Re: git-ubuntu build
On Mon, Jun 12, 2023 at 1:37 PM Adrien Nader wrote: > On Sat, Jun 10, 2023, Neal McBurnett wrote: > > OK, I'm stuck. This sounds great, and just the sort of thing I want to do > > ... You should use the snap and I think you need the one from edge in > practice: > > sudo snap install --edge git-ubuntu > > I'm going to comment on some of your other questions but the snap is the > best way to install this. Great answer, Adrien - that got me unstuck! Many thanks to all of you for all of these things. And sorry to not even have figured out on my own the simplest of issues with the advice I got from a random LLM, to use a git: schema instead of https: I've tried to make this info a bit easier to find by noting it as an alternative at one of the popular AskUbuntu questions on getting source code: https://askubuntu.com/a/1472081/6130. Please feel free to suggest improvements, better references etc. E.g. some more clarity on the relationship between the Ubuntu Maintainer's Handbook <https://github.com/canonical/ubuntu-maintainers-handbook>. and the Ubuntu Packaging Guide <https://packaging.ubuntu.com/html/> would be helpful. Finally, while playing with LangChain (a very popular framework for Large Language Model development) and visiting their Discord, I also ran across https://www.kapa.ai/ which provides a chat agent for LangChain documentation in the Discord (#ask-kapa-langchain channel: https://discord.com/channels/1038097195422978059/1072944049788555314). They sound eager to get companies on board with their own kapa chat agents. In fact I dare say there will surely be a variety of organizations trying to make it easy to ask questions about developer documentation: And of course who knows what their plans might be for monetizing that At any rate it's a way to get a feel for how such things might work, and a possibility for the short or long term Anyway - sorry for hijacking the thread a bit, and thanks for the context! -- Neal McBurnett http://neal.mcburnett.org/ -- ubuntu-devel mailing list ubuntu-devel@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel
Re: git-ubuntu build
ink to a whole list of unrelated bugs in the SRU > > process), etc. And the target of the 'git push' may or may not be > something > > that we want to merge immediately, may or may not want to raise an MP for > > immediately. > > Right, the point I was making there is that since the 'prepare-upload' > step pushes the branch to Launchpad, I don't want or need to include > that in my workflow until the end, after all that is done and I'm ready > to do the .changes upload. Then I do one final debuild -S and run > prepare-upload, verify it worked and check the .changes file has > expected fields, and then I directly dput the .changes. I think of that > as more of a submission-style procedure. > > But, there's more than one way to do this. I'm sure we all have unique > workflows for how we prep source packages. > > Bryce > > -- > ubuntu-devel mailing list > ubuntu-devel@lists.ubuntu.com > Modify settings or unsubscribe at: > https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel > -- Neal McBurnett http://neal.mcburnett.org/ -- ubuntu-devel mailing list ubuntu-devel@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel
Re: Ubuntu on the M1 chip
Thanks - good to know. From what I've heard, the M1 has some very nice CPU / GPU unified memory integration, an intriguing mix of four high-performance Firestorm and four energy-efficient Icestorm cores, and claims of the world's best CPU performance per watt Apple M1 - https://en.wikipedia.org/wiki/Apple_M1 Is there any update on the prospects for native Linux on the M1, after this article from the end of November? Linus Torvalds doubts Linux will get ported to Apple M1 hardware | Ars Technica https://arstechnica.com/gadgets/2020/11/__trashed-6/ Cheers, Neal McBurnett http://neal.mcburnett.org/ On Fri, Dec 18, 2020 at 09:16:51PM +0100, Matthias Klose wrote: > Santa visited early, brought a Mac Mini, and Parallels provided a first > preview > of Parallels Desktop for Mac M1 yesterday. > > gcc-10 build and test time is 3:10h with eight cores (38h on LP, although this > is using four cores). Julian had a small apt build benchmark, which is 11.6 > sec > on the M1 (-j 8), 42sec on a Lenovo first-gen X1e (6 cores, -j12), 8.4sec on a > Ryzen 3970x (limited to -j 8). > > Installed Ubuntu 20.10 server (couldn't find an arm64 desktop iso, are we only > shipping Pi images?). Some notes: > > - You can only configure 8GB RAM for the VM (the machine has 16GB). > > - IPv6 doesn't work with a bridged network. Likely a Parallels > bug. Just disable it. > > - You can't run ARM32 binaries. I don't know if that's a > limitation of Parallels or the M1 chip. > > Merry XMas, Matthias -- ubuntu-devel mailing list ubuntu-devel@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel
Re: mlocate - what is it good for?
I use mlocate multiple times a day. Find is way too slow and inconvenient for finding files in a big set of filesystems, compared to properly configuring mlocate. It also seems that the bugs should be addressed (and have in some cases been addressed) whether or not find is installed by default. Thanks, Neal McBurnett http://neal.mcburnett.org/ On Wed, May 22, 2019 at 11:59:57AM -0700, Brian Murray wrote: > The Ubuntu Foundations team was recently looking at an issue with > mlocate[1] and the effect it has on all users of Ubuntu. While that > specific issue is fixable there are also issues[2,3] with keeping > PRUNEFS and PRUNEPATHS current in updatedb.conf. So we ended up > questioning the usefulness of installing mlocate by default on systems > at all. We believe that find is an adequate replacement for mlocate but > want to hear from you about use cases where it may not be. I'll start > with a personal example: > > "I don't remember (because I need to know so infrequently) where the > meta-release file is cached on disk by update-manager and use locate to > find it. The find command itself is inadequate because the cached file > exists in both /home and /var." > > [1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=880507 > [2] http://launchpad.net/bugs/827841 > [3] http://launchpad.net/bugs/1823518 > > Thanks, > -- > Brian Murray > > -- > ubuntu-devel mailing list > ubuntu-devel@lists.ubuntu.com > Modify settings or unsubscribe at: > https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel -- ubuntu-devel mailing list ubuntu-devel@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel
Re: On Lists and Iterables
As J Fernyhough notes elsewhere in the thread, this is not the list to quibble
about Python 3.
Though, as John Lenton notes, there are excellent reasons for most of the
changes in Python 3, which of course has a different leading version number
precisely because it is not backward compatible. See e.g. this piece on the
critical need for Python 3, and the benefits of it. E.g.
Why Python 3 exists https://snarky.ca/why-python-3-exists/
For more on the rationale for changes related to iterators see
http://portingguide.readthedocs.io/en/latest/iterators.html
But it is very much appropriate for this list to help developers port packages
so they can continue to be supported in future Ubuntu versions after Python 2
is demoted.
And you should be pleased to learn that often all you have to do is use the
2to3 or futurize tools to automatically port your code to Python 3. After
doing so you can take advantage of the cleaner and more efficient Python 3
world. It is of course a hassle to do so, but it is a one-time cost, with many
benefits.
For example here I port your one-line Python 2 script that uses zip.
$ cat porting_example.py
print zip(["a","b"], ["c","d"])
$ python porting_example.py
[('a', 'c'), ('b', 'd')]
$ 2to3 porting_example.py > porting_example.patch
$ cat porting_example.patch
--- porting_example.py (original)
+++ porting_example.py (refactored)
@@ -1 +1 @@
-print zip(["a","b"], ["c","d"])
+print(list(zip(["a","b"], ["c","d"])))
$ patch -b < porting_example.patch # -b saves original as
porting_example.py.orig
$ cat porting_example.py
print(list(zip(["a","b"], ["c","d"])))
$ python3 porting_example.py
[('a', 'c'), ('b', 'd')]
See docs at http://python3porting.com/2to3.html
Porting Python 2 Code to Python 3 — Python 3.6.1rc1 documentation
https://docs.python.org/3/howto/pyporting.html
Neal McBurnett http://neal.mcburnett.org/
On Fri, Dec 15, 2017 at 11:40:14AM +0100, Xen wrote:
> I am just posting this so I don't have to save the text.
>
>
> 2.7: type(zip(["a","b"], ["c","d"]))
>
>
> 3 : type(zip(["a","b"], ["c","d"]))
>
>
> 3 : zip(["a","b"], ["c","d"])
>
>
> 2.7: zip(["a","b"], ["c","d"])
> [('a', 'c'), ('b', 'd')]
>
> 3 : list(zip(["a","b"], ["c","d"]))
> [('a', 'c'), ('b', 'd')]
>
> I don't even know what Iterables are.
>
> I just know that I can't print them directly.
>
> Python is supposed to be a beginner-friendly language.
>
> But this is incomprehensible.
>
> Zipping by definition produces a list of tuples, I mean zipping a
> list by definition creates a list of tuples, not a "zip" object.
>
> The whole semantic definition of "zip" is to take 2 (or more) lists,
> then create tuples out of every matched list element, and return
> those as a new list.
>
> Not to be left in some intermediate stage which is somehow more
> efficient to the interpreter or something.
>
> That would be like calling Set.difference and then getting a
> Difference object instead of a Set.
>
> Just an example of a user-unfriendly change.
>
> I already know someone is going to say "No it's not." and then leave
> it at that.
>
> About the above.
>
> Regards.
