Here's your report of what has happened in Fedora this week. Elections voting is open through 3 December. Fedora 31 has reached end of life. EPEL 6 will reach end-of-life on Monday. There will be no FPgM office hours this week (25 November) due to PTO. Announcements Calls for Participation Help wanted Upcoming meetings Releases […]

The post Fedora program update: 2020-48 appeared first on Fedora Community Blog.

24 Nov 2020 9:22pm GMT

This is the 2020 edition of my most read blog entry about syslog-ng web-based graphical user interfaces (web GUIs). Many things have changed in the past few years. In 2011, only a single logging as a service solution was available, while nowadays, I regularly run into others. Also, while some software disappeared, the number of logging-related GUIs is growing. This is why in this post, I will mostly focus on generic log management and open source instead of highly specialized software, like SIEMs.

Why grep is not enough?

Centralized event logging has been an important part of IT for many years for many reasons. Firstly, it is more convenient to browse logs in a central location rather than viewing them on individual machines. Secondly, central storage is also more secure. Even if logs stored locally are altered or removed, you can still check the logs on the central log server. Finally, compliance with different regulations also makes central logging necessary.

System administrators often prefer to use the command line. Utilities such as grep and AWK are powerful tools, but complex queries can be completed much faster with logs indexed in a database and a web interface. In the case of large amounts of messages, a web-based database solution is not just convenient, it is a necessity. With tens of thousands of incoming messages per second, the indexes of log databases still give Google-like response times even for the most complex queries, while traditional text-based tools are not able to scale as efficiently.

Why still syslog-ng?

Many software used for log analysis come with their own log aggregation agents. So why should you still use syslog-ng then? As organizations grow, so does the IT staff starts to diversify. Separate teams are created for operations, development and security, each with its own specialized needs in log analysis. And even the business side often needs log analysis as an input for business decisions. You can quickly end up with 4-5 different log analysis and aggregation systems running in parallel and working from the very same log messages.

This is where syslog-ng can come handy: creating a dedicated log management layer, where syslog-ng collects all of the log messages centrally, does initial basic log analysis, and feeds all the different log analysis software with relevant log messages. This can save you time and resources in multiple ways:

• You only have to learn one tool instead of many.

• Only a single tool to push through security and operations teams.

• There are less computing resources on clients.

• Logs travel only once over the network.

• Long term archival in a single location with syslog-ng instead of using multiple log analysis software.

• Filtering on the syslog-ng side can save significantly on the hardware costs of the log analysis software, and also on licensing in case of a commercial solution.

The syslog-ng application can collect both system and application logs, and can be installed both as a client and a server. Thus, you have a single application to install for log management everywhere on your network. It can reliably collect and transport huge amounts of log messages, parse ("look into") your log messages, enrich them with geographical location and other extra data, making filters and thus, log routing, much more accurate.

Logging as a Service (LaaS)

A couple years ago, Loggly was the pioneer of logging as a service (LaaS). Today, there are many other LaaS providers (Papertrail, Logentries, Sumo Logic, and so on) and syslog-ng works perfectly with all of them.

Structured fields and name-value pairs in logs are increasingly important, as they are easier to search, and it is easier to create meaningful reports from them. The more recent IETF RFC 5424 syslog standard supports structured data, but it is still not in widespread use.

People started to use JSON embedded into legacy (RFC 3164) syslog messages. The syslog-ng application can send JSON-formatted messages - for example, you can convert the following messages into structured JSON messages:

• RFC5424-formatted log messages.

• Windows EventLog messages received from the syslog-ng Agent for Windows application.

• Name-value pairs extracted from a log message with PatternDB or the CSV parser.

Loggly and other services can receive JSON-formatted messages, and make them conveniently available from the web interface.

A number of LaaS providers are already supported by syslog-ng out of the box. If your service of choice is not yet directly supported, the following blog can help you create a new LaaS destination: https://www.syslog-ng.com/community/b/blog/posts/how-to-use-syslog-ng-with-laas-and-why

Some non-syslog-ng-based solutions

Before focusing on the solutions with syslog-ng at their heart, I would like to say a few words about the others, some which were included in the previous edition of the blog.

LogAnalyzer from the makers of Rsyslog was a simple, easy to use PHP application a few years ago. While it has developed quite a lot, recently I could not get it to work with syslog-ng. Some of the popular monitoring software have syslog support to some extent, for example, Nagios, Cacti and several others. I have tested some of these, I have even sent patches and bug reports to enhance their syslog-ng support, but syslog is clearly not their focus, just one of the possible inputs.

