cvs update: New directory `master'
* ok 27: cvs update (delete file)

* expecting success: echo readded testfile >testfile1 &&
git add testfile1 &&
git commit -q -m "Re-Add testfile1" &&
git push gitcvs.git >/dev/null &&
cd cvswork &&
GIT_CONFIG="$git_config" cvs -Q update &&
test "$(echo $(grep testfile1 CVS/Entries|cut -d/ -f2,3,5))" = "testfile1/1.4/" &&
diff -q testfile1 ../testfile1
Counting objects: 4, done.
Compressing objects: 100% (2/2), done.
Writing objects: 100% (3/3), 300 bytes, done.
Total 3 (delta 1), reused 0 (delta 0)
Unpacking objects: 100% (3/3), done.
To gitcvs.git
2ed3834..3f3e927 master -> master
cvs update: Updating .
cvs update: New directory `master'
* FAIL 28: cvs update (re-add deleted file)
echo readded testfile >testfile1 &&
git add testfile1 &&
git commit -q -m "Re-Add testfile1" &&
git push gitcvs.git >/dev/null &&
cd cvswork &&
GIT_CONFIG="$git_config" cvs -Q update &&
test "$(echo $(grep testfile1 CVS/Entries|cut -d/ -f2,3,5))" = "testfile1/1.4/" &&
diff -q testfile1 ../testfile1

* expecting success: echo Line 0 >expected &&
for i in 1 2 3 4 5 6 7
do
echo Line $i >>merge
echo Line $i >>expected
done &&
echo Line 8 >>expected &&
git add merge &&
git commit -q -m "Merge test (pre-merge)" &&
git push gitcvs.git >/dev/null &&
cd cvswork &&
GIT_CONFIG="$git_config" cvs -Q update &&
test "$(echo $(grep merge CVS/Entries|cut -d/ -f2,3,5))" = "merge/1.1/" &&
diff -q merge ../merge &&
( echo Line 0; cat merge ) >merge.tmp &&
mv merge.tmp merge &&
cd "$WORKDIR" &&
echo Line 8 >>merge &&
git add merge &&
git commit -q -m "Merge test (merge)" &&
git push gitcvs.git >/dev/null &&
cd cvswork &&
sleep 1 && touch merge &&
GIT_CONFIG="$git_config" cvs -Q update &&
diff -q merge ../expected
Counting objects: 4, done.
Compressing objects: 100% (2/2), done.
Writing objects: 100% (3/3), 302 bytes, done.
Total 3 (delta 1), reused 0 (delta 0)
Unpacking objects: 100% (3/3), done.
To gitcvs.git
3f3e927..28c1b4a master -> master
cvs update: Updating .
cvs update: New directory `master'
* FAIL 29: cvs update (merge)
echo Line 0 >expected &&
for i in 1 2 3 4 5 6 7
do
echo Line $i >>merge
echo Line $i >>expected
done &&
echo Line 8 >>expected &&
git add merge &&
git commit -q -m "Merge test (pre-merge)" &&
git push gitcvs.git >/dev/null &&
cd cvswork &&
GIT_CONFIG="$git_config" cvs -Q update &&
test "$(echo $(grep merge CVS/Entries|cut -d/ -f2,3,5))" = "merge/1.1/" &&
diff -q merge ../merge &&
( echo Line 0; cat merge ) >merge.tmp &&
mv merge.tmp merge &&
cd "$WORKDIR" &&
echo Line 8 >>merge &&
git add merge &&
git commit -q -m "Merge test (merge)" &&
git push gitcvs.git >/dev/null &&
cd cvswork &&
sleep 1 && touch merge &&
GIT_CONFIG="$git_config" cvs -Q update &&
diff -q merge ../expected

* expecting success: ( echo LINE 0; cat merge ) >merge.tmp &&
mv merge.tmp merge &&
git add merge &&
git commit -q -m "Merge test (conflict)" &&
git push gitcvs.git >/dev/null &&
cd cvswork &&
GIT_CONFIG="$git_config" cvs -Q update &&
diff -q merge ../expected.C
Counting objects: 5, done.
Compressing objects: 100% (3/3), done.
Writing objects: 100% (3/3), 303 bytes, done.
Total 3 (delta 1), reused 0 (delta 0)
Unpacking objects: 100% (3/3), done.
To gitcvs.git
28c1b4a..1f0f9c8 master -> master
cvs update: Updating .
cvs update: New directory `master'
diff: merge: No such file or directory
* FAIL 30: cvs update (conflict merge)
( echo LINE 0; cat merge ) >merge.tmp &&
mv merge.tmp merge &&
git add merge &&
git commit -q -m "Merge test (conflict)" &&
git push gitcvs.git >/dev/null &&
cd cvswork &&
GIT_CONFIG="$git_config" cvs -Q update &&
diff -q merge ../expected.C

