15 Dec 2019

feedPlanet Ubuntu

Stuart Langridge: Pyramid

I keep wanting this quotation and not being able to remember half the things in the list, so I'm putting it on my website: this is what websites are for.

It's from The Official Slacker Handbook by Sarah Dunn, which I painstakingly tracked down and purchased a second-hand paper copy of to find this, and it reads:

Adam Weishaupt, founder of the Order of Illuminati, killed George Washington and served himself as our first president for two terms. The Illuminati are ultimately responsible for the French Revolution, the Bolshevik revolution, the American Revolution, the Pope, the Kennedy assassination, the Manson family, the Rockefeller dynasty, the numbers 5, 17, and 23, the New Age movement, the Nazis, UFO visitations, the Universal Price Code, and the pyramid with the eye on the back of the dollar bill.

No comment on whether I believe any of this, but of course that's just what they want you to think. Fnord.

15 Dec 2019 1:12pm GMT

14 Dec 2019

feedPlanet Ubuntu

Ubuntu Blog: How to build ROS 2 Eloquent Snaps

The end of 2019 brings about the latest ROS 2 release - Eloquent Elusor. Despite an ever growing set of features and some changes throughout the ecosystem, packaging with snaps is as easy as always. Let's go through a quick example!

Prerequisites

You'll need two tools: "snapcraft," the program that builds snaps, and "multipass," the VM management tool that is used by snapcraft to conduct snap builds without cluttering your development machine. You can get both of these from the snap store.

At the time of this writing, the latest stable release of snapcraft is version 3.8. Until the next release comes out, in order to build Eloquent snaps, you'll need to grab it from edge.

$ snap install snapcraft --edge --classic

If you already have snapcraft stable installed, you can change to edge using:

$ snap refresh snapcraft --edge

Multipass is grabbed the same way, requiring the --beta flag since the version at the time of writing is 0.9.0

$ snap install multipass --classic --beta

Getting Started

Create the snapcraft.yaml

First of all, create a new workspace directory and add a snapcraft.yaml.

~$ mkdir eloquent-snap
~$ cd eloquent-snap/
~/eloquent-snap$ snapcraft init
Created snapcraft.yaml.
Go to https://docs.snapcraft.io/the-snapcraft-format/8337 for more information about the snapcraft.yaml format.

Open snap/snapcraft.yaml, and make the following changes:

name: eloquent-talker-listener-arnatious
version: "0.1"
summary: Eloquent ROS2 Example
description: |
 A ROS2 workspace containing a talker and a listener.
 
grade: devel
confinement: strict
base: core18
 
parts:
 colcon-part:
   plugin: colcon
   source: https://github.com/ros2/demos.git
   source-branch: eloquent
   colcon-rosdistro: eloquent
   colcon-source-space: demo_nodes_cpp
   build-packages: [make, gcc, g++]
   stage-packages: [ros-eloquent-ros2launch]
 
apps:
 eloquent-talker-listener-arnatious:
   command: opt/ros/eloquent/bin/ros2 launch demo_nodes_cpp talker_listener.launch.py
   plugs: [network, network-bind]

Let's take an in depth look at this manifest.

name: eloquent-talker-listener
version: "0.1"
summary: Eloquent ROS2 Example
description: |
 A ROS2 workspace containing a talker and a listener.

This is the metadata any snap requires. The only caveat to this section is that the name must be unique on the snap store. Appending your developer name to the snap is an option to get around this (like I did).

grade: devel
confinement: strict
base: core18

grade should be either stable or devel, with devel locking out the ability to publish to the "stable" and "candidate" channels.

confinement can be strict, devmode, or classic. These are documented in detail on snapcraft.io, but in short: strict enforces tight confinement, restricting access to the system for security; devmode allows full access without any restriction but logs all accesses that strict would prevent; classic is unconfined, without its own private namespace or other security features.

Generally, you should always target "strict" confinement unless there's specific features that confinement will prevent. "Classic" snaps, like snapcraft itself or text editors like Visual Studio Code, have no containment and run without protection. Classic snaps need manual approval.

The base keyword specifies the special snap providing things like a minimal set of core libraries for our snap's runtime environment. We're just using the "core18" snap, which bundles a minimal rootfs based on Ubuntu Bionic (18.04).

parts:
 colcon-part:
   plugin: colcon
   source: https://github.com/ros2/demos.git
   source-branch: eloquent
   colcon-rosdistro: eloquent
   colcon-source-space: demo_nodes_cpp
   build-packages: [make, gcc, g++]
   stage-packages: [ros-eloquent-ros2launch]

Snapcraft builds packages piecemeal, in small parts that are combined together. These are reflected by the part entries in the snapcraft.yaml. colcon-part is specified here as pulling the source code from a remote Github repository, though it can just as easily pull source code from a local directory or any source control system.

