18 Feb 2017

feedPlanet Gentoo

Sebastian Pipping: Creating Fedora chroots on Debian, Gentoo, … easily

Hi!

Just a quick tip on how to easily create a Fedora chroot environment from (even a non-Fedora) Linux distribution.

I am going to show the process on Debian stretch but it's not be much different elsewhere.

Since I am going to leverage pip/PyPI, I need it available - that and a few non-Python widespread dependencies:

# apt install python-pip db-util lsb-release rpm yum
# pip install image-bootstrap pychroot

Now for the actual chroot creation, process and usage is very close to debootstrap of Debian:

# directory-bootstrap fedora --release 25 /var/lib/fedora_25_chroot

Done. Now let's prove we have actual Fedora 25 in there. For lsb_release we need package redhat-lsb here, but the chroot was is functional before that already.

# pychroot /var/lib/fedora_25_chroot dnf -y install redhat-lsb
# pychroot /var/lib/fedora_25_chroot lsb_release -a
LSB Version:    :core-4.1-amd64:core-4.1-noarch:[..]:printing-4.1-noarch
Distributor ID: Fedora
Description:    Fedora release 25 (Twenty Five)
Release:        25
Codename:       TwentyFive

Note the use of pychroot which does bind mounts of /dev and friends out of the box, mainly.

directory-bootstrap is part of image-bootstrap and, besides Fedora, also supports creation of chroots for Arch Linux and Gentoo.

See you 🙂

18 Feb 2017 10:20pm GMT

09 Feb 2017

feedPlanet Gentoo

Andreas K. Hüttel: Gentoo LiveDVD "Crispy Belgian Waffle", FOSDEM 2017 edition

So, FOSDEM 2017 is over, and as every year it was both fun and interesting. There will for sure be more blog posts, e.g., with photographs from talks by our developers, the booth, the annual Gentoo dinner, or (obviously) the beer event. The Gentoo booth, centrally located just opposite to KDE and Gnome and directly next to CoreOS, was quite popular; it's always great to hear from all the enthusiastic Gentoo fans. Many visitors also prepared, compiled, and installed their own Gentoo buttons at our button machine.
In addition we had a new Gentoo LiveDVD as handout - the "Crispy Belgian Waffle" FOSDEM 2017 edition. For those of you who couldn't make it to Brussels, you can still get it! Download the ISO here and burn it on a DVD or copy it on a USB stick - all done. Many thanks to Fernando Reyes (likewhoa) for all his work!

Finally, for those who are wondering, the "Gentoo Ecosystem" poster from our table can be downloaded as PDF here. It is based on work by Daniel Robbins and mitzip from Funtoo; the source files are available on Github. Of course this poster is continous work in progress, so tell me if you find something missing!

09 Feb 2017 9:22pm GMT

Matthew Thode: Gentoo at Fosdem

At the stand

It was nice to meet everyone and hang out as well. There was an interview with Hacker Public Radio which you can find HERE as well.

Just a short one this time, but it was nice to meet everyone.

09 Feb 2017 6:00am GMT

07 Feb 2017

feedPlanet Gentoo

Sven Vermeulen: I missed FOSDEM

I sadly had to miss out on the FOSDEM event. The entire weekend was filled with me being apathetic, feverish and overall zombie-like. Yes, sickness can be cruel. It wasn't until today that I had the energy back to fire up my laptop.

Sorry for the crew that I promised to meet at FOSDEM. I'll make it up, somehow.

07 Feb 2017 4:02pm GMT

06 Feb 2017

feedPlanet Gentoo

Bernard Cafarelli: app-text/tesseract 4.0 alpha ebuild available for testing

Tesseract is one of the best open-source OCR software available, and I recently took over ebuilds maintainership for it. Current development is still quite active, and since last stable release they added a new OCR engine based on LSTM neural networks. This engine is available in an alpha release, and initial numbers show a much faster OCR pass, with fewer errors.