The ELK stack (Elasticsearch + Logstash + Kibana) and Graylog2 have become popular recently, but they have their own log collectors instead of syslog-ng, and syslog is just one of many log sources. Syslog support is quite limited both in performance and protocol support. They recommend using file readers for collecting syslog messages, but that increases complexity, as it is an additional software on top of syslog(-ng), and filtering still needs to be done on the syslog side. Note that syslog-ng can send logs to Elasticsearch natively, which can greatly simplify your logging architecture.

Collecting and displaying metrics data

You can collect metrics data using syslog-ng. Examples include netdata or collectd. You can send the collected data to Graphite or Elasticsearch. Graphite has its own web interface, while you can use Kibana to query and visualize data collected to Elasticsearch.

Another option is to use Grafana. Originally, it was developed as an alternative web interface to the Graphite databases, but now it can also visualize data from many more data sources, including Elasticsearch. It can combine multiple data sources to a single dashboard and provides fine-grained access control.

Loki by Grafana is one of the latest applications that lets you aggregate and query log messages, and of course, to visualize logs using Grafana. It does not index the contents of log messages, only the labels associated with logs. This way, processing and storing log messages requires less resources, making Loki more cost-effective. Promtail, the log collector component of Loki, can collect log messages using the new, RFC 5424 syslog protocol. Learn here how syslog-ng can send its log messages to Loki.

Splunk

One of the most popular web-based interfaces for log messages is Splunk. A returning question is whether to use syslog-ng or Splunk. Well, the issue is a bit of apples vs. oranges: they do not replace, but rather complement each other. As I already mentioned in the introduction, syslog-ng is good at reliably collecting and processing huge amounts of data. Splunk, on the other hand, is good at analyzing log messages for various purposes. Learn more about how you can integrate syslog-ng with Splunk from our white paper!

Syslog-ng based solutions

Here I show a number of syslog-ng based solutions. While every software described below is originally based on syslog-ng Open Source Edition (except for One Identity's own syslog-ng Store Box (SSB)), there are already some large-scale deployments available also with syslog-ng Premium Edition as their syslog server.

• The syslog-ng application and SSB focus on generic log management tasks and compliance.

• LogZilla focuses on logs from Cisco devices.

• Security Onion focuses on network and host security.

• Recent syslog-ng releases are also able to store log messages directly into Elasticsearch, a distributed, scalable database system popular in DevOps environments, which enables the use of Kibana for analyzing log messages.

Benefits of using syslog-ng PE with these solutions include the logstore, a tamper-proof log storage (even if it means that your logs are stored twice), Windows support, and enterprise grade support.

LogZilla

LogZilla is the commercial reincarnation of one of the oldest syslog-ng web GUIs: PHP-Syslog-NG. It provides the familiar user interface of its predecessor, but also includes many new features. The user interface supports Cisco Mnemonics, extended graphing capabilities, and e-mail alerts. Behind the scenes, LDAP integration, message de-duplication, and indexing for quick searching were added for large datasets.

Over the past years, it received many small improvements. It became faster, and role-based access control was added, as well as the live tailing of log messages. Of course, all these new features come with a price; the free edition, which I have often recommended for small sites with Cisco logs is completely gone now.

A few years ago, a complete rewrite became available with many performance improvements under the hood and a new dashboard on the surface. Development never stopped, and now LogZilla can parse and enrich log messages, and can also automatically respond to events.

Therefore, it is an ideal solution for a network operations center (NOC) full of Cisco devices.

Web site: http://logzilla.net/

Security Onion

One of the most interesting projects utilizing syslog-ng is Security Onion, a free and open source Linux distribution for threat hunting, enterprise security monitoring, and log management. It is utilizing syslog-ng for log collection and log transfer, and uses the Elastic stack to store and search log messages. Even if you do not use its advanced security features, you can still use it for centralized log collection and as a nice web interface for your logs. But it is also worth getting acquainted with its security monitoring features, as it can provide you some useful insights about your network. Best of all, Security Onion is completely free and open source, with commercial support available for it.

You can learn more about it at https://www.syslog-ng.com/community/b/blog/posts/syslog-ng-and-security-onion

Elastisearch and Kibana

Elasticsearch is gaining momentum as the ultimate destination for log messages. There are two major reasons for this:

• You can store arbitrary name-value pairs coming from structured logging or message parsing.

• You can use Kibana as a search and visualization interface.

The syslog-ng application can send logs directly into Elasticsearch. We call this an ESK stack (Elasticsearch + syslog-ng + Kibana).

Learn how you can simplify your logging to Elasticsearch by using syslog-ng: https://www.syslog-ng.com/community/b/blog/posts/logging-to-elasticsearch-made-simple-with-syslog-ng

syslog-ng Store Box (SSB)

SSB is a log management appliance built on syslog-ng Premium Edition. SSB adds a powerful indexing engine, authentication and access control, customized reporting capabilities, and an easy-to-use web-based user interface.