The colcon plugin is used here to build the package, with the colcon-rosdistro argument specified as eloquent, the colcon-source-space specified as the demo_nodes_cpp directory containing just the talker/listener package we care about. We specify the packages that provide the commands we need to build the ROS nodes under build-packages. stage-packages contains ros2launch, as we'll need the launch verb it provides as part of the entry point to our snap.

apps:
 eloquent-talker-listener-arnatious:
   command: opt/ros/eloquent/bin/ros2 launch demo_nodes_cpp talker_listener.launch.py
   plugs: [network, network-bind]

We need to express how users will interact with this package. Since we're packaging ~our~ project, we want the snap to expose our project's verbs. We define these user interactions as "apps" in the apps" section.

In general, these verbs are invoked using <snap-name>.<app>. An entry in apps with the same name as the snap, like "eloquent-talker-listener-arnatious" above, can be invoked with just the snap name. Calling this app invokes the script in the command field, in this case roslaunch-ing the talker/listener system out of the demo_nodes_cpp package.

Lastly, we specify the interfaces the snap needs access to outside of confinement - in this case network and network-bind. This allows the snap to access the network and be accessed from the network, respectively. You can read more about interfaces on the snapcraft site.
Build the Snap
Now that we've defined the snapcraft.yaml, we can build the snap itself. Make sure you're in the correct directory (above the "snap/" directory containing the "snapcraft.yaml") and invoke "snapcraft."

~$ cd eloquent-snap
~/eloquent-snap$ snapcraft
<omitted for brevity>
Snapped colcon-talker-listener-arnatious_0.1_amd64.snap

If you neglected to install multipass earlier, snapcraft may prompt you to do so.

The build process may take several minutes. During that time, the colcon plugin will install rosdep and use it to determine the dependencies specified in the package.xml of the packages, fetching and unpacking them into your snap. At the end, the result is squashed into a .snap file.

Test the Snap

To install the snap we just built before publishing it, we run

~/eloquent-snap$ sudo snap install --dangerous eloquent-talker-listener-arnatious_0.1_amd64.snap
eloquent-talker-listener-arnatious 0.1 installed

The --dangerous flag is required to install snaps from locations other than the store. The snapd daemon responsible for running snaps requires any snap to be cryptographically verified from the snap store, unless the --dangerous flag is used.

Finally, we invoke the snap:

$ eloquent-talker-listener-arnatious
[INFO] [launch]: All log files can be found below /home/arnatious/snap/eloquent-talker-listener-arnatious/x1/.ros/log/2019-12-11-07-56-04-973199-arnatious-ubuntu-1910
[INFO] [launch]: Default logging verbosity is set to INFO
[INFO] [talker-1]: process started with pid [28330]
[INFO] [listener-2]: process started with pid [28331]
[talker-1] [INFO] [talker]: Publishing: 'Hello World: 1'
[listener-2] [INFO] [listener]: I heard: [Hello World: 1]
[talker-1] [INFO] [talker]: Publishing: 'Hello World: 2'
[listener-2] [INFO] [listener]: I heard: [Hello World: 2]
[talker-1] [INFO] [talker]: Publishing: 'Hello World: 3'
[listener-2] [INFO] [listener]: I heard: [Hello World: 3]
…

The snap runs without issue on the machine, regardless of linux distro or whether ROS is on the machine. You can now push to the the snap store - where anyone running snapd can install and run it.

I hope this gives you a good look at how to build ROS 2 Eloquent snaps! Feel free to ask questions on the Snapcraft forums or on the ROS Forums.

14 Dec 2019 12:05am GMT

13 Dec 2019

feedPlanet Ubuntu

Ubuntu Blog: Building a Rust snap by Example

There's plenty of official documentation which details how to create snaps. We live in the copy/paste generation though. So lets walk through a real-world example you can use as a template, or selectively yoink sections from.

This is the first in a series of posts which break down how to build snaps based on published works in the Snap Store. This week we're looking at "System Syzygy" , a graphical puzzle game written using Rust and SDL2.

Metadata

Let's start with the easy part, the human-readable bit. Here we set out the name of the snap as it would appear in the Snap Store web user interface, and on the command line with snap info syzygy. As the summary is displayed in the command line output of snap info it's worth keeping it short and sweet. The description can be more meaty, covering details about the application, command line options, keyboard shortcuts and links to help.

Once published however, the summary and description can also be maintained via the Snap Store listing page, but this is a good starting point.

name: syzygy
summary: System Syzygy - A narrative meta-puzzle game
description: |
System Syzygy is a puzzle game, in the style of Cliff Johnson's
The Fool's Errand and 3 in Three, and of Andrew Plotkin's System's
Twilight..