Sounds interesting? If you want to try it, this alpha release is now in tree (along with a live ebuild). I insist on the alpha tag, this is for testing, not for production; so the ebuild masked by default, and you will have to add to your package.unmask file:
=app-text/tesseract-4.00.00_alpha*
The ebuild also includes some additional changes, like current documentation generated with USE=doc (available in stable release too), and updated linguas.

Testing with paperwork

The initial reason I took over tesseract is that I also maintain paperwork ebuilds, a personal document manager, to handle scanned documents and PDFs (which is heavy tesseract user). It recently got a new 1.1 release, if you want to give it a try!

06 Feb 2017 1:15pm GMT

Denis Dupeyron: Google Summer of Code 2017 is starting!

(A previous version of this post recommended #gentoo-soc-mentors on Freenode as the preferred discussion channel for GSoC, please use #gentoo-soc instead as the former is invite-only or ask us to invite you to it)

It's time to send us your GSoC ideas whether you can/want to mentor or not. We need as many good ideas as possible to make sure Google will select us as an organization again this year. Experience has shown us that we're not automatically selected. You can submit them yourself on the wiki or let us do it. Don't waste any time because some polishing typically needs to occur before the deadline (February 27th). You can discuss your ideas with us on Freenode in #gentoo-soc (preferred), or by email at soc-mentors@gentoo.org.

If you're potentially interested in being a mentor, only want to help during the early phases of discussing and reviewing projects, or are just curious and want to see what goes on there, please let us know and we'll add you to the mail alias. Everybody from last year was removed so don't assume you'll be on the alias because you were last year. Note that you do not have to be a Gentoo developer to be a mentor or help us with GSoC in any way.

Finally, if you're a student it's not quite time yet to ask us about projects. Please be patient, we'll let you know.

Now go and submit that idea!

06 Feb 2017 1:53am GMT

03 Feb 2017

feedPlanet Gentoo

Nathan Zachary: USB UAC2 DAC in Linux (the Emotiva Big Ego with Gentoo Linux)

Important!

My tech articles-especially Linux ones-are some of the most-viewed on The Z-Issue. If this one has helped you, please consider a small donation to The Parker Fund by using the top widget at the right. Thanks!

Recently I was on a mission to make my audio experience on my main desktop more enjoyable. I had previously just used some older Bose AE2 headphones from 2010 plugged in directly to the 3.5mm audio output on the back of my desktop. The sound quality was mediocre at best, and I knew that a combination of a Digital-to-Analogue Converter (DAC) and some better headphones would certainly improve the experience. I also knew that the DAC would probably yield the most noticeable improvements, so I purchased the Big Ego USB DAC from one of my favourite audiophile-grade manufacturers, Emotiva. I have several of their monoblock amplifiers and use their amazing XMC1 for my preamp/processor in my home audio system, so I knew that the quality would be outstanding, especially for the price.

Emotiva Big Ego DAC and V-Moda Crossfade M-100 headphones

Now, the Big Ego FAQ on the Emotiva website indicates that it should work with all modern computing devices:

Q: What devices can I use the Ego DACs with?
A: The Ego DACs are basically designed to work with any modern "computer device" which can be used
with an external USB sound card, which includes:
1) All modern Apple computers
2) All modern Windows computers (Windows XP, Vista, 7, 8.0, 8.1, and Windows 10)
3) Many Linux computers (as long as they support USB Audio Class 1 or 2)
4) Some Android tablets and phones (as long as they support UAC1 or UAC2)
5) Apple iPhone 5 and iPhone 6 (with the lightning to USB camera adapter)

For many Linux users, the Big Ego probably works without any manual intervention. However, if it doesn't, it shouldn't be that difficult to get it working properly, and I hope that this guide helps if you are running into trouble.

Firstly, let's get something out of the way, and that's USB Audio Class 2 (UAC2) support within Linux. With all modern distributions (>=2.6 kernel), UAC2 is readily available. It can be validated by looking at the audio-v2.h file within the kernel source:

# grep 'From the USB Audio' /usr/src/linux/include/linux/usb/audio-v2.h
* From the USB Audio spec v2.0:

Feel free to look at the full file to see the references to the UAC2 specification.

