Feed aggregator

Matt Farina: Find Security Holes With A Threat Analysis

Planet Drupal - Mon, 06/10/2014 - 16:00

It seems that every week we hear about a new high profile hacking. For example, it just came out that numerous financial institutions, in addition to JPMorgan Chase, were hacked. We live in an incredibly accessible world where those on the other side of the globe can easily knock on our digital front doors or even try to pick the locks. So, how can we try to figure out where the weak points are in our security? How can we find the tasks to work on to beef up security? One option is to perform a threat analysis.

A threat analysis for computing systems is...

Systematic detection, identification, and evaluation of areas or spots of vulnerability of a facility, operation, or system.

Let's look at some ways we can dip out toes into a threat analysis. This is not all inclusive and you'll need to go well beyond these ideas but they are a place to get started.

You'll notice I suggest documenting many of the aspects discussed. Documenting them helps to communicate the system and details to others who can offer insight and it helps to visualize what's happening.

Diagram Your System Architecture

Above is a simple example of a CMS based website, such as a common Drupal site. In the diagram diagram document all the components, even elements that browsers download from 3rd parties or components that aren't user facing.

Once you have the diagram look at all the interconnects between the different parts. For example, you may serve your pages over https but the connection between the web server and the MySQL isn't over an encrypted connection. That could offer a route to peek in on data.

Also, look at who can access what ports on what servers. If Memcached is accessible to anyone who knows the IP of the server the data in it can be retrieved by anyone. In this picture private networks, cloud security groups, or some other protection should be in place to protect anyone from ever accessing Memcached or MySQL.

Looking at the system can help you identify places to secure communications. It's an easy place to start identifying tasks.

Data Storage

Many sites store information about customers. This ranges from mundane settings through personally identifiable information (PII). Imagine an e-commerce site where someone gets into the database or can even just monitor the traffic between the web server and the database. They'll know customer names, email address, home address, and more.

Type Where Encrypted? Products MySQL No Name MySQL No Address MySQL No ... ... ...

An easy way to get a view of the data you're storing is with an old fashioned table. List out everything from the content that's displayed to the private details (even those sent to web services like a credit card processor).

Once you have this information you can combine it with the accessibility of the system and start to get an idea how open data is for hackers. It's also an easy place to start finding tasks to make the data more secure. For example, can information like addresses be encrypted?

Security Update Plan

Software is insecure. The more complicated the software the more likely there are holes in it. The software powering the Internet has regular security updates to fix the problems as they are found. By regular I don't expect a week to go by without needing to update one thing or another.

How do you update software? Is it automated? Is it often? How often? For example, it's great to install updates to a CMS but what about the web server, the database, the operating system they are on, and everything else in the system?

Document how you handle updates and then look for ways to improve on and automate the updates.

Reviewing Logs

Hacking attempts happen. Some people will even scan the entire Internet to see what's open. It's not all the hard to scan the entire Internet and you can do it at a slow pace in under a day.

Part of handling threats isn't just handling them but identifying bad situations quickly and reacting. That's where good logging practices can come in. Look at the log review practices and automate as much as possible.

Make sure to log everything (minus information such as passwords) and review those logs. If an IP address keeps trying to access your systems but fails to authenticate you should know about it. If systems are accessed when you don't expect them to be or from locations you don't expect, you should know about it.

Just the beginning...

These few things are just the beginning but a good place to start. Initially, this can raise a number of places to improve the system while getting some of the security thinking more in place.

Continue Reading »

Categories: Elsewhere

Lullabot: DrupalCon Amsterdam

Planet Drupal - Mon, 06/10/2014 - 13:31

In this week's episode Addison Berry and Amber Himes Matz sit down together in a quiet room at DrupalCon Amsterdam to give a quick recap on their week at the largest European DrupalCon. We chat about other events outside of the DrupalCon sessions themselves, some cool sessions, and a bit about the new Drupal 8 beta.

Categories: Elsewhere

Blue Drop Shop: Contributing IRL

Planet Drupal - Mon, 06/10/2014 - 13:29

Let’s face facts: I am not a coder. With a lot of caffeine, much googling and more time than is reasonable, I *can* code my way out of a paper bag, but that’s about it.

So it is highly unlikely you will ever see my username tied to a module or on a list of contributors. Sure, I created the occasional new issue on a module’s issue queue or provided feedback for a patch I needed, which in itself is a form of contributing. But messing around with core? Funny. Me writing a patch? Nope. Sprinting? I only run when being chased.

According to d.o then, I am not a contributor. 

The outward problem with this is that the language around contributing back to Drupal is code-centric. The current system places emphasis on how many commits you have and how many projects you maintain. But there is hope for those of you who, like me, won't be contributing back code anytime soon. 

I am a co-organizer for the Fox Valley Drupal Meetup Group in the western suburbs of Chicago. We held our first camp in 2013 and I was part of the team that helped pull it off, and we recently wrapped our 2014 camp.

When the idea of the inaugural MidCamp was getting kicked around, I offered up my logistics help for that as well. And I'm on deck as the logistics lead 2015.

Through my non-Drupal day job, I have extensive print experience and do a fair amount of video production work tied to the annual conference we host. So I was all over session records for all three camps, and I'm working on a rebooted session recording kit that the Drupal Association is very interested in learning more about. 

My print skills have been tapped by the core mentor team, mostly because I was hanging around a bunch of them at Drupalcon Austin and they needed materials printed for the mentored sprints at Drupalcon Amsterdam. 

Hell, I even got roped into catering the extended sprints at Austin mainly because I am passionate about food, especially when it comes from something with four wheels and an engine.

My point: there are many opportunities to give back to the community and the project as a whole in real life. It took me a while before I realized that yes, I am a contributor. Just not in a way that is currently measured. But that's not why I do it. I am forever indebted to all the heavy code lifters that I depend on for my work. It just feels good to be able to give back.

So while it’s highly unlikely you’ll ever see any kind of percentage powered by kthull on a Drupal site, I’ll continue to lend my time and talents where I can. You should too.

Tags:
Categories: Elsewhere

Nuez Web Blog: Top 5 talks at the DrupalCon Amsterdam

Planet Drupal - Mon, 06/10/2014 - 12:30
Last week I attended another very enlightening DrupalCon - this time in Amsterdam - with a wide variety of talks about Drupal ranging from hardcore computer science to business strategies and design. Also with a wide range of levels, which, to be honest, didn’t always match the difficulty mentioned on the official programme. So which ones were the best speeches for an all-round Drupal professional like me? 

Photo taken at the Druplicon with Drupal professional Marcel Ritsema and the team of Dutch Drupal shop Merge.

So what is an all-round Drupal professional like me? That's someone who mainly uses Drupal as a tool to build websites and web apps, knows how to build a module and a theme (sometimes shares them with the community), but does not necessarily understand all the nuts and bolts of core, especially of the Drupal 8 core.

