24 Nov 2017

feedPlanet Ubuntu

Daniel Pocock: Free software in the snow

There is an increasing number of events for free software enthusiasts to meet in an alpine environment for hacking and fun.

In Switzerland, Swiss Linux is organizing the fourth edition of the Rencontres Hivernales du Libre in the mountain resort of Saint-Cergue, a short train ride from Geneva and Lausanne, 12-14 January 2018. The call for presentations is still open.

In northern Italy, not far from Milan (Malpensa) airport, Debian is organizing a Debian Snow Camp, a winter getaway for developers and enthusiasts in a mountain environment where the scenery is as diverse as the Italian culinary options. It is hoped the event will take place 22-25 February 2018.

24 Nov 2017 8:31am GMT

23 Nov 2017

feedPlanet Ubuntu

Ubuntu Podcast from the UK LoCo: S10E38 – Soft Knowledgeable Burn - Ubuntu Podcast

This week we refactor a home network, discuss how gaming on Linux has evolved and grown in recent years, bring you a blend of love and go over your feedback.

It's Season Ten Episode Thirty-Eight of the Ubuntu Podcast! Alan Pope, Mark Johnson and Martin Wimpress are connected and speaking to your brain.

In this week's show:

That's all for this week! If there's a topic you'd like us to discuss, or you have any feedback on previous shows, please send your comments and suggestions to show@ubuntupodcast.org or Tweet us or Comment on our Facebook page or comment on our Google+ page or comment on our sub-Reddit.

23 Nov 2017 3:00pm GMT

Sebastian Kgler: IKEA Trådfri first impressions

Warm white lightsWarm white lightsSince I've been playing with various home automation technologies for some time already, I thought I'd also start writing about it. Be prepared for some blogs about smart lighting, smart home and related technologies.

Most recently, I've gotten myself a few items from IKEA new product range of smartlight. It's called trådfri (Swedish for wireless). These lights can be remote-controlled using a smartphone app or other kinds of switches. These products are still fairly young, so I thought I'd give them a try. Overall. the system seems well thought-through and feels fairly high-end. I didn't notice any major annoyances.

First Impressions

Trådfri hub and dimmerTrådfri hub and dimmer
My first impressions are actually pretty good. Initially, I bought a hub which is used to control the lights centrally. This hub is required to be able to use the smartphone app or update the firmware of any component (more on that later!). If you just want to use one of the switches or dimmers that come separately, you won't need the hub.
Setting everything up is straight-forward, the documentation is fine and no special skills are needed to install these smartlights. Unpacking unfortunately means the usual fight with blister packaging (will it ever stop?), but after that, a few handy surprises awaited me. What I liked:Hub hides cablesHub hides cables

Pairing IKEA Trådfri with Philips Hue

Let's call this "work in progress", meaning, I haven't yet been able to pair a Trådfri bulb with my Hue system. I'll dig some more into it, and I'm pretty sure I'll make it work at some point. If you're interested in combining Hue and Trådfri bulbs, I'll suffice with a couple of pointers:

If you want to try this yourself, make sure you get the most recent lights from the store (the clerk was helpful to me and knowledgable, good advice there!). You'll also likely need a hub at least for updating the firmware. If you're just planning to use the bulbs together with a Hue system, you won't need the hub later on, so that may seem like 30€ down the drain. Bit of a bummer, but depending on how many lights you'll be buying, given the difference in price between IKEA and Philips, it may well be worth it.

\edit: After a few more tries, the bulb is now paired to the Philips Hue system. More testing will ensue, and I'll either update this post, or write a new one.

23 Nov 2017 2:28pm GMT

22 Nov 2017

feedPlanet Ubuntu

Ubuntu Insights: Announcing snapcraft 2.35

The snapcraft team is pleased to announce that version 2.35 has been released.

Contributions

This release saw some excellent contributions from outside the snapcraft core team, and we want to give a shout out to those folks. A team thank you to:

New in this release

Core

Containers

Each build instance created now correctly works out isolated temporary folder locations for those users running many builds in parallel. There is also better detection of existing or missing lxd installations so first time users can better understand any problems with the host they are currently trying to use.

When running snapcraft from the snap, snapcraft now injects itself into the actual snap instead of apt installing the deb (for the case of today of only supporting one base), providing parity with the local environment at hand.

Work has been added to get rid of all the corner cases and provide useful feedback to users and making the experience feel more native.
Additionally, support has been added for using remote lxd instances.

To enable the persistent build containers feature the SNAPCRAFT_CONTAINER_BUILDS environment variable needs to be set.