Kernel support:

Secondly, and also speaking to the kernel, if your distribution doesn't even show the device, you are likely lacking the one needed kernel driver. To see if your system recognises the Emotiva Big Ego, try the following command and look for similar output:

$ lsusb -v | grep 'Emotiva Big Ego'
...
iProduct 3 Emotiva Big Ego
...

The full identifier (Vendor ID and Product ID) from lsusb is 20ee:0021, even though it doesn't have a description:

# grep -A 4 /var/log/messages
kernel: usb 9-1: New USB device found, idVendor=20ee, idProduct=0021
kernel: usb 9-1: New USB device strings: Mfr=1, Product=3, SerialNumber=2
kernel: usb 9-1: Product: Emotiva Big Ego
kernel: usb 9-1: Manufacturer: Emotiva

$ lsusb | grep '20ee:0021'
Bus 009 Device 005: ID 20ee:0021

If you don't get similar output, then you're lacking kernel support for the Big Ego. The one driver in the kernel that you need is the "USB Audio/MIDI driver" which can be found in the make menuconfig hierarchy as:

Device Drivers --->
<*> Sound card support --->
<*> Advanced Linux Sound Architecture --->
[*] USB sound devices --->
<*> USB Audio/MIDI driver

You can also check your kernel .config for it, or if you have it as a module, load it:

$ grep -i snd_usb_audio /usr/src/linux/.config
CONFIG_SND_USB_AUDIO=y

OR

# modprobe snd-usb-audio

Emotiva Big Ego DAC and V-Moda Crossfade M-100 headphones

ALSA configurations:

Thirdly, and now that you have the appropriate kernel support, let's move on to configuring and using the Big Ego with ALSA. You can see a list of device names by using aplay -l, and it's best to address the device by name instead of number (because the numbering could possibly change upon reboot). This one-liner should show you precisely how it is named (note that your output may be different based on the available sound output devices on your system):

$ aplay -l | awk -F \: '/,/{print $2}' | awk '{print $1}' | uniq
Intel
NVidia
Ego

With that information, you are ready to set the Big Ego as your default sound output device by editing either .asoundrc (in your home directory, for a per-user directive) or within the system-wide /etc/asound.conf (which is the one that I would recommend for most situations). I tried various configurations for my ALSA configuration, but would end up with various oddities. For instance, I ran into a problem where I had sound in applications like Audacious, mpv, and even ALSA's own speaker-test, but had no sound in other terminal applications like ogg123 or, more importantly, web browsers like Firefox and Chromium. The only configuration that worked fully for me was:

$ cat /etc/asound.conf
defaults.pcm.!card Ego
defaults.pcm.!device 0
defaults.ctl.!card Ego
defaults.ctl.!device 0

After changing your ALSA configuration, you need to reload it, and the method for doing so varies based on your distribution and init system. For me, using Gentoo Linux with OpenRC, I just issued, (as root), /etc/init.d/alsasound restart and it reloaded. Worst case, just reboot your system to test the changes.

Now that you have it set as the default card, applications like alsamixer and such should automatically choose the Big Ego for your levels and mixing. One thing that I noticed with alsamixer is that there are two adjustable level sliders:

alsamixer with the Emotiva Big Ego USB DAC

What I am guessing is that, even though they are labelled "Emotiva Big Ego" and "Emotiva Big Ego 1", they actually correspond to the output that you are using on the DAC. For instance, I am using the 3.5mm headphone jack on the front, and that corresponds to the "Emotiva Big Ego 1" slider, whereas if I were using the line out jack on the back of the DAC (those rhymes are fun 😛 ), I would adjust it using the slider for "Emotiva Big Ego".