* expecting success: cd cvswork &&
GIT_CONFIG="$git_config" cvs -Q update -C &&
diff -q merge ../merge
cvs update: Updating .
cvs update: New directory `master'
diff: merge: No such file or directory
* FAIL 31: cvs update (-C)
cd cvswork &&
GIT_CONFIG="$git_config" cvs -Q update -C &&
diff -q merge ../merge

* expecting success: echo Line 9 >>merge &&
cp merge cvswork/merge &&
git add merge &&
git commit -q -m "Merge test (no-op)" &&
git push gitcvs.git >/dev/null &&
cd cvswork &&
sleep 1 && touch merge &&
GIT_CONFIG="$git_config" cvs -Q update &&
diff -q merge ../merge
Counting objects: 5, done.
Compressing objects: 100% (3/3), done.
Writing objects: 100% (3/3), 303 bytes, done.
Total 3 (delta 1), reused 0 (delta 0)
Unpacking objects: 100% (3/3), done.
To gitcvs.git
1f0f9c8..e6c5fc1 master -> master
cvs update: Updating .
cvs update: New directory `master'
* ok 32: cvs update (merge no-op)

* expecting success:
touch really-empty &&
echo Line 1 > no-lf &&
echo -n Line 2 >> no-lf &&
git add really-empty no-lf &&
git commit -q -m "Update -p test" &&
git push gitcvs.git >/dev/null &&
cd cvswork &&
GIT_CONFIG="$git_config" cvs update &&
rm -f failures &&
for i in merge no-lf empty really-empty; do
GIT_CONFIG="$git_config" cvs update -p "$i" >$i.out
diff $i.out ../$i >>failures 2>&1
done &&
test -z "$(cat failures)"

Counting objects: 4, done.
Compressing objects: 100% (2/2), done.
Writing objects: 100% (3/3), 305 bytes, done.
Total 3 (delta 1), reused 0 (delta 0)
Unpacking objects: 100% (3/3), done.
To gitcvs.git
e6c5fc1..4d0f85b master -> master
cvs update: Updating .
cvs update: New directory `master'
cvs update: Updating .
cvs update: New directory `master'
cvs update: Updating .
cvs update: New directory `master'
cvs update: Updating .
cvs update: New directory `master'
cvs update: Updating .
cvs update: New directory `master'
* FAIL 33: cvs update (-p)

touch really-empty &&
echo Line 1 > no-lf &&
echo -n Line 2 >> no-lf &&
git add really-empty no-lf &&
git commit -q -m "Update -p test" &&
git push gitcvs.git >/dev/null &&
cd cvswork &&
GIT_CONFIG="$git_config" cvs update &&
rm -f failures &&
for i in merge no-lf empty really-empty; do
GIT_CONFIG="$git_config" cvs update -p "$i" >$i.out
diff $i.out ../$i >>failures 2>&1
done &&
test -z "$(cat failures)"

* expecting success:
mkdir status.dir &&
echo Line > status.dir/status.file &&
echo Line > status.file &&
git add status.dir status.file &&
git commit -q -m "Status test" &&
git push gitcvs.git >/dev/null &&
cd cvswork &&
GIT_CONFIG="$git_config" cvs update &&
GIT_CONFIG="$git_config" cvs status | grep "^File: status.file" >../out &&
test $(wc -l ../out) = 2 Counting objects: 5, done. Compressing objects: 100% (2/2), done. Writing objects: 100% (4/4), 366 bytes, done. Total 4 (delta 1), reused 0 (delta 0) Unpacking objects: 100% (4/4), done. To gitcvs.git 4d0f85b..a146cf3 master -> master
cvs update: Updating .
cvs update: New directory `master'
Invalid module '' at /home/eddy/usr/src/tools/git-backports/1.5.6.3-1~bpo40+3~local/git-core-1.5.6.3/t/../git-cvsserver line 2895, line 18.
cvs [status aborted]: end of file from server (consult above messages if any)
* FAIL 34: cvs status