--
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Software installation on modern Ubuntu
Very helpful (and eye-opening) discussion of installation issues - thanks. Since it hasn't been mentioned yet, I'll note my favorite, the first install I make on new systems: wajig (https://en.wikipedia.org/wiki/Wajig) for command-line installs. It combines the confusing array of apt-* commands into one unified command, auto-invokes sudo when necessary, and much more. Cheers, Neal McBurnett http://neal.mcburnett.org/ On Sat, Aug 26, 2017 at 10:15:46PM +, Matt Wheeler wrote: > On Sat, 26 Aug 2017, 18:21 Colin Law <clan...@gmail.com> wrote: > > OK, I see where you are coming from. It never occurred to me that > anyone wanting to install libgtk2.0-dev, or similar, would want to use > a GUI. I assumed everyone used apt for that. Obviously I am wrong. > > > I'd add to this that aptitude has an excellent curses-based interactive mode > (just run aptitude with no options) which feels > similar to synaptic to use. Very powerful search options (which are also > available on the aptitude command line) and interactive > resolver choice selection which is occasionally very useful. > > A surprising number of people on debian-devel were unaware that aptitude has > an interactive mode during a related discussion over > there, so I think it's worth pointing out here too :). > > -- > > -- > Matt Wheeler > http://funkyh.at > > -- > Ubuntu-devel-discuss mailing list > Ubuntu-devel-discuss@lists.ubuntu.com > Modify settings or unsubscribe at: > https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: the right to make a difference
Thank you Sam for yet again wading thru all of these misconceptions about the GPL and copyright licenses. It really is very clear. The GPL allows people to modify the software ONLY if they agree to the conditions of the license, just like any other copyright holder does when they LICENSE software. The license is the only thing that allows more than 'fair use'. Grsecurity is welcome to work on anything they like, or not. But if they want to modify and redistribute the Linux kernel, they need to abide by the GPLv2, which requires allowing free redistribution of their modifications. Note that they aren't just offering a driver or some sort of add-on or plugin. Their latest "test" patch at https://grsecurity.net/test/grsecurity-3.1-4.5.5-201605291201.patch modifies over 3000 distinct files in the kernel. But really, this discussion about copyright and license philosophy clearly doesn't belong here. There is tons about it to read online, and discussions can go to the Open Source Initiative "License Discuss" list: https://lists.opensource.org/pipermail/license-discuss/ among others. Also see this page for more information and links: http://www.fsf.org/licensing I found it helpful to get the initial notice of complaints about Grsecurity, which seems relevant to Ubuntu in a variety of indirect ways. But unless there is something else particularly relevant to Ubuntu about that, I'd ask people to find the more appropriate venues for the conversation. Cheers, Neal McBurnett http://neal.mcburnett.org/ On Thu, Jun 02, 2016 at 03:33:59PM +0100, Sam Bull wrote: > On Thu, 2016-06-02 at 14:35 +0200, Xen wrote: > > The intention of the GPL is not really relevant. > > > > What happens is that the authors remain to have a say about how the > > product is used, if copyright is at play (at least the idea of > > copyright). > > Yes, and the authors stated they require you to allow redistribution of > any modifications under the same conditions of the GPL. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: GRsecurity is preventing others from redistributing source code
I agree with RMS that it sounds like this is a GPL violation. That also seems to agree with what you quoted from bkuhn (Brad Kuhn, president of Software Freedom Conservancy), who simply noted that we needed more details and the complaint has to be originitated by someone who does have the code and wants to distribute it. That's quite different from your characterization of the SFC response. And I agree that this is quite different from what Red Hat does, since they do distribute their patches. They protect their brand via trademark, which is appropriate. Someone who wants to open up GRsecurity patches could buy commercial support: https://grsecurity.net/business_support.php Elsewhere it has been said that support cost $200, but perhaps that has changed. Thanks for noting this, and I hope we find someone who can actually make this happen, or file a legal case. Neal McBurnett http://neal.mcburnett.org/ On Wed, Jun 01, 2016 at 02:37:51PM +, concernedfoss...@teknik.io wrote: > Here is RMS' response: > > Re: GRsecurity is preventing others from employing their rights under version > 2 the GPL to > redistribute source code > Richard Stallman (May 31 2016 10:27 PM) > > [[[ To any NSA and FBI agents reading my email: please consider ]]] > [[[ whether defending the US Constitution against all enemies, ]]] > [[[ foreign or domestic, requires you to follow Snowden's example. ]]] > > If I understand right, this is a matter of GPL 2 on the Linux patches. > Is that right? If so, I think GRsecurity is violating the GPL on > Linux. > > -- > Dr Richard Stallman > President, Free Software Foundation (gnu.org, fsf.org) > Internet Hall-of-Famer (internethalloffame.org) > Skype: No way! See stallman.org/skype.html. On Wed, Jun 01, 2016 at 02:15:46PM +, concernedfoss...@teknik.io wrote: > There is an important distinguishing feature: RedHat itself does release its > sourcecode, albit as huge code patches rather than the little ones that are > desired, but that makes the issue moot even before it would go to court. > > That is an important distinction, so these situations are not the same. > > Here the source is not released by Spengler to the public, > the stable patches do differ substantially from the "testing" patches > (one feature is 5 times bigger in the closed stable patch), and > sublicensees are threatened to not distribute. > > Now some people are arguing that kernel patches are not derivative works; > which would make the entire GPL even MORE worthless than it already has shown > to be in practice. > https://www.law.washington.edu/lta/swp/law/derivative.html > > And the SFConservancy doesn't seem to give a damn, > and #fsf and #gnu all scream to the high heavens that what spengler is doing > is just fine and > they seem to totally support him in it. > > I try to teach them that there is more to the law than their license but they > won't listen. > > > There is a legal term for this. It's called acting in bad faith. > That often gets your contract nullified. > Here there is a license grant. Spengler is acting in bad faith to frustrate > its purpose. > It does not matter if he is breaking legs, threatening to expose secrets, or > threatining to raise prices to exorbidant rates, or to cease sending the > patches: > What matters is that his goal is to deny the sublicensee the right given to > the sublicensee by the original licensor, and that he has obtained that goal > via his actions (the threats here). > > He has frustrated the purpose of the agreement (the grant) he had with the > original licensor, and thus > the grant fails. In other words: he has violated the license. > > > June 1 2016 2:02 PM, "Jonathan Corbet" <cor...@lwn.net> wrote: > > On Tue, 31 May 2016 18:47:38 + > > concernedfoss...@teknik.io wrote: > > > >> Is this not tortious interference, on grsecurity's (Brad Spengler) part, > >> with the quazi-contractual relationship the sublicensee has with the > >> original licensor? > > > > Unfortunately, it doesn't seem to be that way. This is essentially the > > Red Hat approach, and that has generally been deemed to be acceptable over > > the years. > > > > jon > > -- > > Jonathan Corbet / LWN.net / cor...@lwn.net -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Updater can't update kernel due to disk space
On Thu, Jan 15, 2015 at 12:49:10PM -0200, Cláudio Sampaio wrote: On Thu, Jan 15, 2015 at 12:45 PM, Colin Law clan...@gmail.com wrote: As from 14.04 apt-get autoremove should remove old kernels except for current and most recent. apt-get autoremove is an arcane command-line tool. I thought by this part of the discussion it had became clear that it is not a sensible solution (except maybe if auto-scheduled). +1 Neal McBurnett http://neal.mcburnett.org/ -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: [Ubuntu-bugcontrol] Please, consider reflecting on the Canonical Contributor Agreement
On Sun, Jan 11, 2015 at 09:52:49AM -0500, Stephen M. Webb wrote: On 01/10/2015 01:19 PM, Michael Banck wrote: On Mon, Jan 05, 2015 at 10:01:49AM -0500, Stephen M. Webb wrote: My understanding of the FSF/GNU copyright assignment is that in their part of the legal paperwork, they pledge to only relicense the code under a license of similar spirit. So the above is FUD AFAICT. Selling GPL exceptions is not disapproved of by RMS or the FSF; in fact they have even enouraged it. Consider reading Richard Stallman's essay on this at the FSF [1]. It is not FUD to say they could practice what they preach, not is it not FUD to point out they require total transfer of ownership of the copyright (which mean, in my country, extinguishment of my own rights as author) as opposed to the Canonical CLA, which only requires a license for the same rights the author continues to enjoy. Those are simple facts backed up by what the FSF themselves say publicly. [1] https://www.fsf.org/blogs/rms/selling-exceptions -- Stephen M. Webb stephen.w...@canonical.com Stephen, you should re-read what you link to. If FSF wants to allow others to embed their work in proprietary software, they don't sell an exception, they use a permissive licens: To quote: there are occasional cases where, for specific reasons of strategy, we decide that using a more permissive license on a certain program is better for the cause of freedom. In those cases, we release the program to everyone under that permissive license. This is because of another ethical principle that the FSF follows: to treat all users the same. An idealistic campaign for freedom should not discriminate, so the FSF is committed to giving the same license to all users. The FSF never sells exceptions; whatever license or licenses we release a program under, that is available to everyone. Neal McBurnett http://neal.mcburnett.org/ -- ubuntu-devel mailing list ubuntu-devel@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel
Re: ubuntu-devel should be the center of ubuntu development
On Sat, Jan 10, 2015 at 10:11:09AM +0100, Martin Pitt wrote: Jorge O. Castro [2015-01-10 1:58 -0500]: Having falling victim to it's so easy to just post on G+ syndrome just like everyone else, I think we should fix this. [...] There was a point in time when ubuntu-devel was too granular; I just want to kick of a discussion if the pendulum has swung too far to the other side. Thoughts? Fully agreed. I like G+ for staying in touch, but I consider it a lossy medium like IRC. People may read it or not, and it's not the right tool for official announcements -- ubuntu-devel-announce@ is just for that. Yes indeed!! E.g. I'd love it if Mark would post the names for new releases here also, like it was long ago. Combining email push notifications with the various social media options can help make a bigger splash. Cheers, Neal McBurnett http://neal.mcburnett.org/ -- ubuntu-devel mailing list ubuntu-devel@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel
Re: Please, consider reflecting on the Canonical Contributor Agreement
[Please don't cross-post to lots of lists, folks!] Stephen, thank you for helping ground the conversation with quotes etc. I think you've demonstrated that CLAs are quite defensible in terms of the GPL. But I hear a larger question, framed in the actual subject line - to *consider reflecting on* the Canonical CLA. I.e. what are the benefits to Canonical, to you, to contributors, to the whole ecosystem, to humanity (Ubuntu philosophy) of a CLA? I've heard two very helpful perspectives on this over the years. The first, from 2011, was from Mark, on why giving more leverage, via CLAs, to projects and companies in general is helpful to the whole ecosystem: Mark Shuttleworth on companies and free software [LWN.net] https://lwn.net/Articles/442782/ This summer, Simon Phipps nicely framed a different view tuned to the trends of frictionless distributed development that he calls Permissionless governance: Governance for the GitHub generation | InfoWorld http://www.infoworld.com/article/2608195/open-source-software/governance-for-the-github-generation.html I highly recommend both reads. Perhaps the two models may make sense in different circumstances, e.g. with CLAs for polished application code, and permissionless governance for more infrastructure-related software. Of course the nice thing about free software and open source software is that we each benefit, and we each get to choose how to participate. And our choices can reflect our own perspectives, enriched by the perspectives of others. Happy new year, all :) Neal McBurnett http://neal.mcburnett.org/ -- ubuntu-devel mailing list ubuntu-devel@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel
Re: Why Ubuntu doesn’t support certain form of shebang for Python?