Additional configurations:

Now that we have configured ALSA to use our USB DAC as the default sound card, there are some additional things that I would like for my convenience. I prefer to not use a full desktop environment (DE), but instead favour a more minimalistic approach. I just use the Openbox window manager (WM). One of the things that I like about Openbox is the ability to set my own key bindings. In this case, I would like to be able to control the volume by using the designated keys on my keyboard, regardless of the application that is using the USB DAC. Here are my key bindings, which are added to ~/.config/openbox/rc.xml:


<!-- Keybinding for increasing Emotiva Big Ego volume by 1 -->
<keybind key="XF86AudioRaiseVolume">
<action name="execute">
<command>amixer set 'Emotiva Big Ego',1 1+</command>
</action>
</keybind>
<!-- Keybinding for decreasing Emotiva Big Ego volume by 1 -->
<keybind key="XF86AudioLowerVolume">
<action name="execute">
<command>amixer set 'Emotiva Big Ego',1 1-</command>
</action>
</keybind>
<!-- Keybinding for muting/unmuting volume -->
<keybind key="XF86AudioMute">
<action name="execute">
<command>amixer set 'Emotiva Big Ego',1 toggle</command>
</action>
</keybind>

Take note that the subdevice is '1' (bold in the code above). That is because, like I showed in the alsamixer output, I'm using the headphone jack (so it corresponds to the secondary volume slider).

Further troubleshooting:

I hope that these instructions help you get your USB DAC working under Linux, but if they don't, feel free to leave me a comment here. We'll see what we can do to get it working for you. One last note is that I experienced some rather severe popping and other undesirable sounds when I had the Big Ego plugged into one of the USB2 ports on the back of my tower. Swapping it to its own non-shared USB3 port fixed that problem. So, if you have it plugged into a USB hub or something similar, try isolating it. Remember, it is a sensitive piece of audio equipment, and special considerations may need to be made. 🙂

Cheers,
Zach

03 Feb 2017 3:18am GMT

02 Feb 2017

feedPlanet Gentoo

Gentoo News: Five Gentoo developers scheduled for talks at FOSDEM

FOSDEM 2017 logo

As FOSDEM 2017 approaches we are happy to announce there are a total of five Gentoo developers scheduled to give talks!

Developers and their talks include:

Only a few hours remain until the event kicks off. See you at FOSDEM!

02 Feb 2017 12:00am GMT

01 Feb 2017

feedPlanet Gentoo

Agostino Sarubbo: pax-utils: scanelf: out of bounds read in scanelf_file_get_symtabs (scanelf.c)

Description:
pax-utils is a set of tools that check files for security relevant properties.

A fuzz on scanelf exposed an out-of bound read. It was reported to vapier which fixed the issue immediately.
Unfortunately I can't get a symbolized ASan stacktrace, so I will show only the useful part of both asan and gdb.

# scanelf -s '*' -axetrnibSDIYZB $FILE
==32758==ERROR: AddressSanitizer: unknown-crash on address 0x7f8f9fa252dc at pc 0x00000053c6a0 bp 0x7ffe93a19910 sp 0x7ffe93a19908 
READ of size 4 at 0x7f8f9fa252dc thread T0                                                                                                                                                                                                                                      
   #0 0x53c69f  (/usr/bin/scanelf+0x53c69f) 
   #1 0x51d649  (/usr/bin/scanelf+0x51d649) 
   #2 0x51b97e  (/usr/bin/scanelf+0x51b97e) 
   #3 0x51ad43  (/usr/bin/scanelf+0x51ad43) 
   #4 0x51922e  (/usr/bin/scanelf+0x51922e) 
   #5 0x7f8f9e7fd61f  (/lib64/libc.so.6+0x2061f) 
   #6 0x41a008  (/usr/bin/scanelf+0x41a008) 

(gdb) bt
#8  0x000000000053c6a0 in scanelf_file_get_symtabs (elf=, sym=0x7fffffffcc00, str=0x7fffffffcc20) at scanelf.c:357
#9  0x000000000051d64a in scanelf_file_sym (elf=0x60700000de60, found_sym=) at scanelf.c:1327
#10 scanelf_elfobj (elf=) at scanelf.c:1547
#11 0x000000000051b97f in scanelf_elf (filename=0x7fffffffe50e "1.crashes", fd=, len=) at scanelf.c:1612
#12 scanelf_fileat (dir_fd=, filename=, st_cache=) at scanelf.c:1679
#13 0x000000000051ad44 in scanelf_dirat (dir_fd=, path=) at scanelf.c:1713
#14 0x000000000051922f in scanelf_dir (path=) at scanelf.c:1763
#15 parseargs (argc=5, argv=0x7fffffffe258) at scanelf.c:2273
#16 main (argc=5, argv=) at scanelf.c:2361