The version number can often be seen either with a version: or version-script: line. However we have used adopt-info to inform snapcraft that the version will be set by a part, further down the yaml. The part name is specified. We'll come back to this later.

adopt-info: syzygy

Base

The base indicates which runtime this snap should be run against. When the syzygy snap is installed on a system, the core18 base snap will be automatically installed too. Essentially this determines the version of libc the application was built against. The core18 base snap is built from Ubuntu 18.04 (LTS) and as such, we should build this snap in a VM or container running the same release.

Other (older) bases are available and in the future newer bases will be made, but today, this is an appropriate base to build with.

base: core18

Architectures

Both the snapcraft build service and launchpad have the capability to build snaps for numerous architectures. However, not all applications may successfully build or run on all of them. Sometimes the dependencies or build tools aren't available for every CPU architecture, or perhaps the tool-chain is not supported on anything but mainstream architectures.

In the case of System Syzygy, it only builds for 64-bit and 32-bit Intel CPU architectures. Specifying the supported architectures here means the build systems won't waste time attempting to compile the game on CPUs we know it won't succeed on.

architectures:
- build-on: [amd64,i386]

Confinement

System Syzygy is a simple, non-networked game. It needs access to take input from the keyboard and mouse, display things on the screen, and play back audio. As such it can be strictly confined.

confinement: strict

Grade

Grade is an indicator of the quality of this snap. Initially we might set this to devel while it's in development. However, in order to be published in the stable or candidate channels in the store, we should set this to stable. Only applications with a stable grade are permitted in the stable and candidate channels.

grade: stable

Parts

Parts are the meat of the snap. Here's where we outline what actually goes inside the package. As System Syzygy is a game written in Rust, and is hosted externally on github, we can list the plugin and the url to the source repository here.

parts:
syzygy:
plugin: rust
source: https://github.com/mdsteele/syzygy.gitPartsparts:
syzygy:
plugin: rust
source: https://github.com/mdsteele/syzygy.git

override-pull

Many applications are not written with relocatability in mind. The override-pull section may contain anything we might want to do, to manipulate the source code before building it.

System Syzygy makes an assumption about where to load some of the required libraries or assets. We can override this by simply patching the line in the source such that it now points into the directory the snap will be installed to. These are shell commands in a list.

The snapcraftctl pull statement instructs snapcraft to do whatever is required to obtain the source as defined by the plugin and source lines above. Then we patch the source files as necessary.

override-pull: |
  snapcraftctl pull
  sed -i 's|usr/lib/syzygy|/snap/syzygy/current|' src/gui/loader/path_linux.c

override-build

Most applications use standard build tools and common patterns for compiling and installing files. However sometimes they miss out steps we assume as part of a build. The developer may omit installation steps for example, assuming the user will simply run the application directly from the build folder.

In the case of System Syzygy, we need to copy the game assets (fonts, sprites and background images) into the right place. We use the build-time variable SNAPCRAFT_PART_INSTALL as our target. Later in the snapcraft lifecycle the contents of this folder will be assimilated into the final snap.

override-build: |
  snapcraftctl build
  mkdir $SNAPCRAFT_PART_INSTALL/data
  cp -a data/fonts data/sprites data/backgrounds $SNAPCRAFT_PART_INSTALL/data
  cp -a target/release/syzygy $SNAPCRAFT_PART_INSTALL/bin
  snapcraftctl set-version $(git -C ../src describe --tags  | sed 's/v//')

Finally we use git to extract the version number via git and assign that to the snap with the snapcraftctl statement. This bubbles up via the adopt-info line above to become the version number

build-packages

System Syzygy has a very small set of build dependencies outside those specified in the rust Cargo.toml. We list the packages which fulfil those build dependencies in the build-packages section of the part. These will be installed by snapcraft before the build starts.

build-packages:
  - libsdl2-dev

stage-packages

Once built, the game leverages a few libraries to draw on the screen and play audio. If we didn't specify these, the game would not work even if the libraries existed on the host OS. The snap is strictly confined, so cannot see any external libraries, so we list them here to bundle them with the game.

We can discover which packages to add by running snapcraft without specifying any at all. Snapcraft will introspect the binaries shipped in the snap, and list a best-guess array of required packages.

stage-packages:
  - libglu1-mesa
  - libsdl2-2.0-0
  - libpulse0

Application

The apps stanza is where we setup the environment and expose the binary inside the snap to the outside world. This includes ensuring the binary can find the GL drivers required to paint the game window, and extend the library search path to include the pulseaudio libraries for audio playback.

In addition, the game has an internal environment variable which should point to the game data folder. We use the SNAP runtime environment variable to construct the correct path to the game files configured earlier.