On Tue, Nov 11, 2014 at 01:35:09PM -0500, Scott Kitterman wrote:
On Tuesday, November 11, 2014 13:04:38 Rodney Dawes wrote:
On Tue, 2014-11-11 at 18:02 +0100, GatoLoko wrote:
Since different distributions and unix systems may have different paths,
you may want to use the env utility in a shebang like #!/usr/bin/env
python2.
Using /usr/bin/env will cause problems in certain conditions, such as
when running under a virtualenv and other such environments.
Also, for python 2.x scripts, you should always use /usr/bin/python, and
if python3 is required, /usr/bin/python3. There is no guarantee that
python2 will be a valid command.
The problem is that one Linux distro went insane and pointed /usr/bin/python
at a python3 version, which is the only reason the PEP creating
/usr/bin/python2 exists, so thanks to them there is no common shebang one can
be sure will always work. /usr/bin/python works fine everywhere but one
distro, so that's what I'd use too. /usr/bin/env python{2} is fine for
developer oriented packages where they may want to override the default
python
version in some contained environment, but risky for things that are part of
an actual system.
I'm glad that python2 is in Debian and Ubuntu (do you know offhand which
releases?).
Which distros is it still not supported in? Are they likely to catch up?
Do you see a path to a world where compliance with PEP 0394 is the right
approach, making the transition to python3 easier?
http://legacy.python.org/dev/peps/pep-0394/
Thanks,
Neal McBurnett http://neal.mcburnett.org/
--
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Why Ubuntu doesn’t support certain form of shebang for Python?
On Tue, Nov 11, 2014 at 05:19:38PM -0500, Barry Warsaw wrote: On Nov 11, 2014, at 11:48 AM, Neal McBurnett wrote: I'm glad that python2 is in Debian and Ubuntu (do you know offhand which releases?). Which distros is it still not supported in? Are they likely to catch up? Sorry, I don't know off-hand. Do you see a path to a world where compliance with PEP 0394 is the right approach, making the transition to python3 easier? http://legacy.python.org/dev/peps/pep-0394/ I suspect PEP 394 will mostly be a reflection of reality rather than a driver of downstream policy. E.g. I think it will be a very long time, if ever, that you'll see PEP 394 recommend, or widespread de facto adoption, of /usr/bin/python pointing to Python 3. Maybe by Python 4 wink. Hopefully though PEP 394 will stop other distros from doing insane things like was done with that one existing adventurous outlier. Cheers, -Barry I should have clarified my point better. Scott's message recommended putting python, rather than python2 in shebangs, since it works in more distros. That seems to be In contrast with PEP 394, which says to use python2 rather than python, unless the code works in both python 2.x and python 3.x. That is in order to facilitate migration, and it would be necessary before anyone could make the next step you talk of (pointing python to python 3). That's why I'm wondering where the PEP 394 approach doesn't currently work, and when we might indeed recommend following the current PEP 394 standard. Thanks, Neal McBurnett http://neal.mcburnett.org/ -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Pre-upgrade warnings and advice?
On Fri, Jun 06, 2014 at 02:46:46PM +0100, Matthew Paul Thomas wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Neal McBurnett wrote on 02/06/14 20:49: Is there anything in the official upgrade tools to remind users about use of ppas, non-repo packages, unofficial desktops or other potentially problematic bits of software like unofficial programs which tweak UI settings and the like? I recall some warning about some such packages at upgrade time, but I forget when it happens, what it includes, and what advice it gives. The alert appears after the release notes, and before the new packages are downloaded. It has primary text Third party sources disabled, and secondary text Some third party entries in your sources.list were disabled. You can re-enable them after the upgrade with the 'software-properties' tool or your package manager. It has one button, Close. There are several problems with this. Is it really necessary for the sources to be disabled? Does that mean software from those channels will be removed too? If so, which software is involved? And if not, if a security update is issued in that third-party source later on, am I just out of luck? Why is there no button for cancelling the upgrade at this point? And if I cancel the upgrade after this point, do the sources remain disabled, and if so, why? Even if the function is unchanged, the presentation could be improved in many ways. Why am I exposed to the filename sources.list, when I probably added the channel through Software Sources without seeing that filename? What is an entry, and what does it mean for it to be disabled? Which ones were disabled, exactly? Why is a graphical tool referred to by its command-line name? Why is it using Ascii apostrophes instead of quote marks? And what is a package manager? Excellent points, Matthew! And thanks for digging out the details. It would seem most convenient to have a safe, stand-alone application that would just look for such software and give good advice on what might not work, where folks might go or look for upgrade paths supported by PPA developers or other organizations, etc. It would help a lot if it didn't spew out too much information, e.g. by combining warnings for a set of packages into an overall warning about a particular desktop or suite of related packages with similar upgrade issues. Why would it be most convenient for it to be a standalone application? That would mean that most people upgrading wouldn't see it and therefore wouldn't benefit from it. And if it was intended for use outside the upgrade process, that's what Software Sources is for. It's already a Windows-Vista-like awkwardness that Software Sources is a standalone app instead of a System Settings panel. - -- mpt The option I was focusing on is the pre-upgrade phase. I'd like to have an app that just keeps track for me of what I've been doing that might affect future upgrades. It could also help me recover my third-party packages, tweaks, etc. after an upgrade. It would help us do spring cleaning of our sources, packages, etc, when we're not in the heat of following a shiny package (Hey I want to try this package out and will do whatever it takes to install it, ignoring possible upgrade issues down the line.) In that regard, the recent response describing Aptik was most encouraging. See e.g. Aptik - A Tool to Backup/Restore Your Favourite PPAs and Apps in Ubuntu http://www.tecmint.com/aptik-a-tool-to-backuprestore-your-favourite-ppas-and-apps-in-ubuntu/ Aptik: Command line utility to simplify re-installation of software packages after upgrading and re-installing the Linux distribution. https://launchpad.net/apt-toolkit Unfortunately it seems to still only be available from a PPA itself. So I see two use cases. Besides the one I describe, you're noting that the actual upgrade process should be clearer, and I certainly agree. That would benefit everyone who upgrades. At a minimum I'd suggest that during there be better information, as you suggest, an option to cancel, and a reference to an official version of aptik or something like it. Cheers, Neal McBurnett http://neal.mcburnett.org/ -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Upgrade issues
You would make this easier for yourself and all of us if you start with a few basic bits of information: Which Ubuntu version did you use before the upgrade? What did you upgrade to? How did you do the upgrade? Which desktop did you use? I note you mention Mate which I don't know much about, but which until very recently seems not to even have been in the official repositories. Did you install it via a PPA? Did you use tweaks or other UI configuration management tools that are not officially supported by Ubuntu? If you used features unsupported by Ubuntu, you should ask the supporters of those repos and tools about how to do a clean upgrade. Neal McBurnett http://neal.mcburnett.org/ -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Pre-upgrade warnings and advice?
Ubuntu support for upgrades naturally depends on exactly what is being upgraded. Use of software from outside the official Ubuntu repositories (PPA repositories or .deb files or tar.gz packages or the like) means upgrades may be more complicated for the user. Is there anything in the official upgrade tools to remind users about use of ppas, non-repo packages, unofficial desktops or other potentially problematic bits of software like unofficial programs which tweak UI settings and the like? I recall some warning about some such packages at upgrade time, but I forget when it happens, what it includes, and what advice it gives. It would seem most convenient to have a safe, stand-alone application that would just look for such software and give good advice on what might not work, where folks might go or look for upgrade paths supported by PPA developers or other organizations, etc. It would help a lot if it didn't spew out too much information, e.g. by combining warnings for a set of packages into an overall warning about a particular desktop or suite of related packages with similar upgrade issues. Do things like that exist? Cheers, Neal McBurnett http://neal.mcburnett.org/ -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Upgrade issues
On Mon, Jun 02, 2014 at 02:18:52PM -0700, Dale Amon wrote: On Mon, Jun 02, 2014 at 01:59:23PM -0600, Neal McBurnett wrote: The appropriate way to deal with clear bugs is to report them in launchpad, along with the necessary details like steps to reproduce, kind of hardware, etc. Do you have bug numbers for these? It is not clear these are bugs. It seems more likely they are just items for which someone can say: Just do this or Just read this. The only one I think is a probable real bug is the inability of the backdrop panel to handle large numbers of files. You cut out the text of mine that you're responding to, but you'll see that in that reply I only was talking about the items that clearly are bugs: the large number of files and the lockups on lid closure. Did you subumit bug reports on them? As for the rest of your issues, as far as I can see Mate was in the universe component in Saucy, and thus does not have official support available. It should have community support, but that is hard, especially for very tricky stuff like seamless upgrades. I still suggest detailing your experiences in launchpad bug reports for those also - that is the best way to get help and to help others out, in my experience. Or, indeed, to switch to a distro that focuses on your preferred software, if it has a better track record or community for what you want to do. See more at https://help.ubuntu.com/community/Repositories: Universe The universe component is a snapshot of the free, open-source, and Linux world. It houses almost every piece of open-source software, all built from a range of public sources. Canonical does not provide a guarantee of regular security updates for software in the universe component, but will provide these where they are made available by the community. Users should understand the risk inherent in using these packages. Popular or well supported pieces of software will move from universe into main if they are backed by maintainers willing to meet the standards set by the Ubuntu team. Neal McBurnett http://neal.mcburnett.org/ -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Point of reviews
On Fri, May 23, 2014 at 12:01:43PM -0400, Scott Kitterman wrote: On Friday, May 23, 2014 19:54:05 Dmitry Shachnev wrote: On Fri, May 23, 2014 at 7:27 PM, Didier Roche didro...@ubuntu.com wrote: Since CI train packages are mostly Ubuntu specific (Qt5 is somewhat unique in this regard), I'd suggest those need review in New much more than the 75% of our packages we get from Debian unmodified that have already been through New there. This is the case since we had daily release and it's a bug/feature in Launchpad itself. Does this mean that anyone can bypass the NEW queue by uploading a package to any PPA and then copying it using copy-package? If yes, then I would consider it a security hole. Particularly since the list of people that can upload to the relevant PPAs is not constrained to Ubuntu developers. It not only can bypass New, it can bypass all the normal sponsorship process. Can someone lay this vulnerability out a bit more clearly from a security perspective? What are the relevant steps in the daily release process, who is involved at each step, how does this differ from going thru the NEW queue, what is the threat, what would an attack look like? Is it that a new set of people can actually get stuff into Ubuntu, or that the procedural guidlines that help the empowered people do security/quality revew are bypassed, or something else? What are proposed alternative processes, and how would they affect daily builds? Links to previous discussions (with good context if possible) would be great. Thanks, Neal McBurnett http://neal.mcburnett.org/ -- ubuntu-devel mailing list ubuntu-devel@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel
Re: Aptitude installed by default on 13.10?