Affected version:
1.2

Fixed version:
1.2.1

Commit fix:
https://github.com/gentoo/pax-utils/commit/95e5489534ac9e9324c5096286899b688e19ae00

Credit:
This bug was discovered by Agostino Sarubbo of Gentoo.

CVE:
N/A

Reproducer:
https://github.com/asarubbo/poc/blob/master/00131-pax-utils-scanelf-oobread-scanelf_file_get_symtabs

Timeline:
2017-01-23: bug discovered and reported to upstream
2017-01-24: upstream realeased a patch and 1.2.1
2017-02-01: blog post about the issue

Note:
This bug was found with American Fuzzy Lop.
I'd suggest to go to 1.2.2 because of a functionality bug(s) in 1.2.1

Permalink:
https://blogs.gentoo.org/ago/2017/02/01/pax-utils-scanelf-out-of-bounds-read-in-scanelf_file_get_symtabs-scanelf-c

01 Feb 2017 9:14am GMT

Agostino Sarubbo: pax-utils: scanelf: out of bounds read in scanelf_file_textrel (scanelf.c)

Description:
pax-utils is a set of tools that check files for security relevant properties.

A fuzz on scanelf exposed an out-of bound read. It was reported to vapier which fixed the issue immediately.
Unfortunately I can't get a symbolized ASan stacktrace, so I will show only the useful part of both asan and gdb.

# scanelf -s '*' -axetrnibSDIYZB $FILE
==1853==ERROR: AddressSanitizer: unknown-crash on address 0x7f4099d25008 at pc 0x00000053586e bp 0x7fff335cb8b0 sp 0x7fff335cb8a8
READ of size 8 at 0x7f4099d25008 thread T0
    #0 0x53586d  (/usr/bin/scanelf+0x53586d)
    #1 0x51f526  (/usr/bin/scanelf+0x51f526)
    #2 0x51b97e  (/usr/bin/scanelf+0x51b97e)
    #3 0x51ad43  (/usr/bin/scanelf+0x51ad43)
    #4 0x51922e  (/usr/bin/scanelf+0x51922e)
    #5 0x7f4098afd61f  (/lib64/libc.so.6+0x2061f)
    #6 0x41a008  (/usr/bin/scanelf+0x41a008) 

(gdb) bt
#8  0x000000000053586e in scanelf_file_textrel (elf=, found_textrel=) at scanelf.c:560
#9  0x000000000051f527 in scanelf_elfobj (elf=) at scanelf.c:1536
#10 0x000000000051b97f in scanelf_elf (filename=0x7fffffffe50e "/tmp/afl/scanelf/report/crashes/2.crashes", fd=, len=) at scanelf.c:1612
#11 scanelf_fileat (dir_fd=, filename=, st_cache=) at scanelf.c:1679
#12 0x000000000051ad44 in scanelf_dirat (dir_fd=, path=) at scanelf.c:1713
#13 0x000000000051922f in scanelf_dir (path=) at scanelf.c:1763
#14 parseargs (argc=5, argv=0x7fffffffe258) at scanelf.c:2273
#15 main (argc=5, argv=) at scanelf.c:2361

Affected version:
1.2

Fixed version:
1.2.1

Commit fix:
https://github.com/gentoo/pax-utils/commit/95e5489534ac9e9324c5096286899b688e19ae00

Credit:
This bug was discovered by Agostino Sarubbo of Gentoo.

