Fedora Linux Needs Your Help to Port Several Python Packages to Python 3

Today, Fedora Project has informed us through Miro Hrončok that they need the community’s help to port certain applications written in the Python dynamic programming language to Python 3.

It’s a known fact that Python 3 is currently being adopted by more and more GNU/Linux operating systems, as the world always tries to move forward and implement the newest of technologies. Additionally, support for Python 2 slowly starts to fade on some of the most popular OSes.

Miro Hrončok is a Fedora ambassador and packager working at Red Hat, focusing on the Python stack and 3D printing for the Fedora Linux operating system. Today, July 15, 2016, he has informed us that his team needs volunteers to help with the Python 3 porting of various packages from the Fedora Python 3 Porting Database.

“Fedora is always moving forward and that means switching to Python 3…. (read more)

Canonical Patches Security Issue on Ubuntu Forums, Passwords Weren’t Compromised

It would appear that, on the day of July 14, 2016, the Ubuntu Forums were compromised by someone who managed to get past the security measures implemented by Canonical and access the forum’s database.

Canonical was immediately notified of the fact that someone claimed to have a copy of the Ubuntu Forums database. After some investigation, it appears that the forum’s database was indeed attacked at 20:33 UTC on July 14, 2016, by someone who injected certain formatted SQL to the database servers on the Ubuntu Forums.

“Deeper investigation revealed that there was a known SQL injection vulnerability in the Forumrunner add-on in the Forums which had not yet been patched,” said Jane Silber, Canonical CEO. “This gave them the ability to read from any table but we believe they only ever read from the ‘user’ table.”

Canonical reports that … (read more)

Notice of security breach on Ubuntu Forums





There has been a security breach on the Ubuntu Forums site. We take information security and user privacy very seriously, follow a strict set of security practices and this incident has triggered a thorough investigation. Corrective action has been taken, and full service of the Forums has been restored.  In the interest of transparency, we’d like to share the details of the breach and what steps have been taken.  We apologise for the breach and ensuing inconvenience.

What happened

At 20:33 UTC on 14th July 2016, Canonical’s IS team were notified by a member of the Ubuntu Forums Council that someone was claiming to have a copy of the Forums database.

After some initial investigation, we were able to confirm there had been an exposure of data and shut down the Forums as a precautionary measure.  Deeper investigation revealed that there was a known SQL injection vulnerability in the Forumrunner add-on in the Forums which had not yet been patched.

What the attacker could access

The attacker had the ability to inject certain formatted SQL to the Forums database on the Forums database servers. This gave them the ability to read from any table but we believe they only ever read from the ‘user’ table.

They used this access to download portions of the ‘user’ table which contained usernames, email addresses and IPs for 2 million users. No active passwords were accessed; the passwords stored in this table were random strings as the Ubuntu Forums rely on Ubuntu Single Sign On for logins. The attacker did download these random strings (which were hashed and salted).

What the attacker could not access

We know the attacker was NOT able to gain access to any Ubuntu code repository or update mechanism.





We know the attacker was NOT able to gain access to valid user passwords.

We believe the attacker was NOT able to escalate past remote SQL read access to the Forums database on the Forums database servers.

We believe the attacker was NOT able to gain remote SQL write access to the Forums database.

We believe the attacker was NOT able to gain shell access on any of the Forums app or database servers.

We believe the attacker did NOT gain any access at all to the Forums front end servers.

We believe the attacker was NOT able to gain any access to any other Canonical or Ubuntu services.

What we’ve done

Cleanup

  • We backed up the servers running vBulletin, and then wiped them clean and rebuilt them from the ground up.
  • We brought vBulletin up to the latest patch level.
  • We reset all system and database passwords.

Hardening

  • We’ve installed ModSecurity, a Web Application Firewall, to help prevent similar attacks in the future.
  • We’ve improved our monitoring of vBulletin to ensure that security patches are applied promptly.

Keep your desktop awake with the Caffeine shell extension

The Fedora Workstation has a number of features in the GNOME desktop environment to conserve power and increase security. These are both important considerations for desktop and laptop users. One of these features is the automatic screensaver lock function. By default, if idle for 5 minutes, the screen locks. This causes two things to happen:

  • The display goes into a low power mode. This works for both desktops and laptops, causing most screens to power down.
  • The screen saver and lock dialog covers the active user session. To unlock the session, you must input your password.