Finally we specify the required plugs to enable the game to draw on the screen, play audio, access the GPU via opengl, and suppress the screensaver.

apps:
syzygy:
environment:
SHELL: bash
LC_ALL: C.UTF-8
SNAPCRAFT_ARCH_TRIPLET: ${SNAPCRAFT_ARCH_TRIPLET}
__EGL_VENDOR_LIBRARY_DIRS: $SNAP/etc/glvnd/egl_vendor.d:$SNAP/usr/share/glvnd/egl_vendor.d
LIBGL_DRIVERS_PATH: ${SNAP}/usr/lib/${SNAPCRAFT_ARCH_TRIPLET}/dri
LIBVA_DRIVERS_PATH: ${SNAP}/usr/lib/${SNAPCRAFT_ARCH_TRIPLET}/dri
LD_LIBRARY_PATH: "$SNAP/usr/lib/$SNAPCRAFT_ARCH_TRIPLET/pulseaudio"
SYZYGY_DATA_DIR: "$SNAP/data"
HOME: "$SNAP_USER_DATA"
XDG_CACHE_HOME: "$SNAP_USER_DATA/.cache"
command: syzygy
plugs:
- x11
- pulseaudio
- opengl
- screen-inhibit-control

Summary

Building and publishing snaps of applications written in Rust is pretty straightforward. The example above highlights how we can be flexible if the build system requires tweaking, or where an application needs minor patching. A non-graphical Rust app would be simpler than this example by virtue of not needing the SDL, GL and pulse libraries and environment configuration.

Building and distributing a game written in any language is mostly similar to what's outlined above. Only the part definition changes, the environment and plugs configuration will be mostly common.

We welcome new games and applications in the Snap Store. The developers of snapd, snapcraft and the Snap Store hang out over on the snapcraft forum. Join us there if you have any questions or comments about this article or need assistance building a new snap.

13 Dec 2019 1:53pm GMT

Podcast Ubuntu Portugal: Ep 68 – Salvem a Amazónia

Episódio 68 - Salvem a Amazónia. Uma viagem alucinante pelos recantos desse grande manto verde da América do Sul, com breves explicações sobre espécies e costumas dos nativos. Nada disso! Falámos sobre Ubuntu, AWS, Canonical, kernel e muito mais.

Apoios

Este episódio foi produzido e editado por Alexandre Carrapiço (Thunderclaws Studios - captação, produção, edição, mistura e masterização de som) contacto: thunderclawstudiosPT-arroba-gmail.com.

Podem apoiar o podcast usando os links de afiliados do Humble Bundle, porque ao usarem esses links para fazer uma compra, uma parte do valor que pagam reverte a favor do Podcast Ubuntu Portugal
E podem obter tudo isso com 15 dólares ou diferentes partes dependendo de pagarem 1, ou 8.
Achamos que isto vale bem mais do que 15 dólares, pelo que se puderem paguem mais um pouco mais visto que têm a opção de pagar o quanto quiserem.

Se estiverem interessados em outros bundles se acrescentarem no fim do link para qualquer bundle: ?partner=pup (da mesma forma como no link da sugestão) e vão estar também a apoiar-nos.

Atribuição e licenças

A música do genérico é: "Won't see it comin' (Feat Aequality & N'sorte d'autruche)", por Alpha Hydrae e está licenciada nos termos da [CC0 1.0 Universal License](https://creativecommons.org/publicdomain/zero/1.0/).

Este episódio e a imagem utilizada estão licenciados nos termos da licença: Attribution-NonCommercial-NoDerivatives 4.0 International (CC BY-NC-ND 4.0), cujo texto integral pode ser lido aqui. Estamos abertos a licenciar para permitir outros tipos de utilização, contactem-nos para validação e autorização.

13 Dec 2019 12:02pm GMT

Sean Davis: The New bluesabre.org

The New bluesabre.org

Behold! And welcome to the new bluesabre.org! If you're a regular, you might have noticed that the site has had a bit of a facelift. After nearly a decade of publishing with Wordpress, I've moved to Ghost. And so far, I'm impressed.

What's New?

It's faster. Ghost is fast without any help, providing all the publishing tools I need and (from what I can tell) none that I don't. To further speed things up, I've optimized all of the images on my site for small download sizes and super-fast loading.

It's more open. Ghost themes, powered by Handlebars templates, are significantly easier to maintain than Wordpress themes, and you can really go far with the default Casper theme. I've forked the theme with a few minor enhancements, and made it available on GitHub. Meet Mouser.

The New bluesabre.orgLeft: standard or "light" theme on desktop; Right: "dark" theme on mobile

It's more consistent. Years of blogging included years of varying headers, layouts, and custom CSS. With this move, I'll standardized each page and post to make for a less jarring reading experience. Oh, and it now supports dark themes (as sent by your system or browser).

/usr/bin/google-chrome-stable --force-dark-mode

Pro tip: You can force Chrom(ium) to use dark mode in Linux with a commandline flag.

