This week we've been experimenting with lean podcasting and playing Roguelikes. We discuss what goes on at a Canonical Roadmap Sprint, bring you some command line love and go over all your feedback.

It's Season 12 Episode 20 of the Ubuntu Podcast! Alan Pope, Mark Johnson and Stuart Langridge are connected and speaking to your brain.

In this week's show:

• We discuss what we've been up to recently:
  • Alan has been creating a lean podcast - TeleCast with popey.
  • Mark has been playing Roguelikes.
• We discuss what goes on at a Canonical Product Roadmap Sprint.

• We share a Command Line Lurve:

  • Ctrl+X - Expand a character
• And we go over all your amazing feedback - thanks for sending it - please keep sending it!

• Image taken from Outrun arcade machine manufactured in 1986 by Sega.

That's all for this week! You can listen to the Ubuntu Podcast back catalogue on YouTube. If there's a topic you'd like us to discuss, or you have any feedback on previous shows, please send your comments and suggestions to show@ubuntupodcast.org or Tweet us or Toot us or Comment on our Facebook page or comment on our sub-Reddit.

• Join us in the Ubuntu Podcast Telegram group.

22 Aug 2019 2:00pm GMT

Overall, most Linux distributions offer sane, reasonable defaults that balance security and functionality quite well. However, most of the security mechanisms are transparent, running in the background, and you still might require some additional, practical software to bolster your security array. Back in July, we talked about handy productivity applications available in the Snap Store, and today we'd like to take a glimpse at the security category, and review several cool, interesting snaps.

KeePassXC

Once upon a time, password management was a simple thing. There were few services around, the Internet was a fairly benign place, and we often used the same combo of username and password for many of them. But as the Internet grew and the threat landscape evolved, the habits changed.

In the modern Web landscape, there are thousands of online services, and many sites also require logins to allow you to use their full functionality. With data breaches a common phenomenon nowadays, tech-savvy users have adopted a healthier practice of avoiding credentials re-use. However, this also creates a massive administrative burden, as people now need to memorize hundreds of usernames and their associated passwords.

The solution to this fairly insurmountable challenge is the use of secure, encrypted digital password wallets, which allow you to keep track of your endless list of sites, services and their relevant credentials.

KeePassXC does exactly that. The program comes with a simple, fairly intuitive interface. On first run, you will be able to select your encryption settings, including the ability to use KeePassXC in conjunction with a YubiKey. Once the application is configured, you can then start adding entries, including usernames, passwords, any notes, links to websites, and even attachments. The contents are stored in a database file, which you can easily port or copy, so you also gain an element of extra flexibility - as well as the option to back up your important data.

BitWarden

Side by side with KeepPassXC, BitWarden is a free, open-source password manager. After the application is installed, you need to create an account. Then, you can populate your database (vault) with the entries, including login names, passwords and other details, like card numbers and secure notes. BitWarden uses strong security, and the encrypted vault is synced across devices. This gives you additional portability, as well as an element of necessary redundancy, which is highly important for something like a password database.

BitWarden also includes a Premium version, which offers 1 GB encrypted storage and support for YubiKey and other 2FA hardware devices. The application also allows you to use PIN locking, and arrange your items into folders.

Secrethub-cli

Given that we've discussed password management, the next logical step is to talk about collaborative development, configuration files and passwords (secrets) that sometimes need to be used or shared in projects. If you use public repositories (or even private ones), there is always some risk in keeping credentials out in the open.

Secrethub-cli is designed to provide a workaround to this issue by allowing developers to store necessary credentials (like database usernames and passwords) inside encrypted vaults, and then inject them into configuration files only when necessary.

You start by signing up for an account, after which you can use the command-line interface to populate your vault. The next step is to create template files (.tpl) with specifically defined secrets placeholders, and then pass the files to secrethub-cli, which will inject the right credentials based on the provided placeholders (username and password), and then print out the result to the standard output, or if you like, into a service configuration file for your application.

cat example.config.tpl | secrethub inject

This way, the command will run correctly if the right secrethub-cli account is used, but it won't work for anyone else, allowing reliable sharing of project work. The application is available for free for personal projects.

Wormhole

This software might very well be familiar to you, as we've discussed Wormhole in greater detail several months ago. It is an application designed to allow two end systems to exchange files in a safe, secure manner. Rather than using email or file sharing services, you can send content to your friends and colleagues directly, using Wormhole codes, which allow the two sides to identify one another and exchange data. Wormhole is a command-line program, but it is relatively simple to use. It also offers unlimited data transfers, and can work with directories too (and not just individual files).