Here's an example of using a remote lxd instance:

asciicast

Recording

On this new version we added more information to the build manifest, like the contents of lock files, the debs and snaps installed in the machine, information from uname and the fingerprint of the container used for the build. To record the build manifest, set the environment variable SNAPCRAFT_BUILD_INFO. The manifest will be saved and distributed inside the snap. After the build, you can inspect it in the prime/snap/manifest.yaml.

asciicast

Command Line Interface

new command: pack

This new pack command replaces the now deprecated use of snap <snap-dir> with the goal of decoupling the concept of working on an actual snapcraft project and packing up a directory layout into a snap.

new command: refresh

This command is only available when persistent build containers are enabled and exists to make the environment feel as native as possible. Prior to the existence of this command, building continuously in a container triggered a refresh of the packaging archive every time, now this refresh only takes place on container creation or when called through snapcraft refresh.

new command: edit-collaborators

This command will eventually replace the use of the store invites mechanism to setup other people as collaborators to the project. It is currently hidden as the production snap store has it currently disabled. A future release once things have stabilized will expose the command to users. It is harmless to use today as a proper error will show up.

In the meantime, here is how it works when using the integration store:
asciicast

OS Support

Solus

Initial support for running the snapcraft snap on solus has been added. It should work well enough for things like performing store operations, packing up snaps; or if lxd is installed and setup, most operations should work through use of persistent build containers or cleanbuild.

We look forward to knowing how this initial experience performs.

Ubuntu 14.04

Snapcraft currently only really runs well on Ubuntu 16.04, but we're working on adding support for other releases and Linux distributions. This is the first release where you can use the Snapcraft snap on Ubuntu 14.04 (Trusty). This is particularly important for snaps based on ROS (Robot Operating System) Indigo, which targets Trusty. Here's a demo of just that:

asciicast

Plugins

dotnet

This plugin developed by Rajesh, a .NET developer at Microsoft, allows you to create .NET 2.x based snaps, currently embedding the runtime with plans to enhance it to understand content snaps of .NET runtimes which could be leveraged by projects.

The syntax is pretty straightforward and builds on language understood by upstream so getting started for a current .NET developer should feel like a pleasant journey.

Here is the plugin in action:
asciicast

ruby

This release sees the addition of a Ruby plugin, written by James Beedy. It supports a number of different Ruby versions by building them from source, which takes a little while but makes it pretty versatile. It could definitely use some exercise! Here's an example of building a snap of the Travis gem:

asciicast

catkin

The Catkin plugin has long supported rosdep to resolve and fetch system dependencies (i.e. Debian packages). However, rosdep also supports resolving pip dependencies. This release adds support for those, so they don't need to specified elsewhere in the snapcraft.yaml.

Final notes

To get the source for this release, check it out on github.

A great place to collaborate and discuss features, bugs and ideas on snapcraft are the forums. Please also feel free to file a bug.

Happy snapcrafting!
- Sergio and the team

22 Nov 2017 10:36pm GMT

Daniel Pocock: VR Hackathon at FIXME, Lausanne (1-3 December 2017)

The FIXME hackerspace in Lausanne, Switzerland is preparing a VR Hackathon on the weekend of 1-3 December.

Competitors and visitors are welcome, please register here.

Some of the free software technologies in use include Blender and Mozilla VR.

22 Nov 2017 7:25pm GMT

David Tomaschik: 2017 Hacker Holiday Gift Guide

I've been thinking about gifts for Hackers and Makers lately as the holiday season arrives. I decided I'd build a public list of some of my favorite things (and perhaps some things I'd like myself as well!) I'll break it down into a few categories for different kinds of hackers (and different kinds of gifters as well). Prices are current as of writing, but not something I'll be updating.

Stocking Stuffers (Under about $20)

Yubico U2F Security Key

Yubico U2F Security Key

The U2F Security Key by Yubico is a hardware 2-factor authentication token compatible with the Fido Alliance Universal 2-Factor (U2F) standard. This includes sites like Google (GMail), Github, Gitlab, Bitbucket, Dropbox and Facebook. Unlike SMS, U2F can't be intercepted by an adversary (even in countries with government-run telcos). It continues to work with a dead battery in your smartphone, and is backed by a hardware secure element. It still won't protect you against malware on your computer, but it's a dramatic increase in security for most threat models. Everyone should have two security keys: one for daily use, and a backup (already enrolled) in a safe place in case something happens to the primary. $17 at Amazon

Red Team Field Manual

Red Team Field Manual

The Red Team Field Manual is a versatile guide for anyone who quickly needs to perform security tasks on both Windows and Linux. Though mostly targeted towards penetration testers & red teamers, this is useful for system administrators who spend most of their time on one platform but need to work on the other occasionally, or for budding infosec students getting used to working on their non-native platform. It provides command lines for a number of different tasks on both platforms, including:

This is not reading material - it's strictly a reference, but in a quite handy format & form factor. $9 at Amazon

iFixit Essentials Toolkit

iFixit Essentials Toolkit

The iFixit Essentials Toolkit is a smaller version of my favorite toolkit, the iFixit Pro Tech Toolkit. It contains a high quality screwdriver handle, the most frequently used screwdriver bits, and several tools useful for opening all kinds of devices, including smartphones, routers, and pretty much any other IoT device out there. It comes in a nice case that uses neodymium magnets to hold it closed. It also supports iFixit, who produce some really high quality teardowns and post it all online for free. $19.99 at Amazon

For Penetration Testers & Red Teamers

WiFi Pineapple Nano

WiFi Pineapple Nano

Hak5's WiFi Pineapple may be the best-known piece of hacking hardware out there. In the current generation, the Nano offers two radios built-in, making it perfect for a repeater style setup. In addition to the use as an attack device, allowing penetration testers to conduct wireless audits, attacks on clients, and other kinds of applied attacks, the Pineapple is also great for the hacker on the go. I often use mine to connect to hotel WiFi on one radio, perform a VPN link back to a VPN server, and provide a WPA2 hotspot on the other radio. Few other travel APs can provide this kind of functionality, so bringing the Pineapple Nano on the road with me always gives a lot of flexibility and options. $99.99 at HakShop

Packet Squirrel

Packet Squirrel

If the WiFi Pineapple is a Swiss Army Knife for WiFi networks, then the Packet Squirrel is that for wired ethernet. As a physical man-in-the-middle (MitM) device, the Packet Squirrel allows you to perform network attacks, modify traffic, or just VPN your own devices. (Even multiple devices if a network switch is connected behind the Packet Squirrel.) While the Wifi Pineapple may be the classic Hak5 tool (perhaps excepting the USB rubber ducky), the Packet Squirrel is the newest member of the family. I haven't had a chance to do much with mine yet, but it looks promising and has a ton of cool features. $59.99 at HakShop

Red Team: How to Succeed By Thinking Like the Enemy

Red Team Book

Not just about Information Security Red Teaming, this book by Micah Zenko describes the way in which adversarial simulation helps organizations strengthen their posture. By taking a look at the role played by assumed attackers, it helps demonstrate how understanding the enemy leads to be better defenses, and how playing the enemy leads to finding previously unknown weaknesses in defenses. $20.32 at Amazon

Unauthorised Access: Physical Penetration Testing for IT Security Teams

Unauthorised Access

Red Teaming takes on many forms, and understanding physical security is important for any penetration tester or red teamer, even if he or she does not actually execute physical attacks. Knowing about the possibilities in the physical space helps to understand risks and compensating controls. Unauthorised Access: Physical Penetration Testing for IT Security Teams by Will Allsopp describes the basics of penetration testing physical access controls (mostly buildings and datacenters) and will help you to look at these controls in an entirely new light. $25.43 at Amazon

For Hardware Hackers & Electronics Makers

Brymen BM235 Multimeter (EEVBlog Model)

BM235

When doing any electronics work, whether it's making, debugging, reverse engineering, or any other form of hacking, being able to take voltage, current, resistance and other readings is critical. The typical tool of choice for this is the handheld multimeter, and the Brymen BM235 is my favorite multimeter. While there are surely better multimeters out there (the Fluke 87V is probably the best known multimeter for electronics work), this Brymen offers most of the features at a significantly lower price. Most hobbyists and hardware hackers don't need the resolution of the 87V or similar multimeters, but the Brymen still offers good functionality, and most importantly, is a quality multimeter with proper safety features. $125 at Amazon

Dremel Cordless Rotary Tool

Dremel 8220

The Dremel 8220 is a 12V cordless rotary tool. You can use it to cut, grind, or drill all kinds of materials. I've used mine to cut openings in project boxes for several electronics projects, to open ultrasonically welded electronics devices, and even the occasional home improvement project. While they have corded models as well, I find the cordless model more convenient, especially when working on my patio. (Being in Silicon Valley, I don't exactly have room for a full workshop.) $99.00 at Amazon

TUMPA Multi-Protocol Adapter

TUMPA

The TIAO USB Multi-Protocol Adapter, or TUMPA for short, is a multi-protocol interface, allowing for JTAG, SPI, UART, RS-232, and SWD. All of this is useful for interfacing with all kinds of hardware, like dumping flash, using JTAG to examine the running state of a CPU, or even just basic UART interfacing. Like so many of these multi-interface systems, it uses an FTDI FT-2232H chip, but this one has neatly designed interface connections and a great support wiki. $39.99 at Amazon

Ubertooth One

Ubertooth One

Given the proliferation of Bluetooth devices, the Ubertooth One is an essential device for assessing modern Internet of Things devices. The Ubertooth is essentially a Software Defined Radio (SDR) for bluetooth, allowing the security professional to examine, capture, modify, and replay bluetooth frames. Find out what your gadgets are sending to each other or look for bugs in the firmware itself. $127.95 at Amazon

Adafruit & Sparkfun Gift Certificates

Adafruit and Sparkfun are retailers of a variety of maker & hardware hacking supplies. Both have a wide variety of tools and parts and both support Open Source Hardware and the maker movement. Get an Adafruit or Sparkfun Gift Certificate if you don't know what your favorite maker might want.