This blog post is about the 5 most valuable talks I’ve...Read more

Categories: Elsewhere

ERPAL: Two important Drupal facts resulting from Drupalcon Amsterdam 2014

Planet Drupal - Mon, 06/10/2014 - 10:05
Two important Drupal facts resulting from Drupalcon Amsterdam 2014

This year was our first as a silver sponsor with an ERPAL booth at a Drupalcon. As we had lots of BOFs and interesting talks with other Drupal developers and sponsors from various companies, I’d like to share my thoughts and conclusions in this blog post. It became obvious that the community agrees about two very important facts:

Fact 1: Drupal is not a CMS

You might exclaim, "But this is written everywhere!" – and you would be entirely right. When companies are looking for a CMS, what do they want? Mostly a ready-to-use system to manage their content. In general, they expect to start adding their content quickly and easily. Responsiveness is required straightaway and no content site works without media management. However, when we install Drupal, we don’t get a CMS that works for end users right out of the box: we get a clean and slim Drupal installation that takes quite a bit of modification before it’ll work for a content site, but it’s much more powerful! Nonetheless, it can also be a little disappointing. With all the contrib modules available, you can build almost any web application you want, but to create a full-featured content site, you need to be an experienced Drupal site builder. You need to know how entities/nodes work, how rules and panels do their job, why and how to use features for deployment and why you won’t find a ready-to-use "image gallery" module – instead, you have to build it yourself. This can be problem when, after installation, Drupal doesn’t live up to these unwarranted expectations. If you need an easy-to-use CMS that works immediately after installation, WordPress may be a better choice, as it does what people expect. Install and use for your content management, done!

Drupal can do content management as well, but it needs to be built manually. In all our conversations we prefer to call Drupal an “application framework”. And many of the people I talked to at Drupalcon seemed to agree with that.

So you can use Drupal to build a full-featured CMS if you’re an experienced site builder and know all the modules and how they interact with each other. Or you can use a ready-built Drupal installation specialized for content management (if there is one). These vertical use cases are called “distributions” and there are already lots of them out there at Drupal.org. A Drupal distribution is a collection of preconfigured modules that provide features for a specific purpose, say, content management. Drupal is a framework, as Linux Magazine wrote in a previous blogpost: Drupal provides the horizontal "infrastructure modules" like fields and entities for building a data model, views for data queries and lists, rules for business logic, feeds and webservice clients for interaction with external systems and their APIs, panels and display suite as well as other formatters for layouting and display control. Everything we need to build powerful web applications is available as a module.

Since many Drupalistas see Drupal in the same way, I want to plead with everybody to allow Drupal to meet the expectations of its users. Let’s show the world the power of Drupal to build web applications, and show it with vertical distributions and use cases that are different from your typical CMS. Give end users a functional and full-featured distribution for content management but don't hide Drupal for other purposes like collaboration platforms, e-commerce systems, CRM systems, business applications, or planning tools. I guess the list is almost endless and content management is just one item: Drupal can be used to build all of them, nearly without coding, but out-of-the-box it is not.

Fact 2: Integration really matters

Another important fact I realized at Drupalcon is that many people are looking for examples of integration use cases. Drupal integrates with other systems very well – we’re often asked to integrate it with the “big players” in the software industry. And even better: it can extend the functionality of other system's data to integrate it with new workflows. Sharepoint and SAP integration requests show that Drupal has matured and that it’s now being viewed as an enterprise application framework. It only lacks public success stories that showcase these integrations. When I presented the Drupal cross-enterprise integration on an example of Sharepoint at the Drupalcamp in Frankfurt, I was asked "Why should one even do this?" The question is legitimate, of course. Why indeed should a Drupal developer use Drupal and Sharepoint together? The answer is to be found in the enterprise. Whenever you use Drupal in the enterprise for an intranet, a workflow management system, a CMS or a collaboration platform, the first thing you’re asked is: “Can we integrate with LDAP to avoid duplicate user accounts and permission duplication? Can we have a single sign-on? Can we see documents stored in Sharepoint in our Drupal instance? What about integrating SAP applications and can we reuse data from Drupal in Sharepoint or SAP?” The answer is: yes, yes and yes we can! But only a few will actually believe that, since they won’t find (m)any use cases in Google or Drupal.org.

So what we should foster in the Drupal community is the publication of stories of successful integration scenarios with other enterprise systems. Of course, these use cases won’t be as shiny as beautifully designed content sites, but they will help Drupal grow. Compared with other web applications systems Drupal is one of the most flexible: nobody argues this. It’s flexible and open to "talk" to other systems. In many of my conversations at Drupalcon it became clear that there are many niche use cases in the enterprise that would be expensive to build with other commercial systems, since code changes are always time-consuming and risky. From our daily work with Drupal we know that they’re much easier to build with Drupal, mostly by configuration. But almost none of the decision makers know this, which leads us back to "Fact 1 - Drupal is not a CMS". So whenever you build applications with Drupal that are integrated with other enterprise systems like SAP or Sharepoint, PLEASE publish and promote them! This will help Drupal grow in the enterprise, where we all want to see it settled in the future.

Conclusion: Let’s do it together

So if you agree and want to see Drupal as a world-leading application framework someday, share this information and help us with the next steps. If you’re interested in further discussion, use the comment function. If there are enough people interested in this movement, let’s put our heads together and plan how we can better meet the requirements of Drupal users. Perhaps you even have some use cases that represent Drupal as mentioned in Fact 1 and Fact 2? Don't hesitate to go public with them. If you DON'T agree with this opinion and we didn’t meet at Drupalcon, you’re most welcome to share your thoughts here as well.

Categories: Elsewhere

Freelock : Ask Freelock: Upgrade D6 to Drupal 7, or wait for 8?

Planet Drupal - Mon, 06/10/2014 - 07:11

Apparently there's some FUD (Fear, Uncertainty and Doubt) being sown by a few Drupal shops who are spreading downright wrong information about Drupal 8, trying to encourage people to upgrade to 7 now. One of our clients called in a panic unsure whether she needed to act, after getting approached by Drupal Geeks pitching this misleading content, which they've now posted in a highly inaccurate blog page, here:

6 Reasons to Upgrade to Drupal 7 Right Now

DrupalDrupal PlanetDrupal 8FUD
Categories: Elsewhere

Robert Douglass: The DrupalCon Amsterdam Prenote : Drupal Memories

Planet Drupal - Sun, 05/10/2014 - 23:28

Rob, Jam, and guests tell the history of DrupalCon, from Antwerp to Amsterdam, from the point of view of those whose lives were changed by them. This video includes "Oh, and one time, at Drupal Camp", "The Drupal 8 Bug Elimination Challenge", a guest appearance by Captain Drupal, a performance of "The Drupal Song", a re-enactment of the genesis of Acquia, a "Never Marry Me" proposal, and a stunning performance of "Memories" by Bryn and Campbell Vertesi.

It also concludes with the inaugural instance of "Selfieception", the culmination of the underlying metaphor behind this show. Inspired by Daniel Kahneman's TED Talk about "the future as anticipated memories", Rob and Jam set about to create a show that ties our collective experience to "the experiencing self that lives in the present, the remembering self that maintains the story of your life", and to use "storytelling as a function of what we remember from our experiences".

As we tell the stories of our DrupalCons, and how they defined us (remembering self), we engage in a dialog with the audience, who has to pay close attention to capture every moment (experiencing self), as indeed we'll have to do through the coming days of sessions, meetings, chance encounters, and business opportunities. But in a tip-of-the-hat to our remembering selves, we decide to take selfies to remember the moment by. However, to frame the shot in an optimal way, we must all turn our backs on each other, and thus the conflict between experiencing self and remembering self is embodied: the remembering self demands that the experiencing self sacrifices the performer-audience dialog, and turns the back to the present in anticipation of a future memory.