Recent versions introduced AWS and Azure cloud support and horizontal scalability using remote logspaces. The new content-based alerting can send an e-mail alert whenever a match between the contents of a log message and a search expression is found.

SSB is really fast when it comes to indexing and searching log data. To put this scalability in context, the largest SSB appliance stores up to 10 terabytes of uncompressed, raw logs. With SSB's current indexing performance of 100,000 events per second, that equates to approximately 8.6 billion logs per day or 1.7 terabytes of log data per day (calculating with an average event size of 200 bytes). Using compression, a single, large SSB appliance could store approximately one month of log data for an enterprise generating 1.7 terabytes of event data a day. This compares favorably to other solutions that require several nodes for collecting this amount of messages, and even more additional nodes for storing them. While storing logs to the cloud is getting popular, on-premise log storage is still a lot cheaper for a large amount of logs.

The GUI makes searching logs, configuring and managing the SSB easy. The search interface allows you to use wildcards and Boolean operators to perform complex searches, and drill down on the results. You can gain a quick overview and pinpoint problems fast by generating ad-hoc charts from the distribution of the log messages.

Configuring the SSB is done through the user interface. Most of the flexible filtering, classification and routing features in the syslog-ng Open Source and Premium Editions can be configured with the UI. Access and authentication policies can be set to integrate with Microsoft Active Directory, LDAP and RADIUS servers. The web interface is accessible through a network interface dedicated to the management traffic. This management interface is also used for backups, sending alerts, and other administrative traffic.

SSB is a ready-to-use appliance, which means that no software installation is necessary. It is easily scalable, because SSB is available both as a virtual machine and as a physical appliance, ranging from entry-level servers to multiple-unit behemoths. For mission critical applications, you can use SSB in High Availability mode. Enterprise-level support for SSB and syslog-ng PE is also available.

■ Read more about One Identity's syslog-ng and SSB products here.

■ Request evaluation version / callback.

24 Nov 2020 12:29pm GMT

Comme le projet Fedora est communautaire, une partie du collège des organisations suivantes doit être renouvelée : Council, FESCo et Mindshare. Et ce sont les contributeurs qui décident. Chaque candidat a bien sûr un programme et un passif qu'ils souhaitent mettre en avant durant leur mandat pour orienter le projet Fedora dans certaines directions. Je vous invite à étudier les propositions des différents candidats pour cela.

Pour voter, il est nécessaire d'avoir un compte FAS actif et de faire son choix sur le site du scrutin. Vous avez jusqu'au vendredi 4 décembre à 1h heure française pour le faire. Donc n'attendez pas trop.

Par ailleurs, comme pour le choix des fonds d'écran additionnel, vous pouvez récupérer un badge si vous cliquez sur un lien depuis l'interface après avoir participé à un vote.

Je vais profiter de l'occasion pour résumer le rôle de chacun de ces comités afin de clarifier l'aspect décisionnel du projet Fedora mais aussi visualiser le caractère communautaire de celui-ci.

Council

Le Council est ce qu'on pourrait qualifier le grand conseil du projet. C'est donc l'organe décisionnaire le plus élevé de Fedora. Le conseil définit les objectifs à long terme du projet Fedora et participe à l'organisation de celui-ci pour y parvenir. Cela se fait notamment par le biais de discussions ouvertes et transparentes vis à vis de la communauté.

Mais il gère également l'aspect financier. Cela concerne notamment les budgets alloués pour organiser les évènements, produire les goodies, ou des initiatives permettant de remplir les dits objectifs. Ils ont enfin la charge de régler les conflits personnels importants au sein du projet, tout comme les aspects légaux liés à la marque Fedora.

Les rôles au sein du conseil sont complexes.

Ceux avec droit de vote complet

Tout d'abord il y a le FPL (Fedora Project Leader) qui est le dirigeant du conseil et de facto le représentant du projet. Son rôle est lié à la tenue de l'agenda et des discussions du conseil, mais aussi de représenter le projet Fedora dans son ensemble. Il doit également servir à dégager un consensus au cours des débats. Ce rôle est tenu par un employé de Red Hat et est choisi avec le consentement du conseil en question.

Il y a aussi le FCAIC (Fedora Community Action and Impact Coordinator) qui fait le lien entre la communauté et l'entreprise Red Hat pour faciliter et encourager la coopération. Comme pour le FPL, c'est un employé de Red Hat qui occupe cette position avec l'approbation du conseil.

Il y a deux places destinées à la représentation technique et à la représentation plus marketing / ambassadrice du projet. Ces deux places découlent d'une nomination décidée au sein des organes dédiées à ces activités : le FESCo et le Mindshare. Ces places sont communautaires mais ce sont uniquement ces comités qui décident des attributions.