It's easier for me. Goodbye plugins, hello everything I need to just write. With a nearly upstream theme, an unmodified core, and no plugins to worry about, I can worry about other things like development, blogging, mentorships, and community engagement. It all gets better from here.

What's Next?

With this site migration finally out of the way, it's time to get back to work on Xubuntu 20.04 LTS "Focal Fossa". There's a lot of work to do, and only a few months to do it. In particular, I'd like to get some appearance items out of the way...

Let me know what you think of the new site in the comments below. As for me, back to work I go!

13 Dec 2019 3:57am GMT

Stephen Michael Kellat: In the aftermath...

I should mention I survived surgery. Recovery is taking a while and I'm not having fun. These things pass with time.

Election results have started to come in across the United Kingdom and initial reactions to them were not positive. I already read talk about expatriation from multiple quarters. That's often not a good thing.

In that respect I'll put forward two notions. The first is to not overlook the EB-5 immigrant investor visa program in the USA. For its "Targeted Employment Area" definition that has lower capital levels that you have to put forward…one area targeted is a "rural area". Where am I again? If you can live with some occasional heavy snows, want to try to make a startup (regardless of type) in an area with top hospitals, and want to still have fairly easy access to Canada across Lake Erie frankly I could hook you up a realtor in my local area to get started. The cost of living in this part of Ohio is low and will probably look like what you always thought the mythical Ambridge of Radio 4's The Archers would look like.

As to the second option, go talk to the University of the South Pacific. They're a multi-national institution in the Pacific that provides educational opportunities in several nation-states. They do good work. With the measles outbreak in the independent state of Samoa that has held back some education work while heroic efforts continue to contain the outbreak. The Pacific is a beautiful place to live and if I had fewer family obligations I would be heading back that way to live. If you can't handle the new Brexit reality there are new frontiers in paradise to explore for living and working.

Again, these are just notions. On my part I managed to finish up a patchset to Xubuntu offline documentation while I've been recovering from surgery. I know I have political turmoil here stateside but it doesn't hold me back from helping make Xubuntu fabulous during the Focal Fossa cycle. My pain is a little bit more direct at the moment…

13 Dec 2019 1:31am GMT

12 Dec 2019

feedPlanet Ubuntu

Ubuntu Podcast from the UK LoCo: S12E36 – Desert Strike

This week we've been making a low latency point-to-point game streaming application, discuss what it takes to create each Ubuntu distro release, bring you some command line love and go over the last of your feedback for 2019.

It's Season 12 Episode 36 of the Ubuntu Podcast! Alan Pope and Martin Wimpress are connected and speaking to your brain.

In this week's show:

8-bit Versus

.

That's all for this year! You can listen to the Ubuntu Podcast back catalogue on YouTube. If there's a topic you'd like us to discuss, or you have any feedback on previous shows, please send your comments and suggestions to show@ubuntupodcast.org or Tweet us or Toot us or Comment on our Facebook page or comment on our sub-Reddit.

12 Dec 2019 3:00pm GMT

Jonathan Riddell: KDE’s releases debranding

A new step in KDE's branding has happened today, or rather debranding. The old dump of everything we made used to be called just "KDE" and then some projects wanted to release on their own timetable so calling it "KDE" became less accurate. After a while our flagship Plasma project wanted to release on its own and lots of projects did their own release too but many wanted that faff taken care of for them still so those projects got called "KDE Applications". But that didn't quite fit either because there were many plugins and libraries among them and many Applications from KDE which were not among them. So today we removed that brand too and just make releases from a release service, which are source tars that are not very interesting to end users so they get a boring factual release page.

And to keep our users informed the Monthly Apps Update is now published direct on kde.org and covers both self released and release service releases.

And as our website enters the 21 century we now updated the way the stories are published so now anyone can edit or propose patches to them in Git writing Markdown. So if you know of any new features or developments in our apps which will be released by this time in January then send us a patch.

12 Dec 2019 2:18pm GMT

Jono Bacon: Angela Brown from The Linux Foundation on Delivering Great Events

Events are a core element of how businesses engaging with the world. Whether you are attending, speaking at, or organizing an event, you need to have your event game down. The question is: what really goes into a great event, and what is the balance of content, networking, venue, and other ingredients that make events succeed?

Angela Brown should know: she is one of the most talented people in the events business. Leading events at The Linux Foundation, Angela and her team run a broad range of events, all over the world, from small gatherings to conferences spanning tens of thousands. This includes the Open Source Summit, KubeCon, and many.

In this episode of Conversations With Bacon, we unpack Angela's experience and explore topics including:

Be sure to also check my book, 'People Powered: How communities can supercharge your business, brand, and teams', published by HarperCollins Leadership and available now.

Listen


Listen on Google Play Music

Watch

Click here subscribe to the show on YouTube

The post Angela Brown from The Linux Foundation on Delivering Great Events appeared first on Jono Bacon.