For InfoSec Students & N00bs

Hacking: The Art of Exploitation

Hacking: TAoE

Hacking: The Art of Exploitation may not be the most recent book, but it's still a good read for those new to the binary exploitation areas of security. It's an excellent introduction, and contains lots of still-relevant material, even if it doesn't include bypasses for all the latest mitigations. $39.55 at Amazon

DT2000 Hardware Encrypted Flash Drive

DT2000

The DT2000 is a flash drive from Kingston that features a keypad to allow the entry of a PIN allowing access to the hardware-encrypted contents. Contents are encrypted by 256 bit AES, and I have it on good word that this device has fairly properly implemented their encryption. They're obviously significantly more expensive than stock flash drives, but the encryption and the case make them a great place to protect important documents and files including backups of password managers (you do use a password manager, don't you?), financial records, medical records, GPG keys, and other sensitive data. I use an older USB 2.0 encrypted flash drive, and have been looking a lot at an upgrade, and the DT2000 would be at the top of my list. $124.88 at Amazon

Offensive Security Training

There are few things I'm prouder of than holding both the OSCP and OSCE certifications. They teach hands-on practical Offensive Security (hence the name) and do an incredible job of it, especially for those who learn best by doing. With fully immersive labs and exams that require doing instead of answering some multiple choice questions, these really push security professionals to the next level. If you know someone who can "Try Harder", this is a great gift to get for them.

Raspberry Pi 3

Raspberry Pi 3

Ever since the Raspberry Pi first hit the market, it's been a popular option with Hackers and Makers. This starter kit gives everything you need to get started with the Raspberry Pi 3, which is the latest iteration of the full-sized Raspberry Pi. The 3 includes integrated WiFi and Bluetooth, so no more need for a dongle for that. One of the nicest features with the Raspberry Pi is how trivially you can switch your operating system: just swap to another MicroSD card. You can have one card with Raspbian, another with Kali, etc. Likewise, if you manage to terribly misconfigure your system, you can either move the MicroSD to another computer to fix it or just reflash it to a stock system. Though the Raspberry Pi 3 alone is $35, the kit with a case, power supply, heatsinks, MicroSD card, etc., is $69.99 at Amazon.

Geek & Hacker Apparel

Despite the Security Weekly suggestion to Hack Naked, there are a couple of providers of fine hacking apparel to be found because most hackerspaces and offices do require clothing:

Young Hackers & Makers

You'll have to make your own decisions about the age appropriateness of each of the options here for the young hackers & makers in your life. I'm clearly not an expert in that area, but decided I'd share my thoughts anyway. (Plus, many of these items are fun for older hackers exploring new areas too!)

Circuit Playground Express

Circuit Playground Express

For the first foray into embedded systems and microcontrollers, I recommend the Circuit Playground Express from Adafruit. It allows programming the device in MicroPython and loading your code is as simple as plugging in and seeing it appear as a USB mass storage device. Save your micropython program to the device, hit reset, and see it run. It contains 10 Neopixel-style RGB LEDs, a thermometer, light sensor, accelerometer, sound sensor, speaker, buttons, switches, and more! It does require a bit of understanding of electronics, but it's a great start into programming for the physical world. $32.99 on Amazon or $24.95 direct from Adafruit

Lego Mindstorms EV3

Lego Mindstorms EV3

The LEGO Mindstorms EV3 is the robots kit I wish I had when I was a kid. While I did eventually get an original Mindstorms kit, the modern LEGO Robotics kit has far more features and has three kinds of sensors and two kinds of motors. Instructions for building multiple robots are included. If you (or your young hacker) gets bored of the built-in firmware and programming interface, it turns out the EV3 programmable brick is actually a fully-featured Debian Linux computer, for which a community has sprung up and built a replacement firmware allowing so much more. Imagine a swarm of EV3-powered robots. The kit is pricey, but it's good for most ages and might inspire the next generation of robotics engineers. $349.95 at Amazon

22 Nov 2017 8:00am GMT

21 Nov 2017

feedPlanet Ubuntu

Ubuntu Insights: Join us at the Ubuntu Enterprise Summit!