Thanks to the Drupal Association for supporting our ongoing tradition of the DrupalCon Prenote, thanks to the 1,500 people who got out of bed to be at our show at 8:00 in the morning, and thanks to everyone who stood up to tell their story.

Tags: Drupal PlanetDrupalDrupalConSelfieception
Categories: Elsewhere

Stefano Zacchiroli: je code

Planet Debian - Sun, 05/10/2014 - 16:48
je.code(); — promoting programming (in French)

jecode.org is a nice initiative by, among others, my fellow Debian developer and university professor Martin Quinson. The goal of jecode.org is to raise awareness about the importance of learning the basics of programming, for everyone in modern societies. jecode.org targets specifically francophone children (hence the name, for "I code").

I've been happy to contribute to the initiative with my thoughts on why learning to program is so important today, joining the happy bunch of "codeurs" on the web site. If you read French, you can find them reposted below. If you also write French, you might want to contribute your thoughts on the matter. How? By forking the project of course!

Pourquoi codes-tu ?

Tout d'abord, je code parce que c'est une activité passionnante, drôle, et qui permet de prouver le plaisir de créer.

Deuxièmement, je code pour automatiser les taches répétitives qui peuvent rendre pénibles nos vies numériques. Un ordinateur est conçu exactement pour cela: libérer les êtres humains des taches stupides, pour leur permettre de se concentrer sur les taches qui ont besoin de l'intelligence humaine pour être résolues.

Mais je code aussi pour le pur plaisir du hacking, i.e., trouver des utilisations originelles et inattendues pour des logiciels existants.

Comment as-tu appris ?

Complètement au hasard, quand j'étais gamin. À 7 ou 8 ans, je suis tombé dans la bibliothèque municipale de mon petit village, sur un livre qui enseignait à programmer en BASIC à travers la métaphore du jeu de l'oie. À partir de ce jour j'ai utilisé le Commodore 64 de mon père beaucoup plus pour programmer que pour les jeux vidéo: coder est tellement plus drôle!

Plus tard, au lycée, j'ai pu apprécier la programmation structurée et les avantages énormes qu'elle apporte par rapport aux GO TO du BASIC et je suis devenu un accro du Pascal. Le reste est venu avec l'université et la découverte du Logiciel Libre: la caverne d'Ali Baba du codeur curieux.

Quel est ton langage préféré ?

J'ai plusieurs langages préférés.

J'aime Python pour son minimalisme syntactique, sa communauté vaste et bien organisée, et pour l'abondance des outils et ressources dont il dispose. J'utilise Python pour le développement d'infrastructures (souvent équipées d'interfaces Web) de taille moyenne/grande, surtout si j'ai envie des créer une communauté de contributeurs autour du logiciel.

J'aime OCaml pour son système de types et sa capacité de capturer les bonnes propriétés des applications complexes. Cela permet au compilateur d'aider énormément les développeur à éviter des erreurs de codage comme de conception.

J'utilise aussi beaucoup Perl et le shell script (principalement Bash) pour l'automatisation des taches: la capacité de ces langages de connecter d'autres applications est encore inégalée.

Pourquoi chacun devrait-il apprendre à programmer ou être initié ?

On est de plus en plus dépendants des logiciels. Quand on utilise une lave-vaisselle, on conduit une voiture, on est soigné dans un hôpital, quand on communique sur un réseau social, ou on surfe le Web, nos activités sont constamment exécutées par des logiciels. Celui qui contrôle ces logiciels contrôle nos vies.

Comme citoyens d'un monde qui est de plus en plus numérique, pour ne pas devenir des esclaves 2.0, nous devons prétendre le contrôle sur le logiciel qui nous entoure. Pour y parvenir, le Logiciel Libre---qui nous permet d'utiliser, étudier, modifier, reproduire le logiciel sans restrictions---est un ingrédient indispensable. Aussi bien qu'une vaste diffusion des compétences en programmation: chaque bit de connaissance dans ce domaine nous rende tous plus libres.

Categories: Elsewhere

Frederic Marand: Drupal 8 tip of the day : check menu links consistency

Planet Drupal - Sun, 05/10/2014 - 14:16

One of the interesting aspects of the revamped menu/links system in Drupal 8 is the fact that menu links are now in easily parseable YAML files, the "(module).links.menu.yml" in each module, in which each menu link can be bound to its parent link, hopefully producing a tree-like structure.

read more

Categories: Elsewhere

Triquanta Web Solutions: DrupalCon Amsterdam, 2014

Planet Drupal - Sun, 05/10/2014 - 11:43

Come to think of it, I almost decided not to go to the RAI in the morning! All the official sessions are over since thursday and yesterday there was only ‘codesprinting’ left. This is where you can help contributing to the Drupal community in an informal setting with other Drupal users.

Since I’d never taken part before I was wondering what I could possibly add, next to the most imposing names always circulating on drupal.org, that were also present at DrupalCon. But when I heard all my colleagues were going also (except for our hardworking guards left at the office) I couldn’t let them down of course and stay behind. 

De last few days were (visually) exhausting and it cost me great effort to step out of bed and pack myself together to get started.

In the RAI they were buzzing already! When I tried spotting someone I’d know, I was helped by the so-called ‘Mentors’ (which Marc and Bart were also part of!) and they were trying to give me helping hand.

The new Drupal 8-beta release was freshly installed and intact, waiting for me on my laptop, to be tackled. And since I had nothing else to do I thought: ‘let me try some exercises to find out how it works’.

The first thing that immediately struck me was that I sometimes could and sometimes could not navigate to the homepage. I found that noteworthy and it also felt inconsistent. Each time I was intuitively hovering in the upper left corner of my screen trying to find a home link.

Well let me see what was causing the problem? I found out that when you opened a new tab and surfed directly to an admin page the home link didn’t show up.

Strange! Would this already have been discussed? I could hardly imagine I would be the first one to complain. Quick: let’s see if the ‘issue cue’ could clarify. No! It wasn’t mentioned before!

And so, after only five minutes of work, I found a job that kept me busy all day. Marc explained to me how I should handle this and introduced me to the right people. First I had to create an issue, I had to define the problem, and suggest a solution. It wasn’t real rocket science by the way: it only cost me three lines of code, but to get them reviewed and accepted by the right maintainers was a whole other story… well let me spare you, I won’t go into detail. The good news is: at the end of the day I stood there, shining happily ever after, next to my colleague Daniël, and suddenly we were just ‘Core Contributors’! Everyone was applauding, we were filmed and a live commit of the patches we created was done by ‘Webchick’.

Also Patrick, my other colleague had discovered a bug en managed to get this reviewed, fixed and committed the same day.

So only one day of codesprinting on DrupalCon had passed, but Triquanta gained three new Core contributors: Well done!

And I haven’t yet mentioned the important work that has been done by Jur (on Facet API) and my colleague Elibert who discovered a bug in CKEditor.

As I said before: this DrupalCon was the best ever. For example, I enjoyed so much the visit to photomuseum FOAM where Drupalists could get in for free on Wednesday night, during the ‘cultural evening’ which I also helped organizing. And the musical event subsequently in café the Prael, where Peter en Jur gave a great concert was every bit as successful. Thursday night I was invited by the Drupal association to have dinner with the other volunteers and afterwards I took part in a very funny group to answer the most hilarious questions at the big Trivia night in café Panama.