On Tue, Apr 09, 2013 at 01:25:22PM -0700, Clint Byrum wrote: Excerpts from Robert Holtzman's message of 2013-04-09 12:33:05 -0700: .snip On Ubuntu Desktop we want to discourage usage of command line =) as there is no need for that for non-developers. That's one of the more elitist, swinishly arrogant statements I've heard lately. Are you actually discouraging new users from learning linux? Why? The cli is one of the best teaching tools there is. Are you afraid of confusing Grandma and Grandpa? Is this part of the process of dumbing down the distro that's been going on lately? Did the devs come up with that or was it an edict from Mavelous Mark? I hope to hell that was a joke. For computer enthusiasts and power users, the CLI is great. But for the person who sees their computing device as a window to other activities, it is a huge distraction. It's good to help people avoid things they see as distractions. But that is no cause to discourage usage of command line, since for many people it is a huge time-saver and far less distracting than wading thru the learning curve on the GUI-du-jure. So given that it seems we can agree that the original message was a bit off-target (thanks for the clarification, Brett!), can we also agree that this notion that Ubuntu wants to discourage usage of command line (sic) is also not only unsupported by any evidence, but not a good idea. Instead, let's continue to free GUI-lovers from *needing* to use the command line, and let's make it easy for command-line users to retain all their superpowers without needless disruption. Specific bug reports related to those goals are welcomed. And lets all take a deep breath. In... Out... Ahhh... Thanks to all the volunteers and supporters that make Ubuntu possible! Neal McBurnett http://neal.mcburnett.org/ -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
getting access to errors.ubuntu.com to report / track crash bugs
How do we get access to the apport crash reports that are being reported now to the ErrorTracker system and http://errors.ubuntu.com? If I go there now I get some information on which crashes are most common, but trying to drill in for more information by clicking on the function id in one of the lines of the tabular summary just gets me to an authorization request that always fails. It doesn't indicate who has access or how to get access to this information: OpenID Authentication Required Authorization is required to access https://errors.ubuntu.com/bucket/?id=/usr/lib/unity-lens-video/unity-lens-video:DBusException:%3Cmodule%3E:__init__:__init__:get_bus:__new__:__new__:__new__ Either you have not been granted access to this resource or your entitlement has timed out. Please try again. You are currently logged in as https://login.ubuntu.com/+id/yDLxPGp. (logout) How do I get access, so I can e.g. write some bug reports on errors that affect me? Note that the launchpad ID I'm logging in with is nealmcb (not yDLxPGp). See also http://askubuntu.com/questions/140379/how-can-i-track-a-bug-that-caused-a-crash-and-was-reported-via-apport-whoopsie/ I'm still unclear on some other aspects of the error site, and have an open askubuntu query: http://askubuntu.com/questions/137712/how-to-interpret-errors-ubuntu-com-graph-data Cheers, Neal McBurnett http://neal.mcburnett.org/ -- ubuntu-devel mailing list ubuntu-devel@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel
Re: How to install Precise without getting screwed?
Dale, please note that this is the ubuntu-devel-discuss list. You are not talking to Canonical. You're not even talking to the main developer list ubuntu-devel. This is an open-to-anyone list and I don't even know how many developers pay attention to it. They certainly pay less attention to a thread with a title like this one. This is a place where people, mostly volunteers, typically try to get started in making technical contributions to Ubuntu, which is why people keep trying to steer the conversation back to concrete suggestions, bug reports, etc. That's how we get stuff done here. If you want to talk business, this is not the right place, nor is it the right place to get someone else to talk business on your behalf. To talk business, I'd suggest either giving Canonical a call, or looking at the huge variety of support options (from Canonical and from many many others) at http://www.ubuntu.com/support If you're not interested in a business relationship (which might well involve money), perhaps you could take it up with the Technical Board, or the Community Council. Or really get involved, by coming to the Ubuntu Developer Summit, or digging in to the aspect of Ubuntu where you could have the best leverage. But this is not the place to address the concerns you have, at least in the way you're trying to frame them. Neal McBurnett http://neal.mcburnett.org/ On Wed, Apr 11, 2012 at 09:04:47PM +0100, Dale Amon wrote: On Wed, Apr 11, 2012 at 09:33:54PM +0200, Sebastien Bacher wrote: You also assume that - what you used before was meet(ing) customer needs better than Unity, it might be true for you or your customer, it doesn't mean your case is the most common one in the world Just curious, what is the customer base you are working with? I do systems for investor conferences (for a large NY bank); various moderate sized accountancy firms (DC area) and a number of aerospace companies (New Space market segment, ie private space). I also often work side by side with techs from the big broadcast networks and guys who have worked on Wall Street. (It's nice work while the contracts are running... I'd do nicely if those gigs were more regular.) The folks I deal with have racks of gear in colo's in Manhattan. Also, I've been around the patch a bit and know a lot of folks and what their requirements are... hint: my first program was in Fortran on a 360/67 at Carnegie Mellon. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Google Summer of Code 2012 announced
On Mon, Mar 05, 2012 at 05:31:55PM +0100, Daniel Holbach wrote: On 05.03.2012 16:56, Luke Faraone wrote: Depending on the time commitment involved, I would be happy to coordinate. I answered this partly in https://lists.ubuntu.com/archives/ubuntu-devel/2012-February/034791.html Neal McBurnett also indicated some interest. Thanks, Luke and Daniel! I'm interested in mentoring a student if there is a suitable project, but I don't have the available bandwidth to coordinate. Neal McBurnett http://neal.mcburnett.org/ -- ubuntu-devel mailing list ubuntu-devel@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel
testkernel script to automate trying new kernels
I ran into a reproducable kernel bug last month: precise crashed within a minute of booting, every time. https://bugs.launchpad.net/ubuntu/+source/linux/+bug/906993 Joseph Salisbury ran a git bisect series of tests to figure out when in linux 3.1 the bug was introduced. That is a clever semi-automated binary search of the ten-thousand or so git commits during the development of 3.1 It required thirteen builds from him, and thirteen tests by the folks with the right hardware: download, install, reboot, try to remember and select the name of the new kernel, etc. And often, missing the grub screen on reboot, getting the wrong kernel, and having to reboot again So I had some time and an itch to meditate on the situation, and look for an easier way. I didn't find any scripts out there to help me out, so I wrote my own cute little python program. For now I put it up as a simple one-file gist on git: testkernel: automate many linux kernel testing steps - great for a git bisect https://gist.github.com/1897943 It is a command line script, and you specify the flavor of kernel you want, the architecture, and where the .debs are: testkernel -f generic-pae -a i386 http://kernel.ubuntu.com/~kernel-ppa/mainline/v3.2.5-precise/ It then does these things to make linux kernel testing easy: looks in the indicated folder on the web downloads the .deb files for the kernel of the given type installs them locally configures grub2 to reboot to the given kernel on the next reboot So I can just start it up, come back later to reboot (automatically into the right kernel), and then do my testing. I also find it less of a hassle now to test mainline kernels as they come out. Does this seem useful to others? Is it better than any other alternatives out there? If so, I'm hoping it would be suitable for including in some existing Ubuntu package, or a new one if that's appropriate, and describing it in our testing documentation. Then we could refer to that from similar bug reports, and hopefully increase the rate of people being willing to help out with kernel testing. I noted a few bugs and several TODO items in the initial comment in the script. The one I need help with is grub-reboot - recent version of Ubuntu sometimes put the new kernel in a sub-menu, and sometimes at the top of the main menu. I haven't figured out when to add a 2 to the kernel name for grub-reboot, so sometimes it doesn't reboot into the right one, and you have to do it manually. Cheers, Neal McBurnett http://neal.mcburnett.org/ -- ubuntu-devel mailing list ubuntu-devel@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel
Re: Google Summer of Code 2012 announced
On Tue, Feb 21, 2012 at 10:28:41AM +0100, Daniel Holbach wrote: Please help filling out our application. This is important. https://wiki.ubuntu.com/GoogleSoC2012 I had a number of conversations with a few people already and I think it's worth clarifying that this cycle I won't have the time to act as the mentoring organisation liaison (if we should be chosen by Google this time). I just felt it important enough to make sure we all try to submit a great application, so Ubuntu contributors can spend the summer making Ubuntu better. So far we have 8 project ideas on the wiki page, we have some bits of the questionnaire already answered and one person potentially interested in being a contact person for the mentoring organisation. Have a great day, Daniel Thanks, Daniel. Can you talk some more about what it takes to be the contact person in terms of time and resources and connections, and what you enjoyed about it (or not) in the past? Cheers, Neal McBurnett http://neal.mcburnett.org/ -- ubuntu-devel mailing list ubuntu-devel@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel
Re: Using something better than Gobby for session notes at UDS
Here is what I shared a few times during my last UDS: Hugely frustrating to pick a unique color when there are lots of users Throws away old document windows when you reconnect, which I've had to do once or twice a day Can't search for a document by content. I'd also like to see a better or more widely used markup language and data format, suitable for converting to wiki pages, web pages and the like. Neal McBurnett http://neal.mcburnett.org/ On Thu, Mar 24, 2011 at 11:53:45AM -0700, Brad Figg wrote: On 03/24/2011 11:49 AM, Philipp Kern wrote: On Thu, Mar 24, 2011 at 11:09:45AM -0700, Brad Figg wrote: It is my understanding that the current plan is to usd Gobby for session note taking at the next UDS. Please say it isn't so. Elaborate critique. Or rather: Care to elaborate? Did you file bugs? Kind regards Philipp Kern The server crashes constantly. I'm not sure it is the load or something else but it is very frustrating (as you can imaging) to have a room full of people in it, adding notes and having it just go away. I filed no bugs against it. I don't know if anyone else did. Brad -- Brad Figg brad.f...@canonical.com http://www.canonical.com -- ubuntu-devel mailing list ubuntu-devel@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel -- ubuntu-devel mailing list ubuntu-devel@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel
Re: No Cyber Cafe Software for Ubuntu yet...