Livepatch

System restarts can be a nuisance, and might lead to a (temporary) loss of productivity. Sometimes though, they are necessary, especially if your machine has just received a slew of security updates. Livepatch is a Canonical tool, offering rebootless kernel patching. It runs as a service on a host and occasionally applies patches to the kernel, which will be used until a full kernel update and the subsequent restart. It is a convenient and practical solution, especially in the mission-critical server environment.

However, home users can benefit from this product too. Livepatch is available for free to Ubuntu users on LTS releases (like 16.04 or 18.04). The only additional requirement is that you do have to register for an Ubuntu SSO account, which will provide you with a token, which you can then use to enable the livepatch service on up to three systems (for free).

snap install canonical-livepatch
canonical-livepatch enable "token"

Once Livepatch is installed and enabled, it will run in the background, doing its job. As a technology, Livepatch fixes cannot be created for every single kernel vulnerability, but a large number of them can be mitigated, dispensing the need for frequent reboots. You can always check the status of the service on the command line, to see that it is working:

canonical-livepatch status

Summary

We hope you enjoyed this piece. Software security often has a somber angle, but we'd like to believe that today's blog post dispels that notion. The exercise of practicality, data integrity and the ability to protect your important information does not have to be an arduous and difficult task. In fact, you might even enjoy yourself.

We would also suggest you visit the Snap Store and explore; who knows, you might find some rather useful applications that you haven't really thought of or known before. If you have any comments, please join our forum for a discussion.

Photo by Jason Blackeye on Unsplash.

22 Aug 2019 9:35am GMT

When users of your application range from high school students to expert data scientists, it's often wise to avoid any assumptions about their system configurations. The Jupyter Notebook is popular with a diverse user base, enabling the creation and sharing of documents containing live code, visualisations, and narrative text. The app uses processes (kernels) to run interactive code in different programming languages and send output back to the user. Filipe Fernandes has a key responsibility in the Jupyter community for its packaging and ease of installation. At the 2019 Snapcraft Summit in Montreal, he gave us his impressions of snaps as a tool to improve the experience for all concerned.

"I'm a packager and a hacker, and I'm also a Jupyter user. I find Jupyter to be great as a teaching tool. Others use it for data cleaning and analysis, numerical simulation and modelling, or machine learning, for example. One of the strengths of Jupyter is that it is effectively language agnostic. I wanted Jupyter packaging to be similar, distro-agnostic, if you like."

Filipe had heard about snaps a while back, but only really discovered their potential after he received an invitation to the Snapcraft Summit and noticed that Microsoft Visual Studio Code had recently become available as a snap. The ease of use of snaps was a big factor for him. "I like things that just work. I often get hauled in to sort out installation problems for other users - including members of my own family! It's great to be able to tell them just to use the snap version of an application. It's like, I snap my fingers and the install problems disappear!"

At the Summit, getting Snapcraft questions answered was easy too. "Every time I hit a snag, I raised my hand, and someone helped me." Filipe was able to experiment with packaging trade-offs for Jupyter snaps. "I made a design choice to make the overall Jupyter package smaller by not including the Qt console. Most people just want the browser interface anyway. Similarly, I excluded the dependency for converting Jupyter Notebooks to other formats via pandoc. The size of the Jupyter snap then decreased from about 230 MB to just 68 MB".

What would he like to see in the Snapcraft of tomorrow? "There are some technical tasks to be done for each Jupyter snap, like declaring features of plug-ins and setting different permissions. It would be nice to find a way for automating these tasks, so that they do not have to be done manually each time a snap is built. Also, it's not always easy to see which parts of the Snapcraft documentation are official and which are from enthusiastic but unsanctioned users." Filipe suggests that creating a 'verified publisher' status or certification could be an answer, helping other users to decide how they want to consider different contributions to the documentation.

A stable Jupyter snap is now available from the Snap Store providing the Jupyter users another option to install beyond the official sources. Filipe and the Jupyter community have been working on promoting it via banners, and blogs. "Some people get overwhelmed by the amount of information out there, especially when they start Googling options. I think snaps is a way to shortcut that," adds Filipe. He recommends that other developers who want to get to this level should also come to the Summit. "The interactions here are so quick, to the point that I felt very productive within a really small amount of time, like I'd accomplished weeks of work. It's awesome to be here and I'm looking forward to the next one."

Install the community managed Jupyter snap here.

21 Aug 2019 9:53am GMT

With the agreement of the Debian LTS contributors funded by Freexian, earlier this year I decided to spend some Freexian money on marketing: we sponsored DebConf 19 as a bronze sponsor and we prepared some stickers and flyers to give out during the event.