These are useful functions in many situations. For example, you might walk away from your computer without locking it yourself. Or you might take your attention away from your laptop for a while even if it’s near you, causing it to use up more battery power. Having a screensaver in these cases is helpful.

But sometimes you might want your screen to stay on even when the computer is idle. GNOME has a built-in detector for turning off the screensaver when you make an app full-screen. Chances are you’re doing that for something like playing videos, when you don’t want the screen to lock.

But what if you’re not running a full-screen app? For instance, you might run several long-term apps in a demonstration. Or you might give a presentation and not touch the keyboard or mouse for long periods. In these cases you don’t want the screen to lock.

There’s a handy GNOME Shell extension for this purpose, called Caffeine. The Caffeine extension allows you to toggle the use of the screensaver, so you don’t need to worry about your display locking.

To install it using the Firefox browser, visit the GNOME extension site and install. You’ll see a small coffee cup icon appear in the top bar to show the extension status.

Caffeine icon in the top bar status area

Using Caffeine is easy. Click the icon to disable the auto-suspend and screensaver function in GNOME. You’ll see the coffee cup full of steaming hot caffeinated beverage, meaning it’s on.

Caffeine extension enabled

To turn off the extension, and re-enable the GNOME functions, click it again.

Development: GNOME 3.21.4 unstable tarballs due (responsible: mcatanzaro)

Hello all,

Tarballs are due on 2016-07-18 before 23:59 UTC for the GNOME 3.21.4
unstable release, which will be delivered on Wednesday. Modules which
were proposed for inclusion should try to follow the unstable schedule
so everyone can test them.  Please make sure that your tarballs will
be uploaded before Monday 23:59 UTC: tarballs uploaded later than that
will probably be too late to get in 3.21.4. If you are not able to
make a tarball before this deadline or if you think you'll be late,
please send a mail to the release team and we'll find someone to roll
the tarball for you!


For more information about 3.21, the full schedule, the official
module lists and the proposed module lists, please see our colorful 3.21
page:
   http://www.gnome.org/start/unstable

For a quick overview of the GNOME schedule, please see:
   https://wiki.gnome.org/Schedule

Thanks,

Behind the Scenes: The Arc | New T-Shirts

Get a taste of the maritime magnificence coming your way from 25th July.

Canonical Patches Linux Kernel Vulnerability in All Supported Ubuntu OSes

Today, July 14, 2016, Canonical has published multiple security notices to inform users of the Ubuntu 16.04 LTS (Xenial Xerus), Ubuntu 14.04 LTS (Trusty Tahr), and Ubuntu 15.10 (Wily Werewolf) operating systems about the availability of a new kernel update.

According to Canonical, a vulnerability was discovered recently in the memory manager of the Linux kernel packages of the aforementioned Ubuntu OSes that could be used by a local attacker to crash the system using a Denial of Service (DoS) attack. The security flaw was unveiled by Jan Stancek.

“Jan Stancek discovered that the Linux kernel’s memory manager did not properly handle moving pages mapped by the asynchronous I/O (AIO) ring buffer to the other nodes. A local attacker could use this to cause a denial of service (system crash),” reads one of the security notices published today by Canonical.

The kernel vulnerability has been fully documented at read more)

Watch: Security Researchers Use Ubuntu Linux to Hack ROS-Powered Surgical Robots

Today we’re continuing our “Watch” series of articles with a new one, where you’ll be able to see a group of security researchers attempting to hack a surgical robot, courtesy of Motherboard.

There’s nothing out of the ordinary in that, but it appears that they are using a computer with the popular Ubuntu Linux operating system to do part of their job, which is to make sure that these type of machines can’t be easily hacked, especially when they are used to operate on patients remotely.

“In the future, your surgeon could be a machine. Teleoperated surgical robots can be controlled from a distance to operate on patients in hard-to-reach places. But as information travels between a human on one side of the world and a robot on the other, it’s vulnerable to attack,” reads the description of the video.