Il reste deux places communautaires totalement ouvertes et dont tout le monde peut soumettre sa candidature ou voter. Cela permet de représenter les autres secteurs d'activité comme la traduction ou la documentation mais aussi la voix communautaire au sens la plus large possible. C'est pour une de ces places que le vote est ouvert cette semaine !

Ceux avec le droit de vote partiel

Un conseiller en diversité est nommé par le FPL avec le soutien du conseil pour favoriser l'intégration au sein du projet des populations le plus souvent discriminées. Son objectif est donc de déterminer les programmes pour régler cette problématique et résoudre les conflits associés qui peuvent se présenter.

Un gestionnaire du programme Fedora qui s'occupe du planning des différentes versions de Fedora. Il s'assure du bon respect des délais, du suivi des fonctionnalités et des cycles de tests. Il fait également office de secrétaire du conseil. C'est un employé de Red Hat qui occupe ce rôle toujours avec l'approbation du conseil.

FESCo

Le FESCo (Fedora Engineering Steering Committee) est un conseil entièrement composé de membres élus et totalement dévoués à l'aspect technique du projet Fedora.

Ils vont donc traiter en particulier les points suivants :

• Les nouvelles fonctionnalités de la distribution ;
• Les sponsors pour le rôle d'empaqueteur (ceux qui pourront donc superviser un débutant) ;
• La création et la gestion des SIGs (Special Interest Group) pour organiser des équipes autour de certaines thématiques ;
• La procédure d'empaquetage des paquets.

Le responsable de ce groupe est tournant. Les 9 membres sont élus pour un an, sachant que chaque élection renouvelle la moitié du collège. Ici 5 places sont à remplacer.

Mindshare

Mindshare est une évolution du FAmSCo (Fedora Ambassadors Steering Committee) qu'il remplace. Il est l'équivalent du FESCo sur l'aspect plus humain du projet. Pendant que le FESCo se préoccupera beaucoup plus des empaqueteurs, la préoccupation de ce conseil est plutôt l'ambassadeur et les nouveaux contributeurs.

Voici un exemple des thèmes dont il a compétence qui viennent du FAmSCo :

• Gérer l'accroissement des ambassadeurs à travers le mentoring ;
• Pousser à la création et au développement des communautés plus locales comme la communauté française par exemple ;
• Réaliser le suivi des évènements auxquels participent les ambassadeurs ;
• Accorder les ressources aux différentes communautés ou activités, en fonction des besoin et de l'intérêt ;
• S'occuper des conflits entre ambassadeurs.

Et ses nouvelles compétences :

• La communication entre les équipes, notamment entre la technique et le marketing ;
• Motiver les contributeurs à s'impliquer dans différents groupes de travail ;
• Gérer l'arrivé de nouveaux contributeurs pour les guider, essayer de favoriser l'inclusion de personnes souvent peu représentées dans Fedora (femmes, personnes non américaines et non européennes, étudiants, etc.) ;
• Gestion de l'équipe marketing.

Il y a 9 membres pour gérer ce comité. Un gérant, 2 proviennent des ambassadeurs, un du design et web, un de la documentation, un du marketing, un de la commops et les deux derniers sont élus. C'est pour un de ces derniers sièges que le scrutin est ouvert.

24 Nov 2020 12:17pm GMT

C'est en ce mardi 24 novembre 2020 que Fedora 31 a été déclaré comme en fin de vie.

Qu'est-ce que c'est ?

Un mois après la sortie d'une version de Fedora n, ici Fedora 33, la version n-2 (donc Fedora 31) est déclarée comme en fin de vie.

Ce mois sert à donner du temps aux utilisateurs pour faire la mise à niveau. Ce qui fait qu'en moyenne une version est officiellement maintenue pendant 13 mois.

En effet, la fin de vie d'une version signifie qu'elle n'aura plus de mises à jour et plus aucun bogue ne sera corrigé. Pour des questions de sécurité, avec des failles non corrigées, il est vivement conseillé aux utilisateurs de Fedora 31 et antérieurs d'effectuer la mise à niveau vers Fedora 33 ou 32.

Que faire ?

Si vous êtes concernés, il est nécessaire de faire la mise à niveau de vos systèmes. Vous pouvez télécharger des images CD ou USB plus récentes.

Il est également possible de faire la mise à niveau sans réinstaller via DNF ou GNOME Logiciels.

GNOME Logiciels a également dû vous prévenir par une pop-up de la disponibilité de Fedora 32 ou 33. N'hésitez pas à lancer la mise à niveau par ce biais.

24 Nov 2020 8:37am GMT

Introduction

GitHub Actions is an API for cause and effect on GitHub: orchestrate any workflow, based on any event, while GitHub manages the execution, provides rich feedback, and secures every step along the way.

In this article, we will be exploring a hands-on approach to managing your CD processes using GitHub Actions via SSH.