The stickers only promote the Debian LTS project with the semi-official logo we have been using and a link to the wiki page. You can see them on the back of a laptop in the picture below. As you can see, we have made two variants with different background colors:

The flyers and the video are meant to introduce the Debian LTS project and to convince companies to sponsor the Debian LTS project through the Freexian offer. Those are short documents and they can't explain the precise relationship between Debian LTS and Freexian. We try to show that Freexian is just an intermediary between contributors and companies, but some persons will still have the feeling that a commercial entity is organizing Debian LTS.

Check out the video on YouTube:

The inside of the flyer looks like this:

Click on the picture to see it full size

Note that due to some delivery issues, we have left-over flyers and stickers. If you want some to give out during a free software event, feel free to reach out to me.

No comment | Liked this article? Click here. | My blog is Flattr-enabled.

20 Aug 2019 10:45am GMT

Like each month, here comes a report about the work of paid contributors to Debian LTS.

Individual reports

In July, 199 work hours have been dispatched among 13 paid contributors. Their reports are available:

• Adrian Bunk got 8h assigned but did nothing (plus 10 extra hours from June), thus he is carrying over 18h to August.
• Ben Hutchings did 18.5 hours (out of 18.5 hours allocated).
• Brian May did 10 hours (out of 10 hours allocated).
• Chris Lamb did 18 hours (out of 18 hours allocated).
• Emilio Pozuelo Monfort did 21 hours (out of 18.5h allocated + 17h remaining, thus keeping 14.5 extra hours for August).
• Hugo Lefeuvre did 9.75 hours (out of 18.5 hours, thus carrying over 8.75h to Augustq).
• Jonas Meurer did 19 hours (out of 17 hours allocated plus 2h extra hours June).
• Markus Koschany did 18.5 hours (out of 18.5 hours allocated).
• Mike Gabriel did 15.75 hours (out of 18.5 hours allocated plus 7.25 extra hours from June, thus carrying over 10h to August.).
• Ola Lundqvist did 0.5 hours (out of 8 hours allocated plus 8 extra hours from June, then he gave 7.5h back to the pool, thus he is carrying over 8 extra hours to August).
• Roberto C. Sanchez did 8 hours (out of 8 hours allocated).
• Sylvain Beucler did 18.5 hours (out of 18.5 hours allocated).
• Thorsten Alteholz did 18.5 hours (out of 18.5 hours allocated).

Evolution of the situation

July was different than other months. First, some people have been on actual vacations, while 4 of the above 14 contributors met in Curitiba, Brazil, for DebConf19. There, a talk about LTS (slides, video) was given, followed by a Q&ligA session. Also a new promotional video about Debian LTS, aimed at potential sponsors was shown there for the first time.

DebConf19 was also a success in respect to on-boarding of new contributors, we've found three potential new contributors, one of them is already in training.

The security tracker (now for oldoldstable as Buster has been released and thus Jessie became oldoldstable) currently lists 51 packages with a known CVE and the dla-needed.txt file has 35 packages needing an update.

Thanks to our sponsors

New sponsors are in bold.

• Platinum sponsors:
• • TOSHIBA (for 47 months)
  • GitHub (for 37 months)
  • Civil Infrastructure Platform (CIP) (for 14 months)
• Gold sponsors:
• • The Positive Internet (for 63 months)
  • Blablacar (for 62 months)
  • Roche Diagnostics International AG (for 57 months)
  • Linode (for 51 months)
  • Babiel GmbH (for 41 months)
  • Plat'Home (for 40 months)
• Silver sponsors:
• • Domeneshop AS (for 62 months)
  • Nantes Métropole (for 56 months)
  • Dalenys (for 52 months)
  • Univention GmbH (for 48 months)
  • Université Jean Monnet de St Etienne (for 48 months)
  • Ribbon Communications, Inc. (for 41 months)
  • maxcluster GmbH (for 35 months)
  • Exonet B.V. (for 31 months)
  • Leibniz Rechenzentrum (for 25 months)
  • Vente-privee.com (for 22 months)
  • CINECA (for 15 months)
  • Ministère de l'Europe et des Affaires Étrangères (for 9 months)
• Bronze sponsors:
• • Seznam.cz, a.s. (for 63 months)
  • Evolix (for 62 months)
  • MyTux (for 62 months)
  • Intevation GmbH (for 59 months)
  • Linuxhotel GmbH (for 59 months)
  • Daevel SARL (for 58 months)
  • Bitfolk LTD (for 57 months)
  • Megaspace Internet Services GmbH (for 57 months)
  • Greenbone Networks GmbH (for 56 months)
  • NUMLOG (for 56 months)
  • WinGo AG (for 55 months)
  • Ecole Centrale de Nantes - LHEEA (for 51 months)
  • Sig-I/O (for 49 months)
  • Entr'ouvert (for 46 months)
  • Adfinis SyGroup AG (for 44 months)
  • GNI MEDIA (for 38 months)
  • Laboratoire LEGI - UMR 5519 / CNRS (for 38 months)
  • Quarantainenet BV (for 38 months)
  • Bearstech (for 30 months)
  • LiHAS (for 30 months)
  • People Doc (for 26 months)
  • Catalyst IT Ltd (for 24 months)
  • Supagro (for 20 months)
  • Demarcq SAS (for 18 months)
  • TrapX Security (for 15 months)
  • NCC Group (for 12 months)
  • Université Grenoble Alpes (for 4 months)