What you’ll see below is the debut of a new series of videos created by the well-known Motherboard technology website, e… (read more)

Latest Steam Beta Client Adds More Goodies to Steam Controller, Linux Chat Fix

Today, July 14, Valve has released a new Beta version of its desktop Steam Client for all supported platforms, including GNU/Linux, Mac OS X, and Microsoft Windows.

The most important changes have been implemented, as usual, in the Steam Controller support. Therefore, users are now getting a “Set Cursor Position” binding controller action that lets them set a random X/Y position to be moved to a button press, but it’s more versatile than this.

“This allows an arbitrary X/Y position to be moved to on a button press and optionally warp back to the original position on release. When combined with a click via either multi-binding or an additional activator, allows for on-screen UI to be bound to buttons even if they have no hotkey,” reads today’s announcement.

Additionally, Valve has also implemented multi-bound to a single button for Multiple Set Cursor Position inp… (read more)

SlackEX Is Based on Slackware 14.2, Ships with Linux Kernel 4.6.4 & KDE 4.14.21

Today, July 14, 2016, Arne Exton informs us about the availability of a new build of his SlackEX Live Linux operating system, which has been rebased on the latest Slackware release.

Based on Slackware 14.2, powered by the latest and most advanced Linux 4.6.4 kernel with support for the latest hardware devices, and using the KDE Development Platform 4.14.21 that shipped with the KDE Applications 16.04.2 software suite, SlackEX Build 160711 is a 64-bit (x86_64) OS that brings support for installation on USB flash drives.

The announcement comes one day after Arne Exton informed us about the availability of a custom 64-bit kernel based on the Linux 4.6.4 kernel for various Slackware-based operating … (read more)

Facebook’s OpenCellular Offers DIY Wireless Access for Remote Regions


Facebook last week introduced OpenCellular, an inexpensive, open source wireless access platform. Telecom operators, entrepreneurs, OEMs and researchers will be able to build, implement, deploy and operate wireless infrastructures to serve people living in remote areas.
The platform is available in various options, ranging from a network in a box to an access point. It supports all existing wireless systems, Facebook said. However, it “contains no reference to bands used, as far as I could tell,” noted Strategy Analytics’ Chris Taylor.

Ubuntu GNOME 16.04.1 LTS to Drop Broken GNOME Maps App from Default Install

Ubuntu GNOME maintainer Jeremy Bicha informs the community today, July 14, 2016, about the fact that the popular GNOME Maps application from the GNOME Stack has recently lost its free map tile service, MapQuest, which disabled access to its feed.

Of course, this automatically translates to the fact that, as of July 12, 2016, GNOME Maps is no longer a functional application, and it appears that it might take weeks or even months for the GNOME development team responsible for the maintenance of the app to find a new free service for displaying the maps.

As a consequence, the Ubuntu GNOME devs are currently discussing the possibility of dropping GNOME Maps from the default installation medium starting with the upcoming point release for the Xenial Xerus series, Ubuntu GNOME 16.04.1 LTS, which is expected to hit the streets on July 21, 2016.

“I spoke briefly with Tim Lunn (darkxst) and we’… (read more)

bc: Command line calculator

If you run a graphical desktop environment, you probably point and click your way to a calculator when you need one. The Fedora Workstation, for example, includes the Calculator tool. It features several different operating modes that allow you to do, for example, complex math or financial calculations. But did you know the command line also offers a similar calculator called bc?

The bc utility gives you everything you expect from a scientific, financial, or even simple calculator. What’s more, it can be scripted from the command line if needed. This allows you to use it in shell scripts, in case you need to do more complex math.

Because bc is used by some other system software, like CUPS printing services, it’s probably installed on your Fedora system already. You can check with this command:

dnf list installed bc

If you don’t see it for some reason, you can install the package with this command:

sudo dnf install bc

Doing simple math with bc

One way to use bc is to enter the calculator’s own shell. There you can run many calculations in a row. When you enter, the first thing that appears is a notice about the program:

$ bc
bc 1.06.95
Copyright 1991-1994, 1997, 1998, 2000, 2004, 2006 Free Software Foundation, Inc.
This is free software with ABSOLUTELY NO WARRANTY.
For details type `warranty'.