The workflow:

1. Connect to VPS via SSH
2. Move to project directory
3. git pull the new changes
4. execute any necessary command

Prerequisites

• A GitHub account. If you don't have one, you can sign up here
• A server with SSH access
• Basic knowledge of writing valid YAML
• Basic knowledge of GitHub and Git

Configuring workflows

we should create a yml file on .github/workflows/. For example .github/workflows/ci.yml and add this code to the file:

name: CI

on: [push]

jobs:
  deploy:
    if: github.ref == 'refs/heads/master'
    runs-on: [ubuntu-latest]
    steps:
      - uses: actions/checkout@v1
      - name: Push to server
        uses: appleboy/ssh-action@master
        with:
          host: ${{ secrets.SERVER_IP }}
          username: ${{ secrets.SERVER_USERNAME }}
          key: ${{ secrets.KEY }}
          passphrase: ${{ secrets.PASSPHRASE }} 
          script: cd ${{ secrets.PROJECT_PATH }} && git pull

After add this file go to Settings -> Secrets and add secrets SERVER_IP, SERVER_USERNAME, KEY, PASSPHRASE, PROJECT_PATH

note: you can use password insted of keys just you need to replace the key and passphrase line with password in the workflow file password: ${{ secrets.PASSWORD }} and add the password to secrets

I use the GitHub secrets to keep important information hidden

also you can add more commands to the script line as you need

the next time we push to the master branch, it will automatically be deployed to our server.

24 Nov 2020 8:07am GMT

In a samba setup where users and groups are fetched from Active Directory to be used in a unix/linux environment, AD may prohibit the samba winbind tools like wbinfo to recurse into its group structure. You may get groups and users and their corresponding gids and uids, but you may not get the members of a group.

It is usually possible to do the opposite, that is, probing a user object and get the groups that user is member of. Here is a little script that collects all users, probing AD for the groups of each and every user, and sorting and putting it together. In perl of course.

https://github.com/ingvarha/groupmembers

24 Nov 2020 7:44am GMT

24 Nov 2020 12:36am GMT

The last few posts I did about fwupd releases were very popular, so I'll do the same thing again: I've just tagged fwupd 1.5.2 - This release changes a few things:

• Add a build time flag to indicate if packages are supported - this would be set for "traditional" package builds done by the distro, and unset by things like the Fedora COPR build, the Flatpak or Snap bundles. There are too many people expecting that the daily snap or flatpak packages represent the "official fwupd" and we wanted to make it clear to people using these snapshots that we've done basically no QA on the snapshots.
• A plugin for the Pinebook Pro laptop has been added, although it needs further work from PINE64 before it will work correctly. At the moment there's no way of getting the touchpad version, or finding out which keyboard layout is installed so we can tag the correct firmware file. It's nearly there and is still very useful for playing with the hardware on the PB Pro.
• Components can now set the icon from the metadata from the LVFS, if supported by the fwupd plugin. This allows us to tag "generic" ESRT devices as things like EC devices, or, ahem, batteries.
• I've been asked by a few teams, including the Red Hat Edge team, the CoreOS team and also by Google to switch from libsoup to libcurl for downloading data - as this reduces the image size by over 5MB. Even NetworkManager depends on libcurl now, and this seemed like a sensible thing to do given fwupd is now being used in so many different places.
• Fall back to FAT32 internal partitions for detecting ESP, as some users were complaining that fwupd did not properly detect their ESP that didn't have the correct partition GUID set. Although I think fixing the GUID is the right thing to do, the system firmware also falls back, and pragmatically so should we.
• Fix detection of ColorHug version on older firmware versions, which was slightly embarrassing as ColorHug is one of the devices in the device regression tests, but we were not testing an old enough firmware version to detect this bug.
• Fix reading BCM57XX vendor and device ids from firmware - firmware for the Talos II machine is already on the LVFS and can replace the non-free firmware there in almost all situations now.
• For this release we had to improve synaptics-mst reliability when writing data, which was found occasionally when installing firmware onto a common dock model. A 200ms delay is the difference between success and failure, which although not strictly required seemed pragmatic to add.
• Fix replugging the MSP430 device which was the last device that was failing a specific ODM QA. This allows us to release a ton of dock firmware on the LVFS.
• Fix a deadlock seen when calling libfwupd from QT programs. This was because we were calling a sync method from threads without a context, which we've now added.
• In 1.5.0 we switched to the async libfwupd by default, and accidentally dropped the logic to only download the remote metadata as required. Most users only need to download the tiny .jcat file every day, and the much larger .xml.gz is only downloaded if the signature has changed in the last 24h. Of course, it's all hitting the CDN, but it's not nice to waste bandwidth for no reason.
• As Snap is bundling libfwupd with gnome-software now, we had to restore recognizing GPG and PKCS7 signature types. This allows a new libfwupd to talk to an old fwupd daemon which is something we'd not expected before.
• We're also now setting the SMBIOS chassis type to portable if a DeviceTree battery exists, although I'd much rather see a ChassisType in the DT specification one day. This allows us to support HSI on platforms like the PineBook Pro, although the number of tests is still minimal without more buy-in from ARM.
• We removed the HSI update and attestation suffixes; we decided they complicated the HSI specification and didn't really fit in. Most users won't even care and the spec is explicitly WIP so expect further changes like this in the future.