Next year DrupalCon will be held in Barcelona. Whilst everyone wants to go there, this might turn into a huge battle! At least I know where to focus: I will, if necessary use my newly acquired status as a Drupal contributor to win this game!

Categories: Elsewhere

Thomas Goirand: OpenStack packaging activity: September 2014

Planet Debian - Sun, 05/10/2014 - 10:41

I decided I’d post this monthly. It may be a bit boring, sorry, but I think it’s a nice thing to have this public. The log starts on the 6th, because on the 4th I was back from Debconf (after a day in San Francisco, plus 20 hours of traveling and 15 hours of time gap).

 

Saturday 6th & Sunday 7th:
– packaged libjs-twitter-bootstrap-wizard (in new queue)
– Uploaded python-pint after reviewing the debian/copyright
– Worked on updating python-eventlet in Experimental, and adding Python3 support. It seems Python3 support isn’t ready yet, so I will probably remove that feature from the package update.
– Tried to apply the Django 1.7 patches for python-django-bootstrap-form. They didn’t work, but Raphael came back on Monday morning with new versions
of the patches, which should be good this time.
– Helped the DSA (Debian System Administrators) with the Debian OpenStack cloud. It’s looking good and working now (note: I helped them during Debconf 14).
– Started a page about adding more tasksel tasks: https://wiki.debian.org/tasksel/MoreTasks. It’s looking like Joey Hess is adding new tasks by default in Tasksel, with “OpenStack compute node” and “OpenStack proxy node”. It will be nice to have them in the default Debian installer! :)
– Packaged and uploaded python-dib-utils, now in NEW queue.

Monday 8th:
– Uploaded fixed python-django-bootstrap-form with patch for Django 1.7.
– Packaged and uploaded python-pysaml2.
– Finilized and uploaded python-jingo which is needed for python-django-compressor unit tests
– Finalized and uploaded python-coffin which is needed for python-django-compressor unit tests
– Worked on running the unit tests for python-django-compressor, as I needed to know if it could work with Django 1.7. It was hard to find the correct way to run the unit tests, but finally, they all passed. I will add the unit tests once coffin and jingo will be accepted in Sid.
– Applied patches in the Debian BTS for python-django-openstack-auth and Django 1.7. Uploaded the fixed package.
– Fixed python-django-pyscss compat with Django 1.7, uploaded the result.
– Updated keystone to Juno b3.
– Built Wheezy backports of some JS libs needed for Horizon in Juno, which I already uploaded to Sid last summer:
o libjs-twitter-bootstrap-datepicker
o libjs-jquery.quicksearch
o libjs-spin.js
– Upstreamed the Django 1.7 patch for python-django-openstack-auth:

https://review.openstack.org/119972

Tuesday 9:
– Updated and uploaded Swift 2.1.0. Added swift-object-expirer package to it, together with init script.

Wednesday 10:
Basically, cleaned the Debian BTS of almost all issues today… :P
– Added it.po update to nova (Closes: #758305).
– Backported libvirt 1.2.7 to Wheezy, to be able to close this bug: https://bugs.debian.org/757548 (eg: changed dependency from libvirt-bin to libvirt-daemon-system)
– Uploaded the fixed nova package using libvirt-daemon-system
– Upgraded python-trollius to 1.0.1
– Fixed tuskar-ui to work with Django 1.7. Disabled pep8 tests during build. Added build-conflicts: python-unittest2.
– Fixed python-django-compressor for Django 1.7, and now running unit tests with it, after python-coffin and python-jingo got approved in Sid by FTP masters.
– Fixed python-xstatic wrong upstream URLs.
– Added it.po debconf translation to Designate.
– Added de.po debconf translation to Tuskar.
– Fixed copyright holders in python-xstatic-rickshaw
– Added python-passlib as dependency for python-cinder.

Remaining 3 issues in the BTS: ceilometer FTBFS, Horizon unit test with Django 1.7, Designate fail to install. All of the 3 are harder to fix, and I may try to do so later this week.

Thursday 11:
– Fixed python-xstatic-angular and python-xstatic-angular-mock to deal with the new libjs-angularjs version (closes 2 Debian RC bugs: uninstallable).
– Fixed ceilometer FTBFS (Closes rc bug)

Friday 12:
– Fixed wrong copyright file for libjs-twitter-bootstrap-wizard after the FTP masters told me, and reuploaded to Sid.
– Reuploaded wrong upload of ceilometer (wrong hash for orig.tar.xz)
– Packaged and uploaded python-xstatic-bootstrap-scss
– Packaged and uploaded python-xstatic-font-awesome
– Packaged and uploaded ntpstat

Monday 15:
– packaged and uploaded python-xstatic-jquery.bootstrap.wizard
– Fixed python-xstatic-angular-cookies to use new libjs-angularjs version (fixed version dependencies)
– Fixed Ceilometer FTBFS (Closes: #759967)
– Backported all python-xtatic packages to Wheezy, including all dependencies. This includes backporting of a bunch of packages from nodejs which were needed as build-dependencies (around 70 packages…). Filed about 5 or 6 release critical bugs as some nodejs packages were not buildable as-is.
– Fixed some too restrictive python-xstatic-angular* dependencies on the libjs-angularjs (the libjs-angularjs increased version).

Tuesday 16:
– Uploaded updates to Experimental:
o python-eventlet 0.15.2 (this one took a long time as it needed maintenance)
o oslo-config
o python-oslo.i18n
– Uploaded to Sid:
o python-diskimage-builder 0.1.30-1
o python-django-pyscss 1.0.2-1
– Fixed horizon libapache-mode-wsgi to be a dependency of openstack-dashboard-apache and not just openstack-dashboard (in both Icehouse & Juno).
– Removed the last failing Django 1.7 unit test from Horizon. It doesn’t seem relevant anyway.
– Backported python-netaddr 0.7.12 to Wheezy (needed by oslo-config).
– Started working on oslo.rootwrap, though it failed to build in Wheezy with a unit test failure.

Wednesday 17:
– To experimental:
o Uploaded oslo.rootwrap 1.3.0.0~a1. It needed a build-depends on iproute2 because of a new test.
o Uploaded python-oslo.utils 0.3.0
o Uploaded python-oslo.vmware 0.6.0, fixed sphinx-build conf.py and filed a bug about it: https://bugs.launchpad.net/oslo.vmware/+bug/1370370 plus emailed the commiter of the issue (which appeared 2 weeks ago).
o Uploaded python-pycadf 0.6.0
o Uploaded python-pyghmi 0.6.17
o Uploaded python-oslotest 1.1.0.0~a2, including patch for Wheezy, which I also submited upstream: https://review.openstack.org/122171/
o Uploaded glanceclient 0.14.0, added a patch to not use the embedded version of urllib3 in requests: https://review.openstack.org/122184
– To Sid:
o Uploaded python-zake_0.1.6-1

Thesday 18:
– Backported zeromq3-4.0.4+dfs, pyzmq-14.3.1, pyasn1-0.1.7, python-pyasn1-modules-0.0.5
– Uploaded keystoneclient 0.10.1, fixed the saml2 unit tests which were broken using testtools >= 0.9.39. Filed bug, and warned code author: https://bugs.launchpad.net/python-keystoneclient/+bug/1371085
– Uploade swiftclient 2.3.0 to experimental.
– Uploaded ironicclient 0.2.1 to experimental.
– Uploaded saharaclient, filed bug with saharaclient expecting an up and running keystone server: https://bugs.launchpad.net/python-saharaclient/+bug/1371177

Friday 19:
– Uploaded keystone Juno b3, filed but about unit tests downloading with git, while no network access should be performed during package build (forbidden by
Debian policy)
– Uploaded python-oslo.db 1.0.0 which I forgot in the dependency list, and which was needed for Neutron.
– Uploaded nova 2014.2~b3-1 (added a new nova-serialproxy service daemon to the nova-consoleproxy)

Saturday 20:
– Uploaded Neutron Juno b3.
– Uploaded python-retrying 1.2.3 (was missing from depends upload)
– Uploaded Glance Juno b3.
– Uploaded Cinder Juno b3.
– Fixed python-xstatic-angular-mock which had a .pth packaged, as well as the data folder (uploaded debian release -3).
– Fixed missing depends and build-conflicts in python-xstatic-jquery.