On Wed, Dec 23, 2009 at 01:12:52PM +, Matthew Paul Thomas wrote: Onkar Shinde wrote on 23/12/09 09:19: On Mon, Dec 21, 2009 at 3:09 AM, omar ar papan_selaj...@yahoo.com wrote: Why not the ubuntu developer develope the cyber cafe software that works with ubuntu server and clients. There is no any cyber cafe software for ubuntu yet. and make it open source perhaps. It will make easier for anybody who wants to open a cyber cafe business. Just saying cyber cafe software doesn't say much. What kind of functionality are you looking for. Perhaps it is already available in different packages. ... A client applet that locks the screen whenever the computer is not in use; shows time elapsed, and charges so far, whenever it is in use; and completely resets the environment when the customer has finished. An editable schedule of charges for amount of time spent on the computer (including things like overnight specials and loyalty programs), and for extras such as printing and CD-Rs. A dashboard showing a geographically-correct map of computers in the cybercafe; whether each one is free, in use, in use but idle, or unresponsive; and for each one in use, how long it has been used and what charges have accrued. The ability to add extra charges to a computer manually, or to reset its time if something went wrong. Integration with the printing system, so that when someone prints something they get charged automatically. As a bonus, the ability to check what's happening on the screen of each computer to ensure that it won't be disturbing other customers. Good list! For what it's worth, I used Linux-based cyber cafe software (workstation and presumably server also) at a cyber cafe near the train station in Bansko Bulgaria in 2005. So there has been some demand/availability :) Neal McBurnett http://neal.mcburnett.org/ -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Apache Maven to be removed from Karmic?
On Thu, Oct 15, 2009 at 11:09:41AM -0400, Alvin Thompson wrote: Currently, the Apache Maven package doesn't work due to the libplexus packages (a Maven dependency) being synced from Debian but not Maven itself. According to the bug reports [1][2], this isn't going to be fixed for Karmic and the Maven package will most likely just be dropped. ... 1. https://bugs.launchpad.net/bugs/427539 2. https://bugs.launchpad.net/bugs/417164 3. https://bugs.launchpad.net/bugs/450554 Thanks for linking to the source of great information on the complex issues here. The bugs in launchpad are where developers generally focus most of their attention, so there is high quality updated linked information there. Note in https://bugs.launchpad.net/bugs/427539 that there is a Maven2 package from Artur reported to work in karmic, deployed now in a personal package archive (ppa): Workaround is install maven2 from ppa: https://launchpad.net/~uninea/+archive/java Please test it and give feedback. And there still seems to possibly be a chance of getting that in karmic if people can test it out and help get it built in a way that works properly within the ubuntu build process. If that doesn't work out, please recognize how hard it is to put together a project like Ubuntu with over 24000 packages, many at the cutting edge, most maintained by loosely-coupled volunteers, on a clockwork schedule that can't possibly match the schedules of all the component upstream development projects. We can always use new testers, developers, and folks to get involved early in a release cycle to look out for issues like this. Thanks, Neal McBurnett http://neal.mcburnett.org/ -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Ubuntu Desktop Unit Consistency (LP: #369525)
On Wed, Jun 10, 2009 at 09:01:48AM +0800, Christopher Chan wrote: Except that this is not 'improvement'. This is about blowing that erroneous three decade or so operating system convention of using SI prefixes for 1024 multiples of bytes out of the water without adding to the confusion that is leading to this move back to standards. That is absolutely not something Ubuntu specific and therefore not an improvement for the Ubuntu 'movement/OS'. Besides, I have already made clear in later posts in this thread that I really do not care what is used so long as it is uniform across all operating systems. If Ubuntu wants to do its thing while other operating systems keep convention, be my guest. You bet that I, for one, will not be installing it anywhere on school campus because the school has more important things to do than preach Ubuntu is right and all other operating systems are wrong which is why you have different numbers for GB on Ubuntu and XP, Solaris and Mac OS X and I will not risk looking like a fool or an Ubuntu/Linux fundamentalist for something the school may or may not care about. People keep ignoring a part of the original issues pointed out here. While for some things (e.g. file sizes) there has been a recent pattern of using the metric units improperly, that is not true when other things on computers are measured, e.g. bandwidth, and is never true for any other units (energy, distance, time, etc). For the prefixes and units to make any sense at all to users, they need to be consistently used. We can't expect people to learn that M means 10^6 for everything except storage on computers. And anyone who does anything with the numbers (like dividing file sizes by bandwidth units) to see how long something will take will get results that are off by larger and larger amounts as we move from kilobytes to terabytes. It is certainly an improvement to make these things make sense. We can argue about how to do it, who to work with, etc, but this confusion finally needs to be cleaned up. Neal McBurnett http://neal.mcburnett.org/ -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Ubuntu Desktop Unit Consistency (LP: #369525)
On Tue, Jun 02, 2009 at 10:59:10AM +0800, Christopher Chan wrote: Neal McBurnett wrote: I agree. More details and discussion are at this ifconfig bug report, which came to the same conclusion: https://bugs.launchpad.net/ubuntu/+source/net-tools/+bug/240073 The interface speed in base10 yes. The number of bytes transferred, NO, because that is and has always been base2. You are barking up the wrong tree with regard to ifconfig's report on RX and TX bytes. Your beloved bit_rate page is only for interface speed. So a 100mbit/s interface can be reported as 12.5MB/s interface (100,000,000bits/8 = 12,500,000bytes) which is still base10 but the amount of bytes transferred has to be base2 because that is how blinking file sizes are calculated. The size of a file has always been base2 and so this nonsense of reporting disk space in base10 will only lead to discrepancies between the amount of space available and how many files you are dump on it. That stupid IEC standard is at complete odds with the way computers operate. I don't want to have to miscalculate just because tools started following stupidity and gave me numbers that were rounded up or down. Take this MB/Mib nonsense and stuff it. As a system administrator, I am having NONE of it. Have you read the actual references we've been providing? Would you mind providing some of your own if you disagree? This is not just the IEC promoting consistent use of the metric system - it is most of the relevant standards bodies. The world doesn't care that some system admins got used to a bad idea when it was in vogue for a short while in the overall history of the metric system. Users buy disks that list decimal multiples on the box, and are pissed when the system reports it as a smaller number. There are more users who want the world to agree on what the prefix M means, than sysadmins who want to redefine the metric system. E.g. http://en.wikipedia.org/wiki/Binary_prefix#Software The binary convention is supported by standardization bodies and technical organizations such as IEEE, CIPM, NIST, and SAE.[4][2][5][58] The new binary prefixes have also been adopted by the European Committee for Electrotechnical Standardization (CENELEC) as the harmonization document HD 60027-2:2003-03.[59] This document will be adopted as a European standard.[60] As described elsewhere on that page, with pictures of labels and reference, files have been described with both properly labeled decimal multiples, and with mislabled binary multiples over time. The insanity must stop, and imagining that people will prefer a system where you transmit at 1 MB/s for one second and end up with . Saying that having 8 bits in a byte affects these arguments makes no sense to me. I bet most users and consumers don't even know how many bits are in a byte, and would see no reason to change what the prefixes mean based on it. Neal McBurnett http://neal.mcburnett.org/ -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Ubuntu Desktop Unit Consistency (LP: #369525)
This discussion is devolving into apples vs oranges, so here is a shot at helping us focus again. Note the subject line talks about the Desktop, not the command-line stuff where POSIX got its start. The original post on this topic was talking about Gnome and glib: https://bugs.launchpad.net/ubuntu/+source/glib2.0/+bug/369525 I doubt that POSIX has anything to say about glib, but perhaps I'm missing something. There I think using standard SI units properly is probably the best approach for desktop users in Gnome. I think we've already seen that many interesting command line apps (which POSIX does address) have a --si option which I'm guessing allows folks to stay POSIX-compliant or get something that meets the SI standard, so that's cool. We've also discussed the fix (already fixed in intrepid) for ifconfig. https://bugs.launchpad.net/ubuntu/+source/net-tools/+bug/240073 and I don't know but I somehow doubt that there is a POSIX issue there, though I guess that some folks might parse the output and get confused. But it seems like the right direction to go. I think it will help in this discussion to be very specific about which tool or application we're talking about. I think POSIX is important, as is clarity and consistency about use of unit prefixes, as is consistency with upstream and other distros. And as we've seen, those can conflict. So I expect it to be an ongoing conversation as we look at each package. If we can use standard SI and/or IEC units without violating POSIX, I think we should. There was also a discussion all this last September on the devel list: Ubuntu Policy: prefixes for multiples of units https://lists.ubuntu.com/archives/ubuntu-devel/2008-September/026567.html and I recall a discussion at UDS-Jaunty https://wiki.ubuntu.com/UDSJaunty about it but the link on that page to the schedule is gone http://summit.ubuntu.com/uds-jaunty/ and I don't see any mention of it in the reports. Scott - can you shed some more light on that? In general the best way to have an effect is to comment in the bug reports, or in the blueprint, both of which help to preserve important context. See also the Gnome bug discussions: storage units standard http://bugzilla.gnome.org/show_bug.cgi?id=309850 g_format_size_for_display() should use correct IEC units http://bugzilla.gnome.org/show_bug.cgi?id=554172 Neal McBurnett http://neal.mcburnett.org/ -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Ubuntu Desktop Unit Consistency (LP: #369525)
On Mon, Jun 01, 2009 at 09:23:25AM +0200, Martin Pitt wrote: Remco [2009-06-01 5:15 +0200]: I have a file here of 701.2 MB, which is 735270912 bytes. Now, if it really *were* 701.2 MB, then it would be 70120 bytes. So that's clearly base 2, which should be MiB. Indeed this is a bug which we should fix. It should say 735.3 MB. While that may be true, the most useful thing about base 10 is that normal humans can actually understand it. We cannot calculate using a binary number system. Base 2 is not useful for anything, except sometimes in programming. I'm still inclined to keep the exception for RAM size, though, since they consistently come in multiples of MiB/GiB. Everything else should use MB/GB, though. I agree. More details and discussion are at this ifconfig bug report, which came to the same conclusion: https://bugs.launchpad.net/ubuntu/+source/net-tools/+bug/240073 Neal McBurnett http://neal.mcburnett.org/ -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Ubuntu 8.10 released but...