If you're running 1.5.0 or 1.5.1 you probably want to update to this release now as it fixes a hard-to-debug hang we introduced in 1.5.0. If you're running 1.4.x you might want to let the libcurl changes settle, although we've been using it without issue for more than a week on a ton of hardware here. Expect 1.5.3 in a few weeks time, assuming we're all still alive by then. :)

23 Nov 2020 4:36pm GMT

24-26 November 2020 @ https://events.gnome.org/event/24

I think it maybe too late to help out telling anyone about this event since registeration already closed but look like the registeration still open. Anyway, let see the schedule:

Some of the segment that offer good topic and caught my eyes :

• The Use and Benefits of Open Source Software in Tour & Travel Company - Rahman Nur
• Building a career in open source : Lessons and Learnings - Umang Jain
• Under COVID-19 pandemic, Korea's Community Challenges and Futures - DaeHyun Sung
• Leveraging Open Source Tools for Distance Learning During Pandemic Season - Mohammad Hafiz Ismail

Gnome Asia summit 2020 will start by tomorrow today and conference will be online. This event was sponsor by Gitlab and openSUSE.

23 Nov 2020 4:04pm GMT

24-26 November 2020 @ https://events.gnome.org/event/24

I think it maybe too late to help out telling anyone about this event since registeration already closed but look like the registeration still open. Anyway, let see the schedule:

Some of the segment that offer good topic and caught my eyes :

• The Use and Benefits of Open Source Software in Tour & Travel Company - Rahman Nur
• Building a career in open source : Lessons and Learnings - Umang Jain
• Under COVID-19 pandemic, Korea's Community Challenges and Futures - DaeHyun Sung
• Leveraging Open Source Tools for Distance Learning During Pandemic Season - Mohammad Hafiz Ismail

Gnome Asia submit 2020 will start by tomorrow and conference will be online. This event was sponsor by Gitlab and openSUSE.

23 Nov 2020 4:04pm GMT

Here is a tune I wrote called "Standard Deviation" done as an accompaniment track using MMA. This is a very simplistic interpretation that makes no use of dynamics, variations in the BossaNova Groove, or even decent repeat logic. But it compiles.

Here's the MMA file.

Slightly Greater than one Standard Deviation from the Mean:

23 Nov 2020 2:16am GMT

Josh and Kurt talk about the safety and liability of new devices. What happens when your doorbell can burn down your house? What if it's your fault the doorbell burned down your house? There isn't really any prior art for where our devices are taking us, who knows what the future will look like.

<audio class="wp-audio-shortcode" controls="controls" id="audio-2077-1" preload="none" style="width: 100%;"><source src="https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_225_Who_is_responsible_if_IoT_burns_down_your_house.mp3?_=1" type="audio/mpeg">https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_225_Who_is_responsible_if_IoT_burns_down_your_house.mp3</audio>

Show Notes

• Ring Doorbell recall
• Ring incorrect screw diagram
• Punctured battery
• Episode 145 - What do security and fire have in common?
• Phillips vs Robertson screws
• wendy knox everette
• Wendy's presentation on legal liability
• Tim Burners-Lee privacy company

23 Nov 2020 12:01am GMT

On safety razors

I recently switched over from the ubiquitous cartridge razors to double-edge safety razors. The original impetus was not finding a non-charging base for my GiletteLabs Heated Razors - the battery in the stem made it too wide for most razor holders - and noticing that a lot of reviews swear by various safety razors.

I ended up buying the Rex Ambassador¹ a few months ago - and then held off on actually using it, telling myself I need to learn how to properly use it first. In the end I told myself I would stop using my Gilette the day after the US Presidential Election, and start using the safety razor the morning after the US Presidential Election is finally called - which was Sunday the 8th, with a nice 5-day stubble to test it on.

The first shave went surprisingly smoothly; the next few shaves ended with some minor mishaps - cockiness and distraction getting in the way - but overall there is no way I'm going back to cartridge razors after this. Feeling more in control, getting a closer shave, no plastic waste to dispose - and hey much lower total cost of ownership!