Sunday 21:
– Dropped python-pil & python-django-discover-runner from runtime Depends: of python-django-pyscss, as it’s only needed for tests. It also created a conflicts, because python-django-discover-runner depends on python-unittest2 and horizon build-conflicts with it.
– Forward-ported the Django 1.7 patches for Horizon. Opened new patch: https://review.openstack.org/122992 (since the old fix has gone away after a refactor of the unit test).
– Uploaded Horizon Juno b3.
– Applied https://review.openstack.org/#/c/122768/ to the keystone package, so that it doesn’t do “git clone” of the keystoneclient during build.
– Uploaded oslo.messaging 1.4.0.0 (which really is 1.4.0) to experimental
– Uploaded oslo.messaging 1.4.0.0+really+1.3.1-1 to fix the issue in Sid/Jessie after the wrong upload (due to Zul wrong tagging of Keystone in the 2014.1.2 point release).

Monday 22:
– Uploaded ironic 2014.2~b3-1 to experimental
– Uploaded heat 2014.2~b3-1 (with some fixes for sphinx doc build)
– Uploaded ceilometer 2014.2~b3-1 to experimental
– Uploaded openstack-doc-tools 0.19-1 to experimental
– Uploaded openstack-trove 2014.2~b3-1 to experimental

Tuesday 23:
– Uploaded python-neutronclient with fixed version number for cliff and six. This missing requirement for cliff version produced an error in Trove, which I don’t want to happen again.
– Added fix for unit tests in Trove: https://review.openstack.org/#/c/123450/1,publish
– Uploaded oslo.messaging 1.4.1 in Experimental, fixing the version conflicts with the one in Sid/Jessie. Thanks to Doug Hellman for doing the tagging. I will need to upload new versions of the following packages with the >= 1.4.1 depends:
> – ceilometer
> – ironic
> – keystone
> – neutron
> – nova
> – oslo-config
> – oslo.rootwrap
> – oslo.i18n
> – python-pycadf
See http://lists.openstack.org/pipermail/openstack-dev/2014-September/046795.html for more explanation about the mess I’m repairing…
– Uploaded designate Juno b3.

Wednesday 24:
– Uploaded oslosphinx 2.2.0.0
– Uploaded update to django-openstack-auth (new last minute requirement for Horizon).
– Uploaded final oslo-config package version 1.4.0.0 (really is 1.4.0)
– Packaged and uploaded Sahara. This needs some tests by someone else as I don’t even know how it works.

Thuesday 25:
– Uploaded python-keystonemiddleware 1.0.0-3, fixing CVE-2014-7144] TLS cert verification option not honoured in paste configs. https://bugs.debian.org/762748
– Packaged and uploaded python-yaql, sent pull request for fixing print statements into Python3 compatible print function calls: https://github.com/ativelkov/yaql/pull/15
– Packaged and uploaded python-muranoclient.
– Started the packaging of Murano (not finished yet).
– Uploaded python-keystoneclient 0.10.1-2 with the CVE-2014-7144 fix to Sid, with urgency=high. Uploaded 0.11.1-1 to Experimental.
– Uploaded python-keystonemiddleware fix for CVE-2014-7144.
– Uploaded openstack-trove 2014.2~b3-3 with last unit test fix from https://review.openstack.org/#/c/123450/

Friday 26:
– Uploaded a fix for murano-agent, which makes it run as root.
– Finished the packaging of Murano
– Started packaging murano-dashboard, sent this patch to fix the wrong usage of the /usr/bin/coverage command: https://review.openstack.org/124444
– Fixed wrong BASE_DIR in python-xstatic-angular and python-xstatic-angular-mock

Saturday 27:
– uploaded python-xstatic-boostrap-scss which I forgot to upload… :(
– uploaded python-pyscss 1.2.1

Sunday 28:
– After a long investigation, I found out that the issue when installing the openstack-dasboard package was due to a wrong patch I did for Python 3.2 in Wheezy in python-pyscss. Corrected the patch from version 1.2.1-1, and uploaded version 1.2.1-2, the dashboard now installs correctly. \o/
– Did a new version of an Horizon patch at https://review.openstack.org/122992/ to address Django 1.7 compat.

Monday 29:
– Uploaded new version of python-pyscss fixing the last issue with Python 3 (there was a release critical bug on it).
– Uploaded fixup for python-django-openstack-auth fail to build in the Sid version, which was broken since the last upload of keystoneclient (which makes some of its API now as private).
– Uploaded python-glance-store 0.1.8, including Ubuntu patch to fix unit tests.
– Reviewed the packaging of python-strict-rfc3339 (see https://bugs.debian.org761152).
– Uploaded Sheepdog with fix in the init script to start after corosync (Closes: #759216).
– Uploaded pt_BR.po Brazilian Portuguese debconf templates translation for nova Icehouse in Sid (only commited it in Git for Juno).
– Same for Glance.

Tuesday 30:
– Added Python3 support in python-django-appconf, uploaded to Sid
– Upgraded to python-django-pyscss 1.0.3, and fixed broken unit tests with this new release under Django 1.7. Created pull request: https://github.com/fusionbox/django-pyscss/pull/22
– Fixed designate requirements.txt in Sid (Icehouse) to allow SQLA 0.9.x. Uploaded resulting package to Sid.
– Uploaded new Debian fix for python-tooz: kills memcached only if the package scripts started it (plus cleans .testrepository on clean).
– Uploaded initial release of murano
– Uploaded python-retrying with patch from Ubuntu to remove embedded copy of six.py code.
– Uploaded python-oslo.i18n 1.0.0 to experimental (same as before, just bump of version #)
– Uploaded python-oslo.utils 1.0.0 to experimental (same as before, just bump of version #)
– Uploaded Keystone Juno RC1
– Uploaded Glance Juno RC1

Categories: Elsewhere

Steve Kemp: Before I forget, a simple virtual machine

Planet Debian - Sun, 05/10/2014 - 10:34

Before I forget I had meant to write about a toy virtual machine which I'ce been playing with.

It is register-based with ten registers, each of which can hold either a string or int, and there are enough instructions to make it fun to use.

I didn't go overboard and write a complete grammer, or a real compiler, but I did do enough that you can compile and execute obvious programs.