No comment | Liked this article? Click here. | My blog is Flattr-enabled.

20 Aug 2019 9:38am GMT

Welcome to the Ubuntu Weekly Newsletter, Issue 592 for the week of August 11 - 17, 2019. The full version of this issue is available here.

In this issue we cover:

• Ubuntu Stats
• Hot in Support
• LoCo Events
• Mir 1.4.0 Release
• APT Patterns
• Other Community News
• Canonical News
• In the Blogosphere
• Featured Audio and Video
• Meeting Reports
• Upcoming Meetings and Events
• Updates and Security for 16.04, 18.04, and 19.04
• And much more!

The Ubuntu Weekly Newsletter is brought to you by:

• Krytarik Raido
• Bashing-om
• Chris Guiver
• Wild Man
• EoflaOE
• And many others

If you have a story idea for the Weekly Newsletter, join the Ubuntu News Team mailing list and submit it. Ideas can also be added to the wiki!

Except where otherwise noted, this issue of the Ubuntu Weekly Newsletter is licensed under a Creative Commons Attribution ShareAlike 3.0 License

19 Aug 2019 10:50pm GMT

I am absolutely thrilled to announce my brand new book, 'People Powered: How communities can supercharge your business, brand, and teams' published by HarperCollins Leadership.

It will be available in hard cover, audiobook, and e-book formats, available from Amazon, Audible, Walmart, Target, Google Play, Apple iBooks, Barnes and Noble, and other great retailers.

The book is designed for leaders, founders, marketing and customer success staff, community managers/evangelists, and others who want to build a more productive, more meaningful relationship with your users, customers, and broader audience.

'People Powered' covers three key areas:

1. The value and potential of building a community inside and outside a business, how it can create a closer relationship with your users and customers, and deliver tangible value such as improved support, technology development, advocacy, and more.
2. I present the strategic method that I have used with hundreds of clients and companies I consult with and advise. This guides you how to create a comprehensive, productive, and realistic community strategy that scales up, build cross-departmental skin in the game, create incentives, run events, measure community success, and deliver results.
3. Finally, I walk you through how to to integrate this strategy into a business, covering hiring staff, building internal skills and capabilities, measuring this work with a series of concrete maturity models, and much more.

The book covers a comprehensive range of topics within these areas:

The book features a forward from New York Times bestseller Peter Diamandis, founder of XPRIZE and Singularity University.

It also features contributions from Joseph Gordon-Levitt (Emmy-award winning actor), Jim Whitehurst (CEO, Red Hat), Mike Shinoda (Co-Founder, Linkin Park), Ali Velshi (Anchor, MSNBC), Jim Zemlin (Executive Director, The Linux Foundation), Noah Everett (Founder, TwitPic), Alexander van Engelen (Contributor, Fractal Audio Systems), and others.

The book has also received a comprehensive range of endorsements, including Nat Friedman (CEO, GitHub), Jim Whitehurst (CEO, Red Hat), Whitney Bouck (COO, HelloSign), Jeff Atwood (Founder, StackOverflow/Discourse), Juan Olaizola (COO, Santander Espana), Jamie Hyneman (Co-Creator and Presenter, Mythbusters), and many others:

Here are a few sample endorsements:

"If you want to tap into the power that communities can bring to businesses and teams, there is no greater expert than Jono Bacon."

Nat Friedman, CEO of GitHub

"If you want to unlock the power of collaboration in communities, companies, and teams, Jono should be your tour guide and 'People Powered' should be your map."

Jamie Smith, Former Advisor to President Barack Obama

"If you don't like herding cats but need to build a community, you need to read 'People Powered'."

Jamie Hyneman, Co-Creator/Host of Mythbusters

"In my profession, building networks is all about nurturing relationships for the long term. Jono Bacon has authored the recipe how to do this, and you should follow it."