mkdir status.dir &&
echo Line > status.dir/status.file &&
echo Line > status.file &&
git add status.dir status.file &&
git commit -q -m "Status test" &&
git push gitcvs.git >/dev/null &&
cd cvswork &&
GIT_CONFIG="$git_config" cvs update &&
GIT_CONFIG="$git_config" cvs status | grep "^File: status.file" >../out &&
test $(wc -l ../out) = 2 * expecting success: cd cvswork && GIT_CONFIG="$git_config" cvs status -l | grep "^File: status.file" >../out &&
test $(wc -l ../out) = 1 Invalid module '' at /home/eddy/usr/src/tools/git-backports/1.5.6.3-1~bpo40+3~local/git-core-1.5.6.3/t/../git-cvsserver line 2895, line 19.
cvs [status aborted]: end of file from server (consult above messages if any)
* FAIL 35: cvs status (nonrecursive)

cd cvswork &&
GIT_CONFIG="$git_config" cvs status -l | grep "^File: status.file" >../out &&
test $(wc -l ../out) = 1 * expecting success: cd cvswork && GIT_CONFIG="$git_config" cvs status | grep ^File: >../out &&
! grep / ../out Invalid module '' at /home/eddy/usr/src/tools/git-backports/1.5.6.3-1~bpo40+3~local/git-core-1.5.6.3/t/../git-cvsserver line 2895, line 18.
cvs [status aborted]: end of file from server (consult above messages if any)
* FAIL 36: cvs status (no subdirs in header)

cd cvswork &&
GIT_CONFIG="$git_config" cvs status | grep ^File: >../out &&
! grep / ../out * fixed 1 known breakage(s) * failed 11 among 36 test(s) make[2]: *** [t9400-git-cvsserver-server.sh] Error 1 make[2]: Leaving directory `/home/eddy/usr/src/tools/git-backports/1.5.6.3-1~bpo40+3~local/git-core-1.5.6.3/t' make[1]: *** [test] Error 2 make[1]: Leaving directory `/home/eddy/usr/src/tools/git-backports/1.5.6.3-1~bpo40+3~local/git-core-1.5.6.3' make: *** [build-arch-stamp] Error 2

[*] depends on how you look at it

Wouter Verhelst: Locales

Tue, 05 Aug 2008 14:44:00 +0000

Sami, it's really not that bad.

There are, as you say, many variables to modify the behaviour of several programs. What you seem to have missed, though, is that there are really only four types of variables:

LANGUAGE: This is a GNU-specific extension which allows you to set fallbacks on different languages than "C" (which is locale-speak for "disable translation completely"). It somewhat overrides LC_ALL, but then at the same time it doesn't. Pretty strange thing, this variable. See "info gettext" and search for LANGUAGE if you want the ugly details.
LC_ALL: This variable exists to (temporarily) override any locale-related variable; for instance, when you want to file a bugreport in grep and you want to make sure you don't get any output that might be unintelligible for the developer, you could run LC_ALL=C grep --broken-parameter to temporarily disable locales. Using LC_ALL completely and utterly overrides anything else, so you probably don't want to set it in the general case.
LC_NUMERIC, LC_PAPER, LC_MESSAGES,...: These variable are meant to be used to divert from the defaults. For instance, as in your case, a user may want to have messages in en_US but have dates and papersizes etc be as is common in fi_FI. In that case, you'd set the default to fi_FI but set LC_MESSAGES (which specifies the language in which messages are set) to en_US. Or you might be a Dutch-speaking Belgian guy living in the US. You'd set the default to nl_BE.utf-8; but since A4 paper isn't easy to come by where you live, you'd set LC_PAPER to en_US.
LANG: This variable is used for "the default". If you haven't specified LC_ALL, nor the other relevant LC_* variable, then the value of LANG is used for whatever you're trying to do.

So what you really want to do is to set LANG to be fi_FI.utf-8, but have LC_MESSAGES be either en_US or, perhaps, C. This should give you english messages, but finnish conventions for date and number formats.

Do note, though, that this is only the theory. It may be the case that some software is broken and doesn't look at the correct LC_* variable. If that happens to be true for some software you've seen, just file a bug...

Biella Coleman: Nice Website

Tue, 05 Aug 2008 14:39:41 +0000

For the most part, university websites are not the most flattering in the world, nor are academic conference websites. But this one Copyright's Counterparts is quite nice (and the theme also interesting). Makes me wonder, actually, about how copyrightable the design of a website is. Does anyone know? update: Not ...