… and technology

There seems to be a parallel here between the world of personal care and that of technology:

• most people are trapped on proprietary, heavily marketed solutions (cartridge razors, proprietary operating systems, apps and services)
• these proprietary solutions are at first glance more user friendly
• the more open solutions have a steeper learning curve but are eventually more empowering
• vendor lock-in
• the incentives for the manufacturers/vendors and customers/users are not aligned

Think Windows on one side, vs Linux (and the BSDs) on the other (with macOS initially being in the middle and increasingly swaying to becoming even more constraining than Windows). Think proprietary gaming consoles and mobile IAP-chasing games, vs game platforms that encourage participation like TIC-80 and LÖVE. Think US-centric proprietary social networks (Facebook, Twitter) and services (Dropbox, Google Suite) vs distributed social networks (Mastodon, Pleroma, Diaspora etc.) and self-hosted services (Nextcloud, Cryptpad etc.).

What are most people sacrificing to the altar of promised convenience? Literally both time and money: our attention, higher costs; also our autonomy (you're locked in) and our privacy (… so platform owners can mine your attention and monetize what they observe of your behavior).

If you believe in capitalism, this is bad news. If you don't it's even worse.

So what can we do?

Part of the solution is regulatory. In the EU, a recent ECJ ruling requires EU companies to stop using US-based cloud services to host data from EU citizens. This could help push the adoption of more open, user-empowering, privacy-friendly alternatives.

But in other jurisdictions like the US, regulation might be a long time coming, except maybe in California (plus the companies we're trying to unshackle users from are mostly US-based). So a lot of the solution has to be bottom up.

We simply need to lower barriers to entry, both actual and perceived, to using the platforms we're championing. Some involve compromises (e.g. Flatpak is a great way to abstract away the differences between Linux distributions, to the point that it's easier to install proprietary apps, including Steam - which improves the availability of games on Linux despite, yes, being proprietary). Some involve corporate backing (e.g. Fedora on Lenovo laptops). A lot would involve being more welcoming to newcomers, and bridging the actual usability gaps there are.

It's hard enough to overcome incumbency and the network effect. Let's not make it harder for ourselves.

This post is day 5 of my #100DaysToOffload challenge. Visit https://100daystooffload.com to get more info, or to get involved.

Have a comment on one of my posts? Start a discussion in my public inbox by sending an email to ~michel-slm/public-inbox@lists.sr.ht [ mailing list etiquette]

Posts are also tooted to @michel_slm@floss.social

<section class="footnotes" role="doc-endnotes">

1. Not a product placement, honest! ↩︎

</section>

23 Nov 2020 12:00am GMT

Saxophone is a solo instrument. Unless you are into the sounds of Saxophone multiphonics, harmony requires playing with some other instrument. For Jazz, this tends to be a rhythms section of Piano, Bass, and Drums. As a kid, my practicing (without a live Rhythm section) required playing along with pre-recordings of tunes. I had my share of Jamie Aebersold records.

Nowadays, the tool of choice for most Jazz muscians, myself included is iReal Pro. A lovely little app for the phone. All of the Real Book tunes have their chord progressions been posted and generated. The format is simple enough.

But it is a proprietary app. While I continue to support and use it, I am also looking for alternatives that let me get more involved. One such tool is Musical MIDI Accompaniment. I'm just getting started with it, and I want to keep my notes here.

First is just getting it to play. Whether you get the tarball or checkout from Git, there is a trick that you need to do in order to even play examples: regenerate the libraries.

./mma.py -G

That allows me to generate a midi file from a file in the MMA Domain Specific Language (DSL) which is also called MMA. I downloaded the backing track for I've Got You Under My Skin https://www.mellowood.ca/mma/examples/examples.html and, once I regenerated the libraries with the above command, was able to run :

./mma.py ~/Downloads/ive-got-you-under-my-skin.mma
Creating new midi file (120 bars, 4.57 min / 4:34 m:s): '/home/ayoung/Downloads/ive-got-you-under-my-skin.mid'

Which I can then play with timidity.

The file format is not quite as simplistic as iReal Pro, but does not look so complex that I won't be able to learn it.

There are examples of things that look like real programming. Begin and End Blocks.

Line Numbers. This is going to give my flashbacks to coding in Basic on my C64…not such an unpleasant set of memories. And musical ones at that.

Ok, lets take this apart. Here is the first few lines:

// I've Got You Under My Skin

Tempo 105
Groove Metronome2-4

        z * 2

Comments are doubles slashes. Title is just for documentation.

Tempo is in BPM.

Groove Metronome2-4 Says to use a Groove, the MMA "Grooves, in some ways, are MMA 's answer to macros … but they are cooler, easier to use, and have a more musical name. " Says the manual. So, somewhere we have inherited a Groove called Metronome…something. Is the 2-4 part of the name? It looks it. Found this in the library

lib/stdlib/metronome.mma:97:DefGroove Metronome2-4 A very useful introduction. On bar one we have hits on beats 1 and 3; on bar two hits on beats 1, 2, 3 and 4.