Gia Scinto, Head of Talent at YCombinator

"When people who are not under your command or payment eagerly work together towards a greater purpose, you can move mountains. Jono Bacon is one of the most accomplished experts on this, and in this book he tells you how to it's done."

Mårten Mickos, CEO of HackerOne

"Community is fundamental to DigitalOcean's success, and helped us build a much deeper connection with our audience and customers. 'People Powered' presents the simple, pragmatic recipe for doing this well."

Ben Uretsky, Co-Founder of DigitalOcean

"Technology tears down the barriers of collaboration and connects our communities - globally and locally. We need to give all organizations and developers the tools to build and foster this effort. Jono Bacon's book provides timely insight into what makes us tick as humans, and how to build richer, stronger technology communities together."

Kevin Scott, CTO of Microsoft

People Powered Preorder Package

'People Powered' is released on 12th November 2019 but I would love you wonderful people to preorder the book.

Preordering will give you access to a wide range of perks. This includes early access to half the book, free audio book chapters, an exclusive six-part, 4-hour+ 'People Powered Plus' video course, access to a knowledge base with 100+ articles, 2 books, and countless videos, exclusive webinars and Q&As, and sweepstakes for free 1-on-1 consulting workshops.

All of these perks are available just for the price of buying the book, there are no additional costs.

To unlock this preorder package, you simply buy the book, fill in a form with your order number and these perks will be unlocked. Good times!

To find out more about the book and unlock the preorder package, click here

The post Announcing my new book: 'People Powered: How communities can supercharge your business, brand, and teams' appeared first on Jono Bacon.

19 Aug 2019 3:00pm GMT

This iteration was the Web & design team's first iteration of the second half of our roadmap cycle, after returning from the mid-cycle roadmap sprint in Toronto 2 weeks ago.

Priorities have moved around a bit since before the cycle, and we made a good start on the new priorities for the next 3 months.

Web squad

Web is the squad that develop and maintain most of the brochure websites across the Canonical.

We launched three takeovers; "A guide to developing Android apps on Ubuntu", "Build the data centre of the future" and "Creating accurate AI models with data".

Ubuntu.com Vanilla conversion

We've made good progress on converting ubuntu.com to version 2.3.0 of our Vanilla CSS framework.

EKS redesign

We've been working on a new design for our EKS images page.

Canonical.com design evolution

New designs and prototypes are coming along well for redesigned partners and careers sections on canonical.com.

Vanilla squad

The Vanilla squad works on constantly improving the code and design patterns in our Vanilla CSS framework, which we use across all our websites.

Ubuntu SSO refresh

The squad continues to make good progress on adding Vanilla styling to all pages on login.ubuntu.com.

Colour theming best practices

We investigated some best practices for the use of colours in themes.

Improvements to Vanilla documentation

We made a number of improvements to the documentation of Vanilla framework.

Base

The Base squad supports the other squads with shared modules, development tooling and hosting infrastructure across the board.

certification.ubuntu.com

We continued to progress with the back-end rebuild and re-hosting of certification.ubuntu.com, which should be released next iteration.

Blog improvements

We investigated ways to improve the performance of our blog implementations (most importantly ubuntu.com/blog). We will be releasing new versions of the blog module over the next few weeks which should bring significant improvements.

MAAS

The MAAS squad works on the browser-based UI for MAAS, as well as the maas.io website.

"Real world MAAS"

We've been working on a new section for the maas.io homepage about "Real world MAAS", which will be released in the coming days. As MAAS is used at various enterprises of different scale we're proving grouped curated content for three of the main audiences

UI settings updates

We've made a number of user experience updates to the settings page in the MAAS UI, including significant speed improvements to the Users page in conjunction with the work of moving the settings part of the application to React (from Django). We have completed the move of the General, Network, and Storage tabs, and have redesigned the experience for DHCP snippets and Scripts.

Redesigned DHCP snippets tab

JAAS

The JAAS squad works on jaas.ai, the Juju GUI, and upcoming projects to support Juju.

This iteration we setup a bare-bones scaffold of our new JAAS Dashboard app using React and Redux.

Snaps

The Snap squad works on improvements to snapcraft.io.

Updating snapcraft.io to Vanilla 2.3.0

We continued work updating snapcraft.io to the latest version of Vanilla.

The post Design and Web team summary - 16 August 2019 appeared first on Ubuntu Blog.