First compile from the source to the bytecodes:

$ ./compiler examples/loop.in

Mmm bytecodes are fun:

$ xxd ./examples/loop.raw 0000000: 3001 1943 6f75 6e74 696e 6720 6672 6f6d 0..Counting from 0000010: 2074 656e 2074 6f20 7a65 726f 3101 0101 ten to zero1... 0000020: 0a00 0102 0100 2201 0102 0201 1226 0030 ......"......&.0 0000030: 0104 446f 6e65 3101 00 ..Done1..

Now the compiled program can be executed:

$ ./simple-vm ./examples/loop.raw [stdout] register R01 = Counting from ten to zero [stdout] register R01 = 9 [Hex:0009] [stdout] register R01 = 8 [Hex:0008] [stdout] register R01 = 7 [Hex:0007] [stdout] register R01 = 6 [Hex:0006] [stdout] register R01 = 5 [Hex:0005] [stdout] register R01 = 4 [Hex:0004] [stdout] register R01 = 3 [Hex:0003] [stdout] register R01 = 2 [Hex:0002] [stdout] register R01 = 1 [Hex:0001] [stdout] register R01 = 0 [Hex:0000] [stdout] register R01 = Done

There could be more operations added, but I'm pleased with the general behaviour, and embedding is trivial. The only two things that make this even remotely interesting are:

  • Most toy virtual machines don't cope with labels and jumps. This does.
    • Even though it was a real pain to go patching up the offsets.
    • Having labels be callable before they're defined is pretty mandatory in practice.
  • Most toy virtual machines don't allow integers and strings to be stored in registers.
    • Now I've done that I'm not 100% sure its a good idea.

Anyway that concludes todays computer-fun.

Categories: Elsewhere

Vasudev Kamath: Note to Self: LVM Shrink Resize HowTo

Planet Debian - Sun, 05/10/2014 - 08:30

Recently I had to reinstall a system at office with Debian Wheezy and I thought I should use this opportunity to experiment with LVM. Yeah I've not used LVM till date, even though I'm using Linux for more than 5 years now. I know many DD friends who use LVM with LUKS encryption and I always wanted to experiment, but since my laptop is only thing I've and its currently perfectly in shape I didn't dare to experiment it there. This reinstall was golden opportunity for me to experiment and learn something new.

I used Wheezy CD ISO downloaded using jigdo for installation. Now I will just go bit off topic and want to share the USB stick preparation. I have to say this because I had not done installation for quite a while now. Last I did was during Squeeze time so like usual I blindly executed following command.

cat debian-wheezy.iso > /dev/sdb

Surprisingly USB stick didn't boot! I was getting Corrupt or missing ISO.bin. So next I tried using dd for preparing.

dd if=debian-wheezy.iso of=/dev/sdb

Surprisingly this also didn't work and I get same error message as above. This is when I went back to debian manual and looked for installation step and there I found new way!

cp debian-wheezy.iso /dev/sdb

Look at destination, its a device and voilà this worked! This is something new I learnt and I'm surprised how easy it is now to prepare USB stick. But I still didn't get why first 2 methods failed!. If you guys know please do share.

Now coming back to LVM. I used default LVM when disk partitioning was asked, and I used guided partitioning method provided by debian-installer and ended up with following layout

$ lvs LV VG Attr LSize Pool Origin Data% Move Log Copy% Convert home system-disk -wi-ao-- 62.34g root system-disk -wi-ao-- 9.31g swap_1 system-disk -wi-ao-- 2.64g

So guided partitioning of debian-installer allocates 10G for root and rest to home and swap. This is not a problem but when I started installing required software, I could see root running out of space quickly so I wanted to resize root and give it 10G more, for this I need to reduce the home by 10G for which I need to first unmount the home partition. Unmounting home from running system isn't possible so I booted into recovery assuming I can unmount home there but I couldn't. lsof didn't show any one using /home after searching a bit I found fuser command and it looks like kernel is using /home which is mounted by it.

$ fuser -vm /home USER PID ACCESS COMMAND /home: root kernel mount /home

So it isn't possible to unmount /home in recovery mode also. Online materials told me to use live-cd for doing this but I didn't have patience to do that so I just went ahead commented /home mounting in /etc/fstab and rebooted!. This time it worked and /home is not mounted on recovery mode. Now comes the hard part resizing home, thanks to TLDP doc on reducing I coud do this with following step

# e2fsck -f /dev/volume-name/home # resize2fs /dev/volume-name/home 52G # lvreduce -L-10G /dev/volume-name/home

And now the next part live extending the root partition again thanks to TLDP doc on extending following command did it.

# lvextend -L+10G /dev/volume-name/root # resize2fs /dev/volumne-name/root

And now important part! Uncomment /home line in /etc/fstab so it will be mounted normally in next boot and reboot! On login I can see my partitions updated.

# lvs LV VG Attr LSize Pool Origin Data% Move Log Copy% Convert home system-disk -wi-ao-- 52.34g root system-disk -wi-ao-- 19.31g swap_1 system-disk -wi-ao-- 2.64g

I've started liking LVM more now! :)

Categories: Elsewhere

Victor Kane: Historic DrupalCon Amsterdam 2014 - Let the Debates Begin - Part I

Planet Drupal - Sat, 04/10/2014 - 23:29

I really think that a debate needs to continue around Keynote: Dries Buytaert for the purpose of understanding the forces at work competing for the future of Drupal and indeed all open source projects. Leaving to one side without comment the really weird Dries doppelganger designed somehow to elevate the image of one of the sponsors, it was indeed saluted by many as being very special. A glance at the tweets feed for the keynote, for example, (or this one) were by and large ecstatic, and many interpreted the talk as exceedingly progressive. "The power of the people"... #digitaldisruption... "This is @Dries most socialist #Driesnote ever." "Applause even in the overflow room..." "Most relevant and interesting #DriesNote in a long time. Well done..." "Exciting. The best Dries keynote ever."

read more

Categories: Elsewhere

Jo Shields: The unstoppable march of mobile technology

Planet Debian - Sat, 04/10/2014 - 18:23

It’s been more than 2 years since my last post about my smartphone. In the time after that post I upgraded my much loved Windows Phone 7 device to Windows Phone 8 (which I got rid of within months, for sucking), briefly used Firefox OS, then eventually used a Nexus 4 for at least a year.

After years of terrible service provision and pricing, I decided I would not stay with my network Orange a moment longer – and in getting a new contract, I would get a new phone too. So on Friday, I signed up to a new £15 per month contract with Three, including 200 minutes, unlimited data, and 25GB of data roaming in the USA and other countries (a saving of £200,000 per month versus Orange). Giffgaff is similarly competitive for data, but not roaming. No other network in the UK is competitive.

For the phone, I had a shortlist of three: Apple iPhone 6, Sony Xperia Z3 Compact, and Samsung Galaxy Alpha. These are all “small” phones by 2014 standards, with a screen about the same size as the Nexus 4. I didn’t consider any Windows Phone devices because they still haven’t shipped a functional music player app on Windows Phone 8. Other more “fringe” OSes weren’t considered, as I insist on trying out a real device in person before purchase, and no other comparable devices are testable on the high street.

iPhone 6

This was the weakest offering, for me. £120 more than the Samsung, and almost £200 more than the Sony, a much lower hardware specification, physically larger, less attractive, and worst of all – mandatory use of iTunes for Windows for music syncing.

Apple iPhone 6, press shot from apple.com, all rights reserved

The only real selling point for me would be for access to iPhone apps. And, I guess, decreased chance of mockery by co-workers.