12 Dec 2019 12:59am GMT

09 Dec 2019

feedPlanet Ubuntu

The Fridge: Ubuntu Weekly Newsletter Issue 608

Welcome to the Ubuntu Weekly Newsletter, Issue 608 for the week of December 1 - 7, 2019. The full version of this issue is available here.

In this issue we cover:

The Ubuntu Weekly Newsletter is brought to you by:

If you have a story idea for the Weekly Newsletter, join the Ubuntu News Team mailing list and submit it. Ideas can also be added to the wiki!

Except where otherwise noted, this issue of the Ubuntu Weekly Newsletter is licensed under a Creative Commons Attribution ShareAlike 3.0 License

09 Dec 2019 10:13pm GMT

Sean Davis: Welcome to Ghost

A few things you should know

  1. Ghost is designed for ambitious, professional publishers who want to actively build a business around their content. That's who it works best for.
  2. The entire platform can be modified and customised to suit your needs. It's very powerful, but does require some knowledge of code. Ghost is not necessarily a good platform for beginners or people who just want a simple personal blog.
  3. It's possible to work with all your favourite tools and apps with hundreds of integrations to speed up your workflows, connect email lists, build communities and much more.

Behind the scenes

Welcome to Ghost

Ghost is made by an independent non-profit organisation called the Ghost Foundation. We are 100% self funded by revenue from our Ghost(Pro) service, and every penny we make is re-invested into funding further development of free, open source technology for modern publishing.

The version of Ghost you are looking at right now would not have been made possible without generous contributions from the open source community.

Next up, the editor

The main thing you'll want to read about next is probably: the Ghost editor. This is where the good stuff happens.

By the way, once you're done reading, you can simply delete the default Ghost user from your team to remove all of these introductory posts!

09 Dec 2019 2:25am GMT

Simos Xenitellis: Running X11 software in LXD containers

With LXD you can run system containers, which are similar to virtual machines. Normally, you would use a system container to run network services. But you can also run X11 applications. See the following discussion and come back here. In this post, we further refine and simplify the instructions for the second way to run X applications. Previously I have written several tutorials on this.

Discussion on running X11 applications from within LXD system containers

LXD GUI profile

Here is the updated LXD profile to setup a LXD container to run X11 application on the host's X server. Copy the following text and put it in a file, x11.profile. Note that the bold text below (i.e. X1) should be adapted for your case; the number is derived from the environment variable $DISPLAY on the host. If the value is :1, use X1 (as it already is below). If the value is :0, change the profile to X0 instead.

config:
  environment.DISPLAY: :0
  environment.PULSE_SERVER: unix:/home/ubuntu/pulse-native
  nvidia.driver.capabilities: all
  nvidia.runtime: "true"
  user.user-data: |
    #cloud-config
    runcmd:
      - 'sed -i "s/; enable-shm = yes/enable-shm = no/g" /etc/pulse/client.conf'
    packages:
      - x11-apps
      - mesa-utils
      - pulseaudio
description: GUI LXD profile
devices:
  PASocket1:
    bind: container
    connect: unix:/run/user/1000/pulse/native
    listen: unix:/home/ubuntu/pulse-native
    security.gid: "1000"
    security.uid: "1000"
    uid: "1000"
    gid: "1000"
    mode: "0777"
    type: proxy
  X0:
    bind: container
    connect: unix:@/tmp/.X11-unix/X1
    listen: unix:@/tmp/.X11-unix/X0
    security.gid: "1000"
    security.uid: "1000"
    type: proxy
  mygpu:
    type: gpu
name: x11
used_by: []

Then, create the profile with the following commands. This creates a profile called x11.

$ lxc profile create x11
Profile x11 created
$ cat x11.profile | lxc profile edit x11
$ 

To create a container, run the following.

lxc launch ubuntu:18.04 --profile default --profile x11 mycontainer

To get a shell in the container, run the following.

lxc exec mycontainer -- sudo --user ubuntu --login

Once we get a shell inside the container, you run the diagnostic commands.