On Thu, Oct 30, 2008 at 07:09:32PM -0400, Scott Kitterman wrote: On Thu, 30 Oct 2008 16:50:33 -0400 Martin Owens [EMAIL PROTECTED] wrote: Firefox is a special case. Because of Mozilla Corp's trademark policy Ubuntu cannot ship Firefox and call it Firefox unless Mozilla has approved all the changes in the package. If you have a problem with Firefox, I think you really need to look upstream. Doesn't this tie our hands with regards to serving our users? If mozilla went evil and decided to ignore any bugs not found in the windows version. What would we do? Switch to the unbranded abrowser version that we already ship. We can modify that all we want, but since it's built from the same source as Firefox, it's not particularly feasible to diverge from the branded package while we continue to ship it. Ont he other hand for Mozilla's side, aren't they inviting forks if no one but Mozilla devs can fix problems? We recently had a painfully long discussion on this topic and I don't care for doing it again. Like it or not, their policy is what it is. We can fix problems, we just need permission to ship the fix. Asac and Ubuntu Mozillateam do a good job in a difficult environment. Scott K Scott is right - complicated trademark issues leave us with two options as described above. For those that want to see the discussion, most of it is pointed to in this long bug: https://bugs.launchpad.net/ubuntu/+source/firefox-3.0/+bug/269656 Rehashing it here won't be helpful - take it up directly with the good folks firefox working on firefox, or use a different code base. Neal McBurnett http://neal.mcburnett.org/ -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Firefox newly insists on showing an EULA
On Mon, Sep 15, 2008 at 02:12:52PM +0300, Peteris Krisjanis wrote: IMHO, several ways to handle that: 1) Cave in to Mozilla request (Trademarks are trademarks. They are bitch and their protection are somehow incompatible with free software. But that's life) 2) Provide Iceweasel and rebrand it as Ubuntu Web browser, and provide easy way to install Firefox from universe. Those who will care will install it, OEMs will install it on new boxes by default anyway, and those who care about libre, will stay clean. 3) Ditch Firefox as default browser in Intrepid+1 and go on with Epiphany/Webkit. Still, provide easy way to install FF. One big point is that most users who would like to see Firefox as familiar brand are OEM users anyway - they will get their browser installed by support guys. Also Hardy still get FF 3.0 without EULA (so far), so propably not so much to worry about. Thanks for listing some options. My gut reaction is to do #2 above: reluctantly drop the problematic Firefox brand and go with a brand that doesn't introduce trademark and EULA hassles for our users and redistributors. But first I'd like to actually read the EULA, and I'm surprised no one has posted the text of it (as far as I have found) to this discussion or to the bug. Though the bug is so verbose now that I haven't managed to read all the way thru, I must admit - but I didn't see any attachments. Thanks, Neal McBurnett http://mcburnett.org/neal/ -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: feedback on new wiki theme
On Mon, Sep 08, 2008 at 05:45:42PM -0500, Matthew Nuzum wrote: I disagree - the problem with fixed width is that at some point we have to make assumptions as to the screen size used to access as well as how the reader wants to read the information. I feel that these both should be left to the reader not pre-defined by the writer. snip Sometimes I see a fixed-width page and I just feel like it looks so lonely sitting there in the middle of such wide margins to either side. Especially on a single column site like this one. But when I stop looking at the design of the site and just start using it I like it much better. The narrow column width really pulls you into the site's content. (and seriously, its not that narrow with a content width of 820px and a column width of 875px) I've used this theme for a bit now and browsed many different pages and feel that the it works very nicely on a content-heavy page. I've maximized my browser window (1280x800) to hopefully get a taste of the pain experienced by people who use their browser this way typically and honestly I think that overall its an improvement. It is common to focus on a fixed width design as narrow, but for many users the big issue is that it is fixed. On a wide page it looks narrow, but on a narrow page it is nearly unusable since it is wider than the window, and requires using the horizontal scroll bar to read each line. As others have mentioned, the fact that the user can't control the width of the content is the real issue, and the reason fluid designs are very popular. This is of course famously a problem for folks with narrow screens (e.g. handheld computers). But it is also often a problem for folks with big screens. E.g. I often use the very practical info in a wiki interactively, looking back and forth between a narrow web page on the left and a terminal window on the right, and wanting as much material, and page height, as I can get. A fixed design thwarts that plan. So as earlier posters have said, what is wrong with keeping the fluidity of the current design, letting the user choose how wide to make their browser window, and thus how long their lines of text should be? The rest of the design can match ubuntu.com, where graphics and other design considerations can be an issue, but for a wiki, I think fixed-width is the wrong choice. Neal McBurnett http://mcburnett.org/neal/ -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: feedback on new wiki theme
On Fri, Sep 05, 2008 at 06:07:49PM -0400, Connor Imes wrote: Jordan Mantha wrote: On Fri, Sep 5, 2008 at 1:56 PM, Matthew East [EMAIL PROTECTED] wrote: Recently I've been developing a new theme which is intended to replace the existing themes on the documentation wiki (https://help.ubuntu.com/community). The intention of the theme is to make reading the wiki easier for a user (so the interface should be cleaner) and for an editor (so there is an editbar at the bottom of the screen which follows the window as you scroll). My top priority for editing would be to put save changes next to the comment on the edit, at end of edit box. This would help folks add comments which I find very helpful (and almost mandatory on wikipedia) The most problematic dimension on my screen is vertical. The floating footer takes yet more vertical space away from the viewing and edit window, and that makes it much harder to have enough context when I read or edit. So I'd leave those at the top, or put them at the bottom of the whole page if you prefer. It would also help to tighten up or move the help examples in the edit window. When I preview an edit, I hate scrolling past the edit window to get to the preview. I find that my name at the bottom overlaps text while editing. More comments below This is a very nice theme and looks more professional and usable to me. My only complaint is that it's rather narrow on all my computers (widescreen laptop and LCD displays). It looks like we're losing an awful lot of screen real estate. Is it possible to make it a fluid rather than fixed width theme? http://www.ubuntu.com has the same issue. It ends up looking rather cramped on all my computers and more like a blog site (perhaps because of the ubiquity of some of Wordpresses past default themes :-) ). I agree with the desire to have a fluid view. When I want a narrow one I'll make my window narrow. I know there are different preferences on that, but that is my preference, both for this wiki and for ubuntu.com. But I don't see why we would need to preserve the lack of fluidity of ubuntu.com - we could keep the same branding and just change the fluidity. I figure a wiki has a different mission and much simpler layout than more complicated custom professional ubuntu.com pages. I like the new theme as well, and agree that the page should not be statically sized. If we want to implement the static size somewhere, it may be more appropriate for the official docs, not the community documentation (then it's more like reading a book or a manual). Right. -I also noticed that the Tabs in the upper right are gone, so it feels a bit empty on that part of the page. Will these be re-added? Right. It seems to me that the tabs are pretty important. -I think the Page History link at the end of a page should be in the non-moving footer. I use page history more than edit or subscribe, so I'd like it there also. -The copyright part of the footer seems a little awkward. I think we can condense it so that there isn't whitespace between the two lines. Yes - tighter would be my preference. Beyond that - I definitely appreciate attention to updating the theme. I like the smaller text. Thanks! Neal McBurnett http://mcburnett.org/neal/ Ideas for improvement aside, I really like this theme - it doesn't really take any getting used to (which is good), and looks much more clean and professional than the older theme. I really hope we can have this ready in advance of Intrepid. Thanks for making this happen! -Connor -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Disappointed with Ubuntu Server, could be used by such a wider audience
On Wed, Jul 30, 2008 at 06:14:06PM -0700, Anthony Watters wrote: The Ubuntu server should come in two offerings; i.e. the unfriendly existing Ubuntu server, and, more importantly to the masses, a friendly pre-configured Ubuntu server that uses SME Server (http://smeserver.com) and ClarkConnect (http://clarkconnect.com) as a starting point only not crippled, and much better. Thanks for the input. Note that's the wrong URL for the CentOS-based SME Server, aka E-smith. See http://www.smeserver.org/ http://en.wikipedia.org/wiki/SME_Server http://distrowatch.com/table.php?distribution=smeserver Many of us agree that a really friendly Ubuntu offering for the home or small business server market is a high priority, and we've been tossing around ideas for some time now. What we really need is more testers and contributors to eBox, and some more upgraded specs along the lines of https://wiki.ubuntu.com/UbuntuEasyBusinessServer https://wiki.ubuntu.com/EboxSpec Please join the Server Team and get involved! https://wiki.ubuntu.com/ServerTeam Cheers, Neal McBurnett http://mcburnett.org/neal/ It is only a matter of time before people start running servers from home (check out Windows Home Server and no doubt Apple will have something up its sleeves before very long too). Ubuntu server should be leading the way and definitely before Microsoft cooks up its next bit of mischief. The last thing people want is to have to mess around down in the bowels to configure the thing (should be easy). The server section of the 2007 The Official Ubuntu Book is way too vague too and designed to scare people from using the server. Preconfigure the thing, give it a GUI web admin, make it easy for someone to set up a Web server/Webmail/File server either in server only mode or server and gateway mode. All I should need to set up is a couple of users, provide the IP address and say whether I want RAID and maybe how I want the partitions configured (but with suggested recommendations along the way at every step). I have my own registered domain currently hosted with an ISP. I want to move it into my home. How to do it? That's where the focus should be. There are many, many thousands like me. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Need to upgrade apache2 and php5 for security reasons