Galaxy Alpha

Now on to the real choices. I’ve long felt that Samsung’s phones are ugly plasticy tat – the Galaxy S5 is popular, well-marketed, but looks and feels cheap compared to HTC’s unibody aluminium One. They’ve also committed the cardinal sin of gimping the specifications of their “mini” (normal-sized) phones, compared to the “normal” (gargantuan) versions. The newly released S5 Mini is about the same spec as early 2012’s S3, the S4 Mini was mostly an S2 internally, and so on.

However, whilst HTC have continued along these lines, Samsung have finally released a proper phone under 5″, in the Alpha.

Samsung Galaxy Alpha press shot from samsungmobile.com, all rights reserved

The Alpha combines a 4.7″ AMOLED screen, a plastic back, metal edges, 8-core big.LITTLE processor, and 2GB RAM. It is a PRETTY device – the screen really dazzles (as is the nature of OLED). It feels like a mix of design cues from an iPhone and Samsung’s own, keeping the angular feel of iPhone 4->5S rather than the curved edges on the iPhone 6.

The Galaxy Alpha was one of the two devices I seriously considered.

Xperia Z3 Compact

The other Android device I considered was the Compact version of Sony’s new Xperia Z3. Unlike other Android vendors, Sony decided that “mini” shouldn’t mean “low end” when they released the Z1 compact earlier this year. The Z3 follows suit, where the same CPU and storage are found on both the big and little versions.

Sony Xperia Z3 Compact press shot from Sony Xperia Picasa album. CC BY-NC-SA 3.0

The Z3C has a similar construction to the Nexus 4, with glass front and back, and plastic rim. The specification is similar to the Galaxy Alpha (with a quadcore 2.5GHz Qualcomm processor about 15% faster than the big.LITTLE Exynos in the Galaxy Alpha). It differs in a few places – LCD rather than AMOLED (bad); a non-removable (bad) 2600 mAh battery (good) compared to the removable 1860 mAh in the Samsung; waterproofing (good); A less hateful Android shell (Xperia on Android vs Samsung Touchwiz).

For those considering a Nexus-4-replacement class device (yes, rjek, that means you), both the Samsung and the Sony are worth a look. They both have good points and bad points. In the end, both need to be tested to form a proper opinion. But for me, the chunky battery and tasteful green were enough to swing it for the Sony. So let’s see where I stand in a few months’ time. Every phone I’ve owned, I’ve ended up hating it for one reason or another. My usual measure for whether a phone is good or not is how long it takes me to hit the “I can’t use this” limit. The Nokia N900 took me about 30 minutes, the Lumia 800 lasted months. How will the Z3 Compact do? Time will tell.

Categories: Elsewhere

Petter Reinholdtsen: Ubuntu used to show the bread prizes at ICA Storo

Planet Debian - Sat, 04/10/2014 - 15:20

Today I came across an unexpected Ubuntu boot screen. Above the bread shelf on the ICA shop at Storo in Oslo, the grub menu of Ubuntu with Linux kernel 3.2.0-23 (ie probably version 12.04 LTS) was stuck on a screen normally showing the bread types and prizes:

If it had booted as it was supposed to, I would never had known about this hidden Linux installation. It is interesting what errors can reveal.

Categories: Elsewhere

Triquanta Web Solutions: From Rookie to Drupal core contributor in one day

Planet Drupal - Sat, 04/10/2014 - 14:25

Picture: Thomas Ricker

A thick fog had settled in Amsterdam. Moist was gathering in my beard and a nice drupal was forming. I had a clear goal in mind and a blurry world around me. As a tourist in my own country I biked among thousands of spoked wheels. I passed hipster parents with children in carts throwing clouds at each other. And soon the Amsterdam RAI showed up. My first community sprint was about to start.

It was the last day of Drupalcon and we had built up a routine. And as one of the human beings we are, I picked the wrong building. Luckily one of the mentors (our own @marcvangend) was helpful enough to show me the way. I entered the building early in the morning and a wall of orange shirts greeted me, a full fledged team of volunteer mentors in the colors of our beautiful hosting country. Armed with name tags, stickers, sprint task cards, a lot of energy and patience they were fully equipped to guide us rookies through the day.

So, what am I? According to the relatively new system of sprint task cards (pdf) I could be an Explorer, Community Contributor, Issue Mover, Developer or Mentor. Since I already had Drupal 8 installed, and played with it during, for example, the Drupal 8 Multilingual Hands-on of @gaborhojtsy and Aimee Degnan, I was up to some community contributing.

Sprint stickers

We, the mentored, were seated upstairs while the more experienced once worked more focussed in teams on certain projects at ground level. During the day some of us would descend for some specialized guidance. But first we had to set our teeth in "something". The theme of the day was: get "something" done and get ready to teach others. So, if you didn't know what to do, you where presented an issue to work on or you could search for an issue tagged "novice".

Among the tasks we undertook where: testing and reviewing patches, making screenshots (so helpful, as Angie would show later) or creating a solution on your own. Wait, no, not on your own. You weren't seated alone and the mentors were all over the place to step in at your earliest convenience.

In my case I wanted to see if a core 7 bug I had found earlier was present in 8. So I set out to create a little module for my scenario. But, where to start, which files are needed and how do I name them? Jesus Manuel Olivas @jmolivas and Larry Garfield (@crell) to the rescue, with respectively the nice console module to generate D8 modules from the CLI and the session recording of the Drupal 8 Crash Course.

Ok, ready to test some hook_form_alter. Result: failure one. It's so simple, but why doesn't it work? Mentor @BartFeenstra to the rescue: it seems you checked out branch 8.x instead of 8.0.x, d'oh stupid me. Luckily, after some testing the D7 bug seemed to be gone in D8. However, during my testing I found another new problem.

Because drupal.org was under such a pressure and the issue search didn't really work any more, I descended the stairs in search of a core fields maintainer with the simple question: is this a bug and is there an issue for this problem? And it was a bug, empty multiple field items should be deleted after a node search, and there was no issue for it. Using the dreditor, a nice browser helper plugin for people working in the issue queue I was able to create my issue in no-time.

In the meantime upstairs the temperature had risen while the ground floor was still comfortable cool, outside it had become a nice early autumn day (meteorologic speaking), and my table neighbour and colleague, Valerie Valkenburg Gibson (@valvalg), had created her first core issue and patch.

Since it apparently isn't allowed to get a patch in core without at least 20 comments and multiple people working at it I was offered the opportunity to help improving the patch. So mentored by @marcvangend and Théodore Biadala (@nod_) I checked if the patch was confirm the coding standards and got rid of some duplicate functionality. Next I did some finger exercises and create a diff, another diff of two diffs, uploaded the new diff and interdiff and licked my chupachup. Then it was time to go to the live core commit session hosted by Angie (@webchick).

Everybody gathered in front of the big screen while the necessary group pictures where taken and we waited in anticipation. Then Angie showed us how a core committer reviews, tests and finally commits. She even almost mistakenly used branch 8.x instead of 8.0.x, but was quickly corrected by the crowd. And I didn’t feel so stupid anymore.
Finally, as the closure of the day, we were treated with two live commits and, like my collegue Gerben Spil (@gerbenspil) always says: there was much rejoicing!

Picture: Patrick van Efferen

Of course so much more happened, there were fun, food, facts and many friends.

And by the way: can I have my new sticker now?