19 Aug 2019 9:39am GMT

• Replicating Particle Collisions at CERN with Kubeflow - this post is interesting for a number of reasons. First, it shows how Kubeflow delivers on the promise of portability and why that matters to CERN. Second, it reiterates that using Kubeflow adds negligible performance overhead as compared to other methods for training. Finally, the post shows another example of how images and deep learning can replace more computationally expensive methods for modelling real-word behaviour. This is the future, today.
• AI vs. Machine Learning: The Devil Is in the Details - Need a refresh on what the difference is between artificial intelligence, machine learning and deep learning? Canonical has done a webinar on this very topic, but sometimes a different set of words are useful, so read this article for a refresh. You'll also learn about a different set of use cases for how AI is changing the world - from Netflix to Amazon to video surveillance and traffic analysis and predictions.

• Making Deep Learning User-Friendly, Possible? - The world has changed a lot in the 18 months since this article was published. One of the key takeaways from this article is a list of features to compare several standalone deep learning tools. The exciting news? The output of these tools can be used with Kubeflow to accelerate Model Training. There are several broader questions as well - How can companies leverage the advancements being made within the AI community? Are better tools the right answer? Finding a partner may be the right answer.
• Interview spotlight: One of the fathers of AI is worried about its future - Yoshua Bengio is famous for championing deep learning, one of the most powerful technologies in AI. Read this transcript to understand some of his concerns with the direction of AI, as well as the exciting developments in AI. Research that is extending deep learning into things like reasoning, learning causality, and exploring the world in order to learn and acquire information.

The post Issue #2019.08.19 - Kubeflow at CERN appeared first on Ubuntu Blog.

19 Aug 2019 8:00am GMT

Okay, I'm back from Summer Camp and have caught up (slightly) on life. I had the privilege of giving a talk at BSidesLV entitled "CTFs for Fun and Profit: Playing Games to Build Your Skills." I wanted to post a quick link to my slides and talk about the IoT CTF I had the chance to play.

I played in the IoT Village CTF at DEF CON, which was interesting because it uses real-world devices with real-world vulnerabilities instead of the typical made-up challenges in a CTF. On the other hand, I'm a little disappointed that it seems pretty similar (maybe even the same) year-to-year, not providing much variety or new learning experiences if you've played before.

19 Aug 2019 7:00am GMT

This week we've been fixing floors and playing with the new portal HTML element. We round up the Ubuntu community news including the release of 18.04.3 with a new hardware enablement stack, better desktop integration for Livepatch and improvements in accessing the latest Nvidia drivers. We also have our favourite picks from the general tech news.

It's Season 12 Episode 19 of the Ubuntu Podcast! Alan Pope, Mark Johnson and Stuart Langridge are connected and speaking to your brain.

In this week's show:

• We discuss what we've been up to recently:
  • Mark has been fixing his floor.
  • Stuart as been playing with the new portal HTML element.
• We discuss the community news:
  • Ubuntu 18.04.3 LTS is released
  • Desktop integration for Livepatch
  • KDE has removed a feature from .desktop files which posed a security risk
  • Improvements to Additional Driver options on the way
  • Ubuntu 19.10 will have an experimental "ZFS on root" option
• We mention some events:
  • The Linux Application Summit is coming to Barcelona in November: 12th to 15th November - Barcelona, Spain.
  • Open EdTech Global Festival 2019: 21 to 22 of November 2019 - Barcelona, Spain.
• We discuss the news:
  • Man gets "NULL" license plate with unexpected consequences
  • Rust developers Facepunch announced the future of the game on Linux
  • Facial recognition in use around King's Cross Station
  • kill -9 Linux Journal
• Image taken from Starglider published in 1986 for the Amiga by Rainbird.

That's all for this week! You can listen to the Ubuntu Podcast back catalogue on YouTube. If there's a topic you'd like us to discuss, or you have any feedback on previous shows, please send your comments and suggestions to show@ubuntupodcast.org or Tweet us or Toot us or Comment on our Facebook page or comment on our sub-Reddit.

• Join us in the Ubuntu Podcast Telegram group.

15 Aug 2019 2:00pm GMT

If you have ever used aptitude a bit more extensively on the command-line, you'll probably have come across its patterns. This week I spent some time implementing (some) patterns for apt, so you do not need aptitude for that, and I want to let you in on the details of this merge request !74.

so, what are patterns?

Patterns allow you to specify complex search queries to select the packages you want to install/show. For example, the pattern ?garbage can be used to find all packages that have been automatically installed but are no longer depended upon by manually installed packages. Or the pattern ?automatic allows you find all automatically installed packages.

You can combine patterns into more complex ones; for example, ?and(?automatic,?obsolete) matches all automatically installed packages that do not exist any longer in a repository.