On Wed, Jul 02, 2008 at 04:06:00PM -0400, Scott Kitterman wrote: On Wednesday 02 July 2008 15:10, Daniel Hahler wrote: Christian Desrochers wrote: Our web servers have been checked recently by an external security firm. We have been told that our web servers need to be upgraded to the latest version in order to fix some security issues. The changelog for PHP 5.2.6 lists: * Fixed possible stack buffer overflow in the FastCGI SAPI identified by Andrei Nigmatulin. * Fixed integer overflow in printf() identified by Maksymilian Aciemowicz. * Fixed security issue detailed in CVE-2008-0599 identified by Ryan Permeh. * Fixed a safe_mode bypass in cURL identified by Maksymilian Arciemowicz. * Properly address incomplete multibyte chars inside escapeshellcmd() identified by Stefan Esser. * Upgraded bundled PCRE to version 7.6 ..and there hasn't been any upload to *-security for this (AFAICS). Previously I was using PHP from CVS (branch PHP_5_2) and updated that from time to time, following the CVS commits. On a new server I'm using the official packages, but have backported the package from Debian unstable (and/or Intrepid) to include all the fixes. I think it would make a lot of sense to request a backport for PHP (for Dapper, Gutsy and Hardy; see https://help.ubuntu.com/community/UbuntuBackports). Still, it looks like a security update would be required, too. Daniel, It would be nice if you could file some bugs and provide some patches ... Hmm - this is all discussed in 227464: https://bugs.edge.launchpad.net/ubuntu/+source/php5/+bug/227464 Fixed in Intrepid, and progress is being made on good patches for a security update. A debdiff is available: https://bugs.edge.launchpad.net/ubuntu/+source/php5/+bug/227464/comments/15 and a ppa version for Hardy in https://edge.launchpad.net/~tormodvolden/+archive Which all goes to show that searching the bug database first, or early on in the conversation, would avoid a lot of messages Neal McBurnett http://mcburnett.org/neal/ -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Reusing old specs
On Mon, May 12, 2008 at 11:51:16AM -0700, Bryce Harrington wrote: On Sun, May 04, 2008 at 11:59:30PM +0200, Przemys??aw Kulczycki wrote: Hi! I have a suggestion for development of Intrepid Ibex. The Ubuntu's blueprints page currently lists over 2000 specs. https://blueprints.launchpad.net/ubuntu Some of them are implemented, but not marked as such. Some of them have been deferred, but are not marked as such. Some of them became obsolete. And finally some of them might be good for Ubuntu 8.10, at least after some cleanups. Maybe a separate spec should be created to cleanup old specs? Good but old ideas shouldn't be forgotten nor stopped in the middle. It does seem some cleanup could be beneficial. In going through the blueprints looking for Xorg-related ones, I've assembled a list of ones that look like Duplicate/Obsolete ones here: http://wiki.ubuntu.com/X/Blueprints Hopefully now that we have brainstorm.ubuntu.com, that will serve as a better forum for raw ideas, and blueprints will become used less for that and more for detailed proposals. Yes - it is very hard to see which blueprints are still in play. It is also hard to find what other people are preparing to discuss. A week away, and no specs have been approved yet: https://blueprints.edge.launchpad.net/sprints/uds-intrepid Another thing that would help a lot is if launchpad could let us see which blueprints have been _proposed_ for a sprint: https://bugs.edge.launchpad.net/blueprint/+bug/111610 which is a dup of https://bugs.edge.launchpad.net/blueprint/+bug/66093 so we'd know we didn't have to duplicate work that has already been done, or we could prepare and discuss things more easily before the meeting. Neal McBurnett http://mcburnett.org/neal/ -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: firefox and bad ssl certificates
On Thu, May 08, 2008 at 12:45:46AM +0200, Martin Pitt wrote: Peio Ziarsolo [2008-05-07 13:03 +0200]: But for power user that know the significance of a bad certificate it's annoniying add exceptions (this morning I have to add 3 esceptions). This doesn't have anything to do with power users/n00bs. An invalid SSL certificate isn't any better or worse depending on the type of user. If a site sets up SSL with an invalid certificate, then this buys the user nothing but a false sense of security. The proper approach to this IMHO is to make adding exceptions in all web browsers (especially IE) as hard and explicit as in Firefox 3. This would perhaps force site admins to get a grip and stop ignoring broken SSL certs, once they get a flood of complaints. Is there any key to toogle off this new feature? I *so much* hope that there isn't. People should really start to understand that this is a SERIOUS error and shouldn't at all be considered 'normal'. Invalid certs are one thing. But doesn't this also affect self-signed certs? Self-signed certs are appropriate for many use cases in which the goal is primarily encryption (e.g. to protect data flowing back from the server to the user), rather than e.g. protecting bank accounts by authenticating the server to the user. E.g. connecting to a local ebox management port, or a small community wiki. In many low-security situations, this change pushes server operators into buying pricey certs from certificate vendors who often offer little or no meaningful vetting and accept zero liability. This stuff is complicated, involves politics, and can't be painted with such a broad brush. Education is a big part of it, like with most security-related issues. The current warnings are confusing, and are being improved. Let's try to see to it that they communicate as well as possible. Otherwise too many grass-roots sites will just go back to asking folks to enter passwords over unencrypted connections, or users will get used to bypassing yet another set of dialogs and phishing will continue scarcely abated. E.g. how hard is it for folks to buy in to their own web of trust and get e.g. all CACert certs accepted? http://cacert.org Neal McBurnett http://mcburnett.org/neal/ signature.asc Description: Digital signature -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Developemnt and use - Training manual
On Fri, Apr 25, 2008 at 11:53:24AM +0300, Billy Cina wrote: Hi All, The purpose of the license is to prevent the material being used for profit-seeking purposes. If you (or anyone else) is from a not-for-profit institution or running community classes etc., then this material is 100% intended for that. Charging students minimal fees to cover expenses is also ok. Thank you for the training manual :-) The share and share alike part of the license is the most important in my view, and it is similar to the GPL license that is popular in Ubuntu. I think the non-commercial part is more complicated than most people think, and makes it less useful to both commercial and non-commercial use. I'm currently self-employed and not contemplating any commercial use of this, but I have worked for big corporations, and have experienced (and contributed to) the growth of free software driven by for-profit corporations. (And I have seen not-for-profit corporations act in ways that are not at all community-spirited - e.g. huge hospitals that pay their CEOs outrageous salaries.) E.g. I would love to see big enterprise users using this for training their people, even though it would be for-profit. And I would love for them to base their products on Ubuntu (e.g. a point-of-sale product) and use this to train their customers in how to use Ubuntu, even though they would charge for that training. The point is they would still have to share modifications, and we would all benefit - both the training community, and the whole Ubuntu user and developer community - because it would be essentially a win-win-win. Neal McBurnett http://mcburnett.org/neal/ Hope this clears any misunderstanding. Best regards Billy Cina Training Programmes Manager Colin Watson wrote: On Fri, Apr 18, 2008 at 02:53:12PM -0700, George Farris wrote: https://wiki.ubuntu.com/Training This site has an Instructor and Student training manual for Ubuntu. The license says share and add to but not for commercial use. Why ion earth would you not allow Educational Institutions to use this material in classes. I find this very strange. Possibly the license could be tweaked to at least allow training people with this material. If anyone has any information about this I would be very interested. I've CCed Billy and Torsten, who would be the appropriate people to reply to this. Cheers, -- Billy Cina Training Programmes Manager Dir: +44 207 630 2454 Mob: +44 780 938 9862 [EMAIL PROTECTED] www.ubuntu.com -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Developemnt and use - Training manual
On Fri, Apr 25, 2008 at 08:15:32AM -0600, Neal McBurnett wrote: I think the non-commercial part is more complicated than most people think, and makes it less useful to both commercial and non-commercial use. I've looked some more and here are some specifics. The definition of non-commercial use is complicated enough that MIT and Creative Commons have put forward quite different interpretations of the same license - is it about the user or the use? See: Creative Commons vs MIT OCW: Interpreting the Noncommercial Clause David Wiley http://opencontent.org/blog/archives/307 Note that Creative Commons is still in flux about this - see also the other complexities at: http://wiki.creativecommons.org/DiscussionDraftNonCommercial_Guidelines In early 2008 we will be re-engaging that discussion and will be undertaking a serious study of the NonCommercial term which will result in changes to our licenses and/or explanations around them. What particular commercial uses are the authors of the Training Manual concerned about? Is it licensed under other terms for some users? And thanks again - it is very nicely done! Neal McBurnett http://mcburnett.org/neal/ -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: libc borked
On Thu, Mar 13, 2008 at 01:43:41PM +0100, Daniel Holbach wrote: https://launchpad.net/bugs/201673 has information about what happened and how to fix it. Semi-official workaround instructions will be added there too. Have a nice day, Daniel YAY Daniel - here's a hug for finally adding some *helpful* content to this discussion. A bug reference - just what Todd so nicely asked for!! And thanks to all the developers who got us this far, and who make things happen, and who try to learn from the past. Yeah, we're all human. Neal McBurnett http://mcburnett.org/neal/ -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Securely downloading Ubuntu