Daniël Smidt (@dmsmidt)

Categories: Elsewhere

Steve Kemp: Kraków was nice

Planet Debian - Sat, 04/10/2014 - 14:20

We returned safely from Kraków, despite a somewhat turbulent flight home.

There were many pictures taken, but thus far I've only posted a random night-time shot. Perhaps more will appear in the future.

In other news I've just made a new release of the chronicle blog compiler, So 5.0.7 should shortly appear on CPAN.

The release contains a bunch of minor fixes, and some new facilities relating to templates.

It seems likely that in the future there will be the ability to create "static pages" along with the blog-entries, tag-clouds & etc. The suggestion was raised on the github issue tracker and as a proof of concept I hacked up a solution which works entirely via the chronicle plugin-system, proving that the new development work wasn't a waste of time - especially when combined with the significant speedups in the new codebase.

(ObRandom: Mailed the Debian package-mmaintainer to see if there was interest in changing. Also mailed a couple of people I know who are using the old code to see if they had comments on the new code, or had any compatibility issues. No replies from either, yet. *shrugs*)

Categories: Elsewhere

Petter Reinholdtsen: New lsdvd release version 0.17 is ready

Planet Debian - Sat, 04/10/2014 - 08:40

The lsdvd project got a new set of developers a few weeks ago, after the original developer decided to step down and pass the project to fresh blod. This project is now maintained by Petter Reinholdtsen and Steve Dibb.

I just wrapped up a new lsdvd release, available in git or from the download page. This is the changelog dated 2014-10-03 for version 0.17.

  • Ignore 'phantom' audio, subtitle tracks
  • Check for garbage in the program chains, which indicate that a track is non-existant, to work around additional copy protection
  • Fix displaying content type for audio tracks, subtitles
  • Fix pallete display of first entry
  • Fix include orders
  • Ignore read errors in titles that would not be displayed anyway
  • Fix the chapter count
  • Make sure the array size and the array limit used when initialising the palette size is the same.
  • Fix array printing.
  • Correct subsecond calculations.
  • Add sector information to the output format.
  • Clean up code to be closer to ANSI C and compile without warnings with more GCC compiler warnings.

This change bring together patches for lsdvd in use in various Linux and Unix distributions, as well as patches submitted to the project the last nine years. Please check it out. :)

Categories: Elsewhere

Don't Panic: A blog about Drupal: Sprinting for the first time

Planet Drupal - Sat, 04/10/2014 - 08:27

For many years, I've been using Drupal as many people do - by clicking, publishing information and creating websites through the addition of modules and themes. I know how to code in PHP, but with my involvement in the local Drupal community, organizing three DrupalCamps in Gothenburg (2012, 2013 and 2014) and having family and friends, there hasn't been much time to dig down into Drupal and help out with issues and writing code.

When DrupalCon Amsterdam came closer I chose to take a couple of vacation days, and stay for the sprints after the camp. To take part in the First-time Sprinter Workshop on Friday and learn how to code in Drupal.

First-time Sprinter Workshop

We were a big bunch of people, gathered in a room at the Amsterdam RAI, to learn how to code, or at least how to help out. We would have three hours of introduction, which I had high hopes for. Apart from us, there were about 20 mentors helping out. The first thing we had to do was to install all necessary programs, like GIT, Acquia Dev Desktop, Limechat etcetera. Since I work with GIT, have been on IRC for many years, nothing of this was new. Installing the Dev Desktop was troublesome though, and much time went to figure out what was wrong. During this time I couldn't pay attention to what was said about drupal.org and the issue queue, so suddenly I had no idea of what to do with my (slightly) new coding environment. I just didn't know what to do. I asked one of the mentors, and he said to go find an issue in the Drupal Core and work on that. Work on it how? What should I do with it? This was why I wanted to stay for the sprinting, to learn what to do, perhaps even how to do it. Frustration was creeping up on me...

YesCT to the rescue!

So I sat down in front of the issue queue and tried to find something to do. I didn't know what to look for, and I ended up helping out on IRC and helping a guy sitting next to me, who knew less about GIT than me. Felt good to help someone, and to actually feel useful. Then suddenly Cathy Theys, YesCT on Twitter, comes in and asks some of the guys in the room if the mentors had explained what to do when the coding environment installation is done. Since they hadn't been that thorough, Cathy took some time to do so, and that was so welcome. Suddenly I actually had some clue of what to do. A little better clue anyway. With Cathy's words in mind, I also asked a mentor called Andy if he could help me finding something to focus on. He took care of me, placing me next to two other guys who are new to Drupal coding as well, and together we explored the issues queues, trying to find appropriate tasks to do.

"Is that a wall heading my way?"

I realised quickly that even an issue tagged with 'novice' was often to hard for me, since I'm new to Object Oriented Programming, but after a while I started reviewing a patch here, a patch there and summarizing an issue here and an issue there. A fellow podcast member, Kristoffer Wiklund, said that even though everyone here wants as many as possible working on, patching and reviewing Drupal 8, there are still thousands of themes and modules out there, both getting re-written for Drupal 8, but also having issues for Drupal 7. Therefore, I also took time to look at some of the modules and themes that I use, to see if I could help out there. And I could! You can't imagine the feeling when I'm suddenly taking baby-steps towards helping out more and more. My Dashboard on drupal.org was, within the hours, filling up with comments of what I've summarized, what I've added and reactions to my comments. That, my fellow Drupalistas, is something you can't put a price tag on.

Ending on a high note

The day started quite bad, but ended much better, in two ways. Apart from the wounderful mentoring of Andy, we were also approached by some other mentors handing out a handful of cards, with different tasks on them. It was Sprint task cards, and when summarizing what I've been doing with Drupal for the last 4 years and what I've done during DrupalCon Amsterdam, I suddenly was eligible for 4 out of 6 cards. Sure, the mentors were a bit nice on some tasks, but it felt really good on getting 4 stickers with "Explorer", "Mentor", Issue mover" and "Community contributor". The last one was extra nice, since I work quite hard on arranging the DrupalCamps in Sweden.

"One more thing..." 

But that was only one thing that made the day extra special. What about the other? At 5 o'clock, Cathy entered the room and announced it was time to see when webchick, Angie Byron, commits patches to Durpal 8 core live - on stage. Well, there wasn't a stage, but at least in front of everybody. I was sitting at the desk in the front, so I had a very good seat. They did the commits, and denied some, and everything was nice and so. Webchick has a really good sense of humour which made everything extra nice. In the end she thanked the people who had made the patches she committed this afternoon but then  - and I could applause this for a very long time - she also said that it's all of us who are important, from the tiniest little bug reporter to those who do screenshots and write summaries. That showed me that I really can make a difference and that I shouldn't pack it up and go home, just because I can't write code that fixes all the major bugs in Drupal 8. And now for the good part - when Angie asks everyone that had helped out with patches to stand up I thought I shouldn't stand, but my mentor Andy encouraged me to stand up. Sure, I had helped, but I didn't think it mattered that much. But he did. And I thank him for that. That extra encouragement made me want to go home and continue looking through the issue queues at Drupal.org, helping out, fixing it. So we can get Drupal 8 out the door. Together.

(I ended up visiting an art exhibition of LEGO statues called 'Art of the brick' that evening, but that's a different story.)

Categories: Elsewhere

Pages

Subscribe to jfhovinne aggregator