CVE:
N/A

Reproducer:
https://github.com/asarubbo/poc/blob/master/00132-pax-utils-scanelf-oobread-scanelf_file_textrel

Timeline:
2017-01-23: bug discovered and reported to upstream
2017-01-24: upstream realeased a patch and 1.2.1
2017-02-01: blog post about the issue

Note:
This bug was found with American Fuzzy Lop.
I'd suggest to go to 1.2.2 because of a functionality bug(s) in 1.2.1

Permalink:
https://blogs.gentoo.org/ago/2017/02/01/pax-utils-scanelf-out-of-bounds-read-in-scanelf_file_textrel-scanelf-c

01 Feb 2017 9:14am GMT

27 Jan 2017

feedPlanet Gentoo

Yury German: WordPress Blogs Maintenance

Changes for blogs.gentoo.org

With the update of the WordPress to 4.7.1 a few plug-ins have created instability to the platform.

We have disabled the WordPress Mobile Site Plugin and the Picasa Album update.

If you have any questions please feel free to contact me on irc @blueknight

27 Jan 2017 10:12pm GMT

Alexys Jacob: py3status v3.4

Another community driven and incredible update of py3status has been released !

Our contributor star for this release is without doubt @lasers who is showing some amazing energy with challenging ideas and some impressive modules QA clean ups !

Thanks a lot as usual to @tobes who is basically leading the development of py3status now days with me being in a merge button mode most of the time.

By looking at the issues and pull requests I can already say that the 3.5 release will be grand !

Highlights

See the full changelog here.

Thank you guys !

27 Jan 2017 9:29am GMT

16 Jan 2017

feedPlanet Gentoo

Agostino Sarubbo:

I don't know if a news will be sent. A possibile data corruption was found on zlib 1.2.10.
Please update your zlib to 1.2.11 and make sure you restart all services that are linked to zlib (a reboot may be an easy way).

Gentoo bug:
https://bugs.gentoo.org/show_bug.cgi?id=605888

Upstream bug:
https://github.com/madler/zlib/issues/198

Upstream commit:
https://github.com/madler/zlib/commit/4c7c90768308587884fab6159d93a4695a5ab1f0</a

16 Jan 2017 5:15pm GMT

15 Jan 2017

feedPlanet Gentoo

Gentoo News: Gentoo at FOSDEM 2017

FOSDEM 2017 logo

On February, 4th and 5th, Gentoo will be attending FOSDEM 2017 in Brussels, Belgium.

This year one of our own, Jason A Donenfeld (zx2c4), will be speaking on WireGuard: a next generation secure kernel network tunnel.

Similar to last year, the event will be hosted at Université libre de Bruxelles. Gentoo developers will be taking rotating shifts at the Gentoo stand with gadgets, swag, and a new 2017 LiveDVD. You can visit this wiki article to see which developer will be manning the stand when you drop by.

We are looking forward to seeing those in the community who have been hard at work on their quizzes!

15 Jan 2017 12:00am GMT

31 Dec 2016

feedPlanet Gentoo

Domen Kožar: Reflecting on 2016

Haven't blogged in 2016, but a lot has happened.

A quick summary of highlighted events:

2016 was a functional programming year as I've planned by end of 2015.

I greatly miss Python community and in that spirit, I've attended EuroPython 2016 and helped organize DragonSprint in Ljubljana. I don't think there's a place for me in OOP anymore, but I'll surely attend community events as nostalgia will kick in.

2017 seems extremely exciting, plans will unveil as I go, starting with some exciting news in January for Nix community.

31 Dec 2016 6:00pm GMT

22 Dec 2016

feedPlanet Gentoo

Sven Vermeulen: SELinux System Administration, 2nd Edition

While still working on a few other projects, one of the time consumers of the past half year (haven't you noticed? my blog was quite silent) has come to an end: the SELinux System Administration - Second Edition book is now available. With almost double the amount of pages and a serious update of the content, the book can now be bought either through Packt Publishing itself, or the various online bookstores such as Amazon.

With the holidays now approaching, I hope to be able to execute a few tasks within the Gentoo community (and of the Gentoo Foundation) and get back on track. Luckily, my absence was not jeopardizing the state of SELinux in Gentoo thanks to the efforts of Jason Zaman.

22 Dec 2016 6:26pm GMT