Bloomberg, Walmart, eBay, Samsung, Dell. Ever wonder how some of the world's largest enterprises run on Ubuntu? This December, we are hosting our first ever Ubuntu Enterprise Summit to tell you how and help guide your own organisation whether it be running the cloud in a large telco to deriving revenue from your next IoT initiative. The Ubuntu Enterprise Summit is a two day event of webinars on December 5th and 6th where you can join Canonical's product managers, technical leads, partners and customers to get an inside look at why some of the world's largest companies have chosen Ubuntu. Whether you are focused on the cloud or are living life at the edge, the webinars will also look at trends and the considerations for your organisation when implementing such technologies. To kick off the event on December 5th, Canonical CEO and founder Mark Shuttleworth will deliver a keynote talk on 21st Century Infrastructure. Following Mark's opening, there will be a series of other events and you can register now for those that spark your interest by clicking on the links below

Tuesday, December 5th

Building 21st Century Infrastructure

Speaker- Mark Shuttleworth, CEO and Founder, Canonical and Ubuntu

Time- 8-9AM PST / 11AM- 12PM EST / 4- 5PM GMT

More Info

Special Kubernetes Announcement from KubeCon

Speaker- Marco Ceppi

Time- 9-10AM PST / 12PM- 1PM EST / 5- 6PM GMT

More Info

Get ready for multi-cloud

Speaker- Mark Baker, Field Product Manager, Canonical

Time- 10-11AM PST / 1- 2PM EST / 6- 7PM GMT

More Info

Hybrid cloud & financial services - how to compete with cloud native new entrants

Speaker- Chris Kenyon, SVP, Worldwide Sales & Business Development, Canonical

Time- 11AM- 12PM PST / 2- 3PM EST / 7- 8PM GMT

More Info

Wednesday, December 6th

Ubuntu: What's the security story?

Speaker- Dustin Kirkland, VP, Product Development

Time- 7- 8AM PST / 10- 11AM EST / 3PM- 4PM GMT

More Info

How City Network solves the challenges for the modern financial company

Speaker- Johan Christenson, CEO of City Network

Time- 8- 9AM PST / 11AM-12PM EST / 4PM- 5PM GMT

More Info

Appstores: The path to IoT revenue post-sale

Speaker- Mike Bell, EVP, Devices & IoT

Time- 9- 10AM PST / 12- 1PM EST / 5PM- 6PM GMT

More Info

Cloud to edge: Building the software defined telco infrastructure

Speaker- Nathan Rader, Director of NFV Strategy

Time- 10-11AM PST / 1- 2PM EST / 6PM- 7PM GMT

More Info

Introduction to MAAS: building the agile data centre

Speaker- Mark Shuttleworth, CEO & Founder & Andres Rodriguez, MAAS Product Manager

Time- 11AM-12PM PST / 2PM-3PM EST / 7PM- 8PM GMT

More Info

If you can't make the webinar of your choice, they will also be available to view post-event so you don't miss out.

We look forward to seeing you at the Ubuntu Enterprise Summit!

21 Nov 2017 7:16pm GMT

Ubuntu LoCo Council: Ubuntu LoCo Council Election Results

Dear Ubuntu Community,

we're happy to report that the five vacant seats on the LoCo Council3 have been, at long last, filled. Your new council members are as follows:

  1. Nathan Haines (incumbent) (@nhaines)
  2. Carla Sella (@carla-sella)
  3. Kyle Fazzari (@kyrofa)
  4. Ken VanDine (@kenvandine)
  5. Gustavo Silva (@gsilvapt)

A big congratulation to them!

The local community project is an international effort which strives to evangelize and support the Ubuntu project around the world. The LoCo Council acts on the delegation of the Community Council to support this worldwide movement. Most notably they have been involved in reviewing verification requests.

The Community Council will be working closely with the LoCo Council in the upcoming months to give new value to both the LoCo project and the LoCo Council itself, so exciting times are ahead!


This post was initially posted on the Ubuntu Community Hub by Martin Wimpress from the Ubuntu Community Council.

21 Nov 2017 4:39pm GMT

Andres Rodriguez: MAAS 2.3.0 (final) Released!

Hello MAASters!

I'm happy to announce that MAAS 2.3.0 (final) is now available!
This new MAAS release introduces a set of exciting features and improvements to the overall user experience. It now becomes the focus of maintenance, as it fully replaces MAAS 2.2
In order to provide with sufficient notice, please be aware that 2.3.0 will replace MAAS 2.2 in the Ubuntu Archive in the coming weeks. In the meantime, MAAS 2.3 is available in PPA and as a Snap.
PPA's Availability
MAAS 2.3.0 is currently available in ppa:maas/next for the coming week.
sudo add-apt-repository ppa:maas/next
sudo apt-get update
sudo apt-get install maas
Please be aware that MAAS 2.3 will replace MAAS 2.2 in ppa:maas/stable within a week.
Snap Availability
For those wanting to use the snap, you can obtain it from the stable channel:
sudo snap install maas -devmode -stable

MAAS 2.3.0 (final)

Important announcements

Machine network configuration now deferred to cloud-init.

Starting from MAAS 2.3, machine network configuration is now handled by cloud-init. In previous MAAS (and curtin) releases, the network configuration was performed by curtin during the installation process. In an effort to improve robustness, network configuration has now been consolidated in cloud-init. MAAS will continue to pass network configuration to curtin, which in turn, will delegate the configuration to cloud-init.