Which is based on a leader counting off the time in the song. If you play the midi file, you can hear the cowbell-effect used to count off

z * 2 is the way of saying that this extends for 2 measures.

The special sequences, "-" or "z", are also the equivalent of a rest or "tacet" sequence. For example, in defining a 4 bar sequence with a bass pattern on the first 3 bars and a walking bass on bar 4 you might do something like:

If you already have a sequence defined^5.2 you can repeat or copy the existing pattern by using a single "*" as the pattern name. This is useful when you are modifying an existing sequence.

The next block is the definition of a section he calls Solo. This is a Track.

Begin Solo
        Voice Piano2
        Octave 4
        Harmony 3above
        Articulate 90
        Accent 1 20
        Volume f
End

I think that the expectation is that you get the majority of the defaults from the Groove, and customize the Solo track.

As a general rule, MELODY tracks have been designed as a "voice" to accompany a predefined form defined in a GROOVE-it is a good idea to define MELODY parameters as part of a GROOVE. SOLO tracks are thought to be specific to a certain song file, with their parameters defined in the song file.

So if it were a Melody track definition is would be ignored, and the track from the Rhumba base would be used instead.

The next section defines what is done overall.

Keysig 3b


Groove Rhumba
Alltracks SeqRnd Off
Bass-Sus Sequence -             // disable the strings

Cresc pp mf 4

Keysig directive can be found here. This will generate a MIDI KeySignature event. 3b means 3 flats in the midi spec. Major is assumed if not specified. Thus this is the key of E Flat.

The Groove Rhumba directive is going to drive most of the song. The definitions for this Groove can be found under the standard library I might tear apart a file like this one in a future post.

The next two lines specify how the Groove is to be played. SeqRnd inserts randomness into the sequencing, to make it more like a live performance. This directive shuts down the randomness.

Bass-Sus Sequence - seems to be defining a new, blank sequence. The comment implies that it is shutting off the strings. I have to admit, I don't quite understand this. I've generated the file with this directive commented out and detect no differences. Since Bass-Sus is defined in the Bossa Nova Groove under the standard library, I'm tempted to think this is an copy-pasta error. Note that it defines "Voice Strings" and I think that is what he was trying to disable. I suspect a git history will show the Bass-Sus getting pulled out of the Rhumba file.

Cresc pp mf 4 Grow in volume from piano (soft) to mezzo-forte (Medium Loud) over 4 bars. Since no track is specified, it is for the master volume.

// 4 bar intro

1       Eb              {4.g;8f;2e;}
2       Ab      {4.a;8g;2f;}
3       Gm7     {1g;}
4       Bb7     {2b;}

Delete Solo

Now we start seeing the measures. The numbers are optional, and just for human readers to keep track.
Measure 1 is an E flat chord. The braces delineate a Riff line. The 4 means a Quarter note. The period after it Makes it Dotted, half again as long, or the equivalent of 3 tied eighth notes. The Note played is a g. This is adjusted for the octave appropriate to the voice. This is followed by an eighth note f, an a half note e. This adds up to a full measure; 3/8 + 1/8 + 4/8.

After the four bar intro, the solo part is deleted, and the normal Rhumba patterns take effect.

The next line is a Repeat directive, which is paired with the repeatending directive on line 129 and repeatend directives on line 135. This says that measures 5-60 should be repeated once, first and second ending style.

The Groove changes many times during the song, and I think this leads to the one bug I noticed: the time keeps changing, speeding up and slowing down. I think these match up with the Groove changes, but I am not yet certain.

It should be fairly easy to translate one of my songs into this format.

22 Nov 2020 7:52pm GMT

Bien que je sois le très récent et heureux possesseur d'une Freebox Pop, j'ai fait le choix de continuer à déléguer la gestion de mon réseau ainsi que de mon partage Wi-Fi, non pas à la Pop, mais à OpenWRT. Les avantages pour moi sont les suivants : Plus de contrôle au niveau des règles […]

Cet article OpenWRT derrière une Freebox: IPv6, DMZ et Bridge est apparu en premier sur Guillaume Kulakowski's blog.

22 Nov 2020 5:02pm GMT

Here's your report of what has happened in Fedora this week. Elections voting is open through 3 December. Fedora 31 will reach end-of-life on Tuesday. EPEL 6 will reach end-of-life on 30 November. Announcements Calls for Participation Help wanted Upcoming meetings Releases Announcements Elections voting CfPs Conference Location Date CfP Balkan FLOSStival 2020 virtual 5-6 […]

The post Fedora program update: 2020-47 appeared first on Fedora Community Blog.

20 Nov 2020 9:51pm GMT