Now you can type in calculations or commands, one per line:

1+1

The calculator helpfully answers:

2

You can perform other commands here. You can use addition (+), subtraction (-), multipliction (*), division (/), parentheses, exponents (^), and so forth. Note that the calculator respects all expected conventions such as order of operations. Try these examples:

(4+7)*2
4+7*2

To exit, send the “end of input” signal with the key combination Ctrl+D.

Another way is to use the echo command to send calculations or commands. Here’s the calculator equivalent of “Hello, world,” using the shell’s pipe function (|) to send output from echo into bc:

echo '1+1' | bc

You can send more than one calculation using the shell pipe, with a semicolon to separate entries. The results are returned on separate lines.

echo '1+1; 2+2' | bc

Scale

The bc calculator uses the concept of scale, or the number of digits after a decimal point, in some calculations. The default scale is 0. Division operations always use the scale setting. So if you don’t set scale, you may get unexpected answers:

echo '3/2' | bc
echo 'scale=3; 3/2' | bc

Multiplication uses a more complex decision for scale:

echo '3*2' | bc
echo '3*2.0' | bc

Meanwhile, addition and subtraction are more as expected:

echo '7-4.15' | bc

Other base number systems

Another useful function is the ability to use number systems other than base-10 (decimal). For instance, you can easily do hexadecimal or binary math. Use the ibase and obase commands to set input and output base systems between base-2 and base-16. Remember that once you use ibase, any number you enter is expected to be in the new declared base.

To do hexadecimal to decimal conversions or math, you can use a command like this. Note the hexadecimal digits above 9 must be in uppercase (A-F):

echo 'ibase=16; A42F' | bc
echo 'ibase=16; 5F72+C39B' | bc

To get results in hexadecimal, set the obase as well:

echo 'obase=16; ibase=16; 5F72+C39B' | bc

Here’s a trick, though. If you’re doing these calculations in the shell, how do you switch back to input in base-10? The answer is to use ibase, but you must set it to the equivalent of decimal number 10 in the current input base. For instance, if ibase was set to hexadecimal, enter:

ibase=A

Once you do this, all input numbers are now decimal again, so you can enter obase=10 to reset the output base system.

Conclusion

This is only the beginning of what bc can do. It also allows you to define functions, variables, and loops for complex calculations and programs. You can save these programs as text files on your system to run whenever you need. You can find numerous resources on the web that offer examples and additional function libraries. Happy calculating!

You Can Now Upgrade from Linux Mint 17.3 Cinnamon and MATE to Linux Mint 18

Linux Mint 18 “Sarah” computer operating system arrived two weeks ago, on June 30, with the usual Cinnamon and MATE editions, but an upgrade patch was not available for users running Linux Mint 17.3 “Rosa.”

Today, July 14, 2016, Linux Mint project leader Clement Lefebvre informs the community that the upgrade path from Linux Mint 17.3 “Rosa” to Linux Mint 18 “Sarah” is now open. They can thus start upgrading their operating systems as we speak, following the instructions provided below.

“If you’ve been waiting for this I’d like to thank you for your patience. It is now possible to upgrade the Cinnamon and MATE editions of Linux Mint 17.3 to version 18. The upgrade instructions are available at: https://community.linuxmint.com/tutorial/view/2316,” says Clement Lefebvre.

Don’t upgrade if … (read more)

How to upgrade to Linux Mint 18





If you’ve been waiting for this I’d like to thank you for your patience.

It is now possible to upgrade the Cinnamon and MATE editions of Linux Mint 17.3 to version 18.

The upgrade instructions are available at: https://community.linuxmint.com/tutorial/view/2316

Upgrade for a reason

“If it ain’t broke, don’t fix it”.

Linux Mint 13 is supported until 2017 and Linux Mint 17, 17.1, 17.2 and 17.3 are supported until 2019.

You might want to upgrade to Linux Mint 18 because some bug is fixed or because you want to get some of the new features. In any case, you should know why you’re upgrading.





As excited as we are about Linux Mint 18, upgrading blindly for the sake of running the latest version does not make much sense, especially if you’re already happy and everything is working perfectly.