$ glxinfo -B
name of display: :0
display: :0  screen: 0
direct rendering: Yes
OpenGL vendor string: NVIDIA Corporation
...
$ nvidia-smi 
 Mon Dec  9 00:00:00 2019       
+-----------------------------------------------------------------------------+
 | NVIDIA-SMI 430.50       Driver Version: 430.50       CUDA Version: 10.1     | |-------------------------------+----------------------+----------------------+
 | GPU  Name        Persistence-M| Bus-Id        Disp.A | Volatile Uncorr. ECC |
 | Fan  Temp  Perf  Pwr:Usage/Cap|         Memory-Usage | GPU-Util  Compute M. |
|===============================+======================+======================|
...
$ pactl info
 Server String: unix:/home/ubuntu/pulse-native
 Library Protocol Version: 32
 Server Protocol Version: 32
 Is Local: yes
 Client Index: 43
 Tile Size: 65472
 User Name: myusername
 Host Name: mycomputer
 Server Name: pulseaudio
 Server Version: 11.1
 Default Sample Specification: s16le 2ch 44100Hz
 Default Channel Map: front-left,front-right
 Default Sink: alsa_output.pci-0000_01_00.1.hdmi-stereo-extra1
 Default Source: alsa_output.pci-0000_01_00.1.hdmi-stereo-extra1.monitor
 Cookie: f228:e515
$

You can run xclock which is an Xlib application. If it runs, it means that unaccelerated (standard X11) applications are able to run successfully.
You can run glxgears which requires OpenGL. If it runs, it means that you can run GPU accelerated software.
You can run paplay to play audio files. This is the PulseAudio audio play.
If you want to test with Alsa, install alsa-utils and use aplay to play audio files.

Explanation

We dissect the LXD profile in pieces.

We set two environment variables in the container. $DISPLAY for X and PULSE_SERVER for PulseAudio. Irrespective of the DISPLAY on the host, the DISPLAY in the container is always mapped to :0. While the PulseAudio Unix socket is often located under /var, in this case we put it into the home directory of the non-root account of the container. This will make PulseAudio accessible to snap packages in the container, as long as they support the home interface.

config:
environment.DISPLAY: :0
environment.PULSE_SERVER: unix:/home/ubuntu/pulse-native

This enables the NVidia runtime with all the capabilities, if such a GPU is available. The text all for the capabilities means that it enables all of compute, display, graphics, utility, video. If you would rather restrict the capabilities, then graphics is for running OpenGL applications. And compute is for CUDA applications. If you do not have an NVidia GPU, then these directly will silently fail.

  nvidia.driver.capabilities: all
nvidia.runtime: "true"

Here we use cloud-init to get the container to perform the following tasks on the first time it starts. The sed command disables shm support in PulseAudio, which means that it enables the Unix socket support. Additionally, the listed three packages are installed with utilities to test X11 application, X11 OpenGL applications and audio applications.

  user.user-data: |
#cloud-config
runcmd:
- 'sed -i "s/; enable-shm = yes/enable-shm = no/g" /etc/pulse/client.conf'
packages:
- x11-apps
- mesa-utils
- pulseaudio

This command shares the Unix socket of the PulseAudio server on the host to the container. In the container it is /home/ubuntu/pulse-native. The security configuration refers to the host. The uid, gid and mode refer to the Unix socket in the container. This is a LXD proxy device, and binds into the container, meaning that it makes the host's Unix socket appear in the container.

devices:
PASocket1:
bind: container
connect: unix:/run/user/1000/pulse/native
listen: unix:/home/ubuntu/pulse-native
security.gid: "1000"
security.uid: "1000"
uid: "1000"
gid: "1000"
mode: "0777"
type: proxy

This part shares the Unix socket of the X server on the host to the container. If $DISPLAY on your host is also :1, then keep the default shown below to X1. Otherwise, adjust the number accordingly. The @ character means that we are using abstract Unix sockets, which means that there is no actual file on the filesystem. Although /tmp/.X11-unix/X0 looks like an absolute path, it is just a name. We could have used myx11socket instead, for example. We use an abstract Unix socket so that it is also accessible by snap packages. We would have used an abstract Unix socket for PulseAudio, but PulseAudio does not support them. The security uid and gid refer to the host.

  X0:
bind: container
connect: unix:@/tmp/.X11-unix/X1
listen: unix:@/tmp/.X11-unix/X0
security.gid: "1000"
security.uid: "1000"
type: proxy

We make available the host's GPU to the container. We do not need to specify explicitly which CPU we are using if we only have a single GPU.

  mygpu:
type: gpu

Installing software

You can install any graphical software. For example,

sudo apt-get install -y firefox

Then, run as usual.

firefox

Firefox running in a container.

Conclusion

This is the latest iteration of instructions on running GUI or X11 applications and having them appear on the host's X server.

Note that the applications in the container have full access to the X server (due to how the X server works as there are no access controls). Do not run malicious or untrusted software in the container.

https://blog.simos.info/

09 Dec 2019 12:27am GMT

08 Dec 2019

feedPlanet Ubuntu

Simos Xenitellis: Discussion on running X11 applications from within LXD system containers

With LXD, you can create system containers. These system containers are similar to virtual machines, while at the same time they are very lightweight.

In a VM, you boot a full Linux kernel and you run your favorite Linux distribution in a virtualized environment that has a fixed disk size and dedicated allocation of RAM memory. To get a graphics application to run in a VM, you need a virtualized GPU, such that will have hardware accelerated access to the host graphics driver.