On Mon, Jan 28, 2008 at 04:58:00PM +, John Carr wrote: If the MD5SUMS files are purely for validating downloads[3], could the completely useless/misleading GPG files be dropped? They are far from useless - they are the only way to validate the hash information based on trust roots that are (or should be) on your system already. Neal McBurnett http://mcburnett.org/neal/ /Lamby Forgive me if i'm missing the obvious. Why should any of the keys in [1] be in my system already? The ftpmaster key might be there if i'm starting with Ubuntu, but i doubt it would on a fresh gentoo system for example.. How would I go about trusting any of these keys? If I can't, then what is the value of keeping the .gpg, other than to lead me into a (potentially) false sense of security? Sorry, good point - only Ubuntu users could be expected to have the keys already installed. But even if it were only used for that case, it would be very valuable for upgrades etc. In general, the PGP web of trust along with various tools allows people (and programs) to gain trust in the keys used to sign the file. But that topic is best discussed elsewhere. http://en.wikipedia.org/wiki/Web_of_trust John [1] http://preview.tinyurl.com/2llzqr -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Securely downloading Ubuntu
On Mon, Jan 28, 2008 at 04:44:05PM +0200, Lars Wirzenius wrote: On ti, 2008-01-22 at 19:32 +, Chris Lamb wrote: However, the MD5 digest algorithm is utterly broken How broken is it? Can one reasonably expect that a well-provisioned attacker can create an MD5SUMS file that has the wrong content but still matches the GnuPG signature? The current state of the art allows people to easily create two files with the same MD5 (a hash collision). But no one has claimed to be able to create a file that matches the MD5 of a file that someone else created (a preimage attack): http://en.wikipedia.org/wiki/MD5 http://en.wikipedia.org/wiki/Preimage_attack To take advantage of the existing vulnerability (hash collision), the attacker would have to be also be able to modify the ISO that is published on the Ubuntu sites. If they can do that, we have more important things to worry about. I think the main risk for Ubuntu would be the latter kind of attack, if it is ever developed. Cryptographers are nervous about not only MD5, but also all the functions in the same class, which includes SHA-1 and SHA-256. The latter ones use more bits and thus have more life in them than MD5, but the field is in a lot of turmoil. (I'm all in favor of moving to SHA256 or whatever is considered best practice these days. I've just not heard that MD5 is really as broken as I think Chris suggests here.) One easy thing to do is to also publish sha256 sums of the CD images, so if MD5 preimage attacks are developed, that would help. I think we should do that now, and consider a hash function in a different class also (whirlpool?). Shipping more hash functions in the base install would help a lot in a crisis, so users have what they need to validate software updates. I guess coreutils has the md5 and sha families well covered, but again, something different like whirlpool could help a lot some day. There is at least one LGPL library which provides a uniform interface to a large number of hash algorithms: mhash (http://mhash.sourceforge.net/). And there is a python interface to it, but I don't see a package for it. On Tue, Jan 22, 2008 at 07:32:32PM +, Chris Lamb wrote: Is it actually possible to securely download Ubuntu? A typical mirror contains an MD5SUMS and an associated MD5SUMS.gpg [0]. However, the MD5 digest algorithm is utterly broken and the key is signed by just a handful of people anyway[1], only two of which I (visually) recognise as having anything to do with the Ubuntu project. Remember, anyone can sign a key on a public keyring, so most of those sigs are probably from volunteers. But all the user needs is a trust path from their trusted keys to the key in question, and since it is signed by Ubuntu Archive Master Signing Key [EMAIL PROTECTED] users should be able to have that. But the warning on the https://help.ubuntu.com/community/VerifyIsoHowto page is an issue: WARNING: This key is not certified with a trusted signature! That ftpmaster key is already on installed systems, right? I would think we could preinstall system keyrings and give instructions that would be based on that. Do we not ship the [EMAIL PROTECTED] key? If the MD5SUMS files are purely for validating downloads[3], could the completely useless/misleading GPG files be dropped? They are far from useless - they are the only way to validate the hash information based on trust roots that are (or should be) on your system already. Neal McBurnett http://mcburnett.org/neal/ /Lamby [0] http://cdimage.ubuntu.com/releases/7.10/release/ [1] http://preview.tinyurl.com/2llzqr [2] https://help.ubuntu.com/community/VerifyIsoHowto -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Securely downloading Ubuntu
On Mon, Jan 28, 2008 at 05:20:52PM +, Matt Zimmerman wrote: On Mon, Jan 28, 2008 at 09:28:48AM -0700, Neal McBurnett wrote: (I'm all in favor of moving to SHA256 or whatever is considered best practice these days. I've just not heard that MD5 is really as broken as I think Chris suggests here.) One easy thing to do is to also publish sha256 sums of the CD images, so if MD5 preimage attacks are developed, that would help. I think we should do that now, and consider a hash function in a different class also (whirlpool?). Shipping more hash functions in the base install would help a lot in a crisis, so users have what they need to validate software updates. I guess coreutils has the md5 and sha families well covered, but again, something different like whirlpool could help a lot some day. Perhaps we should publish detached signatures for each ISO rather than signing MD5SUMS? From what I've heard, the main principle for dealing with hash issues is algorithm agility - i.e. making it easy for folks to use multiple algorithms. Publishing detached signatures is a way to make the user interface easier (perhaps) for folks that want to validate the gpg signature. But I would think many (especially those without a good way to trust the gpg key, as noted previously) would want to just be able to validate hashes. I would still argue for the use of multiple hash algorithms, and I guess for gpg that means multiple detached signatures, one per hash algorithm. And some are not supported by all versions of gpg I'd suggest we publish a CHECKSUMS file with a good assortment of hashes in text format, and also sign that. Neal McBurnett http://mcburnett.org/neal/ -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Kerberos? Does anyone have this running?
On Thu, Jan 10, 2008 at 03:02:28PM -0700, Kevin Fries wrote: https://bugs.edge.launchpad.net/ubuntu/+source/krb5/+bug/159357 Yep, saw that, and followed that thread. But I like many others have dnsdomainname working correctly, and it is still not working. ... Others in the forums report the same failure despite dnsdomainname returning correctly. Yet, there were no responses. That is why I decided to ask the developers. Thinking it may be in the process of being EOL'd or something. Well of course kerberos is part of AD also, so I don't think there is much risk of it being EOL'd. But finding an easier way to configure it all is a high priority. Again, I think that posting those results, config files, etc to the relevant launchpad bug report(s) is the best way to get developer assistance. Or the IRC links I gave before. Good luck! -Neal -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: What is 'administrivia'?
On Sun, Dec 30, 2007 at 09:42:35AM -0500, Evan wrote: I just sent an email to this list, and a few seconds later found out it had been put on hold pending review because: Message may contain administrivia What??? Often people who don't understand mailing lists send requests like subscribe or help to the entire list, rather than to the administrative address assocaited with the list. So the software tries to filter that administrivia out so it doesn't spam the other subscribers. My guess would be to look for command-words like that, rephrase them and try again. Neal McBurnett http://mcburnett.org/neal/ -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Appropriateness of posts to this list (Was Re: evince crash)
of helping. Treating each other with respect is one of the most important. And figuring out creative new ways to contribute is another. My own suggestions for contributors, both developers and non-developers, is in a talk I did last month for the Boulder Linux Users Group: http://mcburnett.org/neal/talks/contribute_to_ubuntu.html Cheers, Neal McBurnett http://mcburnett.org/neal/ -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: regular fsck runs are too disturbing
On Tue, Dec 04, 2007 at 08:40:25AM -0600, HggdH wrote: I am guessing what we would need here is a reanalysis of how the checks are done, and what could be changed to minimise the impact of such checks. I would expect changes in the filesystems also. You're right - a deeper analysis is needed. And this issue has at least one official blueprint: https://blueprints.edge.launchpad.net/ubuntu/+spec/prompt-for-fsck-on-shutdown https://wiki.ubuntu.com/AutoFsckspec You can try AutoFsck: https://wiki.ubuntu.com/AutoFsck Neal McBurnett http://mcburnett.org/neal/ signature.asc Description: Digital signature -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Our best foot forward
On Sun, Nov 25, 2007 at 01:46:03AM +, (``-_-´´) -- Fernando wrote: On Monday 19 November 2007 12:41:35 Sebastian Heinlein wrote: Am Sonntag, den 18.11.2007, 08:34 -0500 schrieb Patrick: I see it now. I never noticed it there. Is there any reason it cannot also be placed under the right click too?-Patrick I don't think that this is a very often needed feature. We want to keep the menu short. Still, I would vote to have it on the right click menu. I never saw it before, on the package menu. On a not so related topic, Download Changelog should have a keyboard shortcut I agree that having configure and download changelog available via the right-click menu would help people, and help folks that do support. The alternative is people not noticing these standard ways of getting information and doing configuration The Ubuntu/Debian Way. But I think these are just the sorts of things we want more and more users to be aware of. Now, instead, people suffer with systems that don't work the way they want, or hack configuration files by hand in ways that are harder to upgrade. Neal McBurnett http://mcburnett.org/neal/ signature.asc Description: Digital signature -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