Make sure to read the release notes and to know about the new features so you have all the information you need before deciding whether you want to upgrade.

Make sure also to try Linux Mint 18, in live mode, to know if it works well with your hardware.

Take your time

Read all the instructions and take the time to understand them, ask for help if you’re stuck.

The instructions will ask you to make backups and to try Linux Mint 18 in live mode. Don’t rush into upgrading and do not take shortcuts.

Don’t panic

If you’re stuck or wondering about something don’t hesitate to ask for help:

  • You can post here in the comments section.
  • You can ask for help in the forums.
  • You can connect to the IRC (from within Linux Mint, launch Menu->Internet->Hexchat). If you’re new to IRC, please read this tutorial.

Charm Partner Newsletter: July





In this issue…

  • Ecosystem growth: Welcome to our new partners
  • New features and tips: Juju GUI 2.0, using ZFS and LXD, and OPNFV charming
  • Upcoming events: Juju Charmer Summit 12-14 September and upcoming office hours

Ecosystem Growth

Canonical announced multiple signatories to its Juju Charm Partner Program (CPP) in June. We’ve added leading storage and networking solutions to the catalogue of public Juju charms. New additions include Nuage Networks from Nokia, CloudBase Solutions, Midokura and Quobyte.

New features, tips, & tricks

Juju GUI 2.0

Over the last year we’ve been working on a redesign of the Juju GUI. This redesign project focused on improving four key areas:

  1. Improve the functionality of the core features of the GUI
  2. Reduce cognitive load and pace the user
  3. Provide an at-a-glance understanding of model health
  4. Surface functions and facilitate task-driven navigation

To learn more about the new design, read the full blog here.

Using Juju on your laptop with ZFS and LXD

One of the best things about using Juju locally on your laptop is the speed at which you can iterate locally and then push out to a real cloud. In the upcoming Juju 2.0 we’ve enabled Juju to use LXD, linux containers, and the ZFS filesystem for an even faster performing local-development set up that is our fastest experience ever.

  • LXD: a hypervisor for LXC, providing fast, secure containers
  • ZFS: a combined filesystem/LVM which gives great performance

LXD is set up out of the box to do things like cache your most common images, making a 2nd deployment of something much faster than the first. And ZFS’s copy-on-write ability means that when you horizontally scale a deployment on your local machine that it’s much faster than on a traditional filesystem.

Run the following commands to install the required software:

sudo apt update sudo apt install juju zfsutils-linux

In order to use LXD, your user must be in the ‘lxd’ group. All system users are automatically added to this group, but you may need to refresh the current session. You can confirm your user is part of this group by running the command:

newgrp lxd

LXD includes an interactive initialisation which will also set up a ZFS pool to use and configures networking for your containers. To start this process, enter:

sudo lxd init

You will be prompted for various options. As an example, to configure LXD to create a new 32GB ZFS pool to use, called ‘lxd-pool’, and set up a bridge network (required for Juju), your session would look like this:

Name of the storage backend to use (dir or zfs): zfs Create a new ZFS pool (yes/no)? yes Name of the new ZFS pool: lxd-pool Would you like to use an existing block device (yes/no)? no Size in GB of the new loop device (1GB minimum): 32 Would you like LXD to be available over the network (yes/no)? no Do you want to configure the LXD bridge (yes/no)? yes 

The last question will initiate a series of dialogues to configure the bridge device and subnet. Except in the case the subnet may clash with existing networks, it is okay to accept the defaults on all dialogues (though it is not required to configure IPv6 networking).

And that’s it, you can bootstrap a lxd controller with `juju bootstrap name_you_choose lxd` and then use Juju normally.

You can also check out this older video showing off the ZFS/LXD/Juju combination:

OPNFV Juju Charm Training

This OPNFV Juju charm training is focused on OpenStack and VNFs charm development, and was filmed during OpenStack Summit in Austin.

Upcoming events

Juju Charmer Summit

Juju Charmer Summit Group Photo

When? 12-14 September 2016

Where? Pasadena, California

We’re proud to announce that we’re ready to have our third conference around Juju, the Juju Charmers Summit, taking place September 12-14 in Pasadena, California, USA. All our charming experts are gathering in one place to help spread charming knowledge and technical networking. Attendees will have access to experts in charming OpenStack, NFV, Big Data, Containers (Swarm, Kubernetes, and Mesos), and Benchmarking. Attendance is free for anyone who wants to participate.