In contrast, in a system container, you keep using the running Linux kernel of the host, and you just start the container image (runtime, aka rootfs) of your favorite Linux distribution. Your container uses as much disk space are needed from a common storage, and the same goes with the memory (you can also put strict restrictions, if you need). To get a graphics application to run in a container, you need to pass a Unix socket of your existing X server (or a new isolated X server).

In this post we are going to discuss the details of running X11 applications from within a LXD system container. There are a few different ways, so we explain them here.

  1. The X11 application in the container accesses the host's X server through a network protocol. For example, connecting from the host to the container with ssh -X ... for X11 forwarding.
  2. The X11 application in the container uses directly the X server of the host (by having access to the X Unix socket or X port). It is easy to setup, with GPU acceleration, but you do not get isolation between the container and the host. I have written several tutorials on this.
  3. The X11 application in the container use a separate X server running on the host (such as xpra, Xephyr). There is isolation between the container and the host. You may have GPU acceleration with this. I have not written a tutorial yet.
  4. The container starts its own X server on the computer. There is a post for LXC using a privileged container but not for LXD yet.
  5. Using X2Go in the container to run either individual X11 applications or even a full desktop. You need to install X2Go components both on the container and the host. There is isolation but there is no GPU acceleration.

Updates

  1. Initial post.
https://blog.simos.info/

08 Dec 2019 8:55pm GMT

06 Dec 2019

feedPlanet Ubuntu

Rhonda D'Vine: Oxa

It's been a while. And to be honest, I'm overdue with a few things that I want to get out. One of those things is … Brazil doesn't let me go. I'm watching this country since over a year now, hopefully understandable with the political changes last year and this year's debconf being there, and I promise to go into more details with that in the future because there is more and more to it …

Because one of those things that showed me that Brazil doesn't want to let me go was stumbling upon this artist. They were shared by some friends, and I instantly fell for them. This is about Oxa, but see for yourself:

I'm absolute in love with the person on so many levels-and yes, they are from Brazil originally. Multo brigado, Brazil!

/music | permanent link | Comments: 0 | Flattr this

06 Dec 2019 11:01pm GMT

Ubuntu Podcast from the UK LoCo: S12E35 – Feud

This week we've been talking to the BBC about Thinkpads and Ubuntu goes Pro. We round up the news from the Ubuntu community and discuss our picks from the wider tech news.

It's Season 12 Episode 35 of the Ubuntu Podcast! Alan Pope and Martin Wimpress are connected and speaking to your brain.

In this week's show:

That's all for this week! You can listen to the Ubuntu Podcast back catalogue on YouTube. If there's a topic you'd like us to discuss, or you have any feedback on previous shows, please send your comments and suggestions to show@ubuntupodcast.org or Tweet us or Toot us or Comment on our Facebook page or comment on our sub-Reddit.

06 Dec 2019 7:00pm GMT

05 Dec 2019

feedPlanet Ubuntu

Podcast Ubuntu Portugal: Ep 67 – PicoHoHoHo

Neste "Episódio 67 - PicoHoHoHo" estivemos novamente em dupla, com actualizações sobre os trabalhos da Comunidade UBPorts, PicoCMS um poderoso CMS, voltaram também as impressões 3D, enfim… mais 1 semana normal.

Apoios

Este episódio foi produzido e editado por Alexandre Carrapiço (Thunderclaws Studios - captação, produção, edição, mistura e masterização de som) contacto: thunderclawstudiosPT-arroba-gmail.com.

Podem apoiar o podcast usando os links de afiliados do Humble Bundle, porque ao usarem esses links para fazer uma compra, uma parte do valor que pagam reverte a favor do Podcast Ubuntu Portugal
E podem obter tudo isso com 15 dólares ou diferentes partes dependendo de pagarem 1, ou 8.
Achamos que isto vale bem mais do que 15 dólares, pelo que se puderem paguem mais um pouco mais visto que têm a opção de pagar o quanto quiserem.

Se estiverem interessados em outros bundles se acrescentarem no fim do link para qualquer bundle: ?partner=pup (da mesma forma como no link da sugestão) e vão estar também a apoiar-nos.

Atribuição e licenças

A música do genérico é: "Won't see it comin' (Feat Aequality & N'sorte d'autruche)", por Alpha Hydrae e está licenciada nos termos da [CC0 1.0 Universal License](https://creativecommons.org/publicdomain/zero/1.0/).

Este episódio e a imagem utilizada estão licenciados nos termos da licença: Attribution-NonCommercial-NoDerivatives 4.0 International (CC BY-NC-ND 4.0), cujo texto integral pode ser lido aqui. Estamos abertos a licenciar para permitir outros tipos de utilização, contactem-nos para validação e autorização.

05 Dec 2019 11:00pm GMT