There are also explicit targets, so you can perform queries like ?for x: ?depends(?recommends(x)): Find all packages x that depend on another package that recommends x. I do not fully comprehend those yet - I did not manage to create a pattern that matches all manually installed packages that a meta-package depends upon. I am not sure it is possible.

reducing pattern syntax

aptitude's syntax for patterns is quite context-sensitive. If you have a pattern ?foo(?bar) it can have two possible meanings:

1. If ?foo takes arguments (like ?depends did), then ?bar is the argument.
2. Otherwise, ?foo(?bar) is equivalent to ?foo?bar which is short for ?and(?foo,?bar)

I find that very confusing. So, when looking at implementing patterns in APT, I went for a different approach. I first parse the pattern into a generic parse tree, without knowing anything about the semantics, and then I convert the parse tree into a APT::CacheFilter::Matcher, an object that can match against packages.

This is useful, because the syntactic structure of the pattern can be seen, without having to know which patterns have arguments and which do not - basically, for the parser ?foo and ?foo() are the same thing. That said, the second pass knows whether a pattern accepts arguments or not and insists on you adding them if required and not having them if it does not accept any, to prevent you from confusing yourself.

aptitude also supports shortcuts. For example, you could write ~c instead of config-files, or ~m for automatic; then combine them like ~m~c instead of using ?and. I have not implemented these short patterns for now, focusing instead on getting the basic functionality working.

So in our example ?foo(?bar) above, we can immediately dismiss parsing that as ?foo?bar:

1. we do not support concatenation instead of ?and.
2. we automatically parse ( as the argument list, no matter whether ?foo supports arguments or not

apt not understanding invalid patterns

Supported syntax

At the moment, APT supports two kinds of patterns: Basic logic ones like ?and, and patterns that apply to an entire package as opposed to a specific version. This was done as a starting point for the merge, patterns for versions will come in the next round.

We also do not have any support for explicit search targets such as ?for x: ... yet - as explained, I do not yet fully understand them, and hence do not want to commit on them.

The full list of the first round of patterns is below, helpfully converted from the apt-patterns(7) docbook to markdown by pandoc.

logic patterns

These patterns provide the basic means to combine other patterns into more complex expressions, as well as ?true and ?false patterns.

?and(PATTERN, PATTERN, ...)

Selects objects where all specified patterns match.

?false

Selects nothing.

?not(PATTERN)

Selects objects where PATTERN does not match.

?or(PATTERN, PATTERN, ...)

Selects objects where at least one of the specified patterns match.

?true

Selects all objects.

package patterns

These patterns select specific packages.

?architecture(WILDCARD)

Selects packages matching the specified architecture, which may contain wildcards using any.

?automatic

Selects packages that were installed automatically.

?broken

Selects packages that have broken dependencies.

?config-files

Selects packages that are not fully installed, but have solely residual configuration files left.

?essential

Selects packages that have Essential: yes set in their control file.

?exact-name(NAME)

Selects packages with the exact specified name.

?garbage

Selects packages that can be removed automatically.

?installed

Selects packages that are currently installed.

?name(REGEX)

Selects packages where the name matches the given regular expression.

?obsolete

Selects packages that no longer exist in repositories.

?upgradable

Selects packages that can be upgraded (have a newer candidate).

?virtual

Selects all virtual packages; that is packages without a version. These exist when they are referenced somewhere in the archive, for example because something depends on that name.

examples

apt remove ?garbage

Remove all packages that are automatically installed and no longer needed - same as apt autoremove

apt purge ?config-files

Purge all packages that only have configuration files left

oddities

Some things are not yet where I want them:

• ?architecture does not support all, native, or same
• ?installed should match only the installed version of the package, not the entire package (that is what aptitude does, and it's a bit surprising that ?installed implies a version and ?upgradable does not)

the future

Of course, I do want to add support for the missing version patterns and explicit search patterns. I might even add support for some of the short patterns, but no promises. Some of those explicit search patterns might have slightly different syntax, e.g. ?for(x, y) instead of ?for x: y in order to make the language more uniform and easier to parse.

Another thing I want to do ASAP is to disable fallback to regular expressions when specifying package names on the command-line: apt install g++ should always look for a package called g++, and not for any package containing g (g++ being a valid regex) when there is no g++ package. I think continuing to allow regular expressions if they start with ^ or end with $ is fine - that prevents any overlap with package names, and would avoid breaking most stuff.