For more information please visit http://summit.juju.solutions/

Juju Office Hours

When? July 15th, 2016

Where? http://ubuntuonair.com for the stream

Time: 9PM UTC, 4PM EST, 1PM PST

Participate: #juju on freenode

Juju Office Hours is a freeflow meeting where we discuss what’s happening in and around the ecosystem, what hot new changes are landing in charms and Juju itself, and our favorite part, you can join in and ask the team questions about anything Juju related.

We will cover as many topics as we can in an hour, and take questions from the crowd. If you want to participate in the hangout itself ping me ahead of time and we’d love to have you onboard.

Contact us! For more information on the Charm Partner Programme, please visit partners.ubuntu.com/programmes/charm

New Vivaldi Web Browser Snapshot Improves Proprietary Media Support on Linux

Ruarí Ødegaard informs Softpedia today, July 14, 2016, about the availability of yet another snapshot towards the Vivaldi 1.3 cross-platform web browser, bringing more improvements to Linux support.

According to Mr. Ødegaard, Vivaldi Snapshot 1.3.537.5 has been released only a few days after the previous snapshot, version 1.3.534.3, mostly to improve the broken HTML5 proprietary media support on Linux kernel-based operating systems, which was made more robust on the Ubuntu Linux distribution but now works on Slackware and openSUSE, SLES, and derivatives.

Vivaldi has offered support for proprietary video (MP4 H.264/MPEG-4 AVC and AAC) and audio (MP3) for a while now on Ubuntu via a package from the Chromium open-source project called chromium-codecs-ffmpeg-extra. But only certain versions of this package have been supported until now, which means that many users have reported broken proprietary media support.

“With today’s snapshot we have made the system more flex… (read more)

MKVToolNix 9.3 “Second Sight” Released with Several Enhancements and Features

MKVToolNix developer Moritz Bunkus proudly announced the other day the release of the MKVToolNix 9.3.0 “Second Sight” maintenance update of the popular open-source MKV (Matroska) manipulation utility, promising to implement many of the user-requested features, as well as to fix numerous reported bugs.

MKVToolNix 9.3 brought a new chapter generation feature with two placeholders, better support when opening a saved configuration via the merge tool, along with the ability to specify how much a TS or MPEG-PS file will be probed for tracks by using the new “–probe-range-percentage” option.

Most of the MPEG-TS module for mkvmerge have been rewritten to properly buffer PES (Packetized Elementary Stream) packets, and it looks like both the mkvmerge and mkvinfo tools received a new flags feature designed to support the “Colour” elements in video tracks of MKV (Matroska) containers.

“Users can use those flags to specify the color space, transfer function, chromaticity coor… (read more)

Development Release: NethServer 7.2 Beta 1

Alessio Fattorini has announced the first beta release of NethServer 7.2. The new version, NethServer 7.2 Beta 1, offers a number of changes, including improving and streamlining the network settings pages in the distribution’s web interface. “The first Beta release of NethServer 7 will bring numerous goodies: a….

Ubuntu 16.10 Getting Nautilus 3.20 Soon, Radiance Theme Fully Ported to GTK 3.20

We reported two weeks ago on the upcoming availability of a major GTK+ 3.20 / GNOME Stack 3.20 update for the now-in-development Ubuntu 16.10 (Yakkety Yak) operating system.

At that moment in time, Ubuntu developer Iain Lane told us that he managed to port the Ambiance theme to the latest GTK+ 3.20 technologies, and that he also updated some of the GNOME components Ubuntu is using, such as the Nautilus file manager, and Baobab disk usage analyzer tool, along with the GTK+ port of Mozilla Firefox 47.0 for Ubuntu 16.10.

These were available for users who had the courage to test them in a PPA only for the upcoming Yakkety Yak release (see installations instructions below), but bugs were present, and not everything worked as expected. Today, July 14, Iain Lane has updated his initial statement, informing us that he has also managed to … (read more)