Ephemeral images over HTTP

As part of the effort to reduce dependencies and improve reliability, MAAS ephemeral (network boot) images are no longer loaded using iSCSI (tgt). By default, the ephemeral images are now obtained using HTTP requests to the rack controller.

After upgrading to MAAS 2.3, please ensure you have the latest available images. For more information please refer to the section below (New features & improvements).

Advanced network configuration for CentOS & Windows

MAAS 2.3 now supports the ability to perform network configuration for CentOS and Windows. The network configuration is performed via cloud-init. MAAS CentOS images now use the latest available version of cloud-init that includes these features.

New features & improvements

CentOS network configuration

MAAS can now perform machine network configuration for CentOS 6 and 7, providing networking feature parity with Ubuntu for those operating systems. The following can now be configured for MAAS deployed CentOS images:

  • Bonds, VLAN and bridge interfaces.
  • Static network configuration.

Our thanks to the cloud-init team for improving the network configuration support for CentOS.

Windows network configuration

MAAS can now configure NIC teaming (bonding) and VLAN interfaces for Windows deployments. This uses the native NetLBFO in Windows 2008+. Contact us for more information (https://maas.io/contact-us).

Improved Hardware Testing

MAAS 2.3 introduces a new and improved hardware testing framework that significantly improves the granularity and provision of hardware testing feedback. These improvements include:

  • An improved testing framework that allows MAAS to run each component individually. This allows MAAS to run tests against storage devices for example, and capture results individually.
  • The ability to describe custom hardware tests with a YAML definition:
    • This provides MAAS with information about the tests themselves, such as script name, description, required packages, and other metadata about what information the script will gather. All of which will be used by MAAS to render in the UI.
    • Determines whether the test supports a parameter, such as storage, allowing the test to be run against individual storage devices.
    • Provides the ability to run tests in parallel by setting this in the YAML definition.
  • Capture performance metrics for tests that can provide it.
    • CPU performance tests now offer a new '7z' test, providing metrics.
    • Storage performance tests now include a new 'fio' test providing metrics.
    • Storage test 'badblocks' has been improved to provide the number of badblocks found as a metric.
  • The ability to override a machine that has been marked 'Failed testing'. This allows administrators to acknowledge that a machine is usable despite it having failed testing.

Hardware testing improvements include the following UI changes:

  • Machine Listing page
    • Displays whether a test is pending, running or failed for the machine components (CPU, Memory or Storage.)
    • Displays whether a test not related to CPU, Memory or Storage has failed.
    • Displays a warning when the machine has been overridden and has failed tests, but is in a 'Ready' or 'Deployed' state.
  • Machine Details page
    • Summary tab - Provides hardware testing information about the different components (CPU, Memory, Storage).
    • Hardware Tests /Commission tab - Provides an improved view of the latest test run, its runtime as well as an improved view of previous results. It also adds more detailed information about specific tests, such as status, exit code, tags, runtime and logs/output (such as stdout and stderr).
    • Storage tab - Displays the status of specific disks, including whether a test is OK or failed after running hardware tests.

For more information please refer to https://docs.ubuntu.com/maas/2.3/en/nodes-hw-testing.

Network discovery & beaconing

In order to confirm network connectivity and aide with the discovery of VLANs, fabrics and subnets, MAAS 2.3 introduces network beaconing.

MAAS now sends out encrypted beacons, facilitating network discovery and monitoring. Beacons are sent using IPv4 and IPv6 multicast (and unicast) to UDP port 5240. When registering a new controller, MAAS uses the information gathered from the beaconing protocol to ensure that newly registered interfaces on each controller are associated with existing known networks in MAAS. This aids MAAS by providing better information on determining the network topology.

Using network beaconing, MAAS can better correlate which networks are connected to its controllers, even if interfaces on those controller are not configured with IP addresses. Future uses for beaconing could include validation of networks from commissioning nodes, MTU verification, and a better user experience for registering new controllers.

Upstream Proxy

MAAS 2.3 now enables an upstream HTTP proxy to be used while allowing MAAS deployed machines to continue to use the caching proxy for the repositories. Doing so provides greater flexibility for closed environments, including:

  • Enabling MAAS itself to use a corporate proxy while allowing machines to continue to use the MAAS proxy.
  • Allowing machines that don't have access to a corporate proxy to gain network access using the MAAS proxy.

Adding upstream proxy support also includes an improved configuration on the settings page. Please refer to Settings > Proxy for more details.

Ephemeral Images over HTTP

Historically, MAAS has used 'tgt' to provide images over iSCSI for the ephemeral environments (e.g commissioning, deployment environment, rescue mode, etc). MAAS 2.3 changes the default behaviour by now providing images over HTTP.