There also is the fallback to fnmatch(): Currently, if apt cannot find a package with the specified name using the exact name or the regex, it would fall back to interpreting the argument as a glob(7) pattern. For example, apt install apt* would fallback to installing every package starting with apt if there is no package matching that as a regular expression. We can actually keep those in place, as the glob(7) syntax does not overlap with valid package names.

Maybe I should allow using [] instead of () so larger patterns become more readable, and/or some support for comments.

There are also plans for AppStream based patterns. This would allow you to use apt install ?provides-mimetype(text/xml) or apt install ?provides-lib(libfoo.so.2). It's not entirely clear how to package this though, we probably don't want to have libapt-pkg depend directly on libappstream.

feedback

Talk to me on IRC, comment on the Mastodon thread, or send me an email if there's anything you think I'm missing or should be looking at.

15 Aug 2019 1:55pm GMT

Well, I just finished up closing out the remaining account that I had on Tumblr. I hadn't touched it for a while. The property just got sold again and is being treated like nuclear waste. I did export my data and somehow had a two gigabyte export. I didn't realize I used it that much.

My profile on Instagram was nuked as well. As things keep sprouting the suffix of "--by Facebook" I can merrily shut down those profiles and accounts. That misbehaving batch of algorithms mischaracterizes me 85% of the time and I get tired of dealing with such messes. The accretions of outright non-sensical weirdness in Facebook's "Ad Interests" for me get frankly quite disturbing.

Remember, you should take the time to close out logins and accounts you don't use. Zombie accounts help nobody.

14 Aug 2019 2:22am GMT

I've updated the kde.org/applications site so KDE now has web pages and lists the applications we produce.

In the update this week it's gained Console apps and Addons.

Some exciting console apps we have include Clazy, kdesrc-build, KDebug Settings (a GUI app but has no menu entry) and KDialog (another GUI app but called from the command line).

This KDialog example takes on a whole new meaning after watching the Chernobyl telly drama.

And for addon projects we have stuff like File Stash, Latte Dock and KDevelop's addons for PHP and Python.

At KDE we want to be a great place to be a home for your project and this is an important part of that.

13 Aug 2019 2:00pm GMT

Whenever a process accesses a virtual address where there isn't currently a physical page mapped into its process space then a page fault occurs. This causes an interrupt so that the kernel can handle the page fault.

A minor page fault occurs when the kernel can successfully map a physically resident page for the faulted user-space virtual address (for example, accessing a memory resident page that is already shared by other processes). Major page faults occur when accessing a page that has been swapped out or accessing a file backed memory mapped page that is not resident in memory.

Page faults incur latency in the running of a program, major faults especially so because of the delay of loading pages in from a storage device.

The faultstat tool allows one to easily monitor page fault activity allowing one to find the most active page faulting processes. Running faultstat with no options will dump the page fault statistics of all processes sorted in major+minor page fault order.

Faultstat also has a "top" like mode, inoking it with the -T option will display the top page faulting processes again in major+minor page fault order.

The Major and Minor columns show the respective major and minor page faults. The +Major and +Minor columns show the recent increase of page faults. The Swap column shows the swap size of the process in pages.

Pressing the 's' key will switch through the sort order. Pressing the 'a' key will add an arrow annotation showing page fault growth change. The 't' key will toggle between cumulative major/minor page total to current change in major/minor faults.

The faultstat tool has just landed in Ubuntu Eoan and can also be installed as a snap. The source can is available on github.

13 Aug 2019 11:14am GMT

Welcome to the Ubuntu Weekly Newsletter, Issue 591 for the week of August 4 - 10, 2019. The full version of this issue is available here.

In this issue we cover:

• Ubuntu 18.04.3 LTS released
• Ubuntu Stats
• Hot in Support
• LoCo Events
• Yaru next move
• Launchpad news, March 2019 - July 2019
• Xfce Screensaver 0.1.7 Released
• Ubuntu ZFS support in 19.10: introduction
• Fixes for recent KDE desktop vulnerability
• Other Community News
• Canonical News
• In the Press
• In the Blogosphere
• Other Articles of Interest
• Featured Audio and Video
• Meeting Reports
• Upcoming Meetings and Events
• Updates and Security for 16.04, 18.04, and 19.04
• And much more!

The Ubuntu Weekly Newsletter is brought to you by:

• Krytarik Raido
• Bashing-om
• Chris Guiver
• Wild Man
• EoflaOE
• And many others

If you have a story idea for the Weekly Newsletter, join the Ubuntu News Team mailing list and submit it. Ideas can also be added to the wiki!

Except where otherwise noted, this issue of the Ubuntu Weekly Newsletter is licensed under a Creative Commons Attribution ShareAlike 3.0 License

12 Aug 2019 11:07pm GMT