These images are now downloaded directly by the initrd. The change means that the initrd loaded on PXE will contact the rack controller to download the image to load in the ephemeral environment. Support for using 'tgt' is being phased out in MAAS 2.3, and will no longer be supported from MAAS 2.4 onwards.

For users who would like to continue to use & load their ephemeral images via 'tgt', they can disable http boot with the following command.

maas <user> maas set-config name=http_boot value=False

UI Improvements

Machines, Devices, Controllers

MAAS 2.3 introduces an improved design for the machines, devices and controllers detail pages that include the following changes.

  • "Summary" tab now only provides information about the specific node (machine, device or controller), organised across cards.
  • "Configuration" has been introduced, which includes all editable settings for the specific node (machine, device or controllers).
  • "Logs" consolidates the commissioning output and the installation log output.

Other UI improvements

Other UI improvements that have been made for MAAS 2.3 include:

  • Added DHCP status column on the 'Subnet's tab.
  • Added architecture filters
  • Updated VLAN and Space details page to no longer allow inline editing.
  • Updated VLAN page to include the IP ranges tables.
  • Zones page converted to AngularJS (away from YUI).
  • Added warnings when changing a Subnet's mode (Unmanaged or Managed).
  • Renamed "Device Discovery" to "Network Discovery".
  • Discovered devices where MAAS cannot determine the hostname now show the hostname as "unknown" and greyed out instead of using the MAC address manufacturer as the hostname.

Rack Controller Deployment

MAAS 2.3 can now automatically deploy rack controllers when deploying a machine. This is done by providing cloud-init user data, and once a machine is deployed, cloud-init will install and configure the rack controller. Upon rack controller registration, MAAS will automatically detect the machine is now a rack controller and it will be transitioned automatically. To deploy a rack controller, users can do so via the API (or CLI), e.g:

maas <user> machine deploy <system_id> install_rackd=True

Please note that this features makes use of the MAAS snap to configure the rack controller on the deployed machine. Since snap store mirrors are not yet available, this will require the machine to have access to the internet to be able to install the MAAS snap.

Controller Versions & Notifications

MAAS now surfaces the version of each running controller and notifies the users of any version mismatch between the region and rack controllers. This helps administrators identify mismatches when upgrading their MAAS on a multi-node MAAS cluster, such as within a HA setup.

Improved DNS Reloading

This new release introduces various improvements to the DNS reload mechanism. This allows MAAS to be smarter about when to reload DNS after changes have been automatically detected or made.

API Improvements

The machines API endpoint now provides more information on the configured storage and provides additional output that includes volume_groups, raids, cache_sets, and bcaches fields.

Django 1.11 support

MAAS 2.3 now supports the latest Django LTS version, Django 1.11. This allows MAAS to work with the newer Django version in Ubuntu Artful, which serves as a preparation for the next Ubuntu LTS release.

  • Users running MAAS in Ubuntu Artful will use Django 1.11.
  • Users running MAAS in Ubuntu Xenial will continue to use Django 1.9.

21 Nov 2017 3:34pm GMT

Ante Karamatić: Denied

Denied

Denied

Nakon što sam jučer odustao od Hitra, traženje parkinga oko zgrade Fine u Vukovarskoj je čista ludost, danas sam pokušao ponovno. Za razliku od poslovnice u Šibeniku, ova u Zagrebu mi nije ni htjela uzeti papire. Obrazloženje je bilo "Ispunili ste rukom obrazac" i "Trebate donijeti kopiju riječnika stranih riječi za riječ 'solutions'". Spomenuti obrazac je dostupan samo kao PDF, pa pretpostavljam da bi sad trebao kupiti softver kojim ću urediti datoteku koja mi treba kako bi državu pitao mogu li firmu nazvati kako hoću. I recimo da bi shvatio nepoznavanje engleskog jezika i potrebu za definicijom riječi 'solutions' kada bi to bilo prvi put da se javlja u sudskom registru. Ali nije, postoje deseci, ako ne i stotine, trgovačkih društava sa rječju 'solutions'.

Moja je konačna odluka nastaviti pokušavati svaki dan do kraja ovog tjedna. Ako ne uspijem do petka, trgovačko društvo neću otvoriti u Republici Hrvatskoj.

21 Nov 2017 7:36am GMT

Stephen Michael Kellat: Late Post For Ubuntu Community Appreciation Day 2017

I am a wee bit late in posting for Ubuntu Community Appreciation Day yet again.

There has been a bit of busyness. Even though I have been on layoff from my paid job as a civil servant for the United States Government, I have been active in church affairs. With a number of church leaders absent this past Sunday I had to cover a few things. That leads to me being thankful for much in the Ubuntu world.

I am thankful to Martin Wimpress and crew for having Ubuntu MATE available for Raspberry Pi. I run it on my RPi2. A screenshot duplicated from the MATE site:

Ubuntu MATE 16.04 on Raspberry PiUbuntu MATE 16.04 on Raspberry Pi

You can get more details about that great software here.

I am also very thankful for LaTeX2e and Tex Live. It has been a great thing to have to prepare devotional materials for church. I am thankful for the MOTU folks maintaining Gummi which is the editor I use on Xubuntu. Xubuntu is what I run on my laptop that goes many places with me. Tex Live is run both on the laptop and on the Raspberry Pi 2 at home.

I am thankful to Alan Pope for helping to shepherd folks building snaps. Alan also has a wonderful website dedicated to an encounter with AI gone awry. I commend the viewing of that site to everybody possible.

I am thankful for Colin Watson keeping Launchpad alive. I may be one of the few using bzr but that's where the source to this blog lives.

And last, I am thankful to folks running LibraryThing as they help me keep track of the books I own. They gave me a subject breakdown here:

An embedded graphic you might not seeAn embedded graphic you might not see

Have a great day!

Creative Commons License
Late Post For Ubuntu Community Appreciation Day 2017 by Stephen Michael Kellat is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
Based on a work at https://ubuntu-mate.org/raspberry-pi/.

21 Nov 2017 5:17am GMT

20 Nov 2017

feedPlanet Ubuntu

Costales: Community Appreciation Day: Thanks Diogo Constantino!

I have to say you, one thousand times: THANKS Diogo!

Because you really believe in free(dom) software and Ubuntu, you are doing a so better Community and you are always available for give me a hand and specially because you are an awesome person |o/

20 Nov 2017 7:33pm GMT

Colin Watson: Kitten Block equivalent for Firefox 57

I've been using Kitten Block for years, since I don't really need the blood pressure spike caused by accidentally following links to certain UK newspapers. Unfortunately it hasn't been ported to Firefox 57. I tried emailing the author a couple of months ago, but my email bounced.

However, if your primary goal is just to block the websites in question rather than seeing kitten pictures as such (let's face it, the internet is not short of alternative sources of kitten pictures), then it's easy to do with uBlock Origin. After installing the extension if necessary, go to Tools → Add-ons → Extensions → uBlock Origin → Preferences → My filters, and add www.dailymail.co.uk and www.express.co.uk, each on its own line. (Of course you can easily add more if you like.) Voilà: instant tranquility.

Incidentally, this also works fine on Android. The fact that it was easy to install a good ad blocker without having to mess about with a rooted device or strange proxy settings was the main reason I switched to Firefox on my phone.

20 Nov 2017 12:00am GMT

17 Nov 2017

feedPlanet Ubuntu

Raphaël Hertzog: Freexian’s report about Debian Long Term Support, October 2017

A Debian LTS logoLike each month, here comes a report about the work of paid contributors to Debian LTS.

Individual reports

In October, about 197 work hours have been dispatched among 13 paid contributors. Their reports are available:

Evolution of the situation

The number of sponsored hours increased slightly to 183 hours per month. With the increasing number of security issues to deal with, and with the number of open issues not really going down, I decided to bump the funding target to what amounts to 1.5 full-time position.

The security tracker currently lists 50 packages with a known CVE and the dla-needed.txt file 36 (we're a bit behind in CVE triaging apparently).

Thanks to our sponsors

New sponsors are in bold.

No comment | Liked this article? Click here. | My blog is Flattr-enabled.

17 Nov 2017 2:31pm GMT

16 Nov 2017

feedPlanet Ubuntu

Ubuntu Podcast from the UK LoCo: S10E37 – Psychotic Fearless Breakfast - Ubuntu Podcast

This week we've been upgrading from OpenWRT to LEDE and getting wiser, or older. GoPro open source the Cineform codec, Arch Linux drops i686, Intel and AMD collaborate on new Intel product family, 13 AD&D games have been released by GoG and IBM release a new typeface called Plex.

It's Season Ten Episode Thirty-Seven of the Ubuntu Podcast! Alan Pope, Mark Johnson and Martin Wimpress are connected and speaking to your brain.

In this week's show:

That's all for this week! If there's a topic you'd like us to discuss, or you have any feedback on previous shows, please send your comments and suggestions to show@ubuntupodcast.org or Tweet us or Comment on our Facebook page or comment on our Google+ page or comment on our sub-Reddit.

16 Nov 2017 3:00pm GMT

Salih Emin: ucaresystem core 4.3.0 : Launch it from from your applications menu

The 4.3.0 introduces a menu icon and a launcher for ucaresystem-core. Once installed or updated, you will find a uCareSystem Core entry in your menu that you can click if you want to launch ucaresystem-core. Now think for a moment a friend of yours, or your parents that are not comfortable with the terminal. HowContinue reading "ucaresystem core 4.3.0 : Launch it from from your applications menu"

16 Nov 2017 10:06am GMT